- Update to version 2.8.3:
Full changelog is packaged, but also at
https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
- (bsc#1142690) Adds CVE-2019-10206-data-disclosure.patch fixing
CVE-2019-10206: ansible-playbook -k and ansible cli tools
prompt passwords by expanding them from templates as they could
contain special characters. Passwords should be wrapped to
prevent templates trigger and exposing them.
- (bsc#1144453) Adds CVE-2019-10217-gcp-modules-sensitive-fields.patch
CVE-2019-10217: Fields managing sensitive data should be set as
such by no_log feature. Some of these fields in GCP modules are
not set properly. service_account_contents() which is common
class for all gcp modules is not setting no_log to True. Any
sensitive data managed by that function would be leak as an
output when running ansible playbooks.
- Update to version 2.8.1
Full changelog is at /usr/share/doc/packages/ansible/changelogs/
Bugfixes
--------
- ACI - DO not encode query_string
- ACI modules - Fix non-signature authentication
- Add missing directory provided via ``--playbook-dir`` to adjacent collection loading
- Fix "Interface not found" errors when using eos_l2_interface with nonexistant
interfaces configured
- Fix cannot get credential when `source_auth` set to `credential_file`.
- Fix netconf_config backup string issue
- Fix privilege escalation support for the docker connection plugin when
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=146
- Update to version 2.8.3:
Full changelog is packaged, but also at
https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
- (bsc#1142690) Adds CVE-2019-10206-data-disclosure.patch fixing
CVE-2019-10206: ansible-playbook -k and ansible cli tools
prompt passwords by expanding them from templates as they could
contain special characters. Passwords should be wrapped to
prevent templates trigger and exposing them.
- (bsc#1144453) Adds CVE-2019-10217-gcp-modules-sensitive-fields.patch
CVE-2019-10217: Fields managing sensitive data should be set as
such by no_log feature. Some of these fields in GCP modules are
not set properly. service_account_contents() which is common
class for all gcp modules is not setting no_log to True. Any
sensitive data managed by that function would be leak as an
output when running ansible playbooks.
OBS-URL: https://build.opensuse.org/request/show/721576
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=143
- Update to version 2.8.1
Full changelog is at /usr/share/doc/packages/ansible/changelogs/
Bugfixes
--------
- ACI - DO not encode query_string
- ACI modules - Fix non-signature authentication
- Add missing directory provided via ``--playbook-dir`` to adjacent collection loading
- Fix "Interface not found" errors when using eos_l2_interface with nonexistant
interfaces configured
- Fix cannot get credential when `source_auth` set to `credential_file`.
- Fix netconf_config backup string issue
- Fix privilege escalation support for the docker connection plugin when
credentials need to be supplied (e.g. sudo with password).
- Fix vyos cli prompt inspection
- Fixed loading namespaced documentation fragments from collections.
- Fixing bug came up after running cnos_vrf module against coverity.
- Properly handle data importer failures on PVC creation, instead of timing out.
- To fix the ios static route TC failure in CI
- To fix the nios member module params
- To fix the nios_zone module idempotency failure
- add terminal initial prompt for initial connection
- allow include_role to work with ansible command
- allow python_requirements_facts to report on dependencies containing dashes
- asa_config fix
- azure_rm_roledefinition - fix a small error in build scope.
- azure_rm_virtualnetworkpeering - fix cross subscriptions virtual network
peering.
- cgroup_perf_recap - When not using file_per_task, make sure we don't
prematurely close the perf files
- display underlying error when reporting an invalid ``tasks:`` block.
OBS-URL: https://build.opensuse.org/request/show/708761
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=141
- update to version 2.7.6
Minor Changes:
* Added documentation about using VMware dynamic inventory plugin.
* Fixed bug around populating host_ip in hostvars in vmware_vm_inventory.
* Image reference change in Azure VMSS is detected and applied correctly.
* docker_volume - reverted changed behavior of force, which was released in Ansible 2.7.1 to 2.7.5, and Ansible 2.6.8 to 2.6.11. Volumes are now only recreated if the parameters changed and force is set to true (instead of or). This is the behavior which has been described in the documentation all the time.
* set ansible_os_family from name variable in os-release
* yum and dnf can now handle installing packages from URIs that are proxy redirects and don't end in the .rpm file extension
Bugfixes:
* Added log message at -vvvv when using netconf connection listing connection details.
* Changes how ansible-connection names socket lock files. They now use the same name as the socket itself, and as such do not lock other attempts on connections to the same host, or cause issues with overly-long hostnames.
* Fix mandatory statement error for junos modules (https://github.com/ansible/ansible/pull/50138)
* Moved error in netconf connection plugin from at import to on connection.
* This reverts some changes from commit 723daf3. If a line is found in the file, exactly or via regexp matching, it must not be added again. insertafter/insertbefore options are used only when a line is to be inserted, to specify where it must be added.
* allow using openstack inventory plugin w/o a cache
* callbacks - Do not filter out exception, warnings, deprecations on failure when using debug (https://github.com/ansible/ansible/issues/47576)
* certificate_complete_chain - fix behavior when invalid file is parsed while reading intermediate or root certificates.
* copy - Ensure that the src file contents is converted to unicode in diff information so that it is properly wrapped by AnsibleUnsafeText to prevent unexpected templating of diff data in Python3 (https://github.com/ansible/ansible/issues/45717)
* correct behaviour of verify_file for vmware inventory plugin, it was always returning True
* dnf - fix issue where conf_file was not being loaded properly
* dnf - fix update_cache combined with install operation to not cause dnf transaction failure
* docker_container - fix network_mode idempotency if the container:<container-name> form is used (as opposed to container:<container-id>) (https://github.com/ansible/ansible/issues/49794)
* docker_container - warning when non-string env values are found, avoiding YAML parsing issues. Will be made an error in Ansible 2.8. (https://github.com/ansible/ansible/issues/49802)
* docker_swarm_service - Document labels and container_labels with correct type.
* docker_swarm_service - Document limit_memory and reserve_memory correctly on how to specify sizes.
* docker_swarm_service - Document minimal API version for configs and secrets.
* docker_swarm_service - fix use of Docker API so that services are not detected as present if there is an existing service whose name is a substring of the desired service
* docker_swarm_service - fixing falsely reporting update_order as changed when option is not used.
* document old option that was initally missed
* ec2_instance now respects check mode https://github.com/ansible/ansible/pull/46774
* fix for network_cli - ansible_command_timeout not working as expected (#49466)
* fix handling of firewalld port if protocol is missing
* fix lastpass lookup failure on python 3 (https://github.com/ansible/ansible/issues/42062)
* flatpak - Fixed Python 2/3 compatibility
* flatpak - Fixed issue where newer versions of flatpak failed on flatpak removal
* flatpak_remote - Fixed Python 2/3 compatibility
* gcp_compute_instance - fix crash when the instance metadata is not set
* grafana_dashboard - Fix a pair of unicode string handling issues with version checking (https://github.com/ansible/ansible/pull/49194)
* host execution order - Fix reverse_inventory not to change the order of the items before reversing on python2 and to not backtrace on python3
* icinga2_host - fixed the issue with not working use_proxy option of the module.
* influxdb_user - An unspecified password now sets the password to blank, except on existing users. This previously caused an unhandled exception.
* influxdb_user - Fixed unhandled exception when using invalid login credentials (https://github.com/ansible/ansible/issues/50131)
* openssl_* - fix error when path contains a file name without path.
* openssl_csr - fix problem with idempotency of keyUsage option.
* openssl_pkcs12 - now does proper path expansion for ca_certificates.
* os_security_group_rule - os_security_group_rule doesn't exit properly when secgroup doesn't exist and state=absent (https://github.com/ansible/ansible/issues/50057)
* paramiko_ssh - add auth_timeout parameter to ssh.connect when supported by installed paramiko version. This will prevent "Authentication timeout" errors when a slow authentication step (>30s) happens with a host (https://github.com/ansible/ansible/issues/42596)
* purefa_facts and purefb_facts now correctly adds facts into main ansible_fact dictionary (https://github.com/ansible/ansible/pull/50349)
* reboot - add appropriate commands to make the plugin work with VMware ESXi (https://github.com/ansible/ansible/issues/48425)
* reboot - add support for rebooting AIX (https://github.com/ansible/ansible/issues/49712)
* reboot - gather distribution information in order to support Alpine and other distributions (https://github.com/ansible/ansible/issues/46723)
* reboot - search common paths for the shutdown command and use the full path to the binary rather than depending on the PATH of the remote system (https://github.com/ansible/ansible/issues/47131)
* reboot - use a common set of commands for older and newer Solaris and SunOS variants (https://github.com/ansible/ansible/pull/48986)
* redfish_utils - fix reference to local variable 'systems_service'
* setup - fix the rounding of the ansible_memtotal_mb value on VMWare vm's (https://github.com/ansible/ansible/issues/49608)
* vultr_server - fixed multiple ssh keys were not handled.
* win_copy - Fix copy of a dir that contains an empty directory - https://github.com/ansible/ansible/issues/50077
* win_firewall_rule - Remove invalid 'bypass' action
* win_lineinfile - Fix issue where a malformed json block was returned causing an error
* win_updates - Correctly report changes on success
OBS-URL: https://build.opensuse.org/request/show/667324
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=130
- update to version 2.7.5
Minor Changes:
* Add warning about falling back to jinja2_native=false when Jinja2 version is lower than 2.10.
* Change the position to search os-release since clearlinux new versions are providing /etc/os-release too
* Fixed typo in ansible-galaxy info command.
* Improve the deprecation message for squashing, to not give misleading advice
* Update docs and return section of vmware_host_service_facts module.
* ansible-galaxy: properly warn when git isn't found in an installed bin path instead of traceback
* dnf module properly load and initialize dnf package manager plugins
* docker_swarm_service: use docker defaults for the user parameter if it is set to null
Bugfixes:
* ACME modules: improve error messages in some cases (include error returned by server).
* Added unit test for VMware module_utils.
* Also check stdout for interpreter errors for more intelligent messages to user
* Backported support for Devuan-based distribution
* Convert hostvars data in OpenShift inventory plugin to be serializable by ansible-inventory
* Fix AttributeError (Python 3 only) when an exception occurs while rendering a template
* Fix N3K power supply facts (https://github.com/ansible/ansible/pull/49150).
* Fix NameError nxos_facts (https://github.com/ansible/ansible/pull/48981).
* Fix VMware module utils for self usage.
* Fix error in OpenShift inventory plugin when a pod has errored and is empty
* Fix if the route table changed to none (https://github.com/ansible/ansible/pull/49533)
* Fix iosxr netconf plugin response namespace (https://github.com/ansible/ansible/pull/49300)
* Fix issues with nxos_install_os module for nxapi (https://github.com/ansible/ansible/pull/48811).
* Fix lldp and cdp neighbors information (https://github.com/ansible/ansible/pull/48318)(https://github.com/ansible/ansible/pull/48087)(https://github.com/ansible/ansible/pull/49024).
* Fix nxos_interface and nxos_linkagg Idempotence issue (https://github.com/ansible/ansible/pull/46437).
* Fix traceback when updating facts and the fact cache plugin was nonfunctional
* Fix using vault encrypted data with jinja2_native (https://github.com/ansible/ansible/issues/48950)
* Fixed: Make sure that the files excluded when extracting the archive are not checked. https://github.com/ansible/ansible/pull/45122
* Fixes issue where a password parameter was not set to no_log
* Respect no_log on retry and high verbosity (CVE-2018-16876)
* aci_rest - Fix issue ignoring custom port
* acme_account, acme_account_facts - in some cases, it could happen that the modules return information on disabled accounts accidentally returned by the ACME server.
* docker_swarm - decreased minimal required API version from 1.35 to 1.25; some features require API version 1.30 though.
* docker_swarm_service: fails because of default "user: root" (https://github.com/ansible/ansible/issues/49199)
* ec2_metadata_facts - Parse IAM role name from the security credential field since the instance profile name is different
* fix azure_rm_image module use positional parameter (https://github.com/ansible/ansible/pull/49394)
* fixes an issue with dict_merge in network utils (https://github.com/ansible/ansible/pull/49474)
* gcp_utils - fix google auth scoping issue with application default credentials or google cloud engine credentials. Only scope credentials that can be scoped.
* mail - fix python 2.7 regression
* openstack - fix parameter handling when cloud provided as dict https://github.com/ansible/ansible/issues/42858
* os_user - Include domain parameter in user deletion https://github.com/ansible/ansible/issues/42901
* os_user - Include domain parameter in user lookup https://github.com/ansible/ansible/issues/42901
* ovirt_storage_connection - comparing passwords breaks idempotency in update_check (https://github.com/ansible/ansible/issues/48933)
* paramiko_ssh - improve log message to state the connection type
* reboot - use IndexError instead of TypeError in exception
* redis cache - Support version 3 of the redis python library (https://github.com/ansible/ansible/issues/49341)
* sensu_silence - Cast int for expire field to avoid call failure to sensu API.
* vmware_host_service_facts - handle exception when service package does not have package name.
* win_nssm - Switched to Argv-ToString for escaping NSSM credentials (https://github.com/ansible/ansible/issues/48728)
* zabbix_hostmacro - Added missing validate_certs logic for running module against Zabbix servers with untrused SSL certificates (https://github.com/ansible/ansible/issues/47611)
* zabbix_hostmacro - Fixed support for user macros with context (https://github.com/ansible/ansible/issues/46953)
OBS-URL: https://build.opensuse.org/request/show/658710
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=128
- update to version 2.7.4
Bugfixes:
* powershell - add lib/ansible/executor/powershell to the packaging data
- update to version 2.7.3
Minor Changes:
* Document Path and Port are mutually exclusive parameters in wait_for module
* Puppet module remove --ignorecache to allow Puppet 6 support
* dnf properly support modularity appstream installation via overloaded group
modifier syntax
* proxmox_kvm - fix exception
* win_security_policy - warn users to use win_user_right instead when editing
Privilege Rights
Bugfixes:
* Fix the issue that FTD HTTP API retries authentication-related HTTP requests
* Fix the issue that module fails when the Swagger model does not have required fields
* Fix the issue with comparing string-like objects
* Fix using omit on play keywords
* Windows - prevent sensitive content from appearing in scriptblock logging (CVE-2018-16859)
* apt_key - Disable TTY requirement in GnuPG for the module to work correctly
when SSH pipelining is enabled
* better error message when bad type in config, deal with EVNAR= more gracefully
* configuration retrieval would fail on non primed plugins
* cs_template - Fixed a KeyError on state=extracted
* docker_container - fix idempotency problems with docker-py caused by previous
init idempotency fix
* docker_container - fix interplay of docker-py version check with argument_spec
validation improvements
* docker_network - driver_options containing Python booleans would cause Docker
to throw exceptions
* ec2_group - Fix comparison of determining which rules to purge by ignoring descriptions
* pip module - fix setuptools/distutils replacement
* sysvinit - enabling a service should use "defaults" if no runlevels are specified
- update to version 2.7.2
Minor changes:
* Fix documentation for cloning template
* Parsing plugin filter may raise TypeError, gracefully handle this
exception and let user know about the syntax error in plugin filter file
* Scenario guide for VMware HTTP API usage
* Update plugin filter documentation
* fix yum and dnf autoremove input sanitization to properly warn user if
invalid options passed and update documentation to match
* improve readability and fix privileges names on vmware scenario_clone_template
* k8s - updated module documentation to mention how to avoid SSL validation errors
* yum - when checking for updates, now properly include Obsoletes
(both old and new) package data in the module JSON output
OBS-URL: https://build.opensuse.org/request/show/653460
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=126
Minor Changes:
* add azure_rm_storageaccount support to StorageV2 kind.
* import_tasks - Do not allow import_tasks to transition to dynamic
if the file is missing
Bugfixes:
* Add md5sum check in nxos_file_copy module
* Allow arbitrary log_driver for docker_container
* Fix Python2.6 regex bug terminal plugin nxos, iosxr
* Fix check_mode in nxos_static_route module
* Fix glob path of rc.d Some distribtuions like SUSE has the rc%.d
directories under /etc/init.d
* Fix network config diff issue for lines
* Fixed an issue where ansible_facts.pkg_mgr would incorrectly set
to zypper on Debian/Ubuntu systems that happened to have the
command installed
* The docker_* modules respect the DOCKER_* environment variables again
* The fix for CVE-2018-10875 prints out a warning message about
skipping a config file from a world writable current working directory.
However, if the user is in a world writable current working directory
which does not contain a config file, it should not print a warning
message. This release fixes that extaneous warning.
* To resolve nios_network issue where vendor-encapsulated-options
can not have a use_option flag.
* To resolve the issue of handling exception for Nios lookup gracefully.
* always correctly template no log for tasks
* ansible-galaxy - properly list all roles in roles_path
* basic.py - catch ValueError in case a FIPS enabled platform
raises this exception
* docker_container: fixing working_dir idempotency problem
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=118
- update to 2.6.3
Bugfixes:
* Fix lxd module to be idempotent when the given configuration for
the lxd container has not changed
* Fix setting value type to str to avoid conversion during template
read. Fix Idempotency in case of 'no key'.
* Fix the mount module's handling of swap entries in fstab
* The fix for (CVE-2018-10875) prints out a warning message about
skipping a config file from a world writable current working
directory. However, if the user explicitly specifies that the
config file should be used via the ANSIBLE_CONFIG environment
variable then Ansible would honor that but still print out the
warning message. This has been fixed so that Ansible honors the
user's explicit wishes and does not print a warning message in
that circumstance.
* To fix the bug where existing host_record was deleted when existing
record name is used with different IP.
* VMware handle pnic in proxyswitch
* fix azure security group cannot add rules when purge_rule set to false.
* fix azure_rm_deployment collect tags from existing Resource Group.
* fix azure_rm_loadbalancer_facts list takes at least 2 arguments.
* fix for the bundled selectors module (used in the ssh and local
connection plugins) when a syscall is restarted after being
interrupted by a signal
* get_url - fix the bug that get_url does not change mode when checksum matches
* nicer error when multiprocessing breaks
* openssl_certificate - Convert valid_date to bytes for conversion
* openstack_inventory.py dynamic inventory file fixed the plugin to the
script so that it will work with current ansible-inventory. Also
redirect stdout before dumping the ouptput, because not doing so will
cause JSON parse errors in some cases.
* slack callback - Fix invocation by looking up data from cli.options
* sysvinit module: handle values of optional parameters. Don't disable
service when enabled parameter isn't set. Fix command when arguments
parameter isn't set.
* vars_prompt - properly template play level variables in vars_prompt
* win_domain - ensure the Netlogon service is up and running after
promoting host to controller
* win_domain_controller - ensure the Netlogon service is up and running
after promoting host to controller
OBS-URL: https://build.opensuse.org/request/show/631847
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=116
- update to 2.6.2
Minor Changes
+ Sceanrio guide for removing an existing virtual machine is added.
+ lineinfile - add warning when using an empty regexp
+ Restore module_utils.basic.BOOLEANS variable for backwards compatibility
with the module API in older ansible releases.
Bugfixes:
+ Add text output along with structured output in nxos_facts
+ Allow more than one page of results by using the right pagination
indicator ('NextMarker' instead of 'NextToken').
+ Fix an atomic_move error that is 'true', but misleading.
Now we show all 3 files involved and clarify what happened.
+ Fix eos_l2_interface eapi.
+ Fix fetching old style facts in junos_facts module
+ Fix get_device_info nxos zero or more whitespace regex
+ Fix nxos CI failures
+ Fix nxos_nxapi default http behavior
+ Fix nxos_vxlan_vtep_vni
+ Fix regex network_os_platform nxos
+ Refactor nxos cliconf get_device_info for non structured
output supported devices
+ To fix the NoneType error raised in ios_l2_interface when
Access Mode VLAN is unassigned
+ emtpy host/group name is an error
+ fix default SSL version for docker modules
+ fix mail module when using starttls
+ fix nmap config example
+ fix ps detection of service
+ fix the remote tmp folder permissions issue when becoming a non
admin user
OBS-URL: https://build.opensuse.org/request/show/626515
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=114
- Update to 2.5.5
- Fixed the honouration of the no_log option with failed task iterations
(CVE-2018-10855 boo#1097775)
- Bufixes:
- Changed the admin_users config option to not include "admin" by default
as admin is frequently used for a non-privileged account
- aws_s3 - add async support to the action plugin
- aws_s3 - fix decrypting vault files
- ec2_ami - cast the device_mapping volume size to an int
- eos_logging - fix idempotency issues
- cache plugins - A cache timeout of 0 means the cache will not expire.
- ios_logging - fix idempotency issues
- ios/nxos/eos_config - don't retrieve config in running_config when config is provided for diff
- nxos_banner - fix multiline banner issue
- nxos terminal plugin - fix output truncation
- nxos_l3_interface - fix no switchport issue with loopback and svi interfaces
- nxos_snapshot - fix compare_option
- Applied spec-cleaner
OBS-URL: https://build.opensuse.org/request/show/617102
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=111
Minor Changes
+ Updated example in vcenter_license module.
+ Updated virtual machine facts with instanceUUID which is unique
for each VM irrespective of name and BIOS UUID.
+ A lot of Bugfixes, please refer to the Changelog installed in
/usr/share/doc/packages/ansible/changelogs/CHANGELOG-v2.5.rst
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=109
Major Changes
* Ansible Network improvements
+ Created new connection plugins network_cli and netconf to replace
connection=local. connection=local will continue to work for a
number of Ansible releases.
+ No more unable to open shell. A clear and descriptive message will
be displayed in normal ansible-playbook output without needing to enable debug mode
+ Loads of documentation, see Ansible for Network Automation Documentation.
+ Refactor common network shared code into package under module_utils/network/
+ Filters: Add a filter to convert XML response from a network device to JSON object.
+ Loads of bug fixes.
+ Plus lots more.
* New simpler and more intuitive 'loop' keyword for task loops. The
with_<lookup> loops will likely be deprecated in the near future
and eventually removed.
* Added fact namespacing; from now on facts will be available under
ansible_facts namespace (for example: ansible_facts.os_distribution)
without the ansible_ prefix. They will continue to be added into the
main namespace directly, but now with a configuration toggle to enable
this. This is currently on by default, but in the future it will default to off.
* Added a configuration file that a site administrator can use to
specify modules to exclude from being used.
Minor Changes
* please refer to the CHANGELOG-v2.5.rst document
Deprecated Features
* Previously deprecated 'hostfile' config settings have been 're-deprecated'
because previously code did not warn about deprecated configuration settings.
* Using Ansible-provided Jinja tests as filters is deprecated and will
be removed in Ansible 2.9.
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=106
- Update to version 2.4.3.0:
* Fix `pamd` rule args regexp to match file paths.
* Check if SELinux policy exists before setting.
* Set locale to `C` in `letsencrypt` module to fix date parsing
errors.
* Fix include in loop when stategy=free.
* Fix save parameter in asa_config.
* Fix --vault-id support in ansible-pull.
* In nxos_interface_ospf, fail nicely if loopback is used with
passive_interface.
* Fix quote filter when given an integer to quote.
* nxos_vrf_interface fix when validating the interface.
* Fix for win_copy when sourcing files from an SMBv1 share.
* correctly report callback plugin file.
* restrict revaulting to vault cli.
* Fix python3 tracebacks in letsencrypt module.
* Fix ansible_*_interpreter variables to be templated prior to
being used.
* Fix setting of environment in a task that uses a loop
* Fix fetch on Windows failing to fetch files or particular
block size.
* preserve certain fields during no log.
* fix issue with order of declaration of sections in ini
inventory.
* Fix win_iis_webapppool to correctly stop a apppool.
* Fix CloudEngine host failed.
* Fix ios_config save issue.
* Handle vault filenames with nonascii chars when displaying
messages.
* Fix win_iis_webapppool to not return passwords.
OBS-URL: https://build.opensuse.org/request/show/572424
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=98
update to version v2.4.2.0:
* lock azure containerservice to below 2.0.0
* ovirt_host_networks: Fix label assignment
* Fix vault --ask-vault-pass with no tty (#31493)
* cherry-pick changes of azure_rm_common from devel to 2.4 (#32607)
* Fixes#31090. In network parse_cli filter plugin, this change moves the creation of a (#31092) (#32458)
* Use an abspath for network inventory ssh key path.
* Remove toLower on source (#31983)
* Add k8s_common.py logging fixes to the changelog
* inserts enable cmd hash with auth_pass used (#32107)
* Fix exception upon display.warn() (#31876)
* ios_system: Fix typo in unit test (#32284)
* yum: use the C locale when screen scraping (#32203)
* Use region derived from get_aws_connection_info() in dynamodb_table to fix tagging bug (#32557)
* fix item var in delegation (#32986)
* Add changelog entry for elb_application_lb fix
* Add a validate example to blockinfile. (#32088)
* Correct formatting --arguments (#31808)
* Add changelog for URI/get_url fix
* [cloud] Bugfix for aws_s3 empty directory creation (#32198)
* Fix junos integration test fixes as per connection refactor (#33050) (#33055)
* Update win_copy for #32677 (#32682)
* ios_interface testfix (#32381)
* Add proper check mode support to the script module (#31852)
* Add galaxy --force fix to changelog
* Fix non-ascii errors in config manager
* Add python3 urllib fixes to changelog
* Add changelog entry for the stdin py3 fix
* Update version info for the 2.4.2 release
* Add max_fail_percentage fix to changelog
OBS-URL: https://build.opensuse.org/request/show/546595
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=96
- update to 2.4.0.0 (final)
Major Changes
+ Support for Python-2.4 and Python-2.5 on the managed system's side
was dropped. If you need to manage a system that ships with Python-2.4
or Python-2.5, you'll need to install Python-2.6 or better on the
managed system or run Ansible-2.3 until you can upgrade the system.
+ New import/include keywords to replace the old bare include directives.
The use of static: {yes|no} on such includes is now deprecated.
[...]
+ Windows become_method: runas now works across all authtypes and
will auto-elevate under UAC if WinRM user has "Act as part of the
operating system" privilege
- please refer to /usr/share/doc/packages/ansible/CHANGELOG.md for
further changes
- added ansible-inventory and ansible-config binaries and manpages
- package contrib and examples directories in docdir
- package all *md files as documentation for now
- recommend the following new packages for (open)SUSE:
+ python-httplib2
+ python-keyczar
+ python-six
- enable/fix build for RHEL and Fedora by redefining __python2 and
adding/enhancing the needed (build)requires if needed
old: systemsmanagement/ansible
new: home:lrupp:branches:systemsmanagement/ansible rev None
Index: ansible.changes
===================================================================
--- ansible.changes (revision 89)
+++ ansible.changes (revision 7)
@@ -1,4 +1,74 @@
-------------------------------------------------------------------
+Sat Sep 23 09:05:01 UTC 2017 - lars@linux-schulserver.de
+
+- update to 2.4.0.0 (final)
+ Major Changes
+ + Support for Python-2.4 and Python-2.5 on the managed system's side
+ was dropped. If you need to manage a system that ships with Python-2.4
+ or Python-2.5, you'll need to install Python-2.6 or better on the
+ managed system or run Ansible-2.3 until you can upgrade the system.
+ + New import/include keywords to replace the old bare include directives.
+ The use of static: {yes|no} on such includes is now deprecated.
+ ++ Using import_* (import_playbook, import_tasks, import_role) directives are static.
+ ++ Using include_* (include_tasks, include_role) directives are dynamic.
+ This is done to avoid collisions and possible security issues as
+ facts come from the remote targets and they might be compromised.
+ + New order play level keyword that allows the user to change the
+ order in which Ansible processes hosts when dispatching tasks.
+ + Users can now set group merge priority for groups of the same depth
+ (parent child relationship), using the new ansible_group_priority variable,
+ when values are the same or don't exist it will fallback to the previous
+ sorting by name'.
+ + Inventory has been revamped:
+ ++ Inventory classes have been split to allow for better
+ management and deduplication
+ ++ Logic that each inventory source duplicated is now common and pushed
+ up to reconciliation
+ ++ VariableManager has been updated for better interaction with inventory
+ ++ Updated CLI with helper method to initialize base objects for plays
+ ++ New inventory plugins for creating inventory
+ ++ Old inventory formats are still supported via plugins
+ ++ Inline host_list is also an inventory plugin, an example alternative
+ advanced_host_list is also provided (it supports ranges)
+ ++ New configuration option to list enabled plugins and precedence
+ order: whitelist_inventory in ansible.cfg
+ ++ vars_plugins have been reworked, they are now run from Vars manager
+ and API has changed (need docs)
+ ++ Loading group_vars/host_vars is now a vars plugin and can be overridden
+ ++ It is now possible to specify mulitple inventory sources in the
+ command line (-i /etc/hosts1 -i /opt/hosts2)
+ ++ Inventory plugins can use the cache plugin (i.e. virtualbox) and
+ is affected by meta: refresh_inventory
+ ++ Group variable precedence is now configurable via new 'precedence'
+ option in ansible.cfg (needs docs)
+ ++ Improved warnings and error messages across the board
+ + Configuration has been changed from a hardcoded listing in the
+ constants module to dynamically loaded from yaml definitions
+ ++ Also added an ansible-config CLI to allow for listing config options
+ and dumping current config (including origin)
+ ++ TODO: build upon this to add many features detailed in ansible-config
+ proposal https://github.com/ansible/proposals/issues/35
+ + Windows modules now support the use of multiple shared module_utils
+ files in the form of Powershell modules (.psm1), via
+ #Requires -Module Ansible.ModuleUtils.Whatever.psm1
+ + Python module argument_spec now supports custom validation logic
+ by accepting a callable as the type argument.
+ + Windows become_method: runas now works across all authtypes and
+ will auto-elevate under UAC if WinRM user has "Act as part of the
+ operating system" privilege
+ - please refer to /usr/share/doc/packages/ansible/CHANGELOG.md for
+ further changes
+- added ansible-inventory and ansible-config binaries and manpages
+- package contrib and examples directories in docdir
+- package all *md files as documentation for now
+- recommend the following new packages for (open)SUSE:
+ + python-httplib2
+ + python-keyczar
+ + python-six
+- enable/fix build for RHEL and Fedora by redefining __python2 and
+ adding/enhancing the needed (build)requires if needed
+
+-------------------------------------------------------------------
Tue Aug 8 17:06:10 UTC 2017 - michael@stroeder.com
- update to 2.3.2.0 (final)
Index: ansible.spec
===================================================================
--- ansible.spec (revision 89)
+++ ansible.spec (revision 7)
@@ -24,7 +24,7 @@
BuildArch: noarch
%endif
Name: ansible
-Version: 2.3.2.0
+Version: 2.4.0.0
Release: 0
Summary: Radically simple IT automation
License: GPL-3.0
@@ -33,14 +33,19 @@
Source: https://releases.ansible.com/ansible/ansible-%{version}.tar.gz
Source99: ansible-rpmlintrc
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+
+# SuSE/openSuSE
%if 0%{?suse_version}
BuildRequires: python-devel
BuildRequires: python-setuptools
-Requires: python-setuptools
Recommends: python-dnspython
Recommends: python-dopy
Recommends: python-pywinrm
Recommends: sshpass
+Recommends: python-httplib2
+Recommends: python-keyczar
+Recommends: python-six
+Requires: python-setuptools
%if 0%{?suse_version} >= 01130
BuildRequires: python-Jinja2
BuildRequires: python-PyYAML
@@ -52,20 +57,52 @@
Requires: python-pycrypto >= 2.6
%endif
%endif
-# RHEL == 6
-%if 0%{?rhel} == 6
-Requires: python-crypto2.6
+
+# RHEL <=5
+%if 0%{?rhel} && 0%{?rhel} <= 5
+BuildRequires: python26-devel
+BuildRequires: python26-setuptools
+Requires: python26-PyYAML
+Requires: python26-httplib2
+Requires: python26-jinja2
+Requires: python26-keyczar
+Requires: python26-paramiko
+Requires: python26-setuptools
+Requires: python26-six
+Requires: sshpass
%endif
# RHEL > 5
%if 0%{?rhel} && 0%{?rhel} >= 5
BuildRequires: python-setuptools
BuildRequires: python2-devel
Requires: PyYAML
+Requires: python-jinja2
+Requires: python-paramiko
+Requires: python-setuptools
+Requires: python-six
+Requires: sshpass
+%endif
+# RHEL == 6
+%if 0%{?rhel} == 6
+Requires: python-crypto
+%endif
+# RHEL >=7
+%if 0%{?rhel} >= 7
+Requires: python2-cryptography
+BuildRequires: perl(Exporter)
+%endif
+%if 0%{?fedora} >= 18
+BuildRequires: python-devel
+BuildRequires: python-setuptools
+Requires: PyYAML
Requires: python-httplib2
Requires: python-jinja2
Requires: python-keyczar
Requires: python-paramiko
Requires: python-setuptools
+Requires: python-six
+Requires: sshpass
+%define __python %{__python2}
%endif
%description
@@ -76,12 +113,14 @@
%prep
%setup -q -n ansible-%{version}
+find . -name .git_keep -delete
+find contrib/ -type f -exec chmod 644 {} \;
%build
-python setup.py build
+%{__python} setup.py build
%install
-python setup.py install --prefix=%{_prefix} --root=%{buildroot}
+%{__python} setup.py install --prefix=%{_prefix} --root=%{buildroot}
mkdir -p %{buildroot}%{_sysconfdir}/ansible/
cp examples/hosts %{buildroot}%{_sysconfdir}/ansible/
@@ -92,20 +131,24 @@
%files
%defattr(-,root,root,-)
-%doc COPYING README.md CHANGELOG.md
+%doc COPYING *.md contrib examples
%{_bindir}/ansible
+%{_bindir}/ansible-config
%{_bindir}/ansible-connection
%{_bindir}/ansible-console
-%{_bindir}/ansible-playbook
-%{_bindir}/ansible-pull
%{_bindir}/ansible-doc
%{_bindir}/ansible-galaxy
+%{_bindir}/ansible-inventory
+%{_bindir}/ansible-playbook
+%{_bindir}/ansible-pull
%{_bindir}/ansible-vault
%{python_sitelib}/*
%{_mandir}/man1/ansible.1*
+%{_mandir}/man1/ansible-config.1*
%{_mandir}/man1/ansible-console.1*
%{_mandir}/man1/ansible-doc.1*
%{_mandir}/man1/ansible-galaxy.1*
+%{_mandir}/man1/ansible-inventory.1*
%{_mandir}/man1/ansible-playbook.1*
%{_mandir}/man1/ansible-pull.1*
%{_mandir}/man1/ansible-vault.1*
Index: ansible-2.4.0.0.tar.gz
===================================================================
Binary file ansible-2.4.0.0.tar.gz (revision 7) added
Index: ansible-2.3.2.0.tar.gz
===================================================================
Binary file ansible-2.3.2.0.tar.gz (revision 89) deleted
OBS-URL: https://build.opensuse.org/request/show/528397
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=90
- update to 2.0.1.0:
* Fixes a major compatibility break in the synchronize module shipped
with 2.0.0.x. That version of synchronize ran sudo on the controller
prior to running rsync. In 1.9.x and previous, sudo was run on the
host that rsync connected to. 2.0.1 restores the 1.9.x behaviour.
* Additionally, several other problems with where synchronize chose
to run when combined with delegate_to were fixed. In particular, if
a playbook targetted localhost and then delegated_to a remote host
the prior behavior (in 1.9.x and 2.0.0.x) was to copy files between
the src and destination directories on the delegated host. This has
now been fixed to copy between localhost and the delegated host.
* Fix a regression where synchronize was unable to deal with unicode paths.
* Fix a regression where synchronize deals with inventory hosts that
use localhost but with an alternate port.
* Fixes a regression where the retry files feature was not implemented.
* Fixes a regression where the any_errors_fatal option was implemented
in 2.0 incorrectly, and also adds a feature where any_errors_fatal
can be set at the block level.
* Fix tracebacks when playbooks or ansible itself were located in
directories with unicode characters.
* Fix bug when sending unicode characters to an external pager
for display.
* Fix a bug with squashing loops for special modules (mostly package
managers). The optimization was squashing when the loop did not
apply to the selection of packages. This has now been fixed.
* Temp files created when using vault are now "shredded" using the
unix shred program which overwrites the file with random data.
* Some fixes to cloudstack modules for case sensitivity
* Fix non-newstyle modules (non-python modules and old-style modules)
to disabled pipelining.
OBS-URL: https://build.opensuse.org/request/show/369111
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=60
This release addresses several bugs, most notably those related to
the yum module (introduced in 1.9.3):
+ Fixes a bug where yum state=latest would error if there were no
updates to install.
+ Fixes a bug where yum state=latest did not work with wildcard
package names.
+ Fixes a bug in lineinfile relating to escape sequences.
+ Fixes a bug where vars_prompt was not keeping passwords private
by default.
+ Fix ansible-galaxy and the hipchat callback plugin to check that
the host it is contacting matches its TLS Certificate.
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=51
- Security fixes to check that hostnames match certificates with
https urls (CVE-2015-3908):
+ get_url and uri modules
+ url and etcd lookup plugins
- Security fixes to the zone (Solaris containers), jail (bsd
containers), and chroot connection plugins. These plugins can be
used to connect to their respective container types in leiu of the
standard ssh connection. Prior to this fix being applied these
connection plugins didn't properly handle symlinks within the containers
which could lead to files intended to be written to or read from the
container being written to or read from the host system instead. (CVE
pending)
- Fixed a bug in the service module where init scripts were being
incorrectly used instead of upstart/systemd.
- Fixed a bug where sudo/su settings were not inherited from
ansible.cfg correctly.
- Fixed a bug in the rds module where a traceback may occur due to an
unbound variable.
- Fixed a bug where certain remote file systems where the SELinux
context was not being properly set.
- Re-enabled several windows modules which had been partially merged
(via action plugins):
+ win_copy.ps1
+ win_copy.py
+ win_file.ps1
+ win_file.py
+ win_template.py
- Fix bug using with_sequence and a count that is zero. Also allows
counting backwards isntead of forwards
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=46
- updated to version 1.9.1
* Fixed a bug related to Kerberos auth when using winrm with a domain account.
* Fixing several bugs in the s3 module.
* Fixed a bug with upstart service detection in the service module.
* Fixed several bugs with the user module when used on OSX.
* Fixed unicode handling in some module situations (assert and shell/command execution).
* Fixed a bug in redhat_subscription when using the activationkey parameter.
* Fixed a traceback in the gce module on EL6 distros when multiple pycrypto installations are available.
* Added support for PostgreSQL 9.4 in rds_param_group
* Several other minor fixes.
OBS-URL: https://build.opensuse.org/request/show/304448
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=44
- updated package to latest release ## 1.8.1 "You Really Got Me"
* Various bug fixes in postgresql and mysql modules.
* Fixed a bug related to lookup plugins used within roles not
finding files based on the relative paths to the roles files/ directory.
* Fixed a bug related to vars specified in plays being templated too early,
resulting in incorrect variable interpolation.
* Fixed a bug related to git submodules in bare repos.
* fact caching support, pluggable, initially supports Redis (DOCS pending)
* 'serial' size in a rolling update can be specified as a percentage
* added new Jinja2 filters, 'min' and 'max' that take lists
* new 'ansible_version' variable available contains a dictionary of version info
* For ec2 dynamic inventory, ec2.ini can has various new configuration options
* 'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
* no_log parameter now surpressess data from callbacks/output as well as syslog
* ansible-galaxy install -f requirements.yml allows advanced options and installs
from non-galaxy SCM sources and tarballs.
* command_warnings feature will warn about when usage of the shell/command module
can be simplified to use core modules - this can be enabled in ansible.cfg
* new omit value can be used to leave off a parameter when not set, like so
module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even
an empty value) if c was not set.
* developers: 'baby JSON' in module responses, originally intended for writing modules
in bash, is removed as a feature to simplify logic, script module remains available
for running bash scripts.
* async jobs started in "fire & forget" mode can now be checked on at a later time.
* added ability to subcategorize modules for docs.ansible.com
* added ability for shipped modules to have aliases with symlinks
* added ability to deprecate older modules by starting with "_" and
including "deprecated: message why" in module docs
+ New Modules:
OBS-URL: https://build.opensuse.org/request/show/263653
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=33
- update to 1.7.2:
- Fixes a bug in accelerate mode which caused a traceback when trying to use that connection method.
- Fixes a bug in vault where the password file option was not being used correctly internally.
- Improved multi-line parsing when using YAML literal blocks (using > or |).
- Fixed a bug with the file module and the creation of relative symlinks.
- Fixed a bug where checkmode was not being honored during the templating of files.
- Other various bug fixes.
- Switch to xz for source package
OBS-URL: https://build.opensuse.org/request/show/258481
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=31
Major new features:
+ Windows support (alpha) using native PowerShell remoting
+ Tasks can now specify run_once: true, meaning they will be executed
exactly once. This can be combined with delegate_to to trigger actions
you want done just the one time versus for every host in inventory.
New Modules:
+ cloud: azure
+ cloud: rax_meta
+ cloud: rax_scaling_group
+ cloud: rax_scaling_policy
+ windows: version of setup module
+ windows: version of slurp module
+ windows: win_feature
+ windows: win_get_url
+ windows: win_msi
+ windows: win_ping
+ windows: win_user
+ windows: win_service
+ windows: win_group
New inventory scripts:
+ SoftLayer
+ Windows Azure
Docker module bug fixes:
+ Fixed support for specifying rw/ro bind modes for volumes
+ Fixed support for allowing the tag in the image parameter
Other notable changes:
+ Performance enhancements related to previous security fixes, which
could cause slowness when modules returned very large JSON results.
This specifically impacted the unarchive module frequently, which
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=28
* Security updates to further protect against the incorrect
execution of untrusted data
* Additional tweaks to prevent the incorrect execution of
untrusted data
* Security update to prevent local operations from executing as
the result of specifically crafted untrusted data
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=26
* The deprecated legacy variable templating system has been
finally removed. Use {{ foo }} always not $foo or ${foo}.
* Any data file can also be JSON. Use sparingly -- with great power
comes great responsibility. Starting file with "{" or "[" denotes JSON.
* Added 'gathering' param for ansible.cfg to change the default
gather_facts policy.
* Accelerate improvements:
+ multiple users can connect with different keys, when
accelerate_multi_key = yes is specified in the ansible.cfg.
+ daemon lifetime is now based on the time from the last activity,
not the time from the daemon's launch.
* ansible-playbook now accepts --force-handlers to run handlers
even if tasks result in failures.
* Added VMWare support with the vsphere_guest module.
* many new modules and ther notable changes, please read
/usr/share/doc/packages/ansible/CHANGELOG.md for details
- use new upstream URL(s)
- require python-httplib2 and python-setuptools
- ignore "wrong" permissions of synchronize.py
- ignore rpmlint warning about requiring python-httplib2 explicitely
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=24
* Fixes to the git module related to host key checking
* Force command action to not be executed by the shell unless
specifically enabled.
* Validate SSL certs accessed through urllib*.
* Implement new default cipher class AES256 in ansible-vault.
* Misc bug fixes.
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=22
Major features/changes:
* when_foo which was previously deprecated is now removed, use
"when:" instead. Code generates appropriate error suggestion.
* include + with_items which was previously deprecated is now
removed, ditto. Use with_nested / with_together, etc.
* only_if, which is much older than when_foo and was deprecated,
is similarly removed.
* ssh connection plugin is now more efficient if you add
'pipelining=True' in ansible.cfg under [ssh_connection],
see example.cfg
* localhost/127.0.0.1 is not required to be in inventory if
referenced, if not in inventory, it does not implicitly appear
in the 'all' group.
* git module has new parameters (accept_hostkey, key_file, ssh_opts)
to ease the usage of git and ssh protocols.
* when using accelerate mode, the daemon will now be restarted
when specifying a different remote_user between plays.
* added no_log: option for tasks. When used, no logging information
will be sent to syslog during the module execution.
* acl module now handles 'default' and allows for either shorthand
entry or specific fields per entry section
* play_hosts is a new magic variable to provide a list of hosts
in scope for the current play.
* ec2 module now accepts 'exact_count' and 'count_tag' as a way to
enforce a running number of nodes by tags.
* all ec2 modules that work with Eucalyptus also now support a
'validate_certs' option, which can be set to 'off' for installations
using self-signed certs.
* Start of new integration test infrastructure (WIP)
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=19
+ Fixed issue with newer versions of pip not having --use-mirrors
+ Fixed role_path parsing from ansible.cfg
+ Fixed default role templates
+ Fixed a few bugs related to unicode
+ Fixed errors in the ssh connection method with large data returns
+ Miscellaneous fixes for a few modules
+ Add the ansible-galaxy command
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=17
Highlighted new features:
+ accelerated mode: An enhanced fireball mode that requires zero
bootstrapping and fewer requirements plus adds capabilities
like sudo commands.
+ role defaults: Allows roles to define a set of variables at the
lowest priority. These variables can be overridden by any
other variable.
+ new /etc/ansible/facts.d allows JSON or INI-style facts to be
provided from the remote node, and supports executable fact
programs in this dir. Files must end in *.fact.
+ added the ability to make undefined template variables raise
errors (see ansible.cfg)
+ (DOCS PENDING) sudo: True/False and sudo_user: True/False can be
set at include and role level
+ added changed_when: (expression) which allows overriding whether
a result is changed or not and can work with registered expressions
+ --extra-vars can now take a file as input, e.g., "-e @filename"
and can also be formatted as YAML
+ external inventory scripts may now return host variables in one
pass, which allows them to be much more efficient for large
numbers of hosts
+ if --forks exceeds the numbers of hosts, it will be automatically
reduced. Set forks to 0 and you get "as many forks as I have
hosts" out of the box.
+ enabled error_on_undefined_vars by default, which will make
errors in playbooks more obvious
+ role dependencies -- one role can now pull in another, with
parameters of its own.
+ added the ability to have tasks execute even during a check
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=11
+ new feature: roles
+ massively improved variable support and conditionals
+ Pre and Post tasks provide greater controls to make rolling
updates even smoother
+ added 32 new modules:
++ including a openSUSE package management module
++ added team chat notification modules for Flowdock, Hipchat,
Campfire, IRC, and more
++ added monitoring modules to interact with New Relic, Airbrake,
Pingdom, Pagerduty and Monit
- added CHANGELOG.md to /usr/share/doc/packages/ansible/ to have
the complete changelog at hand
OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=10
