2020-07-18 16:10:21 +02:00
-------------------------------------------------------------------
Mon Jul 13 17:53:58 UTC 2020 - Andrey Karepin <egdfree@opensuse.org>
- added ansible_bugfix_640.diff to fix gh#ansible-collections/community.general#640
2020-06-22 15:27:31 +02:00
-------------------------------------------------------------------
2020-06-23 01:10:31 +02:00
Mon Jun 22 23:10:23 UTC 2020 - Michael Ströder <michael@stroeder.com>
2020-06-22 15:27:31 +02:00
- update to version 2.9.10 with many bug fixes.
2020-06-23 01:10:31 +02:00
- removed CVE-2020-1744_avoid_mkdir_p.patch obsoleted by upstream update
2020-06-22 15:27:31 +02:00
2020-05-29 00:37:12 +02:00
-------------------------------------------------------------------
Thu May 28 13:57:38 UTC 2020 - Matej Cepl <mcepl@suse.com>
- Correct ID of CVE and rename the patch to
CVE-2020-1744_avoid_mkdir_p.patch
2020-05-26 23:14:44 +02:00
-------------------------------------------------------------------
Tue May 26 13:02:10 UTC 2020 - Matej Cepl <mcepl@suse.com>
- Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733
(bsc#1164140)
- Add metadata information to this file to mark which SUSE
bugzilla have been already fixed.
2020-05-13 01:35:36 +02:00
-------------------------------------------------------------------
Tue May 12 23:34:59 UTC 2020 - Michael Ströder <michael@stroeder.com>
- update to version 2.9.9
* fix for a regression introduced in 2.9.8
2020-05-12 11:43:07 +02:00
-------------------------------------------------------------------
Tue May 12 09:42:53 UTC 2020 - Michael Ströder <michael@stroeder.com>
- update to version 2.9.8
2020-05-12 18:10:09 +02:00
maintenance release containing numerous bugfixes
2020-05-12 11:43:07 +02:00
2020-04-23 17:33:08 +02:00
-------------------------------------------------------------------
Fri Apr 17 06:49:56 UTC 2020 - Michael Ströder <michael@stroeder.com>
- update to version 2.9.7 with many bug fixes,
especially for these security issues:
2020-05-26 23:14:44 +02:00
- bsc#1164140 CVE-2020-1733 - insecure temporary directory when
running become_user from become directive
- bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe
lookup plugin subprocess
- bsc#1164137 CVE-2020-1735 - path injection on dest parameter
in fetch module
- bsc#1164134 CVE-2020-1736 atomic_move primitive sets
permissive permissions
- bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip
module does not check extracted path
- bsc#1164136 CVE-2020-1738 module package can be selected by
the ansible facts
- bsc#1164133 CVE-2020-1739 - svn module leaks password when
specified as a parameter
- bsc#1164135 CVE-2020-1740 - secrets readable after
ansible-vault edit
- bsc#1165393 CVE-2020-1746 - information disclosure issue in
ldap_attr and ldap_entry modules
- bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks
sensitive information
2020-05-29 00:37:12 +02:00
- bsc#1167532 CVE-2020-10684 - code injection when using
ansible_facts as a subkey
2020-05-26 23:14:44 +02:00
- bsc#1167440 CVE-2020-10685 - modules which use files
encrypted with vault are not properly cleaned up
- CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2]
2020-04-23 17:33:08 +02:00
2020-04-06 23:01:32 +02:00
-------------------------------------------------------------------
Mon Apr 6 20:45:04 UTC 2020 - lars@linux-schulserver.de - 2.9.6
- create missing (empty) template and files directories for
'ansible-galaxy init' during package build (fixes boo#1137479)
2020-04-06 23:16:59 +02:00
- require python-xml on python 2 systems (boo#1142542)
2020-04-06 23:01:32 +02:00
2020-03-09 07:53:20 +01:00
-------------------------------------------------------------------
Thu Mar 5 08:23:57 UTC 2020 - Michael Ströder <michael@stroeder.com>
2020-05-26 23:14:44 +02:00
- update to version 2.9.6 (maintenance release) including
these security issues:
- bsc#1171162 CVE-2020-10729 two random password lookups in
same task return same value
2020-03-09 07:53:20 +01:00
2020-02-18 12:02:09 +01:00
-------------------------------------------------------------------
Thu Feb 13 21:38:06 UTC 2020 - Michael Ströder <michael@stroeder.com>
- update to version 2.9.5 (maintenance release)
2020-01-28 23:16:51 +01:00
-------------------------------------------------------------------
Tue Jan 28 12:38:16 UTC 2020 - Michael Ströder <michael@stroeder.com>
- update to version 2.9.4 (maintenance release)
2020-05-26 23:14:44 +02:00
- fix in yum module
- security fixes:
- bsc#1157968 CVE-2019-14904 vulnerability in solaris_zone
module via crafted solaris zone
- bsc#1157969 CVE-2019-14905 malicious code could craft
filename in nxos_file_copy module
2020-01-28 23:16:51 +01:00
2020-01-18 12:10:35 +01:00
-------------------------------------------------------------------
Thu Jan 16 17:34:28 UTC 2020 - Michael Ströder <michael@stroeder.com>
- update to version 2.9.3 (maintenance release)
* security fixes
2020-04-11 06:39:37 +02:00
- CVE-2019-14904 (solaris_zone module) (boo#1157968)
- CVE-2019-14905 (nxos_file_copy module) (boo#1157969)
2020-01-18 12:10:35 +01:00
* various bugfixes
- sync with upstream spec file (especially for RHEL & Fedora builds)
- ran spec-cleaner
- remove old SUSE targets (SLE-11, Leap 42.3 and below)
This simplifies the spec file and makes building easier
- Additional required packages for building:
+ python-boto3 and python-botocore for Amazon EC2
+ python-jmespath for json queries
+ python-memcached for cloud modules and local caching of JSON
formatted, per host records
+ python-redis for cloud modules and local caching of JSON
formatted, per host records
+ python-requests for many web-based modules (cloud, network,
netapp)
=> as the need for those packages depends on the usage of the
tool, they are just recommended on openSUSE/SUSE machines
- made dependencies for gitlab, vmware and winrm modules configurable,
as most of their dependencies are not (yet) available on current
openSUSE/SUSE distributions
- exclude /usr/bin/pwsh from the automatic dependency generation,
as the Windows Power Shell is not available (yet) on openSUSE/SUSE
- build additional docs and split up ansible-doc package;
moving changelogs, contrib and example directories there
- prepare for building HTML documentation, but disable this per
default for the moment, as not all package dependencies are available
in openSUSE/SUSE (yet)
- package some test scripts with executable permissions
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=158
2019-12-29 17:57:33 +01:00
-------------------------------------------------------------------
Sun Dec 29 15:21:09 UTC 2019 - Lars Vogdt <lars@linux-schulserver.de>
- sync with upstream spec file (especially for RHEL & Fedora builds)
- ran spec-cleaner
- remove old SUSE targets (SLE-11, Leap 42.3 and below)
This simplifies the spec file and makes building easier
- Additional required packages for building:
+ python-boto3 and python-botocore for Amazon EC2
+ python-jmespath for json queries
+ python-memcached for cloud modules and local caching of JSON
formatted, per host records
+ python-redis for cloud modules and local caching of JSON
formatted, per host records
+ python-requests for many web-based modules (cloud, network,
netapp)
=> as the need for those packages depends on the usage of the
tool, they are just recommended on openSUSE/SUSE machines
- made dependencies for gitlab, vmware and winrm modules configurable,
as most of their dependencies are not (yet) available on current
openSUSE/SUSE distributions
- exclude /usr/bin/pwsh from the automatic dependency generation,
as the Windows Power Shell is not available (yet) on openSUSE/SUSE
- build additional docs and split up ansible-doc package;
moving changelogs, contrib and example directories there
- prepare for building HTML documentation, but disable this per
default for the moment, as not all package dependencies are available
in openSUSE/SUSE (yet)
- package some test scripts with executable permissions
2019-12-08 14:09:31 +01:00
-------------------------------------------------------------------
Thu Dec 5 09:21:27 UTC 2019 - Michael Ströder <michael@stroeder.com>
- update to version 2.9.2
maintenance release containing numerous bugfixes
2019-11-21 17:28:08 +01:00
-------------------------------------------------------------------
Thu Nov 21 16:27:05 UTC 2019 - Lars Vogdt <lars@linux-schulserver.de>
- Create system directories that Ansible defines as default locations
in ansible/config/base.yml
- rephrase the summary line
- Disable shebang munging for specific paths. These files are data files.
ansible-test munges the shebangs itself.
2019-11-19 19:05:31 +01:00
-------------------------------------------------------------------
Tue Nov 19 18:04:50 UTC 2019 - Lars Vogdt <lars@linux-schulserver.de>
- split out ansible-test package for module developers
2019-11-16 22:44:54 +01:00
-------------------------------------------------------------------
Fri Nov 15 12:44:55 UTC 2019 - lars@linux-schulserver.de - 2.9.1
- update to version 2.9.1
Full changelog is packaged at /usr/share/doc/packages/ansible/changelogs/
and also available online at
https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst
+ CVE-2019-14864: fixed Splunk and Sumologic callback plugins leak
2020-04-11 06:39:37 +02:00
sensitive data in logs (boo#1154830)
2019-11-16 22:44:54 +01:00
- replace all #!/usr/bin/env lines to use #!/usr/bin/$1 directly
2019-11-04 21:51:29 +01:00
-------------------------------------------------------------------
Sun Nov 3 19:26:21 UTC 2019 - Johannes Kastl <kastl@b1-systems.de>
- added file '/usr/bin/ansible-test' to spec file
-------------------------------------------------------------------
Fri Nov 1 21:11:03 UTC 2019 - Johannes Kastl <kastl@b1-systems.de>
- Update to version 2.9.0:
Full changelog is packaged at /usr/share/doc/packages/ansible/changelogs/
and also available online at
https://github.com/ansible/ansible/blob/stable-2.9/changelogs/CHANGELOG-v2.9.rst
2020-05-26 23:14:44 +02:00
- Fixed among other this security bug:
- bsc#1112959 CVE-2018-16837 Information leak in "user" module patch added
2019-11-04 21:51:29 +01:00
2019-10-27 15:16:25 +01:00
-------------------------------------------------------------------
Sun Oct 27 14:15:53 UTC 2019 - lars@linux-schulserver.de
- include the sha checksum file in the source, which allows to verify
the original sources
2019-10-24 17:04:12 +02:00
-------------------------------------------------------------------
Wed Oct 23 16:10:41 UTC 2019 - <abergmann@suse.com>
- Update to version 2.8.6:
Full changelog is packaged at /usr/share/doc/packages/ansible/changelogs/
and also available online at
https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
Included security fixes:
* CVE-2019-14846: Fixed secrets disclosure on logs due to display is hardcoded
to DEBUG level (bsc#1153452)
* CVE-2019-14856: Fixed insufficient fix for CVE-2019-10206 (bsc#1154232)
* CVE-2019-14858: Fixed data in the sub parameter fields that will not be masked
and will be displayed when run with increased verbosity (bsc#1154231)
2019-09-13 11:07:20 +02:00
-------------------------------------------------------------------
Fri Sep 13 09:02:36 UTC 2019 - Lars Vogdt <lars@linux-schulserver.de>
- Update to version 2.8.5:
Full changelog is packaged at /usr/share/doc/packages/ansible/changelogs/
and also available online at
https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
- removed patches fixed upstream:
+ CVE-2019-10206-data-disclosure.patch
+ CVE-2019-10217-gcp-modules-sensitive-fields.patch
2019-08-08 16:01:06 +02:00
-------------------------------------------------------------------
2019-08-13 18:26:53 +02:00
Wed Aug 7 16:30:47 CEST 2019 - Matej Cepl <mcepl@suse.com>
2019-08-08 16:01:06 +02:00
2019-08-13 18:26:53 +02:00
- Update to version 2.8.3:
Full changelog is packaged, but also at
https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
2020-05-26 23:14:44 +02:00
- (bsc#1137528) CVE-2019-10156: ansible: templating causing an
unexpected key file to be set on remote node
2019-08-13 18:26:53 +02:00
- (bsc#1142690) Adds CVE-2019-10206-data-disclosure.patch fixing
CVE-2019-10206: ansible-playbook -k and ansible cli tools
prompt passwords by expanding them from templates as they could
contain special characters. Passwords should be wrapped to
prevent templates trigger and exposing them.
- (bsc#1144453) Adds CVE-2019-10217-gcp-modules-sensitive-fields.patch
CVE-2019-10217: Fields managing sensitive data should be set as
such by no_log feature. Some of these fields in GCP modules are
not set properly. service_account_contents() which is common
class for all gcp modules is not setting no_log to True. Any
sensitive data managed by that function would be leak as an
output when running ansible playbooks.
2019-08-08 16:01:06 +02:00
2019-06-08 18:41:44 +02:00
-------------------------------------------------------------------
Sat Jun 8 16:33:53 UTC 2019 - Lars Vogdt <lars@linux-schulserver.de>
- Update to version 2.8.1
Full changelog is at /usr/share/doc/packages/ansible/changelogs/
Bugfixes
--------
- ACI - DO not encode query_string
- ACI modules - Fix non-signature authentication
- Add missing directory provided via ``--playbook-dir`` to adjacent collection loading
- Fix "Interface not found" errors when using eos_l2_interface with nonexistant
interfaces configured
- Fix cannot get credential when `source_auth` set to `credential_file`.
- Fix netconf_config backup string issue
- Fix privilege escalation support for the docker connection plugin when
credentials need to be supplied (e.g. sudo with password).
- Fix vyos cli prompt inspection
- Fixed loading namespaced documentation fragments from collections.
- Fixing bug came up after running cnos_vrf module against coverity.
- Properly handle data importer failures on PVC creation, instead of timing out.
- To fix the ios static route TC failure in CI
- To fix the nios member module params
- To fix the nios_zone module idempotency failure
- add terminal initial prompt for initial connection
- allow include_role to work with ansible command
- allow python_requirements_facts to report on dependencies containing dashes
- asa_config fix
- azure_rm_roledefinition - fix a small error in build scope.
- azure_rm_virtualnetworkpeering - fix cross subscriptions virtual network
peering.
- cgroup_perf_recap - When not using file_per_task, make sure we don't
prematurely close the perf files
- display underlying error when reporting an invalid ``tasks:`` block.
- dnf - fix wildcard matching for state: absent
- docker connection plugin - accept version ``dev`` as 'newest version' and
print warning.
- docker_container - ``oom_killer`` and ``oom_score_adj`` options are available
since docker-py 1.8.0, not 2.0.0 as assumed by the version check.
- docker_container - fix network creation when ``networks_cli_compatible`` is
enabled.
- docker_container - use docker API's ``restart`` instead of ``stop``/``start``
to restart a container.
- docker_image - if ``build`` was not specified, the wrong default for
``build.rm`` is used.
- docker_image - if ``nocache`` set to ``yes`` but not ``build.nocache``, the
module failed.
- docker_image - module failed when ``source: build`` was set but
``build.path`` options not specified.
- docker_network module - fix idempotency when using ``aux_addresses`` in
``ipam_config``.
- ec2_instance - make Name tag idempotent
- eos: don't fail modules without become set, instead show message and continue
- eos_config: check for session support when asked to 'diff_against: session'
- eos_eapi: fix idempotency issues when vrf was unspecified.
- fix bugs for ce - more info see
- fix incorrect uses of to_native that should be to_text instead.
- hcloud_volume - Fix idempotency when attaching a server to a volume.
- ibm_storage - Added a check for null fields in ibm_storage utils module.
- include_tasks - whitelist ``listen`` as a valid keyword
- k8s - resource updates applied with force work correctly now
- keep results subset also when not no_log.
- meraki_switchport - improve reliability with native VLAN functionality.
- netapp_e_iscsi_target - fix netapp_e_iscsi_target chap secret size and
clearing functionality
- netapp_e_volumes - fix workload profileId indexing when no previous workload
tags exist on the storage array.
- nxos_acl some platforms/versions raise when no ACLs are present
- nxos_facts fix <https://github.com/ansible/ansible/pull/57009>
- nxos_file_copy fix passwordless workflow
- nxos_interface Fix admin_state check for n6k
- nxos_snmp_traps fix group all for N35 platforms
- nxos_snmp_user fix platform fixes for get_snmp_user
- nxos_vlan mode idempotence bug
- nxos_vlan vlan names containing regex ctl chars should be escaped
- nxos_vtp_* modules fix n6k issues
- openssl_certificate - fix private key passphrase handling for
``cryptography`` backend.
- openssl_pkcs12 - fixes crash when private key has a passphrase and the module
is run a second time.
- os_stack - Apply tags conditionally so that the module does not throw up an
error when using an older distro of openstacksdk
- pass correct loading context to persistent connections other than local
- pkg_mgr - Ansible 2.8.0 failing to install yum packages on Amazon Linux
- postgresql - added initial SSL related tests
- postgresql - added missing_required_libs, removed excess param mapping
- postgresql - move connect_to_db and get_pg_version into
module_utils/postgres.py (https://github.com/ansible/ansible/pull/55514)
- postgresql_db - add note to the documentation about state dump and the
incorrect rc (https://github.com/ansible/ansible/pull/57297)
- postgresql_db - fix for postgresql_db fails if stderr contains output
- postgresql_ping - fixed a typo in the module documentation
- preserve actual ssh error when we cannot connect.
- route53_facts - the module did not advertise check mode support, causing it
not to be run in check mode.
- sysctl: the module now also checks the output of STDERR to report if values
are correctly set (https://github.com/ansible/ansible/pull/55695)
- ufw - correctly check status when logging is off
- uri - always return a value for status even during failure
- urls - Handle redirects properly for IPv6 address by not splitting on ``:``
and rely on already parsed hostname and port values
- vmware_vm_facts - fix the support with regular ESXi
- vyos_interface fix <https://github.com/ansible/ansible/pull/57169>
- we don't really need to template vars on definition as we do this on demand
in templating.
- win_acl - Fix qualifier parser when using UNC paths -
- win_hostname - Fix non netbios compliant name handling
- winrm - Fix issue when attempting to parse CLIXML on send input failure
- xenserver_guest - fixed an issue where VM whould be powered off even though
check mode is used if reconfiguration requires VM to be powered off.
- xenserver_guest - proper error message is shown when maximum number of
network interfaces is reached and multiple network interfaces are added at
once.
- yum - Fix false error message about autoremove not being supported
- yum - fix failure when using ``update_cache`` standalone
- yum - handle special "_none_" value for proxy in yum.conf and .repo files
2019-05-25 00:49:38 +02:00
-------------------------------------------------------------------
Wed May 22 14:42:42 UTC 2019 - Marcel Kuehlhorn <tux93@opensuse.org>
- Update to version 2.8.0
Major changes:
* Experimental support for Ansible Collections and content namespacing -
Ansible content can now be packaged in a collection and addressed via
namespaces. This allows for easier sharing, distribution, and installation
of bundled modules/roles/plugins, and consistent rules for accessing
specific content via namespaces.
* Python interpreter discovery - The first time a Python module runs on a
target, Ansible will attempt to discover the proper default Python
interpreter to use for the target platform/version (instead of immediately
defaulting to /usr/bin/python). You can override this behavior by
setting ansible_python_interpreter or via config.
(see https://github.com/ansible/ansible/pull/50163)
* become - The deprecated CLI arguments for --sudo, --sudo-user,
--ask-sudo-pass, -su, --su-user, and --ask-su-pass have been removed, in
favor of the more generic --become, --become-user, --become-method, and
--ask-become-pass.
* become - become functionality has been migrated to a plugin architecture,
to allow customization of become functionality and 3rd party become methods
(https://github.com/ansible/ansible/pull/50991)
- addresses CVE-2018-16859, CVE-2018-16876, CVE-2019-3828, CVE-2018-16837
For the full changelog see /usr/share/doc/packages/ansible/changelogs or online:
https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
2019-04-06 00:43:05 +02:00
-------------------------------------------------------------------
Thu Apr 4 17:22:58 UTC 2019 - Michael Ströder <michael@stroeder.com>
- Update to version 2.7.10
Minor Changes
- Catch all connection timeout related exceptions and raise AnsibleConnectionError instead
- openssl_pkcs12, openssl_privatekey, openssl_publickey - These modules no longer delete the output file before starting to regenerate the output, or when generating the output failed.
Bugfixes
- Backport of https://github.com/ansible/ansible/pull/54105, pamd - fix idempotence issue when removing rules
- Use custom JSON encoder in conneciton.py so that ansible objects (AnsibleVaultEncryptedUnicode, for example) can be sent to the persistent connection process
- allow 'dict()' jinja2 global to function the same even though it has changed in jinja2 versions
- azure_rm inventory plugin - fix missing hostvars properties (https://github.com/ansible/ansible/pull/53046)
- azure_rm inventory plugin - fix no nic type in vmss nic. (https://github.com/ansible/ansible/pull/53496)
- deprecate {Get/Set}ManagerAttributes commands (https://github.com/ansible/ansible/issues/47590)
- flatpak_remote - Handle empty output in remote_exists, fixes https://github.com/ansible/ansible/issues/51481
- foreman - fix Foreman returning host parameters
- get_url - Fix issue with checksum validation when using a file to ensure we skip lines in the file that do not contain exactly 2 parts. Also restrict exception handling to the minimum number of necessary lines (https://github.com/ansible/ansible/issues/48790)
- grafana_datasource - Fixed an issue when running Python3 and using basic auth (https://github.com/ansible/ansible/issues/49147)
- include_tasks - Fixed an unexpected exception if no file was given to include.
- openssl_certificate - fix ``state=absent``.
- openssl_certificate, openssl_csr, openssl_pkcs12, openssl_privatekey, openssl_publickey - The modules are now able to overwrite write-protected files (https://github.com/ansible/ansible/issues/48656).
- openssl_dhparam - fix ``state=absent`` idempotency and ``changed`` flag.
- openssl_pkcs12, openssl_privatekey - These modules now accept the output file mode in symbolic form or as a octal string (https://github.com/ansible/ansible/issues/53476).
- openssl_publickey - fixed crash on Python 3 when OpenSSH private keys were used with passphrases.
- openstack inventory plugin: allow "constructed" functionality (``compose``, ``groups``, and ``keyed_groups``) to work as documented.
- random_mac - generate a proper MAC address when the provided vendor prefix is two or four characters (https://github.com/ansible/ansible/issues/50838)
- replace - fix behavior when ``before`` and ``after`` are used together (https://github.com/ansible/ansible/issues/31354)
- report correct CPU information on ARM systems (https://github.com/ansible/ansible/pull/52884)
- slurp - Fix issues when using paths on Windows with glob like characters, e.g. ``[``, ``]``
- ssh - Check the return code of the ssh process before raising AnsibleConnectionFailure, as the error message for the ssh process will likely contain more useful information. This will improve the missing interpreter messaging when using modules such as setup which have a larger payload to transfer when combined with pipelining. (https://github.com/ansible/ansible/issues/53487)
- tower_settings - 'name' and 'value' parameters are always required, module can not be used in order to get a setting
- win_acl - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_acl_inheritance - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_certificate_store - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_chocolatey - Fix incompatibilities with the latest release of Chocolatey ``v0.10.12+``
- win_copy - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_file - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_find - Ensure found files are sorted alphabetically by the path instead of it being random
- win_find - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_owner - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_psexec - Support executables with a space in the path
- win_reboot - Fix reboot command validation failure when running under the psrp connection plugin
- win_tempfile - Always return the full NTFS absolute path and not a DOS 8.3 path.
- win_user_right - Fix output containing non json data - https://github.com/ansible/ansible/issues/54413
- windows - Fixed various module utils that did not work with path that had glob like chars
- yum - fix disable_excludes on systems with yum rhn plugin enabled (https://github.com/ansible/ansible/issues/53134)
2019-03-18 22:44:32 +01:00
-------------------------------------------------------------------
Sun Mar 17 07:42:28 UTC 2019 - Michael Ströder <michael@stroeder.com>
- Update to version 2.7.9
Minor Changes
* Add missing import for ConnectionError in edge and routeros module_utils.
* ``to_yaml`` filter updated to maintain formatting consistency when used
with ``pyyaml`` versions 5.1 and later
(https://github.com/ansible/ansible/pull/53772)
* docker_image * set ``changed`` to ``false`` when using ``force: yes`` to
tag or push an image that ends up being identical to one already present on
the Docker host or Docker registry.
* jenkins_plugin * Set new default value for the update_url parameter
(https://github.com/ansible/ansible/issues/52086)
Bugfixes
* Fix bug where some inventory parsing tracebacks were missing or reported under the wrong plugin.
* Fix rabbitmq_plugin idempotence due to information message in new version of rabbitmq (https://github.com/ansible/ansible/pull/52166)
* Fixed KeyError issue in vmware_host_config_manager when a supported option isn't already set (https://github.com/ansible/ansible/issues/44561).
* Fixed issue related to --yaml flag in vmware_vm_inventory. Also fixed caching issue in vmware_vm_inventory (https://github.com/ansible/ansible/issues/52381).
* If large integers are passed as options to modules under Python 2, module argument parsing will reject them as they are of type ``long`` and not of type ``int``.
* allow nice error to work when auto plugin reads file w/o `plugin` field
* ansible-doc * Fix traceback on providing arguemnt --all to ansible-doc command
* azure_rm_virtualmachine_facts * fixed crash related to attached managed disks (https://github.com/ansible/ansible/issues/52181)
* basic * modify the correct variable when determining available hashing algorithms to avoid errors when md5 is not available (https://github.com/ansible/ansible/issues/51355)
* cloudscale * Fix compatibilty with Python3 in version 3.5 and lower.
* convert input into text to ensure valid comparisons in nmap inventory plugin
* dict2items * Allow dict2items to work with hostvars
* dnsimple * fixed a KeyError exception related to record types handling.
* docker_container * now returns warnings from docker daemon on container creation and updating.
* docker_swarm * Fixed node_id parameter not working for node removal (https://github.com/ansible/ansible/issues/53501)
* docker_swarm * do not crash with older docker daemons (https://github.com/ansible/ansible/issues/51175).
* docker_swarm * fixes idempotency for the ``ca_force_rotate`` option.
* docker_swarm * improve Swarm detection.
* docker_swarm * improve idempotency checking; ``rotate_worker_token`` and ``rotate_manager_token`` are now also used when all other parameters have not changed.
* docker_swarm * now supports docker-py 1.10.0 and newer for most operations, instead only docker 2.6.0 and newer.
* docker_swarm * properly implement check mode (it did apply changes).
* docker_swarm * the ``force`` option was ignored when ``state: present``.
* docker_swarm_service * do basic validation of ``publish`` option if specified (must be list of dicts).
* docker_swarm_service * don't crash when ``publish`` is not specified.
* docker_swarm_service * fix problem with docker daemons which do not return ``UpdateConfig`` in the swarm service spec.
* docker_swarm_service * the return value was documented as ``ansible_swarm_service``, but the module actually returned ``ansible_docker_service``. Documentation and code have been updated so that the variable is now called ``swarm_service``. In Ansible 2.7.x, the old name ``ansible_docker_service`` can still be used to access the result.
* ec2 * if the private_ip has been provided for the new network interface it shouldn't also be added to top level parameters for run_instances()
* fix DNSimple to ensure check works even when the number of records is larger than 100
* get_url * return no change in check mode when checksum matches
* inventory plugins * Fix creating groups from composed variables by getting the latest host variables
* inventory_aws_ec2 * fix no_log indentation so AWS temporary credentials aren't displayed in tests
* jenkins_plugin * Prevent plugin to be reinstalled when state=present (https://github.com/ansible/ansible/issues/43728)
* lvol * fixed ValueError when using float size (https://github.com/ansible/ansible/issues/32886, https://github.com/ansible/ansible/issues/29429)
* mysql * MySQLdb doesn't import the cursors module for its own purposes so it has to be imported in MySQL module utilities before it can be used in dependent modules like the proxysql module family.
* mysql * fixing unexpected keyword argument 'cursorclass' issue after migration from MySQLdb to PyMySQL.
* mysql_user: match backticks, single and double quotes when checking user privileges.
* onepassword_facts * Fixes issues which prevented this module working with 1Password CLI version 0.5.5 (or greater). Older versions of the CLI were deprecated by 1Password and will no longer function.
* openssl_certificate * ``has_expired`` correctly checks if the certificate is expired or not
* openssl_certificate * fix Python 3 string/bytes problems for `notBefore`/`notAfter` for self-signed and ownCA providers.
* openssl_certificate * make sure that extensions are actually present when their values should be checked.
* openssl_csr * improve ``subject`` validation.
* openssl_csr * improve error messages for invalid SANs.
* play order is now applied under all circumstances, fixes
* remote_management foreman * Fixed issue where it was impossible to createdelete a product because product was missing in dict choices ( https://github.com/ansible/ansible/issues/48594 )
* rhsm_repository * handle systems without any repos
* skip invalid plugin after warning in loader
* urpmi module * fixed issue
* win_certificate_store * Fix exception handling typo
* win_chocolatey * Fix issue when parsing a beta Chocolatey install * https://github.com/ansible/ansible/issues/52331
* win_chocolatey_source * fix bug where a Chocolatey source could not be disabled unless ``source`` was also set * https://github.com/ansible/ansible/issues/50133
* win_domain * Do not fail if DC is already promoted but a reboot is required, return ``reboot_required: True``
* win_domain * Fix when running without credential delegated authentication * https://github.com/ansible/ansible/issues/53182
* win_file * Fix issue when managing hidden files and directories * https://github.com/ansible/ansible/issues/42466
* winrm * attempt to recover from a WinRM send input failure if possible
* zabbix_hostmacro: fixes truncation of macro contexts that contain colons (see https://github.com/ansible/ansible/pull/51853)
New Plugins
* vmware_vm_inventory * VMware Guest inventory source
2019-03-16 21:15:04 +01:00
-------------------------------------------------------------------
Sat Mar 16 20:12:47 UTC 2019 - Lars Vogdt <lars@linux-schulserver.de>
- update URL (use SSL version of the URL)
- prepare update for multiple releases (bsc#1102126, bsc#1109957)
2019-03-07 10:29:43 +01:00
-------------------------------------------------------------------
Sun Feb 24 10:06:31 UTC 2019 - Michael Ströder <michael@stroeder.com>
- Update to version 2.7.8
Minor Changes:
* Raise AnsibleConnectionError on winrm connnection errors
Bugfixes:
* Backport of https://github.com/ansible/ansible/pull/46478 , fixes name collision in haproxy module
* Fix aws_ec2 inventory plugin code to automatically populate regions when missing as documentation states, also leverage config system vs self default/type validation
* Fix unexpected error when using Jinja2 native types with non-strict constructed keyed_groups (https://github.com/ansible/ansible/issues/52158).
* If an ios module uses a section filter on a device which does not support it, retry the command without the filter.
* acme_challenge_cert_helper * the module no longer crashes when the required ``cryptography`` library cannot be found.
* azure_rm_managed_disk_facts * added missing implementation of listing managed disks by resource group
* azure_rm_mysqlserver * fixed issues with passing parameters while updating existing server instance
* azure_rm_postgresqldatabase * fix force_update bug (https://github.com/ansible/ansible/issues/50978).
* azure_rm_postgresqldatabase * fix force_update bug.
* azure_rm_postgresqlserver * fixed issues with passing parameters while updating existing server instance
* azure_rm_sqlserver * fix for tags support
* azure_rm_virtualmachine * fixed several crashes in module
* azure_rm_virtualmachine_facts * fix crash when vm created from custom image
* azure_rm_virtualmachine_facts * fixed crash related to VM with managed disk attached
* ec2 * Correctly sets the end date of the Spot Instance request. Sets `ValidUntil` value in proper way so it will be auto-canceled through `spot_wait_timeout` interval.
* openssl_csr * fixes idempotence problem with PyOpenSSL backend when no Subject Alternative Names were specified.
* openstack inventory plugin * send logs from sdk to stderr so they do not combine with output
* psrp * do not display bootstrap wrapper for each module exec run
* redfish_utils * get standard properties for firmware entries (https://github.com/ansible/ansible/issues/49832)
2020-05-29 00:37:12 +02:00
* remote home directory * Disallow use of remote home directories that include relative pathing by means of `..` (CVE-2019-3828, bsc#1126503) (https://github.com/ansible/ansible/pull/52133)
2019-03-07 10:29:43 +01:00
* ufw * when using ``state: reset`` in check mode, ``ufw --dry-run reset`` was executed, which causes a loss of firewall rules. The ``ufw`` module was adjusted to no longer run ``ufw --dry-run reset`` to prevent this from happening.
* ufw: make sure that only valid values for ``direction`` are passed on.
* update GetBiosBootOrder to use standard Redfish resources (https://github.com/ansible/ansible/issues/47571)
* win become * Fix some scenarios where become failed to create an elevated process
* win_psmodule * the NuGet package provider will be updated, if needed, to avoid issue under adding a repository
* yum * Remove incorrect disable_includes error message when using disable_excludes (https://github.com/ansible/ansible/issues/51697)
* yum * properly handle a proxy config in yum.conf for an unauthenticated proxy
2019-02-19 02:10:11 +01:00
-------------------------------------------------------------------
Sat Feb 9 16:55:54 UTC 2019 - Matthias Eliasson <matthias.eliasson@gmail.com>
- Update to version 2.7.7
Minor Changes:
* Allow check_mode with supports_generate_diff capability in cli_config. (https://github.com/ansible/ansible/pull/51417)
* Fixed typo in vmware documentation fragment. Changed "supported added" to "support added".
Bugfixes:
* All K8S_AUTH_* environment variables are now properly loaded by the k8s lookup plugin
* Change backup file globbing for network _config modules so backing up one host's config will not delete the backed up config of any host whose hostname is a subset of the first host's hostname (e.g., switch1 and switch11)
* Fixes bug where nios_a_record wasn't getting deleted if an uppercase named a_record was being passed. (https://github.com/ansible/ansible/pull/51539)
* aci_aaa_user - Fix setting user description (https://github.com/ansible/ansible/issues/51406)
* apt_repository - fixed failure under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
* archive - Fix check if archive is created in path to be removed
* azure_rm inventory plugin - fix azure batch request (https://github.com/ansible/ansible/pull/50006)
* cnos_backup - fixed syntax error (https://github.com/ansible/ansible/pull/47219)
* cnos_image - fixed syntax error (https://github.com/ansible/ansible/pull/47219)
* consul_kv - minor error-handling bugfix under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
* copy - align invocation in return value between check and normal mode
* delegate_facts - fix to work properly under block and include_role (https://github.com/ansible/ansible/pull/51553)
* docker_swarm_service - fix endpoint_mode and publish idempotency.
* ec2_instance - Correctly adds description when adding a single ENI to the instance
* ensure we have a XDG_RUNTIME_DIR, as it is not handled correctly by some privilege escalation configurations
* file - Allow state=touch on file the user does not own https://github.com/ansible/ansible/issues/50943
* fix ansible-pull hanlding of extra args, complex quoting is needed for inline JSON
* fix ansible_connect_timeout variable in network_cli,netconf,httpapi and nxos_install_os timeout check
* netapp_e_storagepool - fixed failure under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
* onepassword_facts - Fix an issue looking up some 1Password items which have a 'password' attribute alongside the 'fields' attribute, not inside it.
* prevent import_role from inserting dupe into roles: execution when duplicate signature role already exists in the section.
* reboot - Fix bug where the connection timeout was not reset in the same task after rebooting
* ssh connection - do not retry with invalid credentials to prevent account lockout (https://github.com/ansible/ansible/issues/48422)
* systemd - warn when exeuting in a chroot environment rather than failing (https://github.com/ansible/ansible/pull/43904)
* win_chocolatey - Fix hang when used with proxy for the first time - https://github.com/ansible/ansible/issues/47669
* win_power_plan - Fix issue where win_power_plan failed on newer Windows 10 builds - https://github.com/ansible/ansible/issues/43827
Accepting request 667324 from home:elimat:branches:systemsmanagement
- update to version 2.7.6
Minor Changes:
* Added documentation about using VMware dynamic inventory plugin.
* Fixed bug around populating host_ip in hostvars in vmware_vm_inventory.
* Image reference change in Azure VMSS is detected and applied correctly.
* docker_volume - reverted changed behavior of force, which was released in Ansible 2.7.1 to 2.7.5, and Ansible 2.6.8 to 2.6.11. Volumes are now only recreated if the parameters changed and force is set to true (instead of or). This is the behavior which has been described in the documentation all the time.
* set ansible_os_family from name variable in os-release
* yum and dnf can now handle installing packages from URIs that are proxy redirects and don't end in the .rpm file extension
Bugfixes:
* Added log message at -vvvv when using netconf connection listing connection details.
* Changes how ansible-connection names socket lock files. They now use the same name as the socket itself, and as such do not lock other attempts on connections to the same host, or cause issues with overly-long hostnames.
* Fix mandatory statement error for junos modules (https://github.com/ansible/ansible/pull/50138)
* Moved error in netconf connection plugin from at import to on connection.
* This reverts some changes from commit 723daf3. If a line is found in the file, exactly or via regexp matching, it must not be added again. insertafter/insertbefore options are used only when a line is to be inserted, to specify where it must be added.
* allow using openstack inventory plugin w/o a cache
* callbacks - Do not filter out exception, warnings, deprecations on failure when using debug (https://github.com/ansible/ansible/issues/47576)
* certificate_complete_chain - fix behavior when invalid file is parsed while reading intermediate or root certificates.
* copy - Ensure that the src file contents is converted to unicode in diff information so that it is properly wrapped by AnsibleUnsafeText to prevent unexpected templating of diff data in Python3 (https://github.com/ansible/ansible/issues/45717)
* correct behaviour of verify_file for vmware inventory plugin, it was always returning True
* dnf - fix issue where conf_file was not being loaded properly
* dnf - fix update_cache combined with install operation to not cause dnf transaction failure
* docker_container - fix network_mode idempotency if the container:<container-name> form is used (as opposed to container:<container-id>) (https://github.com/ansible/ansible/issues/49794)
* docker_container - warning when non-string env values are found, avoiding YAML parsing issues. Will be made an error in Ansible 2.8. (https://github.com/ansible/ansible/issues/49802)
* docker_swarm_service - Document labels and container_labels with correct type.
* docker_swarm_service - Document limit_memory and reserve_memory correctly on how to specify sizes.
* docker_swarm_service - Document minimal API version for configs and secrets.
* docker_swarm_service - fix use of Docker API so that services are not detected as present if there is an existing service whose name is a substring of the desired service
* docker_swarm_service - fixing falsely reporting update_order as changed when option is not used.
* document old option that was initally missed
* ec2_instance now respects check mode https://github.com/ansible/ansible/pull/46774
* fix for network_cli - ansible_command_timeout not working as expected (#49466)
* fix handling of firewalld port if protocol is missing
* fix lastpass lookup failure on python 3 (https://github.com/ansible/ansible/issues/42062)
* flatpak - Fixed Python 2/3 compatibility
* flatpak - Fixed issue where newer versions of flatpak failed on flatpak removal
* flatpak_remote - Fixed Python 2/3 compatibility
* gcp_compute_instance - fix crash when the instance metadata is not set
* grafana_dashboard - Fix a pair of unicode string handling issues with version checking (https://github.com/ansible/ansible/pull/49194)
* host execution order - Fix reverse_inventory not to change the order of the items before reversing on python2 and to not backtrace on python3
* icinga2_host - fixed the issue with not working use_proxy option of the module.
* influxdb_user - An unspecified password now sets the password to blank, except on existing users. This previously caused an unhandled exception.
* influxdb_user - Fixed unhandled exception when using invalid login credentials (https://github.com/ansible/ansible/issues/50131)
* openssl_* - fix error when path contains a file name without path.
* openssl_csr - fix problem with idempotency of keyUsage option.
* openssl_pkcs12 - now does proper path expansion for ca_certificates.
* os_security_group_rule - os_security_group_rule doesn't exit properly when secgroup doesn't exist and state=absent (https://github.com/ansible/ansible/issues/50057)
* paramiko_ssh - add auth_timeout parameter to ssh.connect when supported by installed paramiko version. This will prevent "Authentication timeout" errors when a slow authentication step (>30s) happens with a host (https://github.com/ansible/ansible/issues/42596)
* purefa_facts and purefb_facts now correctly adds facts into main ansible_fact dictionary (https://github.com/ansible/ansible/pull/50349)
* reboot - add appropriate commands to make the plugin work with VMware ESXi (https://github.com/ansible/ansible/issues/48425)
* reboot - add support for rebooting AIX (https://github.com/ansible/ansible/issues/49712)
* reboot - gather distribution information in order to support Alpine and other distributions (https://github.com/ansible/ansible/issues/46723)
* reboot - search common paths for the shutdown command and use the full path to the binary rather than depending on the PATH of the remote system (https://github.com/ansible/ansible/issues/47131)
* reboot - use a common set of commands for older and newer Solaris and SunOS variants (https://github.com/ansible/ansible/pull/48986)
* redfish_utils - fix reference to local variable 'systems_service'
* setup - fix the rounding of the ansible_memtotal_mb value on VMWare vm's (https://github.com/ansible/ansible/issues/49608)
* vultr_server - fixed multiple ssh keys were not handled.
* win_copy - Fix copy of a dir that contains an empty directory - https://github.com/ansible/ansible/issues/50077
* win_firewall_rule - Remove invalid 'bypass' action
* win_lineinfile - Fix issue where a malformed json block was returned causing an error
* win_updates - Correctly report changes on success
OBS-URL: https://build.opensuse.org/request/show/667324
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=130
2019-01-23 16:08:39 +01:00
-------------------------------------------------------------------
Sun Jan 20 19:55:26 UTC 2019 - Matthias Eliasson <matthias.eliasson@gmail.com>
- update to version 2.7.6
Minor Changes:
* Added documentation about using VMware dynamic inventory plugin.
* Fixed bug around populating host_ip in hostvars in vmware_vm_inventory.
* Image reference change in Azure VMSS is detected and applied correctly.
* docker_volume - reverted changed behavior of force, which was released in Ansible 2.7.1 to 2.7.5, and Ansible 2.6.8 to 2.6.11. Volumes are now only recreated if the parameters changed and force is set to true (instead of or). This is the behavior which has been described in the documentation all the time.
* set ansible_os_family from name variable in os-release
* yum and dnf can now handle installing packages from URIs that are proxy redirects and don't end in the .rpm file extension
Bugfixes:
* Added log message at -vvvv when using netconf connection listing connection details.
* Changes how ansible-connection names socket lock files. They now use the same name as the socket itself, and as such do not lock other attempts on connections to the same host, or cause issues with overly-long hostnames.
* Fix mandatory statement error for junos modules (https://github.com/ansible/ansible/pull/50138)
* Moved error in netconf connection plugin from at import to on connection.
* This reverts some changes from commit 723daf3. If a line is found in the file, exactly or via regexp matching, it must not be added again. insertafter/insertbefore options are used only when a line is to be inserted, to specify where it must be added.
* allow using openstack inventory plugin w/o a cache
* callbacks - Do not filter out exception, warnings, deprecations on failure when using debug (https://github.com/ansible/ansible/issues/47576)
* certificate_complete_chain - fix behavior when invalid file is parsed while reading intermediate or root certificates.
* copy - Ensure that the src file contents is converted to unicode in diff information so that it is properly wrapped by AnsibleUnsafeText to prevent unexpected templating of diff data in Python3 (https://github.com/ansible/ansible/issues/45717)
* correct behaviour of verify_file for vmware inventory plugin, it was always returning True
* dnf - fix issue where conf_file was not being loaded properly
* dnf - fix update_cache combined with install operation to not cause dnf transaction failure
* docker_container - fix network_mode idempotency if the container:<container-name> form is used (as opposed to container:<container-id>) (https://github.com/ansible/ansible/issues/49794)
* docker_container - warning when non-string env values are found, avoiding YAML parsing issues. Will be made an error in Ansible 2.8. (https://github.com/ansible/ansible/issues/49802)
* docker_swarm_service - Document labels and container_labels with correct type.
* docker_swarm_service - Document limit_memory and reserve_memory correctly on how to specify sizes.
* docker_swarm_service - Document minimal API version for configs and secrets.
* docker_swarm_service - fix use of Docker API so that services are not detected as present if there is an existing service whose name is a substring of the desired service
* docker_swarm_service - fixing falsely reporting update_order as changed when option is not used.
* document old option that was initally missed
* ec2_instance now respects check mode https://github.com/ansible/ansible/pull/46774
* fix for network_cli - ansible_command_timeout not working as expected (#49466)
* fix handling of firewalld port if protocol is missing
* fix lastpass lookup failure on python 3 (https://github.com/ansible/ansible/issues/42062)
* flatpak - Fixed Python 2/3 compatibility
* flatpak - Fixed issue where newer versions of flatpak failed on flatpak removal
* flatpak_remote - Fixed Python 2/3 compatibility
* gcp_compute_instance - fix crash when the instance metadata is not set
* grafana_dashboard - Fix a pair of unicode string handling issues with version checking (https://github.com/ansible/ansible/pull/49194)
* host execution order - Fix reverse_inventory not to change the order of the items before reversing on python2 and to not backtrace on python3
* icinga2_host - fixed the issue with not working use_proxy option of the module.
* influxdb_user - An unspecified password now sets the password to blank, except on existing users. This previously caused an unhandled exception.
* influxdb_user - Fixed unhandled exception when using invalid login credentials (https://github.com/ansible/ansible/issues/50131)
* openssl_* - fix error when path contains a file name without path.
* openssl_csr - fix problem with idempotency of keyUsage option.
* openssl_pkcs12 - now does proper path expansion for ca_certificates.
* os_security_group_rule - os_security_group_rule doesn't exit properly when secgroup doesn't exist and state=absent (https://github.com/ansible/ansible/issues/50057)
* paramiko_ssh - add auth_timeout parameter to ssh.connect when supported by installed paramiko version. This will prevent "Authentication timeout" errors when a slow authentication step (>30s) happens with a host (https://github.com/ansible/ansible/issues/42596)
* purefa_facts and purefb_facts now correctly adds facts into main ansible_fact dictionary (https://github.com/ansible/ansible/pull/50349)
* reboot - add appropriate commands to make the plugin work with VMware ESXi (https://github.com/ansible/ansible/issues/48425)
* reboot - add support for rebooting AIX (https://github.com/ansible/ansible/issues/49712)
* reboot - gather distribution information in order to support Alpine and other distributions (https://github.com/ansible/ansible/issues/46723)
* reboot - search common paths for the shutdown command and use the full path to the binary rather than depending on the PATH of the remote system (https://github.com/ansible/ansible/issues/47131)
* reboot - use a common set of commands for older and newer Solaris and SunOS variants (https://github.com/ansible/ansible/pull/48986)
* redfish_utils - fix reference to local variable 'systems_service'
* setup - fix the rounding of the ansible_memtotal_mb value on VMWare vm's (https://github.com/ansible/ansible/issues/49608)
* vultr_server - fixed multiple ssh keys were not handled.
* win_copy - Fix copy of a dir that contains an empty directory - https://github.com/ansible/ansible/issues/50077
* win_firewall_rule - Remove invalid 'bypass' action
* win_lineinfile - Fix issue where a malformed json block was returned causing an error
* win_updates - Correctly report changes on success
2018-12-18 11:32:46 +01:00
-------------------------------------------------------------------
Sun Dec 16 00:20:24 UTC 2018 - Matthias Eliasson <matthias.eliasson@gmail.com>
- update to version 2.7.5
Minor Changes:
* Add warning about falling back to jinja2_native=false when Jinja2 version is lower than 2.10.
* Change the position to search os-release since clearlinux new versions are providing /etc/os-release too
* Fixed typo in ansible-galaxy info command.
* Improve the deprecation message for squashing, to not give misleading advice
* Update docs and return section of vmware_host_service_facts module.
* ansible-galaxy: properly warn when git isn't found in an installed bin path instead of traceback
* dnf module properly load and initialize dnf package manager plugins
* docker_swarm_service: use docker defaults for the user parameter if it is set to null
Bugfixes:
2020-05-26 23:14:44 +02:00
* bsc#1118896 CVE-2018-16876 Information disclosure in vvv+ mode with no_log on (https://github.com/ansible/ansible/pull/49569)
2018-12-18 11:32:46 +01:00
* ACME modules: improve error messages in some cases (include error returned by server).
* Added unit test for VMware module_utils.
* Also check stdout for interpreter errors for more intelligent messages to user
* Backported support for Devuan-based distribution
* Convert hostvars data in OpenShift inventory plugin to be serializable by ansible-inventory
* Fix AttributeError (Python 3 only) when an exception occurs while rendering a template
* Fix N3K power supply facts (https://github.com/ansible/ansible/pull/49150).
* Fix NameError nxos_facts (https://github.com/ansible/ansible/pull/48981).
* Fix VMware module utils for self usage.
* Fix error in OpenShift inventory plugin when a pod has errored and is empty
* Fix if the route table changed to none (https://github.com/ansible/ansible/pull/49533)
* Fix iosxr netconf plugin response namespace (https://github.com/ansible/ansible/pull/49300)
* Fix issues with nxos_install_os module for nxapi (https://github.com/ansible/ansible/pull/48811).
* Fix lldp and cdp neighbors information (https://github.com/ansible/ansible/pull/48318)(https://github.com/ansible/ansible/pull/48087)(https://github.com/ansible/ansible/pull/49024).
* Fix nxos_interface and nxos_linkagg Idempotence issue (https://github.com/ansible/ansible/pull/46437).
* Fix traceback when updating facts and the fact cache plugin was nonfunctional
* Fix using vault encrypted data with jinja2_native (https://github.com/ansible/ansible/issues/48950)
* Fixed: Make sure that the files excluded when extracting the archive are not checked. https://github.com/ansible/ansible/pull/45122
* Fixes issue where a password parameter was not set to no_log
* Respect no_log on retry and high verbosity (CVE-2018-16876)
* aci_rest - Fix issue ignoring custom port
* acme_account, acme_account_facts - in some cases, it could happen that the modules return information on disabled accounts accidentally returned by the ACME server.
* docker_swarm - decreased minimal required API version from 1.35 to 1.25; some features require API version 1.30 though.
* docker_swarm_service: fails because of default "user: root" (https://github.com/ansible/ansible/issues/49199)
* ec2_metadata_facts - Parse IAM role name from the security credential field since the instance profile name is different
* fix azure_rm_image module use positional parameter (https://github.com/ansible/ansible/pull/49394)
* fixes an issue with dict_merge in network utils (https://github.com/ansible/ansible/pull/49474)
* gcp_utils - fix google auth scoping issue with application default credentials or google cloud engine credentials. Only scope credentials that can be scoped.
* mail - fix python 2.7 regression
* openstack - fix parameter handling when cloud provided as dict https://github.com/ansible/ansible/issues/42858
* os_user - Include domain parameter in user deletion https://github.com/ansible/ansible/issues/42901
* os_user - Include domain parameter in user lookup https://github.com/ansible/ansible/issues/42901
* ovirt_storage_connection - comparing passwords breaks idempotency in update_check (https://github.com/ansible/ansible/issues/48933)
* paramiko_ssh - improve log message to state the connection type
* reboot - use IndexError instead of TypeError in exception
* redis cache - Support version 3 of the redis python library (https://github.com/ansible/ansible/issues/49341)
* sensu_silence - Cast int for expire field to avoid call failure to sensu API.
* vmware_host_service_facts - handle exception when service package does not have package name.
* win_nssm - Switched to Argv-ToString for escaping NSSM credentials (https://github.com/ansible/ansible/issues/48728)
* zabbix_hostmacro - Added missing validate_certs logic for running module against Zabbix servers with untrused SSL certificates (https://github.com/ansible/ansible/issues/47611)
* zabbix_hostmacro - Fixed support for user macros with context (https://github.com/ansible/ansible/issues/46953)
2018-12-04 13:18:54 +01:00
-------------------------------------------------------------------
Sun Dec 2 21:25:32 UTC 2018 - Matthias Eliasson <matthias.eliasson@gmail.com>
- update to version 2.7.4
Bugfixes:
* powershell - add lib/ansible/executor/powershell to the packaging data
-------------------------------------------------------------------
Sun Dec 2 21:17:22 UTC 2018 - Matthias Eliasson <matthias.eliasson@gmail.com>
- update to version 2.7.3
Minor Changes:
* Document Path and Port are mutually exclusive parameters in wait_for module
* Puppet module remove --ignorecache to allow Puppet 6 support
* dnf properly support modularity appstream installation via overloaded group
modifier syntax
* proxmox_kvm - fix exception
* win_security_policy - warn users to use win_user_right instead when editing
Privilege Rights
Bugfixes:
* Fix the issue that FTD HTTP API retries authentication-related HTTP requests
* Fix the issue that module fails when the Swagger model does not have required fields
* Fix the issue with comparing string-like objects
* Fix using omit on play keywords
* Windows - prevent sensitive content from appearing in scriptblock logging (CVE-2018-16859)
* apt_key - Disable TTY requirement in GnuPG for the module to work correctly
when SSH pipelining is enabled
* better error message when bad type in config, deal with EVNAR= more gracefully
* configuration retrieval would fail on non primed plugins
* cs_template - Fixed a KeyError on state=extracted
* docker_container - fix idempotency problems with docker-py caused by previous
init idempotency fix
* docker_container - fix interplay of docker-py version check with argument_spec
validation improvements
* docker_network - driver_options containing Python booleans would cause Docker
to throw exceptions
* ec2_group - Fix comparison of determining which rules to purge by ignoring descriptions
* pip module - fix setuptools/distutils replacement
* sysvinit - enabling a service should use "defaults" if no runlevels are specified
-------------------------------------------------------------------
Wed Nov 28 18:57:37 UTC 2018 - Matthias Eliasson <matthias.eliasson@gmail.com>
- update to version 2.7.2
Minor changes:
* Fix documentation for cloning template
* Parsing plugin filter may raise TypeError, gracefully handle this
exception and let user know about the syntax error in plugin filter file
* Scenario guide for VMware HTTP API usage
* Update plugin filter documentation
* fix yum and dnf autoremove input sanitization to properly warn user if
invalid options passed and update documentation to match
* improve readability and fix privileges names on vmware scenario_clone_template
* k8s - updated module documentation to mention how to avoid SSL validation errors
* yum - when checking for updates, now properly include Obsoletes
(both old and new) package data in the module JSON output
2018-10-28 13:49:16 +01:00
-------------------------------------------------------------------
Sat Oct 27 03:22:44 UTC 2018 - sean@suspend.net
- update to 2.7.1
Minor changes:
* Fix yum module to properly check for empty conf_file value
* added capability to set the scheme for the consul_kv lookup
* added optional certificate and certificate validation for consul_kv lookups
* dnf - properly handle modifying the enable/disable excludes data field
* dnf appropriately handles disable_excludes repoid argument
* dnf proerly honors disable_gpg_check for local package installation
* fix yum module to handle list argument optional empty strings properly
* netconf_config - Make default_operation optional in netconf_config module
* yum - properly handle proxy password and username embedded in url
* yum/dnf - fail when space separated string of names
2018-10-11 14:22:26 +02:00
-------------------------------------------------------------------
Mon Oct 08 06:09:05 UTC 2018 - sean@suspend.net
- update to 2.7.0
Major changes:
* Allow config to enable native jinja types
* Remove support for simplejson
* yum and dnf modules now at feature parity
Minor changes:
* Changed the prefix of all Vultr modules from vr to vultr
* Enable installroot tests for yum4(dnf) integration testing, dnf backend now supports that
* Fixed timer in exponential backoff algorithm in vmware.py
Bugfixes:
* Security Fix - avoid loading host/group vars from cwd when not specifying a playbook or playbook base dir
* Security Fix - avoid using ansible.cfg in a world writable dir
* Some connection exception would cause no_log specified on a task to be ignored (stdout info disclosure)
* Fix glob path of rc.d (SUSE-specific)
* Fix lambda_policy updates
* Fix alt linux detection/matching
2018-09-11 11:39:27 +02:00
-------------------------------------------------------------------
Tue Sep 11 09:29:01 UTC 2018 - lars@linux-schulserver.de
- update to 2.6.4
Minor Changes:
* add azure_rm_storageaccount support to StorageV2 kind.
* import_tasks - Do not allow import_tasks to transition to dynamic
if the file is missing
Bugfixes:
* Add md5sum check in nxos_file_copy module
* Allow arbitrary log_driver for docker_container
* Fix Python2.6 regex bug terminal plugin nxos, iosxr
* Fix check_mode in nxos_static_route module
* Fix glob path of rc.d Some distribtuions like SUSE has the rc%.d
directories under /etc/init.d
* Fix network config diff issue for lines
* Fixed an issue where ansible_facts.pkg_mgr would incorrectly set
to zypper on Debian/Ubuntu systems that happened to have the
command installed
* The docker_* modules respect the DOCKER_* environment variables again
* The fix for CVE-2018-10875 prints out a warning message about
skipping a config file from a world writable current working directory.
However, if the user is in a world writable current working directory
which does not contain a config file, it should not print a warning
message. This release fixes that extaneous warning.
* To resolve nios_network issue where vendor-encapsulated-options
can not have a use_option flag.
* To resolve the issue of handling exception for Nios lookup gracefully.
* always correctly template no log for tasks
* ansible-galaxy - properly list all roles in roles_path
* basic.py - catch ValueError in case a FIPS enabled platform
raises this exception
* docker_container: fixing working_dir idempotency problem
* docker_container: makes unit parsing for memory sizes more consistent,
and fixes idempotency problem when kernel_memory is set
* fix example code for AWS lightsail documentation
* fix the enable_snat parameter that is only supposed to be used by
an user with the right policies.
* fixes docker_container check and debug mode
* improves docker_container idempotency
* ios_l2_interface - fix bug when list of vlans ends with comma
* ios_l2_interface - fix issue with certain interface types
* ios_user - fix unable to delete user admin issue
* ios_vlan - fix unable to work on certain interface types issue
* nxos_facts test lldp feature and fix nxapi check_rc
* nxos_interface port-channel idempotence fix for mode
* nxos_linkagg mode fix
* nxos_system idempotence fix
* nxos_vlan refactor to support non structured output
* one_host - fixes settings via environment variables
* use retry_json nxos_banner
* user - Strip trailing comments in /etc/default/passwd
* user - when creating a new user without an expiration date,
properly set no expiration rather that expirining the account
* win_domain_computer - fixed deletion of computer active directory
object that have dependent objects
* win_domain_computer - fixed error in diff_support
* win_domain_computer - fixed error when description parameter is empty
* win_psexec - changed code to not escape the command option when building the args
* win_uri -- Fix support for JSON output when charset is set
* win_wait_for - fix issue where timeout doesn't wait unless state=drained
2018-08-31 10:54:40 +02:00
-------------------------------------------------------------------
Mon Aug 27 19:35:38 UTC 2018 - matthias.eliasson@gmail.com
- update to 2.6.3
Bugfixes:
* Fix lxd module to be idempotent when the given configuration for
the lxd container has not changed
* Fix setting value type to str to avoid conversion during template
read. Fix Idempotency in case of 'no key'.
* Fix the mount module's handling of swap entries in fstab
* The fix for (CVE-2018-10875) prints out a warning message about
skipping a config file from a world writable current working
directory. However, if the user explicitly specifies that the
config file should be used via the ANSIBLE_CONFIG environment
variable then Ansible would honor that but still print out the
warning message. This has been fixed so that Ansible honors the
user's explicit wishes and does not print a warning message in
that circumstance.
* To fix the bug where existing host_record was deleted when existing
record name is used with different IP.
* VMware handle pnic in proxyswitch
* fix azure security group cannot add rules when purge_rule set to false.
* fix azure_rm_deployment collect tags from existing Resource Group.
* fix azure_rm_loadbalancer_facts list takes at least 2 arguments.
* fix for the bundled selectors module (used in the ssh and local
connection plugins) when a syscall is restarted after being
interrupted by a signal
* get_url - fix the bug that get_url does not change mode when checksum matches
* nicer error when multiprocessing breaks
* openssl_certificate - Convert valid_date to bytes for conversion
* openstack_inventory.py dynamic inventory file fixed the plugin to the
script so that it will work with current ansible-inventory. Also
redirect stdout before dumping the ouptput, because not doing so will
cause JSON parse errors in some cases.
* slack callback - Fix invocation by looking up data from cli.options
* sysvinit module: handle values of optional parameters. Don't disable
service when enabled parameter isn't set. Fix command when arguments
parameter isn't set.
* vars_prompt - properly template play level variables in vars_prompt
* win_domain - ensure the Netlogon service is up and running after
promoting host to controller
* win_domain_controller - ensure the Netlogon service is up and running
after promoting host to controller
2018-07-30 19:25:29 +02:00
-------------------------------------------------------------------
Mon Jul 30 15:05:07 UTC 2018 - lars@linux-schulserver.de
- update to 2.6.2
Minor Changes
+ Sceanrio guide for removing an existing virtual machine is added.
+ lineinfile - add warning when using an empty regexp
+ Restore module_utils.basic.BOOLEANS variable for backwards compatibility
with the module API in older ansible releases.
Bugfixes:
2020-05-29 00:37:12 +02:00
+ Includes fix for bsc#1099808 (CVE-2018-10875) ansible.cfg is being read
from current working directory allowing possible code execution
2018-07-30 19:25:29 +02:00
+ Add text output along with structured output in nxos_facts
+ Allow more than one page of results by using the right pagination
indicator ('NextMarker' instead of 'NextToken').
+ Fix an atomic_move error that is 'true', but misleading.
Now we show all 3 files involved and clarify what happened.
+ Fix eos_l2_interface eapi.
+ Fix fetching old style facts in junos_facts module
+ Fix get_device_info nxos zero or more whitespace regex
+ Fix nxos CI failures
+ Fix nxos_nxapi default http behavior
+ Fix nxos_vxlan_vtep_vni
+ Fix regex network_os_platform nxos
+ Refactor nxos cliconf get_device_info for non structured
output supported devices
+ To fix the NoneType error raised in ios_l2_interface when
Access Mode VLAN is unassigned
+ emtpy host/group name is an error
+ fix default SSL version for docker modules
+ fix mail module when using starttls
+ fix nmap config example
+ fix ps detection of service
+ fix the remote tmp folder permissions issue when becoming a non
admin user
+ fix typoe in sysvinit that breaks update.rc-d detection
+ fixes docker_container compatibilty with docker-py < 2.2
+ get_capabilities in nxapi module_utils should not return empty dictionary
+ inventory - When using an inventory directory, ensure extension
comparison uses text types
+ ios_vlan - fix unable to identify correct vlans issue
+ nxos_facts warning message improved
+ openvswitch_db - make 'key' argument optional
+ pause - do not set stdout to raw mode when redirecting to a file
+ pause - nest try except when importing curses to gracefully fail
if curses is not present
+ plugins/inventory/openstack.py - Do not create group with empty
name if region is not set
+ preseve delegation info on nolog
+ remove ambiguity when it comes to 'the source'
+ remove dupes from var precedence
+ restores filtering out conflicting facts
+ user - fix bug that resulted in module always reporting a change when
specifiying the home directory on FreeBSD
+ user - use correct attribute name in FreeBSD for creat_home
+ vultr - Do not fail trying to load configuration from ini files if
required variables have been set as environment variables.
+ vyos_command correcting conditionals looping
+ win_chocolatey - enable TLSv1.2 support when downloading the
Chocolatey installer
+ win_reboot - fix for handling an already scheduled reboot and other
minor log formatting issues
+ win_reboot - fix issue when overridding connection timeout hung
the post reboot uptime check
+ win_reboot - handle post reboots when running test_command
+ win_security_policy - allows an empty string to reset a policy value
+ win_share - discard any cmdlet output we don't use to ensure only the
return json is received by Ansible
+ win_unzip - discard any cmdlet output we don't use to ensure only the
return json is received by Ansible
+ win_updates - fixed module return value is lost in error in some cases
+ win_user - Use LogonUser to validate the password as it does not
rely on SMB/RPC to be available
+ Security Fix - avoid loading host/group vars from cwd when not
specifying a playbook or playbook base dir
+ Security Fix - avoid using ansible.cfg in a world writable dir.
+ Fix junos_config confirm commit timeout issue
(https://github.com/ansible/ansible/pull/41527)
+ file module - The touch subcommand had its diff output broken during
the 2.6.x development cycle. This is now fixed.
+ inventory manager - This fixes required options being populated before
the inventory config file is read, so the required options may be
set in the config file.
+ nsupdate - allow hmac-sha384 https://github.com/ansible/ansible/pull/42209
+ win_domain - fixes typo in one of the AD cmdlets
https://github.com/ansible/ansible/issues/41536
+ win_group_membership - uses the internal Ansible SID conversion logic
and uses that when comparing group membership instead of the name
- use fdupes to save some space in python_sitelib
- define BuildRoot on older distributions like SLE-11
- be a bit more flexible with the ending of manpage files to allow
Fedora builds to succeed
Accepting request 620440 from home:bmanojlovic:branches:systemsmanagement
- revert some unneeded changes from spec-cleaner
- updated to latest release 2.6.0
- New Plugins:
+ Callback:
- cgroup_memory_recap
- grafana_annotations
- sumologic
+ Connection:
- httpapi
+ Inventory:
- foreman
- gcp_compute
- generator
- nmap
+ Lookup:
- onepassword
- onepassword_raw
- Modules updates too many to mention here
please look at package documentation directory (/usr/share/doc/packages/.../changelogs)
- bug fixes:
- **Security Fix** - Some connection exceptions would cause no_log
specified on a task to be ignored. If this happened, the task information,
including any private information coul d have been displayed to stdout and
(if enabled, not the default) logged to a log file specified in
ansible.cfg's log_path. Additionally, sites which redirected stdout from
ansible runs to a log file may have stored that private information onto
disk that way as well. (https://github.com/ansible/ansible/pull/41414)
- Changed the admin_users config option to not include "admin" by default
as admin is frequently used for a non-privileged account
(https://github.com/ansible/ansible/pull/41164)
- Changed the output to "text" for "show vrf" command as default "json"
output format with respect to "eapi" transport was failing
(https://github.com/ansible/ansible/pull/41470)
- Document mode=preserve for both the copy and template module
- Fix added for Digital Ocean Volumes API change causing Ansible to
recieve an unexpected value in the response.
(https://github.com/ansible/ansible/pull/41431)
- Fix an encoding issue when parsing the examples from a plugins'
documentation
- Fix iosxr_config module to handle route-policy, community-set,
prefix-set, as-path-set and rd-set blocks. All these blocks are part of
route-policy language of iosxr.
- Fix mode=preserve with remote_src=True for the copy module
- Implement mode=preserve for the template module
- The yaml callback plugin now allows non-ascii characters to be
displayed.
- Various grafana_* modules - Port away from the deprecated
b64encodestring function to the b64encode function instead.
https://github.com/ansible/ansible/pull/38388
- added missing 'raise' to exception definition
https://github.com/ansible/ansible/pull/41690
- allow custom endpoints to be used in the aws_s3 module
(https://github.com/ansible/ansible/pull/36832)
- allow set_options to be called multiple times
https://github.com/ansible/ansible/pull/41913
- ansible-doc - fixed traceback on missing plugins
(https://github.com/ansible/ansible/pull/41167)
- cast the device_mapping volume size to an int in the ec2_ami module
(https://github.com/ansible/ansible/pull/40938)
- copy - fixed copy to only follow symlinks for files in the non-recursive case
- copy module - The copy module was attempting to change the mode of files
for remote_src=True even if mode was not set as a parameter. This
failed on filesystems which do not have permission bits
(https://github.com/ansible/ansible/pull/40099)
- copy module - fixed recursive copy with relative paths
(https://github.com/ansible/ansible/pull/40166)
- correct debug display for all cases
https://github.com/ansible/ansible/pull/41331
- correctly check hostvars for vars term
https://github.com/ansible/ansible/pull/41819
- correctly handle yaml inventory files when entries are null dicts
https://github.com/ansible/ansible/issues/41692
- dynamic includes - Allow inheriting attributes from static parents
(https://github.com/ansible/ansible/pull/38827)
- dynamic includes - Don't treat undefined vars for conditional includes
as truthy (https://github.com/ansible/ansible/pull/39377)
- dynamic includes - Fix IncludedFile comparison for free strategy
(https://github.com/ansible/ansible/pull/37083)
- dynamic includes - Improved performance by fixing re-parenting on copy
(https://github.com/ansible/ansible/pull/38747)
- dynamic includes - Use the copied and merged task for calculating task
vars (https://github.com/ansible/ansible/pull/39762)
- file - fixed the default follow behaviour of file to be true
- file module - Eliminate an error if we're asked to remove a file but
something removes it while we are processing the request
(https://github.com/ansible/ansible/pull/39466)
- file module - Fix error when recursively assigning permissions and a
symlink to a nonexistent file is present in the directory tree
(https://github.com/ansible/ansible/issues/39456)
- file module - Fix error when running a task which assures a symlink to a
nonexistent file exists for the second and subsequent times
(https://github.com/ansible/ansible/issues/39558)
- file module - The file module allowed the user to specify src as a
parameter when state was not link or hard. This is documented as only
applying to state=link or state=hard but in previous Ansible, this could
have an effect in rare cornercases. For instance, "ansible -m file -a
'state=directory path=/tmp src=/var/lib'" would create /tmp/lib. This
has been disabled and a warning emitted (will change to an error in
Ansible-2.10).
- file module - The touch subcommand had its diff output broken during the
2.6.x development cycle. This is now fixed
(https://github.com/ansible/ansible/issues/41755)
- fix BotoCoreError exception handling
- fix apt-mark on debian6 (https://github.com/ansible/ansible/pull/41530)
- fix async for the aws_s3 module by adding async support to the action
plugin (https://github.com/ansible/ansible/pull/40826)
- fix decrypting vault files for the aws_s3 module
(https://github.com/ansible/ansible/pull/39634)
- fix errors with S3-compatible APIs if they cannot use ACLs for buckets
or objects
- fix permission handling to try to download a file even if the user does
not have permission to list all objects in the bucket
- fixed config required handling, specifically for _terms in lookups
https://github.com/ansible/ansible/pull/41740
- gce_net - Fix sorting of allowed ports
(https://github.com/ansible/ansible/pull/41567)
- group_by - support implicit localhost
(https://github.com/ansible/ansible/pull/41860)
- import/include - Ensure role handlers have the proper parent, allowing
for correct attribute inheritance
(https://github.com/ansible/ansible/pull/39426)
- import_playbook - Pass vars applied to import_playbook into parsing of
the playbook as they may be needed to parse the imported plays
(https://github.com/ansible/ansible/pull/39521)
- include_role/import_role - Don't overwrite included role handlers with
play handlers on parse (https://github.com/ansible/ansible/pull/39563)
- include_role/import_role - Fix parameter templating
(https://github.com/ansible/ansible/pull/36372)
- include_role/import_role - Use the computed role name for
include_role/import_role so to diffentiate between names computed from
host vars (https://github.com/ansible/ansible/pull/39516)-
include_role/import_role - improved performance and recursion depth
(https://github.com/ansible/ansible/pull/36470)
- lineinfile - fix insertbefore when used with BOF to not insert duplicate
lines (https://github.com/ansible/ansible/issues/38219)
- password lookup - Do not load password lookup in network filters,
allowing the password lookup to be overriden
(https://github.com/ansible/ansible/pull/41907)
- pause - ensure ctrl+c interrupt works in all cases
(https://github.com/ansible/ansible/issues/35372)
- powershell - use the tmpdir set by `remote_tmp` for become/async tasks
instead of the generic $env:TEMP -
https://github.com/ansible/ansible/pull/40210
- selinux - correct check mode behavior to report same changes as normal
mode (https://github.com/ansible/ansible/pull/40721)
- spwd - With python 3.6 spwd.getspnam returns PermissionError instead of
KeyError if user does not have privileges
(https://github.com/ansible/ansible/issues/39472)
- synchronize - Ensure the local connection created by synchronize uses
_remote_is_local=True, which causes ActionBase to build a local tmpdir
(https://github.com/ansible/ansible/pull/40833)
- template - Fix for encoding issues when a template path contains
non-ascii characters and using the template path in ansible_managed
(https://github.com/ansible/ansible/issues/27262)
- template action plugin - fix the encoding of filenames to avoid
tracebacks on Python2 when characters that are not present in the user's
locale are present. (https://github.com/ansible/ansible/pull/39424)
- user - only change the expiration time when necessary
(https://github.com/ansible/ansible/issues/13235)
- uses correct conn info for reset_connection
https://github.com/ansible/ansible/issues/27520
- win_environment - Fix for issue where the environment value was deleted
when a null value or empty string was set -
https://github.com/ansible/ansible/issues/40450
- win_file - fix issue where special chars like [ and ] were not being
handled correctly https://github.com/ansible/ansible/pull/37901
- win_get_url - fixed a few bugs around authentication and force no when
using an FTP URL
- win_iis_webapppool - redirect some module output to null so Ansible can
read the output JSON https://github.com/ansible/ansible/issues/40874
- win_template - fix when specifying the dest option as a directory with
and without the trailing slash
https://github.com/ansible/ansible/issues/39886
- win_updates - Added the ability to run on a scheduled task for older
hosts so async starts working again -
https://github.com/ansible/ansible/issues/38364
- win_updates - Fix logic when using a whitelist for multiple updates
- win_updates - Fix typo that hid the download error when a download
failed
- win_updates - Fixed issue where running win_updates on async fails
without any error
- windows become - Show better error messages when the become process fails
- winrm - Add better error handling when the kinit process fails
- winrm - allow `ansible_user` or `ansible_winrm_user` to override
`ansible_ssh_user` when both are defined in an inventory -
https://github.com/ansible/ansible/issues/39844
- winrm - ensure pexpect is set to not echo the input on a failure and have
a manual sanity check afterwards
https://github.com/ansible/ansible/issues/41865
- winrm connection plugin - Fix exception messages sometimes raising a
traceback when the winrm connection plugin encounters an unrecoverable
error. https://github.com/ansible/ansible/pull/39333
- xenserver_facts - ensure module works with newer versions of XenServer
(https://github.com/ansible/ansible/pull/35821)
- use python3 on (open)SUSE 15 or newer
OBS-URL: https://build.opensuse.org/request/show/620440
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=112
2018-07-09 14:48:59 +02:00
-------------------------------------------------------------------
Mon Jul 2 17:23:10 UTC 2018 - mrueckert@suse.de
- revert some unneeded changes from spec-cleaner
-------------------------------------------------------------------
Mon Jul 2 11:38:41 UTC 2018 - boris@steki.net
- updated to latest release 2.6.0
- New Plugins:
+ Callback:
- cgroup_memory_recap
- grafana_annotations
- sumologic
+ Connection:
- httpapi
+ Inventory:
- foreman
- gcp_compute
- generator
- nmap
+ Lookup:
- onepassword
- onepassword_raw
- Modules updates too many to mention here
please look at package documentation directory (/usr/share/doc/packages/.../changelogs)
- bug fixes:
- **Security Fix** - Some connection exceptions would cause no_log
specified on a task to be ignored. If this happened, the task information,
including any private information coul d have been displayed to stdout and
(if enabled, not the default) logged to a log file specified in
ansible.cfg's log_path. Additionally, sites which redirected stdout from
ansible runs to a log file may have stored that private information onto
disk that way as well. (https://github.com/ansible/ansible/pull/41414)
- Changed the admin_users config option to not include "admin" by default
as admin is frequently used for a non-privileged account
(https://github.com/ansible/ansible/pull/41164)
- Changed the output to "text" for "show vrf" command as default "json"
output format with respect to "eapi" transport was failing
(https://github.com/ansible/ansible/pull/41470)
- Document mode=preserve for both the copy and template module
- Fix added for Digital Ocean Volumes API change causing Ansible to
recieve an unexpected value in the response.
(https://github.com/ansible/ansible/pull/41431)
- Fix an encoding issue when parsing the examples from a plugins'
documentation
- Fix iosxr_config module to handle route-policy, community-set,
prefix-set, as-path-set and rd-set blocks. All these blocks are part of
route-policy language of iosxr.
- Fix mode=preserve with remote_src=True for the copy module
- Implement mode=preserve for the template module
- The yaml callback plugin now allows non-ascii characters to be
displayed.
- Various grafana_* modules - Port away from the deprecated
b64encodestring function to the b64encode function instead.
https://github.com/ansible/ansible/pull/38388
- added missing 'raise' to exception definition
https://github.com/ansible/ansible/pull/41690
- allow custom endpoints to be used in the aws_s3 module
(https://github.com/ansible/ansible/pull/36832)
- allow set_options to be called multiple times
https://github.com/ansible/ansible/pull/41913
- ansible-doc - fixed traceback on missing plugins
(https://github.com/ansible/ansible/pull/41167)
- cast the device_mapping volume size to an int in the ec2_ami module
(https://github.com/ansible/ansible/pull/40938)
- copy - fixed copy to only follow symlinks for files in the non-recursive case
- copy module - The copy module was attempting to change the mode of files
for remote_src=True even if mode was not set as a parameter. This
failed on filesystems which do not have permission bits
(https://github.com/ansible/ansible/pull/40099)
- copy module - fixed recursive copy with relative paths
(https://github.com/ansible/ansible/pull/40166)
- correct debug display for all cases
https://github.com/ansible/ansible/pull/41331
- correctly check hostvars for vars term
https://github.com/ansible/ansible/pull/41819
- correctly handle yaml inventory files when entries are null dicts
https://github.com/ansible/ansible/issues/41692
- dynamic includes - Allow inheriting attributes from static parents
(https://github.com/ansible/ansible/pull/38827)
- dynamic includes - Don't treat undefined vars for conditional includes
as truthy (https://github.com/ansible/ansible/pull/39377)
- dynamic includes - Fix IncludedFile comparison for free strategy
(https://github.com/ansible/ansible/pull/37083)
- dynamic includes - Improved performance by fixing re-parenting on copy
(https://github.com/ansible/ansible/pull/38747)
- dynamic includes - Use the copied and merged task for calculating task
vars (https://github.com/ansible/ansible/pull/39762)
- file - fixed the default follow behaviour of file to be true
- file module - Eliminate an error if we're asked to remove a file but
something removes it while we are processing the request
(https://github.com/ansible/ansible/pull/39466)
- file module - Fix error when recursively assigning permissions and a
symlink to a nonexistent file is present in the directory tree
(https://github.com/ansible/ansible/issues/39456)
- file module - Fix error when running a task which assures a symlink to a
nonexistent file exists for the second and subsequent times
(https://github.com/ansible/ansible/issues/39558)
- file module - The file module allowed the user to specify src as a
parameter when state was not link or hard. This is documented as only
applying to state=link or state=hard but in previous Ansible, this could
have an effect in rare cornercases. For instance, "ansible -m file -a
'state=directory path=/tmp src=/var/lib'" would create /tmp/lib. This
has been disabled and a warning emitted (will change to an error in
Ansible-2.10).
- file module - The touch subcommand had its diff output broken during the
2.6.x development cycle. This is now fixed
(https://github.com/ansible/ansible/issues/41755)
- fix BotoCoreError exception handling
- fix apt-mark on debian6 (https://github.com/ansible/ansible/pull/41530)
- fix async for the aws_s3 module by adding async support to the action
plugin (https://github.com/ansible/ansible/pull/40826)
- fix decrypting vault files for the aws_s3 module
(https://github.com/ansible/ansible/pull/39634)
- fix errors with S3-compatible APIs if they cannot use ACLs for buckets
or objects
- fix permission handling to try to download a file even if the user does
not have permission to list all objects in the bucket
- fixed config required handling, specifically for _terms in lookups
https://github.com/ansible/ansible/pull/41740
- gce_net - Fix sorting of allowed ports
(https://github.com/ansible/ansible/pull/41567)
- group_by - support implicit localhost
(https://github.com/ansible/ansible/pull/41860)
- import/include - Ensure role handlers have the proper parent, allowing
for correct attribute inheritance
(https://github.com/ansible/ansible/pull/39426)
- import_playbook - Pass vars applied to import_playbook into parsing of
the playbook as they may be needed to parse the imported plays
(https://github.com/ansible/ansible/pull/39521)
- include_role/import_role - Don't overwrite included role handlers with
play handlers on parse (https://github.com/ansible/ansible/pull/39563)
- include_role/import_role - Fix parameter templating
(https://github.com/ansible/ansible/pull/36372)
- include_role/import_role - Use the computed role name for
include_role/import_role so to diffentiate between names computed from
host vars (https://github.com/ansible/ansible/pull/39516)-
include_role/import_role - improved performance and recursion depth
(https://github.com/ansible/ansible/pull/36470)
- lineinfile - fix insertbefore when used with BOF to not insert duplicate
lines (https://github.com/ansible/ansible/issues/38219)
- password lookup - Do not load password lookup in network filters,
allowing the password lookup to be overriden
(https://github.com/ansible/ansible/pull/41907)
- pause - ensure ctrl+c interrupt works in all cases
(https://github.com/ansible/ansible/issues/35372)
- powershell - use the tmpdir set by `remote_tmp` for become/async tasks
instead of the generic $env:TEMP -
https://github.com/ansible/ansible/pull/40210
- selinux - correct check mode behavior to report same changes as normal
mode (https://github.com/ansible/ansible/pull/40721)
- spwd - With python 3.6 spwd.getspnam returns PermissionError instead of
KeyError if user does not have privileges
(https://github.com/ansible/ansible/issues/39472)
- synchronize - Ensure the local connection created by synchronize uses
_remote_is_local=True, which causes ActionBase to build a local tmpdir
(https://github.com/ansible/ansible/pull/40833)
- template - Fix for encoding issues when a template path contains
non-ascii characters and using the template path in ansible_managed
(https://github.com/ansible/ansible/issues/27262)
- template action plugin - fix the encoding of filenames to avoid
tracebacks on Python2 when characters that are not present in the user's
locale are present. (https://github.com/ansible/ansible/pull/39424)
- user - only change the expiration time when necessary
(https://github.com/ansible/ansible/issues/13235)
- uses correct conn info for reset_connection
https://github.com/ansible/ansible/issues/27520
- win_environment - Fix for issue where the environment value was deleted
when a null value or empty string was set -
https://github.com/ansible/ansible/issues/40450
- win_file - fix issue where special chars like [ and ] were not being
handled correctly https://github.com/ansible/ansible/pull/37901
- win_get_url - fixed a few bugs around authentication and force no when
using an FTP URL
- win_iis_webapppool - redirect some module output to null so Ansible can
read the output JSON https://github.com/ansible/ansible/issues/40874
- win_template - fix when specifying the dest option as a directory with
and without the trailing slash
https://github.com/ansible/ansible/issues/39886
- win_updates - Added the ability to run on a scheduled task for older
hosts so async starts working again -
https://github.com/ansible/ansible/issues/38364
- win_updates - Fix logic when using a whitelist for multiple updates
- win_updates - Fix typo that hid the download error when a download
failed
- win_updates - Fixed issue where running win_updates on async fails
without any error
- windows become - Show better error messages when the become process fails
- winrm - Add better error handling when the kinit process fails
- winrm - allow `ansible_user` or `ansible_winrm_user` to override
`ansible_ssh_user` when both are defined in an inventory -
https://github.com/ansible/ansible/issues/39844
- winrm - ensure pexpect is set to not echo the input on a failure and have
a manual sanity check afterwards
https://github.com/ansible/ansible/issues/41865
- winrm connection plugin - Fix exception messages sometimes raising a
traceback when the winrm connection plugin encounters an unrecoverable
error. https://github.com/ansible/ansible/pull/39333
- xenserver_facts - ensure module works with newer versions of XenServer
(https://github.com/ansible/ansible/pull/35821)
-------------------------------------------------------------------
Tue Jun 26 13:55:07 UTC 2018 - mrueckert@suse.de
- use python3 on (open)SUSE 15 or newer
2018-06-26 15:58:16 +02:00
-------------------------------------------------------------------
Fri Jun 15 13:49:23 UTC 2018 - kbabioch@suse.com
- Update to 2.5.5
- Fixed the honouration of the no_log option with failed task iterations
(CVE-2018-10855 boo#1097775)
- Bufixes:
- Changed the admin_users config option to not include "admin" by default
as admin is frequently used for a non-privileged account
- aws_s3 - add async support to the action plugin
- aws_s3 - fix decrypting vault files
- ec2_ami - cast the device_mapping volume size to an int
- eos_logging - fix idempotency issues
- cache plugins - A cache timeout of 0 means the cache will not expire.
- ios_logging - fix idempotency issues
- ios/nxos/eos_config - don't retrieve config in running_config when config is provided for diff
- nxos_banner - fix multiline banner issue
- nxos terminal plugin - fix output truncation
- nxos_l3_interface - fix no switchport issue with loopback and svi interfaces
- nxos_snapshot - fix compare_option
- Applied spec-cleaner
2018-04-24 17:39:01 +02:00
-------------------------------------------------------------------
Tue Apr 24 15:32:37 UTC 2018 - lars@linux-schulserver.de
- Update to 2.5.1
Minor Changes
+ Updated example in vcenter_license module.
+ Updated virtual machine facts with instanceUUID which is unique
for each VM irrespective of name and BIOS UUID.
+ A lot of Bugfixes, please refer to the Changelog installed in
/usr/share/doc/packages/ansible/changelogs/CHANGELOG-v2.5.rst
2018-03-27 18:10:35 +02:00
-------------------------------------------------------------------
Tue Mar 27 15:45:03 UTC 2018 - lars@linux-schulserver.de
- Update to 2.5.0:
Major Changes
* Ansible Network improvements
+ Created new connection plugins network_cli and netconf to replace
connection=local. connection=local will continue to work for a
number of Ansible releases.
+ No more unable to open shell. A clear and descriptive message will
be displayed in normal ansible-playbook output without needing to enable debug mode
+ Loads of documentation, see Ansible for Network Automation Documentation.
+ Refactor common network shared code into package under module_utils/network/
+ Filters: Add a filter to convert XML response from a network device to JSON object.
+ Loads of bug fixes.
+ Plus lots more.
* New simpler and more intuitive 'loop' keyword for task loops. The
with_<lookup> loops will likely be deprecated in the near future
and eventually removed.
* Added fact namespacing; from now on facts will be available under
ansible_facts namespace (for example: ansible_facts.os_distribution)
without the ansible_ prefix. They will continue to be added into the
main namespace directly, but now with a configuration toggle to enable
this. This is currently on by default, but in the future it will default to off.
* Added a configuration file that a site administrator can use to
specify modules to exclude from being used.
Minor Changes
2018-03-27 18:24:51 +02:00
* please refer to /share/doc/packages/ansible/changelogs/CHANGELOG-v2.5.rst
2018-03-27 18:10:35 +02:00
Deprecated Features
* Previously deprecated 'hostfile' config settings have been 're-deprecated'
because previously code did not warn about deprecated configuration settings.
* Using Ansible-provided Jinja tests as filters is deprecated and will
be removed in Ansible 2.9.
* The stat and win_stat modules have deprecated get_md5 and the md5 return
values. These options will become undocumented in Ansible 2.9 and
removed in a later version.
* The redis_kv lookup has been deprecated in favor of new redis lookup
* Passing arbitrary parameters that begin with HEADER_ to the uri module,
used for passing http headers, is deprecated. Use the headers parameter
with a dictionary of header names to value instead.
This will be removed in Ansible 2.9
* Passing arbitrary parameters to the zfs module to set zfs properties is
deprecated. Use the extra_zfs_properties parameter with a dictionary of
property names to values instead. This will be removed in Ansible 2.9.
* Use of the AnsibleModule parameter check\_invalid\_arguments in custom
modules is deprecated. In the future, all parameters will be checked to
see whether they are listed in the arg spec and an error raised if they
are not listed. This behaviour is the current and future default so most
custom modules can simply remove check\_invalid\_arguments if they set it
to the default value of True. The check\_invalid\_arguments parameter
will be removed in Ansible 2.9.
* The nxos_ip_interface module is deprecated in Ansible 2.5.
Use nxos_l3_interface module instead.
* The nxos_portchannel module is deprecated in Ansible 2.5.
Use nxos_linkagg module instead.
* The nxos_switchport module is deprecated in Ansible 2.5.
Use nxos_l2_interface module instead.
* The ec2_ami_find has been deprecated; use ec2_ami_facts instead.
* panos_security_policy: Use panos_security_rule - the old module uses
deprecated API calls
* vsphere_guest is deprecated in Ansible 2.5 and will be removed in
Ansible-2.9. Use vmware_guest module instead.
Removed Features (previously deprecated)
* accelerate.
* boundary_meter: There was no deprecation period for this but the hosted
service it relied on has gone away so the module has been removed. #29387
* cl_ : cl_interface, cl_interface_policy, cl_bridge, cl_img_install,
cl_ports, cl_license, cl_bond. Use nclu instead
* docker. Use docker_container and docker_image instead.
* ec2_vpc.
* ec2_ami_search, use ec2_ami_facts instead.
* nxos_mtu. Use nxos_system's system_mtu option instead.
To specify an interface's MTU use nxos_interface.
* panos_nat_policy: Use panos_nat_rule the old module uses
deprecated API calls
2018-03-27 18:24:51 +02:00
- also package the changelogs directory below
/usr/share/doc/packages/ansible/ for better reference
2018-03-27 18:10:35 +02:00
2018-03-06 10:48:27 +01:00
-------------------------------------------------------------------
Tue Mar 6 09:47:28 UTC 2018 - lars@linux-schulserver.de
- License changed to GPL-3.0-or-later, as mentioned in the source
(former license focues on GPL-3.0 only)
2018-02-21 15:29:29 +01:00
-------------------------------------------------------------------
Fri Feb 16 07:54:43 UTC 2018 - tbechtold@suse.com
- Add python-passlib as Requires (bsc#1080682)
passlib is needed for the "vars_prompt" feature of ansible
2018-02-06 14:13:10 +01:00
-------------------------------------------------------------------
Sun Feb 4 16:36:34 UTC 2018 - mardnh@gmx.de
- Update to version 2.4.3.0:
* Fix `pamd` rule args regexp to match file paths.
* Check if SELinux policy exists before setting.
* Set locale to `C` in `letsencrypt` module to fix date parsing
errors.
* Fix include in loop when stategy=free.
* Fix save parameter in asa_config.
* Fix --vault-id support in ansible-pull.
* In nxos_interface_ospf, fail nicely if loopback is used with
passive_interface.
* Fix quote filter when given an integer to quote.
* nxos_vrf_interface fix when validating the interface.
* Fix for win_copy when sourcing files from an SMBv1 share.
* correctly report callback plugin file.
* restrict revaulting to vault cli.
* Fix python3 tracebacks in letsencrypt module.
* Fix ansible_*_interpreter variables to be templated prior to
being used.
* Fix setting of environment in a task that uses a loop
* Fix fetch on Windows failing to fetch files or particular
block size.
* preserve certain fields during no log.
* fix issue with order of declaration of sections in ini
inventory.
* Fix win_iis_webapppool to correctly stop a apppool.
* Fix CloudEngine host failed.
* Fix ios_config save issue.
* Handle vault filenames with nonascii chars when displaying
messages.
* Fix win_iis_webapppool to not return passwords.
* Fix extended file attributes detection and changing.
* correctly ensure 'ungrouped' membership rules.
* made warnings less noisy when empty/no inventory is supplied.
* Fixes a failure which prevents to create servers in module
cloudscale_server.
* Fix win_firewall_rule "Specified cast is invalid" error when
modifying a rule with all of Domain/Public/Private profiles set.
* Fix case for multilib when installing from a file in the yum
module.
* Fix WinRM parsing/escaping of IPv6 addresses.
* Fix win_package to detect MSI regardless of the extension case.
* Updated win_mapped_drive docs to clarify what it is used for.
* Fix file related modules run in check_mode when the file being
operated on does not exist.
* Make eos_vlan idempotent.
* Fix win_iis_website to properly check attributes before setting.
* Fixed the removal date for ios_config save and force parameters.
* cloudstack: fix timeout from ini config file being ignored.
* fixes memory usage issues with many blocks/includes.
* Fixes maximum recursion depth exceeded with include_role.
* Fix to win_dns_client module to take ordering of DNS servers to
resolve into account.
* Fix for the nxos_banner module where some nxos images nest the
output inside of an additional dict.
* Fix failure message "got multiple values for keyword argument
id" in the azure_rm_securitygroup module (caused by changes to
the azure python API).
* Bump Azure storage client minimum to 1.5.0 to fix
deserialization issues.
This will break Azure Stack until it receives storage API
version 2017-10-01 or changes are made to support multiple
versions.
* Flush stdin when passing the become password. Fixes some cases
of timeout on Python 3 with the ssh connection plugin.
2017-11-30 09:04:52 +01:00
-------------------------------------------------------------------
Thu Nov 30 06:58:48 UTC 2017 - tbechtold@suse.com
update to version v2.4.2.0:
* lock azure containerservice to below 2.0.0
* ovirt_host_networks: Fix label assignment
* Fix vault --ask-vault-pass with no tty (#31493)
* cherry-pick changes of azure_rm_common from devel to 2.4 (#32607)
* Fixes #31090. In network parse_cli filter plugin, this change moves the creation of a (#31092) (#32458)
* Use an abspath for network inventory ssh key path.
* Remove toLower on source (#31983)
* Add k8s_common.py logging fixes to the changelog
* inserts enable cmd hash with auth_pass used (#32107)
* Fix exception upon display.warn() (#31876)
* ios_system: Fix typo in unit test (#32284)
* yum: use the C locale when screen scraping (#32203)
* Use region derived from get_aws_connection_info() in dynamodb_table to fix tagging bug (#32557)
* fix item var in delegation (#32986)
* Add changelog entry for elb_application_lb fix
* Add a validate example to blockinfile. (#32088)
* Correct formatting --arguments (#31808)
* Add changelog for URI/get_url fix
* [cloud] Bugfix for aws_s3 empty directory creation (#32198)
* Fix junos integration test fixes as per connection refactor (#33050) (#33055)
* Update win_copy for #32677 (#32682)
* ios_interface testfix (#32381)
* Add proper check mode support to the script module (#31852)
* Add galaxy --force fix to changelog
* Fix non-ascii errors in config manager
* Add python3 urllib fixes to changelog
* Add changelog entry for the stdin py3 fix
* Update version info for the 2.4.2 release
* Add max_fail_percentage fix to changelog
* Changelog entry for script inventory plugin fix.
* Make RPM spec compatible with RHEL 6 (#31653)
* Add changelog entry for the yum locale fix
* Use vyos/1.1.8 in CI.
* Fix patching to epel package
* Pass proper error value to to_text (#33030)
* Fix and re-enable zypper* integration tests in CI.
* avoid chroot paths (#32778)
* Add changelog entry for inventory nonascii paths fix
* Fix ios_config integration test failures (#32959) (#32970)
* Fix ios_config file prompt issue (#32744) (#32780)
* Mdd module unit test docs (#31373)
* dont add all group vars to implicit on create
* Fix nxos_banner removal idempotence issue in N1 images (#31259)
* Clarify the release and maintenance cycle (#32402)
* Add ansible_distribution_major_version to macOS (#31708)
* Docs (#32718)
* Keep newlines when reading LXC container config file (#32219)
* Updated changelog for vmware logon error handling
* New release v2.4.2.0-0.2.beta2
* added doc notes about vars plugins in precedence
* revert module_utils/nxos change from #32846 (#32956)
* [cloud] add boto3 requirement to `cloudformation` module docs (#31135)
* Fixes #31056 (#31057)
* - Fix logging module issue where facility is being deleted along with host (#32234)
* Get the moid in a more failsafe manner (#32671)
* Integration Tests only: add static route, snmp_user, snapshot and hsrp it cases (#28933)
* Add the change to when we escape backslashes (for the template lookup plugin) to changelog
* correctly deal with changed (#31812)
* Add the template lookup escaping to the 2.4 porting guide (#32760)
* tests for InventoryModule error conditions (#31381)
* Disable pylint rules for stable-2.4.
* fix typo
* Enable TLS1.1 and TLS1.2 for win_package (#32184)
* Add remove host fix to changelog
* ios_interface provider issue testfix (#32335)
* win_service: quoted path fix (#32469)
* Add changes to succeeded/failed tests to the 2.4 porting guide (#33201)
* Run OS X tests in 3 groups in CI.
* ini inventory: document value parsing workaround
* Change netconf port in testcase as per test enviornment (#32883) (#32889)
* fix inventory loading for ansible-doc
* jsonify inventory (#32990)
* firewalld: don't reference undefined variable in error case (#31949)
* change ports to non well known ports and drop time_range for N1 (#31261)
* make vars only group declarations an error
* Add changelog for os_floating_ip fix
* Fix example on comparing master config (#32406)
* py2/py3 safer shas on hostvars (#31788)
* ensure we always have a basedir
* Add missing ansible-test --remote-terminate support. (#32918)
* Use show command to support wider platform set for nxos_interface module (#33037)
* ios_logging: change IOS command pipe to section to include (#33100) (#33116)
* win_find: allow module to skip on files it fails to check (#32105)
* New release v2.4.2.0-0.4.beta4
* multiple nxos fixes (#32905)
* Add changelog entry for git archive fix
* Add changelog entries for a myriad of 2.4.2 bugfixes
* iosxr integration testfix (#32344)
* Fix #31694: running with closed stdin on python 3 (#31695)
* Add eos_user fix to changelog
* updated changelog with win_find fix
* Added urls python3 fix to changelog
* [cloud] Support changeset_name parameter on CloudFormation stack create (#31436)
* use configured ansible_shell_executable
* New release v2.4.2.0-0.3.beta3
* Fix ec2_lc failing to create multi-volume configurations (#32191)
* Changelog win_package TLS fix
* Fix wrong prompt issue for network modules (#32426) (#32442)
* New release v2.4.2.0-0.1.beta1
* Exclude stack policy when running in check mode.
* change inventory_hostname to ansible_host to fix test (#32890) (#32891)
* Add azure_rm_acs check mode fix
* Updated changelog for win_copy fix
* corrected package docs
* make sure patterns are strings
* Add more bugfixes to changelog
* Fix junos netconf port issue in integration test (#32610) (#32668)
* fixed .loads error for non decoded json in Python 3 (#32065)
* nxos_config and nxos_facts - fixes for N35 platform. (#32762) (#32875)
* Add changelog entry for #32219
* Remove provider from ios integration test (#31037) (#32230)
* added note about serial behaviour (#32461)
* Fixes ios_logging unit test (#32240)
* Avoid AttributeError: internal_network on os_floating_ip (#32887)
* use to_str instead of json.dumps when serializing k8s object for logging
* Prefer the stdlib SSLContext over urllib3 context
* git: fix archive when update is set to no (#31829)
* Add elb_target_group port fix to the changelog
* Changelog entry for aws_s3 issue #32144
* Add error handling for user login (#32613)
* Move asa provider to suboptions (#32356)
* fix dci failure nxos (#32877) (#32878)
* Add inventory jsonification to the changelog
* eos_eapi: adding the desired state config to the new vrf fixes #32111 (#32112) (#32452)
* Handle ip name-server lines containing multiple nameservers (#32235) (#32373)
* Remove provider from prepare_ios_tests integration test (#31038)
* Add last minute bugfixes and doc updates for rc1
* Fix snmp bugs on Nexus 3500 platform (#32773) (#32847)
* validate that existing dest is valid directory
* Update the release data for 2.4.1 in the changelog
* add check mode for acs delete (#32063)
* More fixes added to changelog
* Add wait_for fix to the changelog
* removed psobject to hashtables that were missed (#32710)
* wait_for: treat broken connections as "unready" (#28839)
* Return all elements in a more robust way
* fix ios_interface test (#32372)
* Add missing packages to default docker image.
* fix nxos_igmp_snooping (#31688)
* - Fix to return error message back to the module. (#31035)
* Ensure that readonly result members are serialized (#33170)
* Keywords docs (#32807)
* remove hosts from removed when rescuing
* Add panos_security_rule docs typo fix to changelog
* Update vyos completion in network.txt.
* move to use ansible logging
* ovirt_clusters: Fix fencing and kuma comparision
* Documentation typo fixes (#32473)
* [fix] issue #30516 : take care about autoremove in upgrade function
* Enable ECHO in prompt module (#32083)
* calculate max fail against all hosts in batch
* Fix urlparse import for Python3 (#31240)
* Bunch of changelog updates for cherry-picks
* restore hostpattern regex/glob behaviour
* Better handling of malformed vault data envelope (#32515)
* Updated changelog regarding win_service quoted path fix
* nxos_interface error handling (#32846)
* An availability zone will be selected if none is provided. Set az to an empty string if it's None to avoid traceback. (#32216)
* Use to_native when validating proxy result (#32596)
* vmware_guest: refactor spec serialization (#32681)
* Add new default Docker container for ansible-test. (#31944)
* warn on bad keys in group
* NXOS: Integration tests to Ansible (part 3) (#29030)
* Add spec file fix to changelog
* eos_user testfix (#32264)
* iam.py: return iam.role dict when creating roles (#28964)
* Add networking bug fixes to changelog (#32201)
* [cloud] sns_topic: Fix unreferenced variable
* Fix service_mgr fact collection (#32086)
* Fix include_role unit tests (#31920)
* Updated changelog for win_iis_* modules things
* handle ignore_errors in loop
* adjust nohome param when using luser
* better cleanup on task results display (#27175)
* Improve python 2/3 ABC fallback for pylint. (#31848)
* fix html formatting
* Add ansible_shell_executable fix to changelog
* Move resource pool login to a separate function and fix undefined var reference (#32674)
* Update ansible-test sanity command. (#31958)
* ios_ping test fix (#32342)
* fix CI failure yaml syntax (#32374)
* Scan group_vars/host_vars in sorted order
* luseradd defaults to creating w/o need for -m (#32411)
* Integration Tests only: nxos_udld, nxos_udld_interface, nxos_vxlan_vtep_vni (#29143) (#32962)
* Fix: modifying existing application lb using certificates now properly sets certificates (#28217)
* ios_logging: Fix some smaller issues, add unit test (#32321)
* Fix nxos_snmp_host bug (#32916) (#32958)
* ovirt_hosts: Don't fail upgrade when NON_RESPONSIVE state
* ini plugin should recursively instantiate pending
* eos_user: sends user secret first on user creation fixes #31680 (#32162)
* Cast target port to an int in elb_target_group. Fixes #32098 (#32202)
* New release v2.4.2.0-0.5.rc1
* remove misleading group vars as they are flat (#32276)
* Fix typo
* Avoid default inventory proccessing for pull (#32135)
* Fix ansible-test default image. (#31966)
* removed superfluous `type` field from RecordSet constructor (#33167)
* Update k8s_common.py
* Add ios_logging fixes to changelog 2.4.2beta2 (#32447)
* Revert "Removed a force conditional (#28851)" (#32282)
* Add new documentation on writing unittests to the changelog
* Fix ansible-test race calling get_coverage_path.
* New release v2.4.2.0-1
2017-10-28 00:26:35 +02:00
-------------------------------------------------------------------
Fri Oct 27 19:16:56 UTC 2017 - matthias.eliasson@gmail.com
2017-11-02 18:31:10 +01:00
- Update to 2.4.1.0:
* CVE-2017-7550: Prevent jenkins_plugin module from exposing
passwords in remote host logs (bsc#1065872)
* Various bug fixes and improvements
2017-10-28 00:26:35 +02:00
2017-10-03 10:35:52 +02:00
-------------------------------------------------------------------
Tue Oct 3 08:24:58 UTC 2017 - jengelh@inai.de
- Remove radical wording from descriptions.
Use improved find syntax.
Accepting request 528397 from home:lrupp:branches:systemsmanagement
- update to 2.4.0.0 (final)
Major Changes
+ Support for Python-2.4 and Python-2.5 on the managed system's side
was dropped. If you need to manage a system that ships with Python-2.4
or Python-2.5, you'll need to install Python-2.6 or better on the
managed system or run Ansible-2.3 until you can upgrade the system.
+ New import/include keywords to replace the old bare include directives.
The use of static: {yes|no} on such includes is now deprecated.
[...]
+ Windows become_method: runas now works across all authtypes and
will auto-elevate under UAC if WinRM user has "Act as part of the
operating system" privilege
- please refer to /usr/share/doc/packages/ansible/CHANGELOG.md for
further changes
- added ansible-inventory and ansible-config binaries and manpages
- package contrib and examples directories in docdir
- package all *md files as documentation for now
- recommend the following new packages for (open)SUSE:
+ python-httplib2
+ python-keyczar
+ python-six
- enable/fix build for RHEL and Fedora by redefining __python2 and
adding/enhancing the needed (build)requires if needed
old: systemsmanagement/ansible
new: home:lrupp:branches:systemsmanagement/ansible rev None
Index: ansible.changes
===================================================================
--- ansible.changes (revision 89)
+++ ansible.changes (revision 7)
@@ -1,4 +1,74 @@
-------------------------------------------------------------------
+Sat Sep 23 09:05:01 UTC 2017 - lars@linux-schulserver.de
+
+- update to 2.4.0.0 (final)
+ Major Changes
+ + Support for Python-2.4 and Python-2.5 on the managed system's side
+ was dropped. If you need to manage a system that ships with Python-2.4
+ or Python-2.5, you'll need to install Python-2.6 or better on the
+ managed system or run Ansible-2.3 until you can upgrade the system.
+ + New import/include keywords to replace the old bare include directives.
+ The use of static: {yes|no} on such includes is now deprecated.
+ ++ Using import_* (import_playbook, import_tasks, import_role) directives are static.
+ ++ Using include_* (include_tasks, include_role) directives are dynamic.
+ This is done to avoid collisions and possible security issues as
+ facts come from the remote targets and they might be compromised.
+ + New order play level keyword that allows the user to change the
+ order in which Ansible processes hosts when dispatching tasks.
+ + Users can now set group merge priority for groups of the same depth
+ (parent child relationship), using the new ansible_group_priority variable,
+ when values are the same or don't exist it will fallback to the previous
+ sorting by name'.
+ + Inventory has been revamped:
+ ++ Inventory classes have been split to allow for better
+ management and deduplication
+ ++ Logic that each inventory source duplicated is now common and pushed
+ up to reconciliation
+ ++ VariableManager has been updated for better interaction with inventory
+ ++ Updated CLI with helper method to initialize base objects for plays
+ ++ New inventory plugins for creating inventory
+ ++ Old inventory formats are still supported via plugins
+ ++ Inline host_list is also an inventory plugin, an example alternative
+ advanced_host_list is also provided (it supports ranges)
+ ++ New configuration option to list enabled plugins and precedence
+ order: whitelist_inventory in ansible.cfg
+ ++ vars_plugins have been reworked, they are now run from Vars manager
+ and API has changed (need docs)
+ ++ Loading group_vars/host_vars is now a vars plugin and can be overridden
+ ++ It is now possible to specify mulitple inventory sources in the
+ command line (-i /etc/hosts1 -i /opt/hosts2)
+ ++ Inventory plugins can use the cache plugin (i.e. virtualbox) and
+ is affected by meta: refresh_inventory
+ ++ Group variable precedence is now configurable via new 'precedence'
+ option in ansible.cfg (needs docs)
+ ++ Improved warnings and error messages across the board
+ + Configuration has been changed from a hardcoded listing in the
+ constants module to dynamically loaded from yaml definitions
+ ++ Also added an ansible-config CLI to allow for listing config options
+ and dumping current config (including origin)
+ ++ TODO: build upon this to add many features detailed in ansible-config
+ proposal https://github.com/ansible/proposals/issues/35
+ + Windows modules now support the use of multiple shared module_utils
+ files in the form of Powershell modules (.psm1), via
+ #Requires -Module Ansible.ModuleUtils.Whatever.psm1
+ + Python module argument_spec now supports custom validation logic
+ by accepting a callable as the type argument.
+ + Windows become_method: runas now works across all authtypes and
+ will auto-elevate under UAC if WinRM user has "Act as part of the
+ operating system" privilege
+ - please refer to /usr/share/doc/packages/ansible/CHANGELOG.md for
+ further changes
+- added ansible-inventory and ansible-config binaries and manpages
+- package contrib and examples directories in docdir
+- package all *md files as documentation for now
+- recommend the following new packages for (open)SUSE:
+ + python-httplib2
+ + python-keyczar
+ + python-six
+- enable/fix build for RHEL and Fedora by redefining __python2 and
+ adding/enhancing the needed (build)requires if needed
+
+-------------------------------------------------------------------
Tue Aug 8 17:06:10 UTC 2017 - michael@stroeder.com
- update to 2.3.2.0 (final)
Index: ansible.spec
===================================================================
--- ansible.spec (revision 89)
+++ ansible.spec (revision 7)
@@ -24,7 +24,7 @@
BuildArch: noarch
%endif
Name: ansible
-Version: 2.3.2.0
+Version: 2.4.0.0
Release: 0
Summary: Radically simple IT automation
License: GPL-3.0
@@ -33,14 +33,19 @@
Source: https://releases.ansible.com/ansible/ansible-%{version}.tar.gz
Source99: ansible-rpmlintrc
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+
+# SuSE/openSuSE
%if 0%{?suse_version}
BuildRequires: python-devel
BuildRequires: python-setuptools
-Requires: python-setuptools
Recommends: python-dnspython
Recommends: python-dopy
Recommends: python-pywinrm
Recommends: sshpass
+Recommends: python-httplib2
+Recommends: python-keyczar
+Recommends: python-six
+Requires: python-setuptools
%if 0%{?suse_version} >= 01130
BuildRequires: python-Jinja2
BuildRequires: python-PyYAML
@@ -52,20 +57,52 @@
Requires: python-pycrypto >= 2.6
%endif
%endif
-# RHEL == 6
-%if 0%{?rhel} == 6
-Requires: python-crypto2.6
+
+# RHEL <=5
+%if 0%{?rhel} && 0%{?rhel} <= 5
+BuildRequires: python26-devel
+BuildRequires: python26-setuptools
+Requires: python26-PyYAML
+Requires: python26-httplib2
+Requires: python26-jinja2
+Requires: python26-keyczar
+Requires: python26-paramiko
+Requires: python26-setuptools
+Requires: python26-six
+Requires: sshpass
%endif
# RHEL > 5
%if 0%{?rhel} && 0%{?rhel} >= 5
BuildRequires: python-setuptools
BuildRequires: python2-devel
Requires: PyYAML
+Requires: python-jinja2
+Requires: python-paramiko
+Requires: python-setuptools
+Requires: python-six
+Requires: sshpass
+%endif
+# RHEL == 6
+%if 0%{?rhel} == 6
+Requires: python-crypto
+%endif
+# RHEL >=7
+%if 0%{?rhel} >= 7
+Requires: python2-cryptography
+BuildRequires: perl(Exporter)
+%endif
+%if 0%{?fedora} >= 18
+BuildRequires: python-devel
+BuildRequires: python-setuptools
+Requires: PyYAML
Requires: python-httplib2
Requires: python-jinja2
Requires: python-keyczar
Requires: python-paramiko
Requires: python-setuptools
+Requires: python-six
+Requires: sshpass
+%define __python %{__python2}
%endif
%description
@@ -76,12 +113,14 @@
%prep
%setup -q -n ansible-%{version}
+find . -name .git_keep -delete
+find contrib/ -type f -exec chmod 644 {} \;
%build
-python setup.py build
+%{__python} setup.py build
%install
-python setup.py install --prefix=%{_prefix} --root=%{buildroot}
+%{__python} setup.py install --prefix=%{_prefix} --root=%{buildroot}
mkdir -p %{buildroot}%{_sysconfdir}/ansible/
cp examples/hosts %{buildroot}%{_sysconfdir}/ansible/
@@ -92,20 +131,24 @@
%files
%defattr(-,root,root,-)
-%doc COPYING README.md CHANGELOG.md
+%doc COPYING *.md contrib examples
%{_bindir}/ansible
+%{_bindir}/ansible-config
%{_bindir}/ansible-connection
%{_bindir}/ansible-console
-%{_bindir}/ansible-playbook
-%{_bindir}/ansible-pull
%{_bindir}/ansible-doc
%{_bindir}/ansible-galaxy
+%{_bindir}/ansible-inventory
+%{_bindir}/ansible-playbook
+%{_bindir}/ansible-pull
%{_bindir}/ansible-vault
%{python_sitelib}/*
%{_mandir}/man1/ansible.1*
+%{_mandir}/man1/ansible-config.1*
%{_mandir}/man1/ansible-console.1*
%{_mandir}/man1/ansible-doc.1*
%{_mandir}/man1/ansible-galaxy.1*
+%{_mandir}/man1/ansible-inventory.1*
%{_mandir}/man1/ansible-playbook.1*
%{_mandir}/man1/ansible-pull.1*
%{_mandir}/man1/ansible-vault.1*
Index: ansible-2.4.0.0.tar.gz
===================================================================
Binary file ansible-2.4.0.0.tar.gz (revision 7) added
Index: ansible-2.3.2.0.tar.gz
===================================================================
Binary file ansible-2.3.2.0.tar.gz (revision 89) deleted
OBS-URL: https://build.opensuse.org/request/show/528397
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=90
2017-09-23 13:37:02 +02:00
-------------------------------------------------------------------
Sat Sep 23 09:05:01 UTC 2017 - lars@linux-schulserver.de
- update to 2.4.0.0 (final)
Major Changes
+ Support for Python-2.4 and Python-2.5 on the managed system's side
was dropped. If you need to manage a system that ships with Python-2.4
or Python-2.5, you'll need to install Python-2.6 or better on the
managed system or run Ansible-2.3 until you can upgrade the system.
+ New import/include keywords to replace the old bare include directives.
The use of static: {yes|no} on such includes is now deprecated.
++ Using import_* (import_playbook, import_tasks, import_role) directives are static.
++ Using include_* (include_tasks, include_role) directives are dynamic.
This is done to avoid collisions and possible security issues as
facts come from the remote targets and they might be compromised.
+ New order play level keyword that allows the user to change the
order in which Ansible processes hosts when dispatching tasks.
+ Users can now set group merge priority for groups of the same depth
(parent child relationship), using the new ansible_group_priority variable,
when values are the same or don't exist it will fallback to the previous
sorting by name'.
+ Inventory has been revamped:
++ Inventory classes have been split to allow for better
management and deduplication
++ Logic that each inventory source duplicated is now common and pushed
up to reconciliation
++ VariableManager has been updated for better interaction with inventory
++ Updated CLI with helper method to initialize base objects for plays
++ New inventory plugins for creating inventory
++ Old inventory formats are still supported via plugins
++ Inline host_list is also an inventory plugin, an example alternative
advanced_host_list is also provided (it supports ranges)
++ New configuration option to list enabled plugins and precedence
order: whitelist_inventory in ansible.cfg
++ vars_plugins have been reworked, they are now run from Vars manager
and API has changed (need docs)
++ Loading group_vars/host_vars is now a vars plugin and can be overridden
++ It is now possible to specify mulitple inventory sources in the
command line (-i /etc/hosts1 -i /opt/hosts2)
++ Inventory plugins can use the cache plugin (i.e. virtualbox) and
is affected by meta: refresh_inventory
++ Group variable precedence is now configurable via new 'precedence'
option in ansible.cfg (needs docs)
++ Improved warnings and error messages across the board
+ Configuration has been changed from a hardcoded listing in the
constants module to dynamically loaded from yaml definitions
++ Also added an ansible-config CLI to allow for listing config options
and dumping current config (including origin)
++ TODO: build upon this to add many features detailed in ansible-config
proposal https://github.com/ansible/proposals/issues/35
+ Windows modules now support the use of multiple shared module_utils
files in the form of Powershell modules (.psm1), via
#Requires -Module Ansible.ModuleUtils.Whatever.psm1
+ Python module argument_spec now supports custom validation logic
by accepting a callable as the type argument.
+ Windows become_method: runas now works across all authtypes and
will auto-elevate under UAC if WinRM user has "Act as part of the
operating system" privilege
- please refer to /usr/share/doc/packages/ansible/CHANGELOG.md for
further changes
- added ansible-inventory and ansible-config binaries and manpages
- package contrib and examples directories in docdir
- package all *md files as documentation for now
- recommend the following new packages for (open)SUSE:
+ python-httplib2
+ python-keyczar
+ python-six
- enable/fix build for RHEL and Fedora by redefining __python2 and
adding/enhancing the needed (build)requires if needed
2018-09-17 16:03:55 +02:00
-------------------------------------------------------------------
Fri Sep 8 08:20:55 UTC 2017 - johannes.grassler@suse.com
- update to 2.2.3.0 (bsc#1056094)
* Fixes for CVE-2017-7466 and CVE-2017-7481
* Various minor bug fixes
2017-08-09 15:56:10 +02:00
-------------------------------------------------------------------
Tue Aug 8 17:06:10 UTC 2017 - michael@stroeder.com
- update to 2.3.2.0 (final)
- replaced hard-coded version by var
2017-06-07 22:41:17 +02:00
-------------------------------------------------------------------
Wed Jun 07 20:51:30 UTC 2017 - matthias.eliasson@gmail.com
- update to 2.3.1.0 (final)
- clean up of spec file with spec-cleaner
2017-05-11 00:37:08 +02:00
-------------------------------------------------------------------
Wed May 10 22:35:24 UTC 2017 - lars@linux-schulserver.de
2018-02-27 17:52:58 +01:00
- update to 2.3.1 RC1 (package version 2.3.0.1) (bsc#1056094):
2017-05-11 00:37:08 +02:00
* SECURITY (MODERATE): fix for CVE-2017-7481, in which data for
lookup plugins used as variables was not being correctly marked
as "unsafe".
2018-02-27 17:52:58 +01:00
* SECURITY (MODERATE): fix for CVE-2017-7466, which finally fixes
an arbitrary command execution vulnerability
2017-05-11 00:37:08 +02:00
2017-04-13 10:25:06 +02:00
-------------------------------------------------------------------
Tue Mar 28 08:30:35 UTC 2017 - michael@stroeder.com
- update to 2.3.0.0
for full list of changes see
/usr/share/doc/packages/ansible/CHANGELOG.md
2017-03-28 10:04:06 +02:00
-------------------------------------------------------------------
Mon Mar 27 21:26:31 UTC 2017 - michael@stroeder.com
- update to 2.2.2.0
This release fixes a few bugs introduced in the previous version,
as well as another small tweak to catch an additional way in
which CVE-2016-9587 could be triggered.
2017-01-16 19:21:55 +01:00
-------------------------------------------------------------------
Mon Jan 16 18:11:04 UTC 2017 - michael@stroeder.com
- update to 2.2.1.0 (final)
2017-01-12 15:00:38 +01:00
-------------------------------------------------------------------
Wed Jan 11 22:46:47 UTC 2017 - boris@steki.net
- security update to rc4 of 2.2.1.0 version
CVE-2016-9587, CVE-2016-8628 and CVE-2016-8614
for full list of changes see
/usr/share/doc/packages/ansible/CHANGELOG.md
2016-10-06 08:56:00 +02:00
-------------------------------------------------------------------
2016-11-03 09:55:31 +01:00
Mon Oct 17 18:11:08 UTC 2016 - michael@stroeder.com
- update to 2.2.0.0
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
-------------------------------------------------------------------
2016-10-06 08:56:00 +02:00
Thu Sep 15 16:20:44 UTC 2016 - michael@stroeder.com
- update to 2.1.2.0
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
2016-07-29 14:21:08 +02:00
-------------------------------------------------------------------
Tue Jun 28 06:25:44 UTC 2016 - michael@stroeder.com
- update to 2.1.1.0
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
- changed download link to https://releases.ansible.com
2016-06-01 11:25:07 +02:00
-------------------------------------------------------------------
Sun May 29 18:51:07 UTC 2016 - michael@stroeder.com
- update to 2.1.0.0
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
- on SuSE platforms recommend package python-dnspython for
DNS lookups in playbooks
2016-05-09 10:35:33 +02:00
-------------------------------------------------------------------
Sat May 7 18:12:52 UTC 2016 - michael@stroeder.com
- update to 2.0.2.0:
* Backport of the 2.1 feature to ensure per-item callbacks are sent as they occur,
rather than all at once at the end of the task.
* Fixed bugs related to the iteration of tasks when certain combinations of roles,
blocks, and includes were used, especially when handling errors in rescue/always
portions of blocks.
* Fixed handling of redirects in our helper code, and ported the uri module to use
this helper code. This removes the httplib dependency for this module while fixing
some bugs related to redirects and SSL certs.
* Fixed some bugs related to the incorrect creation of extra temp directories for
uploading files, which were not cleaned up properly.
* Improved error reporting in certain situations, to provide more information such as
the playbook file/line.
* Fixed a bug related to the variable precedence of role parameters, especially when
a role may be used both as a dependency of a role and directly by itself within the
same play.
* Fixed some bugs in the 2.0 implementation of do/until.
* Fixed some bugs related to run_once:
- Ensure that all hosts are marked as failed if a task marked as run_once fails.
- Show a warning when using the free strategy when a run_once task is encountered, as
there is no way for the free strategy to guarantee the task is not run more than once.
* Fixed a bug where the assemble module was not honoring check mode in some situations.
* Fixed a bug related to delegate_to, where we were incorrectly using variables from
the inventory host rather than the delegated-to host.
* The 'package' meta-module now properly squashes items down to a single execution (as the
apt/yum/other package modules do).
* Fixed a bug related to the ansible-galaxy CLI command dealing with paged results from
the Galaxy server.
* Pipelining support is now available for the local and jail connection plugins, which is
useful for users who do not wish to have temp files/directories created when running
tasks with these connection types.
* Improvements in support for additional shell types.
* Improvements in the code which is used to calculate checksums for remote files.
* Some speed ups and bug fixes related to the variable merging code.
* Workaround bug in python subprocess on El Capitan that was making vault fail
when attempting to encrypt a file
* Fix lxc_container module having predictable temp file names and setting file
permissions on the temporary file too leniently on a temporary file that was
executed as a script. Addresses CVE-2016-3096
* Fix a bug in the uri module where setting headers via module params that
start with HEADER_ were causing a traceback.
* Fix bug in the free strategy that was causing it to synchronize its workers
after every task (making it a lot more like linear than it should have been).
2016-03-09 16:11:24 +01:00
-------------------------------------------------------------------
Wed Mar 9 14:37:43 UTC 2016 - lars@linux-schulserver.de
- update to 2.0.1.0:
* Fixes a major compatibility break in the synchronize module shipped
with 2.0.0.x. That version of synchronize ran sudo on the controller
prior to running rsync. In 1.9.x and previous, sudo was run on the
host that rsync connected to. 2.0.1 restores the 1.9.x behaviour.
* Additionally, several other problems with where synchronize chose
to run when combined with delegate_to were fixed. In particular, if
a playbook targetted localhost and then delegated_to a remote host
the prior behavior (in 1.9.x and 2.0.0.x) was to copy files between
the src and destination directories on the delegated host. This has
now been fixed to copy between localhost and the delegated host.
* Fix a regression where synchronize was unable to deal with unicode paths.
* Fix a regression where synchronize deals with inventory hosts that
use localhost but with an alternate port.
* Fixes a regression where the retry files feature was not implemented.
* Fixes a regression where the any_errors_fatal option was implemented
in 2.0 incorrectly, and also adds a feature where any_errors_fatal
can be set at the block level.
* Fix tracebacks when playbooks or ansible itself were located in
directories with unicode characters.
* Fix bug when sending unicode characters to an external pager
for display.
* Fix a bug with squashing loops for special modules (mostly package
managers). The optimization was squashing when the loop did not
apply to the selection of packages. This has now been fixed.
* Temp files created when using vault are now "shredded" using the
unix shred program which overwrites the file with random data.
* Some fixes to cloudstack modules for case sensitivity
* Fix non-newstyle modules (non-python modules and old-style modules)
to disabled pipelining.
* Fix fetch module failing even if fail_on_missing is set to False
* Fix for cornercase when local connections, sudo, and raw were
used together.
* Fix dnf module to remove dependent packages when state=absent is
specified. This was a feature of the 1.9.x version that was left
out by mistake when the module was rewritten for 2.0.
* Fix bugs with non-english locales in yum, git, and apt modules
* Fix a bug with the dnf module where state=latest could only
upgrade, not install.
2016-02-16 00:25:46 +01:00
-------------------------------------------------------------------
Mon Feb 15 13:23:26 UTC 2016 - eshmarnev@suse.com
- fix_zypper_errorhandling.patch is being deleted
2016-02-15 12:28:25 +01:00
-------------------------------------------------------------------
Thu Feb 11 10:44:40 UTC 2016 - erwin.vandevelde@gmail.com
- update to 2.0.0.2
Version 2.0 is a new major version with a lot of changes, among which:
+ New modules for cloud-based services and many more
+ The new block/rescue/always directives allow for making task blocks and exception-like semantics
+ Many API changes
- more info at:
https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#20-over-the-hills-and-far-away
2015-10-11 18:12:47 +02:00
-------------------------------------------------------------------
Sun Oct 11 16:11:02 UTC 2015 - lars@linux-schulserver.de
- build again on SLE-11-SP4 by ignoring some dependencies that are
not available in the official OBS repository: python-paramiko,
python-Jinja2, python-PyYAML, python-pycrypto
2015-10-10 14:14:41 +02:00
-------------------------------------------------------------------
Sat Oct 10 12:10:59 UTC 2015 - lars@linux-schulserver.de
- update to 1.9.4
This release addresses several bugs, most notably those related to
the yum module (introduced in 1.9.3):
+ Fixes a bug where yum state=latest would error if there were no
updates to install.
+ Fixes a bug where yum state=latest did not work with wildcard
package names.
+ Fixes a bug in lineinfile relating to escape sequences.
+ Fixes a bug where vars_prompt was not keeping passwords private
by default.
+ Fix ansible-galaxy and the hipchat callback plugin to check that
the host it is contacting matches its TLS Certificate.
2015-10-23 15:58:08 +02:00
-------------------------------------------------------------------
Sat Sep 26 14:01:30 UTC 2015 - m0ses@samaxi.de
- Added fix_zypper_errorhandling.patch as it`s have not been accepted
upstream, in lack of an reviewer. See patch for more comments
2015-09-17 11:17:08 +02:00
-------------------------------------------------------------------
Fri Sep 11 16:10:12 UTC 2015 - robin.roth@kit.edu
- update to 1.9.3:
- Fixes a bug related to keyczar messing up encodings internally, resulting in decrypted
messages coming out as empty strings.
- AES Keys generated for use in accelerated mode are now 256-bit by default instead of 128.
- Fix url fetching for SNI with python-2.7.9 or greater. SNI does not work
with python < 2.7.9. The best workaround is probably to use the command
module with curl or wget.
- Fix url fetching to allow tls-1.1 and tls-1.2 if the system's openssl library
supports those protocols
- Fix ec2_ami_search module to check TLS Certificates
- Fix the following extras modules to check TLS Certificates:
- campfire
- layman
- librarto_annotate
- twilio
- typetalk
- Fix docker module's parsing of docker-py version for dev checkouts
- Fix docker module to work with docker server api 1.19
- Change yum module's state=latest feature to update all packages specified in
a single transaction. This is the same type of fix as was made for yum's
state=installed in 1.9.2 and both solves the same problems and with the same caveats.
- Fixed a bug where stdout from a module might be blank when there were were non-printable
ASCII characters contained within it
2015-07-15 11:24:10 +02:00
-------------------------------------------------------------------
Wed Jul 15 09:17:54 UTC 2015 - lars@linux-schulserver.de
- update to 1.9.2:
- Security fixes to check that hostnames match certificates with
2015-07-15 11:27:14 +02:00
https urls (CVE-2015-3908; bnc #938161):
2015-07-15 11:24:10 +02:00
+ get_url and uri modules
+ url and etcd lookup plugins
- Security fixes to the zone (Solaris containers), jail (bsd
containers), and chroot connection plugins. These plugins can be
used to connect to their respective container types in leiu of the
standard ssh connection. Prior to this fix being applied these
connection plugins didn't properly handle symlinks within the containers
which could lead to files intended to be written to or read from the
container being written to or read from the host system instead. (CVE
pending)
- Fixed a bug in the service module where init scripts were being
incorrectly used instead of upstart/systemd.
- Fixed a bug where sudo/su settings were not inherited from
ansible.cfg correctly.
- Fixed a bug in the rds module where a traceback may occur due to an
unbound variable.
- Fixed a bug where certain remote file systems where the SELinux
context was not being properly set.
- Re-enabled several windows modules which had been partially merged
(via action plugins):
+ win_copy.ps1
+ win_copy.py
+ win_file.ps1
+ win_file.py
+ win_template.py
- Fix bug using with_sequence and a count that is zero. Also allows
counting backwards isntead of forwards
- Fix get_url module bug preventing use of custom ports with https
urls
- Fix bug disabling repositories in the yum module.
- Fix giving yum module a url to install a package from on
RHEL/CENTOS5
- Fix bug in dnf module preventing it from working when yum-utils was
not already installed
2015-04-28 21:22:00 +02:00
-------------------------------------------------------------------
Tue Apr 28 19:03:01 UTC 2015 - boris@steki.net
- updated to version 1.9.1
* Fixed a bug related to Kerberos auth when using winrm with a domain account.
* Fixing several bugs in the s3 module.
* Fixed a bug with upstart service detection in the service module.
* Fixed several bugs with the user module when used on OSX.
* Fixed unicode handling in some module situations (assert and shell/command execution).
* Fixed a bug in redhat_subscription when using the activationkey parameter.
* Fixed a traceback in the gce module on EL6 distros when multiple pycrypto installations are available.
* Added support for PostgreSQL 9.4 in rds_param_group
* Several other minor fixes.
2015-03-31 20:54:06 +02:00
-------------------------------------------------------------------
Mon Mar 30 22:45:57 UTC 2015 - boris@steki.net
- updated to version 1.9.0.1
* Added kerberos support to winrm connection plugin.
* Tags rehaul: added 'all', 'always', 'untagged' and 'tagged' special
tags and normalized tag resolution. Added tag information to
--list-tasks and new --list-tags option.
* Privilege Escalation generalization, new 'Become' system and variables
now will handle existing and new methods. Sudo and su have been kept
for backwards compatibility. New methods pbrun and pfexec in 'alpha'
state, planned adding 'runas' for winrm connection plugin.
* Improved ssh connection error reporting, now you get back the specific
message from ssh.
* Added facility to document task module return values for registered
vars, both for ansible-doc and the docsite. Documented copy, stats and
acl modules, the rest must be updated individually (we will start doing
so incrementally).
* Optimize the plugin loader to cache available plugins much more
efficiently. For some use cases this can lead to dramatic improvements
in startup time.
* Overhaul of the checksum system, now supports more systems and more
cases more reliably and uniformly.
* Fix skipped tasks to not display their parameters if no_log is specified.
* Many fixes to unicode support, standarized functions to make it easier
to add to input/output boundries.
* Added travis integration to github for basic tests, this should speed
up ticket triage and merging.
* environment: directive now can also be applied to play and is
inhertited by tasks, which can still override it.
* expanded facts and OS/distribution support for existing facts and
improved performance with pypy.
* new 'wantlist' option to lookups allows for selecting a list typed
variable vs a command delimited string as the return.
* the shared module code for file backups now uses a timestamp resolution
of seconds (previouslly minutes).
* allow for empty inventories, this is now a warning and not an error
(for those using localhost and cloud modules).
* sped up YAML parsing in ansible by up to 25% by switching to CParser loader.
- more info at:
https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#19-dancing-in-the-street---mar-25-2015
2015-02-23 15:50:21 +01:00
-------------------------------------------------------------------
Mon Feb 23 11:46:55 UTC 2015 - boris@steki.net
- updated to version 1.8.4 from 1.8.2
* Fixed regressions in ec2 and mount modules, introduced in 1.8.3
* Fixing a security bug related to the default permissions set on a
tempoary file created when using "ansible-vault view ".
* Many bug fixes, for both core code and core modules.
2014-12-05 16:24:45 +01:00
-------------------------------------------------------------------
Fri Dec 5 15:11:43 UTC 2014 - boris@steki.net
- updated to version 1.8.2 from 1.8.1
* Windows modules should now be packaged correctly.
* A bug regarding wildcard grant strings in the mysql_user module has been fixed.
* Several other bugs regarding the postgresql modules have also been fixed.
2014-12-01 19:35:23 +01:00
-------------------------------------------------------------------
Mon Dec 1 18:28:18 UTC 2014 - boris@steki.net
- enable build for older RHEL and SLE distributions
2014-10-28 08:16:12 +01:00
-------------------------------------------------------------------
Accepting request 263653 from home:bmanojlovic:ansible
- updated package to latest release ## 1.8.1 "You Really Got Me"
* Various bug fixes in postgresql and mysql modules.
* Fixed a bug related to lookup plugins used within roles not
finding files based on the relative paths to the roles files/ directory.
* Fixed a bug related to vars specified in plays being templated too early,
resulting in incorrect variable interpolation.
* Fixed a bug related to git submodules in bare repos.
* fact caching support, pluggable, initially supports Redis (DOCS pending)
* 'serial' size in a rolling update can be specified as a percentage
* added new Jinja2 filters, 'min' and 'max' that take lists
* new 'ansible_version' variable available contains a dictionary of version info
* For ec2 dynamic inventory, ec2.ini can has various new configuration options
* 'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
* no_log parameter now surpressess data from callbacks/output as well as syslog
* ansible-galaxy install -f requirements.yml allows advanced options and installs
from non-galaxy SCM sources and tarballs.
* command_warnings feature will warn about when usage of the shell/command module
can be simplified to use core modules - this can be enabled in ansible.cfg
* new omit value can be used to leave off a parameter when not set, like so
module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even
an empty value) if c was not set.
* developers: 'baby JSON' in module responses, originally intended for writing modules
in bash, is removed as a feature to simplify logic, script module remains available
for running bash scripts.
* async jobs started in "fire & forget" mode can now be checked on at a later time.
* added ability to subcategorize modules for docs.ansible.com
* added ability for shipped modules to have aliases with symlinks
* added ability to deprecate older modules by starting with "_" and
including "deprecated: message why" in module docs
+ New Modules:
OBS-URL: https://build.opensuse.org/request/show/263653
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=33
2014-12-01 19:05:08 +01:00
Thu Nov 27 11:17:53 UTC 2014 - boris@steki.net
- updated package to latest release ## 1.8.1 "You Really Got Me"
* Various bug fixes in postgresql and mysql modules.
* Fixed a bug related to lookup plugins used within roles not
finding files based on the relative paths to the roles files/ directory.
* Fixed a bug related to vars specified in plays being templated too early,
resulting in incorrect variable interpolation.
* Fixed a bug related to git submodules in bare repos.
* fact caching support, pluggable, initially supports Redis (DOCS pending)
* 'serial' size in a rolling update can be specified as a percentage
* added new Jinja2 filters, 'min' and 'max' that take lists
* new 'ansible_version' variable available contains a dictionary of version info
* For ec2 dynamic inventory, ec2.ini can has various new configuration options
* 'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
* no_log parameter now surpressess data from callbacks/output as well as syslog
* ansible-galaxy install -f requirements.yml allows advanced options and installs
from non-galaxy SCM sources and tarballs.
* command_warnings feature will warn about when usage of the shell/command module
can be simplified to use core modules - this can be enabled in ansible.cfg
* new omit value can be used to leave off a parameter when not set, like so
module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even
an empty value) if c was not set.
* developers: 'baby JSON' in module responses, originally intended for writing modules
in bash, is removed as a feature to simplify logic, script module remains available
for running bash scripts.
* async jobs started in "fire & forget" mode can now be checked on at a later time.
* added ability to subcategorize modules for docs.ansible.com
* added ability for shipped modules to have aliases with symlinks
* added ability to deprecate older modules by starting with "_" and
including "deprecated: message why" in module docs
+ New Modules:
* cloud: rax_cdb - manages Rackspace Cloud Database instances
* cloud: rax_cdb_database - manages Rackspace Cloud Databases
* cloud: rax_cdb_user - manages Rackspace Cloud Database users
* monitoring: zabbix_maintaince - handles outage windows with Zabbix
* monitoring: bigpanda - support for bigpanda
* net_infrastructure: a10_server - manages server objects on A10 devices
* net_infrastructure: a10_service_group - manages service group objects on A10 devices
* net_infrastructure: a10_virtual_server - manages virtual server objects on A10 devices
* system: getent - read getent databases
+ Some other notable changes:
* added the ability to set "instance filters" in the ec2.ini to limit results
from the inventory plugin.
* upgrades for various variable precedence items and parsing related items
* added a new "follow" parameter to the file and copy modules, which allows
actions to be taken on the target of a symlink rather than the symlink itself.
* if a module should ever traceback, it will return a standard error, catchable
by ignore_errors, versus an 'unreachable'
* ec2_lc: added support for multiple new parameters like kernel_id, ramdisk_id and ebs_optimized.
* ec2_elb_lb: added support for the connection_draining_timeout and cross_az_load_balancing options.
* support for symbolic representations (ie. u+rw) for file permission modes (file/copy/template modules etc.).
* docker: Added support for specifying the net type of the container.
* docker: support for specifying read-only volumes.
* docker: support for specifying the API version to use for the remote connection.
* openstack modules: various improvements
* irc: ssl support for the notification module
* npm: fix flags passed to package installation
* windows: improved error handling
* setup: additional facts on System Z
* apt_repository: certificate validation can be disabled if requested
* pagerduty module: misc improvements
* ec2_lc: public_ip boolean configurable in launch configurations
* ec2_asg: fixes related to proper termination of an autoscaling group
* win_setup: total memory fact correction
* ec2_vol: ability to list existing volumes
* ec2: can set optimized flag
* various parser improvements
* produce a friendly error message if the SSH key is too permissive
* ec2_ami_search: support for SSD and IOPS provisioned EBS images
* can set ansible_sudo_exe as an inventory variable which allows specifying
a different sudo (or equivalent) command
* git module: Submodule handling has changed. Previously if you used the
"recursive" parameter to handle submodules, ansible would track the
submodule upstream's head revision. This has been changed to checkout the
version of the submodule specified in the superproject's git repository.
This is inline with what git submodule update does. If you want the old
behaviour use the new module parameter track_submodules=yes
* Checksumming of transferred files has been made more portable and now uses
the sha1 algorithm instead of md5 to be compatible with FIPS-140.
+ As a small side effect, the fetch module no longer returns a useful value
in remote_md5. If you need a replacement, switch to using remote_checksum
which returns the sha1sum of the remote file.
* ansible-doc CLI tool contains various improvements for working with different terminals
-------------------------------------------------------------------
Mon Oct 27 09:16:52 UTC 2014 - kgronlund@suse.com
2014-10-28 08:16:12 +01:00
- update to 1.7.2:
- Fixes a bug in accelerate mode which caused a traceback when trying to use that connection method.
- Fixes a bug in vault where the password file option was not being used correctly internally.
- Improved multi-line parsing when using YAML literal blocks (using > or |).
- Fixed a bug with the file module and the creation of relative symlinks.
- Fixed a bug where checkmode was not being honored during the templating of files.
- Other various bug fixes.
- Switch to xz for source package
2014-12-01 19:09:23 +01:00
-------------------------------------------------------------------
Wed Sep 10 12:55:35 UTC 2014 - boris@steki.net
- add python-pywinrm to requirements to enable windows hosts automation
2014-08-17 17:28:40 +02:00
-------------------------------------------------------------------
Sun Aug 17 15:21:38 UTC 2014 - lars@linux-schulserver.de
- update to 1.7.1:
Major new features:
+ Windows support (alpha) using native PowerShell remoting
+ Tasks can now specify run_once: true, meaning they will be executed
exactly once. This can be combined with delegate_to to trigger actions
you want done just the one time versus for every host in inventory.
New Modules:
+ cloud: azure
+ cloud: rax_meta
+ cloud: rax_scaling_group
+ cloud: rax_scaling_policy
+ windows: version of setup module
+ windows: version of slurp module
+ windows: win_feature
+ windows: win_get_url
+ windows: win_msi
+ windows: win_ping
+ windows: win_user
+ windows: win_service
+ windows: win_group
New inventory scripts:
+ SoftLayer
+ Windows Azure
Docker module bug fixes:
+ Fixed support for specifying rw/ro bind modes for volumes
+ Fixed support for allowing the tag in the image parameter
Other notable changes:
+ Performance enhancements related to previous security fixes, which
could cause slowness when modules returned very large JSON results.
This specifically impacted the unarchive module frequently, which
returns the details of all unarchived files in the result.
+ Inventory speed improvements for very large inventories.
+ Vault password files can now be executable, to support scripts
that fetch the vault password.
+ Fixes an issue with the copy module when copying a directory that
Accepting request 263653 from home:bmanojlovic:ansible
- updated package to latest release ## 1.8.1 "You Really Got Me"
* Various bug fixes in postgresql and mysql modules.
* Fixed a bug related to lookup plugins used within roles not
finding files based on the relative paths to the roles files/ directory.
* Fixed a bug related to vars specified in plays being templated too early,
resulting in incorrect variable interpolation.
* Fixed a bug related to git submodules in bare repos.
* fact caching support, pluggable, initially supports Redis (DOCS pending)
* 'serial' size in a rolling update can be specified as a percentage
* added new Jinja2 filters, 'min' and 'max' that take lists
* new 'ansible_version' variable available contains a dictionary of version info
* For ec2 dynamic inventory, ec2.ini can has various new configuration options
* 'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
* no_log parameter now surpressess data from callbacks/output as well as syslog
* ansible-galaxy install -f requirements.yml allows advanced options and installs
from non-galaxy SCM sources and tarballs.
* command_warnings feature will warn about when usage of the shell/command module
can be simplified to use core modules - this can be enabled in ansible.cfg
* new omit value can be used to leave off a parameter when not set, like so
module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even
an empty value) if c was not set.
* developers: 'baby JSON' in module responses, originally intended for writing modules
in bash, is removed as a feature to simplify logic, script module remains available
for running bash scripts.
* async jobs started in "fire & forget" mode can now be checked on at a later time.
* added ability to subcategorize modules for docs.ansible.com
* added ability for shipped modules to have aliases with symlinks
* added ability to deprecate older modules by starting with "_" and
including "deprecated: message why" in module docs
+ New Modules:
OBS-URL: https://build.opensuse.org/request/show/263653
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=33
2014-12-01 19:05:08 +01:00
-------------------------------------------------------------------
Fri Aug 15 15:25:04 UTC 2014 - boris@steki.net
- updated to upstream version 1.7.1
* Security fix to disallow specifying 'args:' as a string,
which could allow the insertion of extra module parameters through variables.
* Performance enhancements related to previous security fixes,
which could cause slowness when modules returned very large JSON results.
This specifically impacted the unarchive module frequently, which returns
the details of all unarchived files in the result.
* Docker module bug fixes:
+ Fixed support for specifying rw/ro bind modes for volumes
+ Fixed support for allowing the tag in the image parameter
* Major new features:
+ Windows support (alpha) using native PowerShell remoting
+ Tasks can now specify `run_once: true`, meaning they will
be executed exactly once. This can be combined with delegate_to
to trigger actions you want done just the one time versus for
every host in inventory.
* Inventory speed improvements for very large inventories.
* Vault password files can now be executable, to support
scripts that fetch the vault password.
* Fixes an issue with the copy module when copying a directory that
2014-08-17 17:28:40 +02:00
fails when changing file attributes and the target file already exists
+ Improved unicode handling when splitting args
Accepting request 263653 from home:bmanojlovic:ansible
- updated package to latest release ## 1.8.1 "You Really Got Me"
* Various bug fixes in postgresql and mysql modules.
* Fixed a bug related to lookup plugins used within roles not
finding files based on the relative paths to the roles files/ directory.
* Fixed a bug related to vars specified in plays being templated too early,
resulting in incorrect variable interpolation.
* Fixed a bug related to git submodules in bare repos.
* fact caching support, pluggable, initially supports Redis (DOCS pending)
* 'serial' size in a rolling update can be specified as a percentage
* added new Jinja2 filters, 'min' and 'max' that take lists
* new 'ansible_version' variable available contains a dictionary of version info
* For ec2 dynamic inventory, ec2.ini can has various new configuration options
* 'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
* no_log parameter now surpressess data from callbacks/output as well as syslog
* ansible-galaxy install -f requirements.yml allows advanced options and installs
from non-galaxy SCM sources and tarballs.
* command_warnings feature will warn about when usage of the shell/command module
can be simplified to use core modules - this can be enabled in ansible.cfg
* new omit value can be used to leave off a parameter when not set, like so
module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even
an empty value) if c was not set.
* developers: 'baby JSON' in module responses, originally intended for writing modules
in bash, is removed as a feature to simplify logic, script module remains available
for running bash scripts.
* async jobs started in "fire & forget" mode can now be checked on at a later time.
* added ability to subcategorize modules for docs.ansible.com
* added ability for shipped modules to have aliases with symlinks
* added ability to deprecate older modules by starting with "_" and
including "deprecated: message why" in module docs
+ New Modules:
OBS-URL: https://build.opensuse.org/request/show/263653
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=33
2014-12-01 19:05:08 +01:00
2014-08-17 17:28:40 +02:00
+ Further improvements to module parameter parsing to address
additional regressions caused by security fixes
+ Corrects a regression in the way shell and command parameters
were being parsed
+ Various other bug fixes
Security fixes:
+ Security fix to disallow specifying 'args:' as a string, which could
allow the insertion of extra module parameters through variables.
+ Strip lookup calls out of inventory variables and clean unsafe
data returned from lookup plugins (CVE-2014-4966)
+ Make sure vars don't insert extra parameters into module args and
prevent duplicate params from superseding previous params (CVE-2014-4967)
2014-08-17 17:35:44 +02:00
- adapt specfile requirements for RedHat and Fedora
2014-08-17 17:28:40 +02:00
Accepting request 263653 from home:bmanojlovic:ansible
- updated package to latest release ## 1.8.1 "You Really Got Me"
* Various bug fixes in postgresql and mysql modules.
* Fixed a bug related to lookup plugins used within roles not
finding files based on the relative paths to the roles files/ directory.
* Fixed a bug related to vars specified in plays being templated too early,
resulting in incorrect variable interpolation.
* Fixed a bug related to git submodules in bare repos.
* fact caching support, pluggable, initially supports Redis (DOCS pending)
* 'serial' size in a rolling update can be specified as a percentage
* added new Jinja2 filters, 'min' and 'max' that take lists
* new 'ansible_version' variable available contains a dictionary of version info
* For ec2 dynamic inventory, ec2.ini can has various new configuration options
* 'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
* no_log parameter now surpressess data from callbacks/output as well as syslog
* ansible-galaxy install -f requirements.yml allows advanced options and installs
from non-galaxy SCM sources and tarballs.
* command_warnings feature will warn about when usage of the shell/command module
can be simplified to use core modules - this can be enabled in ansible.cfg
* new omit value can be used to leave off a parameter when not set, like so
module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even
an empty value) if c was not set.
* developers: 'baby JSON' in module responses, originally intended for writing modules
in bash, is removed as a feature to simplify logic, script module remains available
for running bash scripts.
* async jobs started in "fire & forget" mode can now be checked on at a later time.
* added ability to subcategorize modules for docs.ansible.com
* added ability for shipped modules to have aliases with symlinks
* added ability to deprecate older modules by starting with "_" and
including "deprecated: message why" in module docs
+ New Modules:
OBS-URL: https://build.opensuse.org/request/show/263653
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=33
2014-12-01 19:05:08 +01:00
- fixed zypper and zypper_repository modules to support SLE 10
2014-07-10 14:53:54 +02:00
-------------------------------------------------------------------
Thu Jul 10 12:53:16 UTC 2014 - lars@linux-schulserver.de
- update to 1.6.6:
* Security updates to further protect against the incorrect
execution of untrusted data
* Additional tweaks to prevent the incorrect execution of
untrusted data
* Security update to prevent local operations from executing as
the result of specifically crafted untrusted data
2014-06-19 09:48:19 +02:00
-------------------------------------------------------------------
Thu Jun 19 07:28:24 UTC 2014 - lars@linux-schulserver.de
- update to 1.6.3:
* The deprecated legacy variable templating system has been
finally removed. Use {{ foo }} always not $foo or ${foo}.
* Any data file can also be JSON. Use sparingly -- with great power
comes great responsibility. Starting file with "{" or "[" denotes JSON.
* Added 'gathering' param for ansible.cfg to change the default
gather_facts policy.
* Accelerate improvements:
+ multiple users can connect with different keys, when
accelerate_multi_key = yes is specified in the ansible.cfg.
+ daemon lifetime is now based on the time from the last activity,
not the time from the daemon's launch.
* ansible-playbook now accepts --force-handlers to run handlers
even if tasks result in failures.
* Added VMWare support with the vsphere_guest module.
* many new modules and ther notable changes, please read
/usr/share/doc/packages/ansible/CHANGELOG.md for details
- use new upstream URL(s)
- require python-httplib2 and python-setuptools
- ignore "wrong" permissions of synchronize.py
- ignore rpmlint warning about requiring python-httplib2 explicitely
2014-03-21 00:26:35 +01:00
-------------------------------------------------------------------
Thu Mar 20 23:24:56 UTC 2014 - lars@linux-schulserver.de
- update to 1.5.3:
* Fixes to the git module related to host key checking
* Force command action to not be executed by the shell unless
specifically enabled.
* Validate SSL certs accessed through urllib*.
* Implement new default cipher class AES256 in ansible-vault.
* Misc bug fixes.
- update to 1.5:
Major features/changes:
* when_foo which was previously deprecated is now removed, use
"when:" instead. Code generates appropriate error suggestion.
* include + with_items which was previously deprecated is now
removed, ditto. Use with_nested / with_together, etc.
* only_if, which is much older than when_foo and was deprecated,
is similarly removed.
* ssh connection plugin is now more efficient if you add
'pipelining=True' in ansible.cfg under [ssh_connection],
see example.cfg
* localhost/127.0.0.1 is not required to be in inventory if
referenced, if not in inventory, it does not implicitly appear
in the 'all' group.
* git module has new parameters (accept_hostkey, key_file, ssh_opts)
to ease the usage of git and ssh protocols.
* when using accelerate mode, the daemon will now be restarted
when specifying a different remote_user between plays.
* added no_log: option for tasks. When used, no logging information
will be sent to syslog during the module execution.
* acl module now handles 'default' and allows for either shorthand
entry or specific fields per entry section
* play_hosts is a new magic variable to provide a list of hosts
in scope for the current play.
* ec2 module now accepts 'exact_count' and 'count_tag' as a way to
enforce a running number of nodes by tags.
* all ec2 modules that work with Eucalyptus also now support a
'validate_certs' option, which can be set to 'off' for installations
using self-signed certs.
* Start of new integration test infrastructure (WIP)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=19
2014-03-08 12:12:26 +01:00
-------------------------------------------------------------------
Sat Mar 8 11:08:25 UTC 2014 - lars@linux-schulserver.de
- update to 1.5:
Major features/changes:
* when_foo which was previously deprecated is now removed, use
"when:" instead. Code generates appropriate error suggestion.
* include + with_items which was previously deprecated is now
removed, ditto. Use with_nested / with_together, etc.
* only_if, which is much older than when_foo and was deprecated,
is similarly removed.
* ssh connection plugin is now more efficient if you add
'pipelining=True' in ansible.cfg under [ssh_connection],
see example.cfg
* localhost/127.0.0.1 is not required to be in inventory if
referenced, if not in inventory, it does not implicitly appear
in the 'all' group.
* git module has new parameters (accept_hostkey, key_file, ssh_opts)
to ease the usage of git and ssh protocols.
* when using accelerate mode, the daemon will now be restarted
when specifying a different remote_user between plays.
* added no_log: option for tasks. When used, no logging information
will be sent to syslog during the module execution.
* acl module now handles 'default' and allows for either shorthand
entry or specific fields per entry section
* play_hosts is a new magic variable to provide a list of hosts
in scope for the current play.
* ec2 module now accepts 'exact_count' and 'count_tag' as a way to
enforce a running number of nodes by tags.
* all ec2 modules that work with Eucalyptus also now support a
'validate_certs' option, which can be set to 'off' for installations
using self-signed certs.
* Start of new integration test infrastructure (WIP)
* if repoquery is unavailble, the yum module will automatically
attempt to install yum-utils
* ansible-vault: a framework for encrypting your playbooks
and variable files
Other notable changes (many new module params & bugfixes may not not listed):
* no_reboot is now defaulted to "no" in the ec2_ami module to ensure
filesystem consistency in the resulting AMI.
* sysctl module overhauled
* authorized_key module overhauled
* synchronized module now handles local transport better
* apt_key module now ignores case on keys
* zypper_repository now skips on check mode
* file module now responds to force behavior when dealing with hardlinks
* new lookup plugin 'csvfile'
* fixes to allow hash_merge behavior to work with dynamic inventory
* mysql module will use port argument on dump/import
* subversion module now ignores locale to better intercept status messages
* rax api_key argument is no longer logged
* backwards/forwards compatibility for OpenStack modules, 'quantum'
modules grok neutron renaming
* hosts properly uniqueified if appearing in redundant groups
* hostname module support added for ScientificLinux
* ansible-pull can now show live stdout and pass verbosity levels
to ansible-playbook
* ec2 instances can now be stopped or started
* additional volumes can be created when creating new ec2 instances
* user module can move a home directory
* significant enhancement and cleanup of rackspace modules
* ansible_ssh_private_key_file can be templated
* docker module updated to support docker-py 0.3.0
* various other bug fixes
* md5 logic improved during sudo operation
* support for ed25519 keys in authorized_key module
* ability to set directory permissions during a recursive copy
(directory_mode parameter)
* update docker module, support for using docker python
library 0.3.0
2014-01-19 04:13:56 +01:00
-------------------------------------------------------------------
2014-02-27 18:39:28 +01:00
Thu Feb 27 17:39:07 UTC 2014 - lars@linux-schulserver.de
- update to 1.4.5:
+ fixed issue with permissions being incorrect on
fireball/accelerate keys when the umask setting was too loose.
-------------------------------------------------------------------
2014-01-19 04:13:56 +01:00
Sun Jan 19 03:12:17 UTC 2014 - lars@linux-schulserver.de
- update to 1.4.4:
+ Fixed issue with newer versions of pip not having --use-mirrors
+ Fixed role_path parsing from ansible.cfg
+ Fixed default role templates
+ Fixed a few bugs related to unicode
+ Fixed errors in the ssh connection method with large data returns
+ Miscellaneous fixes for a few modules
+ Add the ansible-galaxy command
2013-12-16 22:29:28 +01:00
-------------------------------------------------------------------
Mon Dec 16 21:28:31 UTC 2013 - lars@linux-schulserver.de
- update to 1.4.1:
* Misc fix updates
2013-12-02 11:39:19 +01:00
-------------------------------------------------------------------
Thu Nov 28 13:54:02 UTC 2013 - kgronlund@suse.com
- Update to release 1.4
- Highlighted new features:
+ Added do-until feature, which can be used to retry a failed task a
specified number of times with a delay in-between the retries.
+ Added failed_when option for tasks, which can be used to specify
logical statements that make it easier to determine when a task has
failed, or to make it easier to ignore certain non-zero return
codes for some commands.
+ Added the "subelement" lookup plugin, which allows iteration of the
keys of a dictionary or items in a list.
+ Added the capability to use either paramiko or ssh for the inital
setup connection of an accelerated playbook.
+ Automatically provide advice on common parser errors users
encounter.
+ Deprecation warnings are now shown for legacy features:
when_integer/etc, only_if, include+with_items, etc. Can be disabled
in ansible.cfg
+ The system will now provide helpful tips around possible YAML
syntax errors increasing ease of use for new users.
+ warnings are now shown for using {{ foo }} in loops and
conditionals, and suggest leaving the variable expressions bare as
per docs.
+ The roles search path is now configurable in
ansible.cfg. 'roles_path' in the config setting.
+ Includes with parameters can now be done like roles for
consistency: - { include: song.yml, year:1984, song:'jump' }
+ The name of each role is now shown before each task if roles are
being used
+ Adds a "var=" option to the debug module for debugging variable
data. "debug: var=hostvars['hostname']" and "debug: var=foo" are
all valid syntax.
+ Variables in {{ format }} can be used as references even if they
are structured data
+ Can force binding of accelerate to ipv6 ports.
+ the apt module will auto-install python-apt if not present rather
than requiring a manual installation
+ the copy module is now recursive if the local 'src' parameter is a
directory.
+ syntax checks now scan included task and variable files as well as
main files
- New modules and plugins:
+ cloud: ec2_eip -- manage AWS elastic IPs
+ cloud: ec2_vpc -- manage ec2 virtual private clouds
+ cloud: elasticcache -- Manages clusters in Amazon Elasticache
+ cloud: rax_network -- sets up Rackspace networks
+ cloud: rax_facts: retrieve facts about a Rackspace Cloud Server
+ cloud: rax_clb_nodes -- manage Rackspace cloud load balanced nodes
+ cloud: rax_clb -- manages Rackspace cloud load balancers
+ cloud: docker - instantiates/removes/manages docker containers
+ cloud: ovirt -- VM lifecycle controls for ovirt
+ files: acl -- set or get acls on a file
+ files: unarchive: pushes and extracts tarballs
+ files: synchronize: a useful wraper around rsyncing trees of files
+ system: firewalld -- manage the firewalld configuration
+ system: modprobe -- manage kernel modules on systems that support
modprobe/rmmod
+ system: open_iscsi -- manage targets on an initiator using
open-iscsi
+ system: blacklist: add or remove modules from the kernel blacklist
+ system: hostname - sets the systems hostname
+ utilities: include_vars -- dynamically load variables based on
conditions.
+ packaging: zypper_repository - adds or removes Zypper repositories
+ packaging: urpmi - work with urpmi packages
+ packaging: swdepot - a module for working with swdepot
+ notification: grove - notifies to Grove hosted IRC channels
+ web_infrastructure: ejabberd_user: add and remove users to ejabberd
+ web_infrastructure: jboss: deploys or undeploys apps to jboss
+ source_control: github_hooks: manages GitHub service hooks
+ net_infrastructure: bigip_monitor_http: manages F5 BIG-IP LTM http
monitors
+ net_infrastructure: bigip_monitor_tcp: manages F5 BIG-IP LTM TCP
monitors
+ net_infrastructure: bigip_pool_member: manages F5 BIG-IP LTM pool
members
+ net_infrastructure: bigip_node: manages F5 BIG-IP LTM nodes
+ net_infrastructure: openvswitch_port
+ net_infrastructure: openvswitch_bridge
2013-11-04 14:01:58 +01:00
-------------------------------------------------------------------
Fri Nov 1 15:09:48 UTC 2013 - kgronlund@suse.com
- Updated .spec file:
+ Remove deprecated fireball and node-fireball packages
+ Add dependency on python-keyczar
+ Add recommends for sshpass
+ Fix support for RHEL
+ Correct upstream URL
+ Use upstream release package for 1.3.4
+ Re-add CHANGELOG.md
+ Re-added man3 man pages
+ Updated short description to match upstream description
2013-10-31 18:30:42 +01:00
-------------------------------------------------------------------
Thu Oct 31 17:26:44 UTC 2013 - lars@linux-schulserver.de
- update to 1.3.4:
Highlighted new features:
+ accelerated mode: An enhanced fireball mode that requires zero
bootstrapping and fewer requirements plus adds capabilities
like sudo commands.
+ role defaults: Allows roles to define a set of variables at the
lowest priority. These variables can be overridden by any
other variable.
+ new /etc/ansible/facts.d allows JSON or INI-style facts to be
provided from the remote node, and supports executable fact
programs in this dir. Files must end in *.fact.
+ added the ability to make undefined template variables raise
errors (see ansible.cfg)
+ (DOCS PENDING) sudo: True/False and sudo_user: True/False can be
set at include and role level
+ added changed_when: (expression) which allows overriding whether
a result is changed or not and can work with registered expressions
+ --extra-vars can now take a file as input, e.g., "-e @filename"
and can also be formatted as YAML
+ external inventory scripts may now return host variables in one
pass, which allows them to be much more efficient for large
numbers of hosts
+ if --forks exceeds the numbers of hosts, it will be automatically
reduced. Set forks to 0 and you get "as many forks as I have
hosts" out of the box.
+ enabled error_on_undefined_vars by default, which will make
errors in playbooks more obvious
+ role dependencies -- one role can now pull in another, with
parameters of its own.
+ added the ability to have tasks execute even during a check
run (always_run).
+ added the ability to set the maximum failure percentage for a
group of hosts.
...and a lot more information can be found at
/usr/share/doc/packages/ansible/CHANGELOG.md
- removed man3 man pages
- removed separate CHANGELOG.md source - now in upstream tarball
2013-06-30 22:24:00 +02:00
-------------------------------------------------------------------
Sun Jun 30 20:05:47 UTC 2013 - lars@linux-schulserver.de
- update to 1.2:
+ new feature: roles
+ massively improved variable support and conditionals
+ Pre and Post tasks provide greater controls to make rolling
updates even smoother
+ added 32 new modules:
++ including a openSUSE package management module
++ added team chat notification modules for Flowdock, Hipchat,
Campfire, IRC, and more
++ added monitoring modules to interact with New Relic, Airbrake,
Pingdom, Pagerduty and Monit
- added CHANGELOG.md to /usr/share/doc/packages/ansible/ to have
the complete changelog at hand
2013-04-25 10:01:37 +02:00
-------------------------------------------------------------------
Thu Apr 25 08:01:24 UTC 2013 - lars@linux-schulserver.de
- require python-pyzmq on (open)SUSE
2013-04-18 10:00:25 +02:00
-------------------------------------------------------------------
Thu Apr 18 07:42:43 UTC 2013 - lars@linux-schulserver.de
- fix build on other distributions than openSUSE
- License in SPDX format
- added rpmlintrc
2013-04-17 15:19:34 +02:00
-------------------------------------------------------------------
Wed Apr 17 11:04:04 UTC 2013 - lars@linux-schulserver.de
- update to 1.1:
+ stderr shown when commands fail to parse
+ uses yaml.safe_dump in filter plugins
+ authentication Q&A no longer happens before --syntax-check, but after
+ ability to get hostvars data for nodes not in the setup cache yet
+ SSH timeout now correctly passed to native SSH connection plugin
+ raise an error when multiple when_ statements are provided
+ --list-hosts applies host limit selections better
+ (internals) template engine specifications to use template_ds everywhere
+ better error message when your host file can not be found
+ end of line comments now work in the inventory file
+ directory destinations now work better with remote md5 code
+ lookup plugin macros like $FILE and $ENV now work without
returning arrays in variable definitions/playbooks
+ uses yaml.safe_load everywhere
+ able to add EXAMPLES to documentation via EXAMPLES docstring,
rather than just in main documentation YAML
+ can set ANSIBLE_COW_SELECTION to pick other cowsay types (including random)
+ to_nice_yaml and to_nice_json available as Jinja2 filters that indent and sort
+ cowsay able to run out of macports (very important!)
+ improved logging for fireball mode
+ nicer error message when talking to an older system that needs a
JSON module installed
+ 'magic' variable 'inventory_basedir' now gives path to inventory file
+ 'magic' variable 'vars' works like 'hostvars' but gives global scope
variables, useful for debugging in templates mostly
+ conditionals can be used on plugins like add_host
+ ...and many more...
- specfile cleanup
- just recomend python-paramiko as the user can also use openssh
-------------------------------------------------------------------
Tue Jan 22 13:47:16 UTC 2013 - julien.tognazzi@gmail.com
- Merge changes from upstream