ansible/ansible.spec

98 lines
3.0 KiB
RPMSpec
Raw Normal View History

#
# spec file for package ansible
#
# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%if 0%{?suse_version} < 1550
# Leap15, SLES15
%define pythons python310
%define ansible_python python310
%define ansible_python_executable python3.10
%define ansible_python_sitelib %python310_sitelib
%else
# Tumbleweed
%define pythons python3
%define ansible_python python3
%define ansible_python_executable python3
%define ansible_python_sitelib %python3_sitelib
%endif
Accepting request 809080 from home:mcepl:branches:systemsmanagement - Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733 (bsc#1164140) - Add metadata information to this file to mark which SUSE bugzilla have been already fixed. - bsc#1164140 CVE-2020-1733 - insecure temporary directory when running become_user from become directive - bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe lookup plugin subprocess - bsc#1164137 CVE-2020-1735 - path injection on dest parameter in fetch module - bsc#1164134 CVE-2020-1736 atomic_move primitive sets permissive permissions - bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip module does not check extracted path - bsc#1164136 CVE-2020-1738 module package can be selected by the ansible facts - bsc#1164133 CVE-2020-1739 - svn module leaks password when specified as a parameter - bsc#1164135 CVE-2020-1740 - secrets readable after ansible-vault edit - bsc#1165393 CVE-2020-1746 - information disclosure issue in ldap_attr and ldap_entry modules - bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks sensitive information - CVE-2020-10684 - code injection when using ansible_facts as a subkey - bsc#1167440 CVE-2020-10685 - modules which use files encrypted with vault are not properly cleaned up - CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2] - update to version 2.9.6 (maintenance release) including OBS-URL: https://build.opensuse.org/request/show/809080 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=183
2020-05-26 23:14:44 +02:00
Name: ansible
Version: 7.1.0
Accepting request 809080 from home:mcepl:branches:systemsmanagement - Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733 (bsc#1164140) - Add metadata information to this file to mark which SUSE bugzilla have been already fixed. - bsc#1164140 CVE-2020-1733 - insecure temporary directory when running become_user from become directive - bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe lookup plugin subprocess - bsc#1164137 CVE-2020-1735 - path injection on dest parameter in fetch module - bsc#1164134 CVE-2020-1736 atomic_move primitive sets permissive permissions - bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip module does not check extracted path - bsc#1164136 CVE-2020-1738 module package can be selected by the ansible facts - bsc#1164133 CVE-2020-1739 - svn module leaks password when specified as a parameter - bsc#1164135 CVE-2020-1740 - secrets readable after ansible-vault edit - bsc#1165393 CVE-2020-1746 - information disclosure issue in ldap_attr and ldap_entry modules - bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks sensitive information - CVE-2020-10684 - code injection when using ansible_facts as a subkey - bsc#1167440 CVE-2020-10685 - modules which use files encrypted with vault are not properly cleaned up - CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2] - update to version 2.9.6 (maintenance release) including OBS-URL: https://build.opensuse.org/request/show/809080 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=183
2020-05-26 23:14:44 +02:00
Release: 0
Summary: Radically simple IT automation
License: GPL-3.0+
Accepting request 809080 from home:mcepl:branches:systemsmanagement - Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733 (bsc#1164140) - Add metadata information to this file to mark which SUSE bugzilla have been already fixed. - bsc#1164140 CVE-2020-1733 - insecure temporary directory when running become_user from become directive - bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe lookup plugin subprocess - bsc#1164137 CVE-2020-1735 - path injection on dest parameter in fetch module - bsc#1164134 CVE-2020-1736 atomic_move primitive sets permissive permissions - bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip module does not check extracted path - bsc#1164136 CVE-2020-1738 module package can be selected by the ansible facts - bsc#1164133 CVE-2020-1739 - svn module leaks password when specified as a parameter - bsc#1164135 CVE-2020-1740 - secrets readable after ansible-vault edit - bsc#1165393 CVE-2020-1746 - information disclosure issue in ldap_attr and ldap_entry modules - bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks sensitive information - CVE-2020-10684 - code injection when using ansible_facts as a subkey - bsc#1167440 CVE-2020-10685 - modules which use files encrypted with vault are not properly cleaned up - CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2] - update to version 2.9.6 (maintenance release) including OBS-URL: https://build.opensuse.org/request/show/809080 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=183
2020-05-26 23:14:44 +02:00
URL: https://ansible.com/
Source: https://files.pythonhosted.org/packages/source/a/ansible/ansible-%{version}.tar.gz
Accepting request 809080 from home:mcepl:branches:systemsmanagement - Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733 (bsc#1164140) - Add metadata information to this file to mark which SUSE bugzilla have been already fixed. - bsc#1164140 CVE-2020-1733 - insecure temporary directory when running become_user from become directive - bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe lookup plugin subprocess - bsc#1164137 CVE-2020-1735 - path injection on dest parameter in fetch module - bsc#1164134 CVE-2020-1736 atomic_move primitive sets permissive permissions - bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip module does not check extracted path - bsc#1164136 CVE-2020-1738 module package can be selected by the ansible facts - bsc#1164133 CVE-2020-1739 - svn module leaks password when specified as a parameter - bsc#1164135 CVE-2020-1740 - secrets readable after ansible-vault edit - bsc#1165393 CVE-2020-1746 - information disclosure issue in ldap_attr and ldap_entry modules - bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks sensitive information - CVE-2020-10684 - code injection when using ansible_facts as a subkey - bsc#1167440 CVE-2020-10685 - modules which use files encrypted with vault are not properly cleaned up - CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2] - update to version 2.9.6 (maintenance release) including OBS-URL: https://build.opensuse.org/request/show/809080 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=183
2020-05-26 23:14:44 +02:00
Source99: ansible-rpmlintrc
BuildRequires: python-rpm-macros
BuildRequires: %{ansible_python}-base >= 3.9
BuildRequires: %{ansible_python}-setuptools
BuildRequires: fdupes
# required to fix the azure collection line endings
BuildRequires: dos2unix
# SECTION test requirements
BuildRequires: ansible-core >= 2.14.1
# /SECTION
Requires: %{ansible_python}-base >= 3.9
Requires: ansible-core >= 2.14.1
# Do not check any files in collections for requires
%global __requires_exclude_from ^%{ansible_python_sitelib}/.*$
BuildArch: noarch
%description
Ansible is a radically simple model-driven configuration management, multi-node
deployment, and remote task execution system. Ansible works over SSH and does
not require any software or daemons to be installed on remote nodes. Extension
modules can be written in any language and are transferred to managed machines
automatically.
%prep
%setup -q -n ansible-%{version}
Accepting request 809080 from home:mcepl:branches:systemsmanagement - Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733 (bsc#1164140) - Add metadata information to this file to mark which SUSE bugzilla have been already fixed. - bsc#1164140 CVE-2020-1733 - insecure temporary directory when running become_user from become directive - bsc#1164139 CVE-2020-1734 shell enabled by default in a pipe lookup plugin subprocess - bsc#1164137 CVE-2020-1735 - path injection on dest parameter in fetch module - bsc#1164134 CVE-2020-1736 atomic_move primitive sets permissive permissions - bsc#1164138 CVE-2020-1737 - Extract-Zip function in win_unzip module does not check extracted path - bsc#1164136 CVE-2020-1738 module package can be selected by the ansible facts - bsc#1164133 CVE-2020-1739 - svn module leaks password when specified as a parameter - bsc#1164135 CVE-2020-1740 - secrets readable after ansible-vault edit - bsc#1165393 CVE-2020-1746 - information disclosure issue in ldap_attr and ldap_entry modules - bsc#1166389 CVE-2020-1753 - kubectl connection plugin leaks sensitive information - CVE-2020-10684 - code injection when using ansible_facts as a subkey - bsc#1167440 CVE-2020-10685 - modules which use files encrypted with vault are not properly cleaned up - CVE-2020-10691 - archive traversal vulnerability in ansible-galaxy collection install [2] - update to version 2.9.6 (maintenance release) including OBS-URL: https://build.opensuse.org/request/show/809080 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=183
2020-05-26 23:14:44 +02:00
for file in .git_keep .travis.yml ; do
find . -name "$file" -delete
done
# fix for wrong shebang:
sed -i 's|/Users/kbreit/Documents/Programming/ansible_collections/cisco/meraki/venv/bin/python|%{_bindir}/%{ansible_python_executable}|g' ansible_collections/cisco/meraki/scripts/sublime-build/build.py.generic
# remove .keep and .gitignore files
find ./ansible_collections/ -iname .gitignore -delete
find ./ansible_collections/ -iname .keep -delete
# azure collection has wrong file endings
find ./ansible_collections/azure -type f -exec dos2unix {} \;
%build
%python_build
%install
%python_install
%fdupes %{buildroot}/%{ansible_python_sitelib}/ansible_collections/
%files
%doc CHANGELOG-v7.rst README.rst
%license COPYING
%{_bindir}/ansible-community
%{ansible_python_sitelib}/
%changelog