- Security fixes to check that hostnames match certificates with
https urls (CVE-2015-3908):
+ get_url and uri modules
+ url and etcd lookup plugins
- Security fixes to the zone (Solaris containers), jail (bsd
containers), and chroot connection plugins. These plugins can be
used to connect to their respective container types in leiu of the
standard ssh connection. Prior to this fix being applied these
connection plugins didn't properly handle symlinks within the containers
which could lead to files intended to be written to or read from the
container being written to or read from the host system instead. (CVE
pending)
- Fixed a bug in the service module where init scripts were being
incorrectly used instead of upstart/systemd.
- Fixed a bug where sudo/su settings were not inherited from
ansible.cfg correctly.
- Fixed a bug in the rds module where a traceback may occur due to an
unbound variable.
- Fixed a bug where certain remote file systems where the SELinux
context was not being properly set.
- Re-enabled several windows modules which had been partially merged
(via action plugins):
+ win_copy.ps1
+ win_copy.py
+ win_file.ps1
+ win_file.py
+ win_template.py
- Fix bug using with_sequence and a count that is zero. Also allows
counting backwards isntead of forwards
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=46
- updated to version 1.9.1
* Fixed a bug related to Kerberos auth when using winrm with a domain account.
* Fixing several bugs in the s3 module.
* Fixed a bug with upstart service detection in the service module.
* Fixed several bugs with the user module when used on OSX.
* Fixed unicode handling in some module situations (assert and shell/command execution).
* Fixed a bug in redhat_subscription when using the activationkey parameter.
* Fixed a traceback in the gce module on EL6 distros when multiple pycrypto installations are available.
* Added support for PostgreSQL 9.4 in rds_param_group
* Several other minor fixes.
OBS-URL: https://build.opensuse.org/request/show/304448
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=44
- updated package to latest release ## 1.8.1 "You Really Got Me"
* Various bug fixes in postgresql and mysql modules.
* Fixed a bug related to lookup plugins used within roles not
finding files based on the relative paths to the roles files/ directory.
* Fixed a bug related to vars specified in plays being templated too early,
resulting in incorrect variable interpolation.
* Fixed a bug related to git submodules in bare repos.
* fact caching support, pluggable, initially supports Redis (DOCS pending)
* 'serial' size in a rolling update can be specified as a percentage
* added new Jinja2 filters, 'min' and 'max' that take lists
* new 'ansible_version' variable available contains a dictionary of version info
* For ec2 dynamic inventory, ec2.ini can has various new configuration options
* 'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
* no_log parameter now surpressess data from callbacks/output as well as syslog
* ansible-galaxy install -f requirements.yml allows advanced options and installs
from non-galaxy SCM sources and tarballs.
* command_warnings feature will warn about when usage of the shell/command module
can be simplified to use core modules - this can be enabled in ansible.cfg
* new omit value can be used to leave off a parameter when not set, like so
module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even
an empty value) if c was not set.
* developers: 'baby JSON' in module responses, originally intended for writing modules
in bash, is removed as a feature to simplify logic, script module remains available
for running bash scripts.
* async jobs started in "fire & forget" mode can now be checked on at a later time.
* added ability to subcategorize modules for docs.ansible.com
* added ability for shipped modules to have aliases with symlinks
* added ability to deprecate older modules by starting with "_" and
including "deprecated: message why" in module docs
+ New Modules:
OBS-URL: https://build.opensuse.org/request/show/263653
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=33
- update to 1.7.2:
- Fixes a bug in accelerate mode which caused a traceback when trying to use that connection method.
- Fixes a bug in vault where the password file option was not being used correctly internally.
- Improved multi-line parsing when using YAML literal blocks (using > or |).
- Fixed a bug with the file module and the creation of relative symlinks.
- Fixed a bug where checkmode was not being honored during the templating of files.
- Other various bug fixes.
- Switch to xz for source package
OBS-URL: https://build.opensuse.org/request/show/258481
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=31
Major new features:
+ Windows support (alpha) using native PowerShell remoting
+ Tasks can now specify run_once: true, meaning they will be executed
exactly once. This can be combined with delegate_to to trigger actions
you want done just the one time versus for every host in inventory.
New Modules:
+ cloud: azure
+ cloud: rax_meta
+ cloud: rax_scaling_group
+ cloud: rax_scaling_policy
+ windows: version of setup module
+ windows: version of slurp module
+ windows: win_feature
+ windows: win_get_url
+ windows: win_msi
+ windows: win_ping
+ windows: win_user
+ windows: win_service
+ windows: win_group
New inventory scripts:
+ SoftLayer
+ Windows Azure
Docker module bug fixes:
+ Fixed support for specifying rw/ro bind modes for volumes
+ Fixed support for allowing the tag in the image parameter
Other notable changes:
+ Performance enhancements related to previous security fixes, which
could cause slowness when modules returned very large JSON results.
This specifically impacted the unarchive module frequently, which
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=28
* Security updates to further protect against the incorrect
execution of untrusted data
* Additional tweaks to prevent the incorrect execution of
untrusted data
* Security update to prevent local operations from executing as
the result of specifically crafted untrusted data
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=26
* The deprecated legacy variable templating system has been
finally removed. Use {{ foo }} always not $foo or ${foo}.
* Any data file can also be JSON. Use sparingly -- with great power
comes great responsibility. Starting file with "{" or "[" denotes JSON.
* Added 'gathering' param for ansible.cfg to change the default
gather_facts policy.
* Accelerate improvements:
+ multiple users can connect with different keys, when
accelerate_multi_key = yes is specified in the ansible.cfg.
+ daemon lifetime is now based on the time from the last activity,
not the time from the daemon's launch.
* ansible-playbook now accepts --force-handlers to run handlers
even if tasks result in failures.
* Added VMWare support with the vsphere_guest module.
* many new modules and ther notable changes, please read
/usr/share/doc/packages/ansible/CHANGELOG.md for details
- use new upstream URL(s)
- require python-httplib2 and python-setuptools
- ignore "wrong" permissions of synchronize.py
- ignore rpmlint warning about requiring python-httplib2 explicitely
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=24
* Fixes to the git module related to host key checking
* Force command action to not be executed by the shell unless
specifically enabled.
* Validate SSL certs accessed through urllib*.
* Implement new default cipher class AES256 in ansible-vault.
* Misc bug fixes.
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=22
Major features/changes:
* when_foo which was previously deprecated is now removed, use
"when:" instead. Code generates appropriate error suggestion.
* include + with_items which was previously deprecated is now
removed, ditto. Use with_nested / with_together, etc.
* only_if, which is much older than when_foo and was deprecated,
is similarly removed.
* ssh connection plugin is now more efficient if you add
'pipelining=True' in ansible.cfg under [ssh_connection],
see example.cfg
* localhost/127.0.0.1 is not required to be in inventory if
referenced, if not in inventory, it does not implicitly appear
in the 'all' group.
* git module has new parameters (accept_hostkey, key_file, ssh_opts)
to ease the usage of git and ssh protocols.
* when using accelerate mode, the daemon will now be restarted
when specifying a different remote_user between plays.
* added no_log: option for tasks. When used, no logging information
will be sent to syslog during the module execution.
* acl module now handles 'default' and allows for either shorthand
entry or specific fields per entry section
* play_hosts is a new magic variable to provide a list of hosts
in scope for the current play.
* ec2 module now accepts 'exact_count' and 'count_tag' as a way to
enforce a running number of nodes by tags.
* all ec2 modules that work with Eucalyptus also now support a
'validate_certs' option, which can be set to 'off' for installations
using self-signed certs.
* Start of new integration test infrastructure (WIP)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=19
+ Fixed issue with newer versions of pip not having --use-mirrors
+ Fixed role_path parsing from ansible.cfg
+ Fixed default role templates
+ Fixed a few bugs related to unicode
+ Fixed errors in the ssh connection method with large data returns
+ Miscellaneous fixes for a few modules
+ Add the ansible-galaxy command
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=17
Highlighted new features:
+ accelerated mode: An enhanced fireball mode that requires zero
bootstrapping and fewer requirements plus adds capabilities
like sudo commands.
+ role defaults: Allows roles to define a set of variables at the
lowest priority. These variables can be overridden by any
other variable.
+ new /etc/ansible/facts.d allows JSON or INI-style facts to be
provided from the remote node, and supports executable fact
programs in this dir. Files must end in *.fact.
+ added the ability to make undefined template variables raise
errors (see ansible.cfg)
+ (DOCS PENDING) sudo: True/False and sudo_user: True/False can be
set at include and role level
+ added changed_when: (expression) which allows overriding whether
a result is changed or not and can work with registered expressions
+ --extra-vars can now take a file as input, e.g., "-e @filename"
and can also be formatted as YAML
+ external inventory scripts may now return host variables in one
pass, which allows them to be much more efficient for large
numbers of hosts
+ if --forks exceeds the numbers of hosts, it will be automatically
reduced. Set forks to 0 and you get "as many forks as I have
hosts" out of the box.
+ enabled error_on_undefined_vars by default, which will make
errors in playbooks more obvious
+ role dependencies -- one role can now pull in another, with
parameters of its own.
+ added the ability to have tasks execute even during a check
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=11
+ new feature: roles
+ massively improved variable support and conditionals
+ Pre and Post tasks provide greater controls to make rolling
updates even smoother
+ added 32 new modules:
++ including a openSUSE package management module
++ added team chat notification modules for Flowdock, Hipchat,
Campfire, IRC, and more
++ added monitoring modules to interact with New Relic, Airbrake,
Pingdom, Pagerduty and Monit
- added CHANGELOG.md to /usr/share/doc/packages/ansible/ to have
the complete changelog at hand
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=10