------------------------------------------------------------------- Wed Jun 07 20:51:30 UTC 2017 - matthias.eliasson@gmail.com - update to 2.3.1.0 (final) - clean up of spec file with spec-cleaner ------------------------------------------------------------------- Wed May 10 22:35:24 UTC 2017 - lars@linux-schulserver.de - update to 2.3.1 RC1 (package version 2.3.0.1): * SECURITY (MODERATE): fix for CVE-2017-7481, in which data for lookup plugins used as variables was not being correctly marked as "unsafe". ------------------------------------------------------------------- Tue Mar 28 08:30:35 UTC 2017 - michael@stroeder.com - update to 2.3.0.0 for full list of changes see /usr/share/doc/packages/ansible/CHANGELOG.md ------------------------------------------------------------------- Mon Mar 27 21:26:31 UTC 2017 - michael@stroeder.com - update to 2.2.2.0 This release fixes a few bugs introduced in the previous version, as well as another small tweak to catch an additional way in which CVE-2016-9587 could be triggered. ------------------------------------------------------------------- Mon Jan 16 18:11:04 UTC 2017 - michael@stroeder.com - update to 2.2.1.0 (final) ------------------------------------------------------------------- Wed Jan 11 22:46:47 UTC 2017 - boris@steki.net - security update to rc4 of 2.2.1.0 version CVE-2016-9587, CVE-2016-8628 and CVE-2016-8614 for full list of changes see /usr/share/doc/packages/ansible/CHANGELOG.md ------------------------------------------------------------------- Mon Oct 17 18:11:08 UTC 2016 - michael@stroeder.com - update to 2.2.0.0 (see /usr/share/doc/packages/ansible/CHANGELOG.md for details) ------------------------------------------------------------------- Thu Sep 15 16:20:44 UTC 2016 - michael@stroeder.com - update to 2.1.2.0 (see /usr/share/doc/packages/ansible/CHANGELOG.md for details) ------------------------------------------------------------------- Tue Jun 28 06:25:44 UTC 2016 - michael@stroeder.com - update to 2.1.1.0 (see /usr/share/doc/packages/ansible/CHANGELOG.md for details) - changed download link to https://releases.ansible.com ------------------------------------------------------------------- Sun May 29 18:51:07 UTC 2016 - michael@stroeder.com - update to 2.1.0.0 (see /usr/share/doc/packages/ansible/CHANGELOG.md for details) - on SuSE platforms recommend package python-dnspython for DNS lookups in playbooks ------------------------------------------------------------------- Sat May 7 18:12:52 UTC 2016 - michael@stroeder.com - update to 2.0.2.0: * Backport of the 2.1 feature to ensure per-item callbacks are sent as they occur, rather than all at once at the end of the task. * Fixed bugs related to the iteration of tasks when certain combinations of roles, blocks, and includes were used, especially when handling errors in rescue/always portions of blocks. * Fixed handling of redirects in our helper code, and ported the uri module to use this helper code. This removes the httplib dependency for this module while fixing some bugs related to redirects and SSL certs. * Fixed some bugs related to the incorrect creation of extra temp directories for uploading files, which were not cleaned up properly. * Improved error reporting in certain situations, to provide more information such as the playbook file/line. * Fixed a bug related to the variable precedence of role parameters, especially when a role may be used both as a dependency of a role and directly by itself within the same play. * Fixed some bugs in the 2.0 implementation of do/until. * Fixed some bugs related to run_once: - Ensure that all hosts are marked as failed if a task marked as run_once fails. - Show a warning when using the free strategy when a run_once task is encountered, as there is no way for the free strategy to guarantee the task is not run more than once. * Fixed a bug where the assemble module was not honoring check mode in some situations. * Fixed a bug related to delegate_to, where we were incorrectly using variables from the inventory host rather than the delegated-to host. * The 'package' meta-module now properly squashes items down to a single execution (as the apt/yum/other package modules do). * Fixed a bug related to the ansible-galaxy CLI command dealing with paged results from the Galaxy server. * Pipelining support is now available for the local and jail connection plugins, which is useful for users who do not wish to have temp files/directories created when running tasks with these connection types. * Improvements in support for additional shell types. * Improvements in the code which is used to calculate checksums for remote files. * Some speed ups and bug fixes related to the variable merging code. * Workaround bug in python subprocess on El Capitan that was making vault fail when attempting to encrypt a file * Fix lxc_container module having predictable temp file names and setting file permissions on the temporary file too leniently on a temporary file that was executed as a script. Addresses CVE-2016-3096 * Fix a bug in the uri module where setting headers via module params that start with HEADER_ were causing a traceback. * Fix bug in the free strategy that was causing it to synchronize its workers after every task (making it a lot more like linear than it should have been). ------------------------------------------------------------------- Wed Mar 9 14:37:43 UTC 2016 - lars@linux-schulserver.de - update to 2.0.1.0: * Fixes a major compatibility break in the synchronize module shipped with 2.0.0.x. That version of synchronize ran sudo on the controller prior to running rsync. In 1.9.x and previous, sudo was run on the host that rsync connected to. 2.0.1 restores the 1.9.x behaviour. * Additionally, several other problems with where synchronize chose to run when combined with delegate_to were fixed. In particular, if a playbook targetted localhost and then delegated_to a remote host the prior behavior (in 1.9.x and 2.0.0.x) was to copy files between the src and destination directories on the delegated host. This has now been fixed to copy between localhost and the delegated host. * Fix a regression where synchronize was unable to deal with unicode paths. * Fix a regression where synchronize deals with inventory hosts that use localhost but with an alternate port. * Fixes a regression where the retry files feature was not implemented. * Fixes a regression where the any_errors_fatal option was implemented in 2.0 incorrectly, and also adds a feature where any_errors_fatal can be set at the block level. * Fix tracebacks when playbooks or ansible itself were located in directories with unicode characters. * Fix bug when sending unicode characters to an external pager for display. * Fix a bug with squashing loops for special modules (mostly package managers). The optimization was squashing when the loop did not apply to the selection of packages. This has now been fixed. * Temp files created when using vault are now "shredded" using the unix shred program which overwrites the file with random data. * Some fixes to cloudstack modules for case sensitivity * Fix non-newstyle modules (non-python modules and old-style modules) to disabled pipelining. * Fix fetch module failing even if fail_on_missing is set to False * Fix for cornercase when local connections, sudo, and raw were used together. * Fix dnf module to remove dependent packages when state=absent is specified. This was a feature of the 1.9.x version that was left out by mistake when the module was rewritten for 2.0. * Fix bugs with non-english locales in yum, git, and apt modules * Fix a bug with the dnf module where state=latest could only upgrade, not install. ------------------------------------------------------------------- Mon Feb 15 13:23:26 UTC 2016 - eshmarnev@suse.com - fix_zypper_errorhandling.patch is being deleted ------------------------------------------------------------------- Thu Feb 11 10:44:40 UTC 2016 - erwin.vandevelde@gmail.com - update to 2.0.0.2 Version 2.0 is a new major version with a lot of changes, among which: + New modules for cloud-based services and many more + The new block/rescue/always directives allow for making task blocks and exception-like semantics + Many API changes - more info at: https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#20-over-the-hills-and-far-away ------------------------------------------------------------------- Sun Oct 11 16:11:02 UTC 2015 - lars@linux-schulserver.de - build again on SLE-11-SP4 by ignoring some dependencies that are not available in the official OBS repository: python-paramiko, python-Jinja2, python-PyYAML, python-pycrypto ------------------------------------------------------------------- Sat Oct 10 12:10:59 UTC 2015 - lars@linux-schulserver.de - update to 1.9.4 This release addresses several bugs, most notably those related to the yum module (introduced in 1.9.3): + Fixes a bug where yum state=latest would error if there were no updates to install. + Fixes a bug where yum state=latest did not work with wildcard package names. + Fixes a bug in lineinfile relating to escape sequences. + Fixes a bug where vars_prompt was not keeping passwords private by default. + Fix ansible-galaxy and the hipchat callback plugin to check that the host it is contacting matches its TLS Certificate. ------------------------------------------------------------------- Sat Sep 26 14:01:30 UTC 2015 - m0ses@samaxi.de - Added fix_zypper_errorhandling.patch as it`s have not been accepted upstream, in lack of an reviewer. See patch for more comments ------------------------------------------------------------------- Fri Sep 11 16:10:12 UTC 2015 - robin.roth@kit.edu - update to 1.9.3: - Fixes a bug related to keyczar messing up encodings internally, resulting in decrypted messages coming out as empty strings. - AES Keys generated for use in accelerated mode are now 256-bit by default instead of 128. - Fix url fetching for SNI with python-2.7.9 or greater. SNI does not work with python < 2.7.9. The best workaround is probably to use the command module with curl or wget. - Fix url fetching to allow tls-1.1 and tls-1.2 if the system's openssl library supports those protocols - Fix ec2_ami_search module to check TLS Certificates - Fix the following extras modules to check TLS Certificates: - campfire - layman - librarto_annotate - twilio - typetalk - Fix docker module's parsing of docker-py version for dev checkouts - Fix docker module to work with docker server api 1.19 - Change yum module's state=latest feature to update all packages specified in a single transaction. This is the same type of fix as was made for yum's state=installed in 1.9.2 and both solves the same problems and with the same caveats. - Fixed a bug where stdout from a module might be blank when there were were non-printable ASCII characters contained within it ------------------------------------------------------------------- Wed Jul 15 09:17:54 UTC 2015 - lars@linux-schulserver.de - update to 1.9.2: - Security fixes to check that hostnames match certificates with https urls (CVE-2015-3908; bnc #938161): + get_url and uri modules + url and etcd lookup plugins - Security fixes to the zone (Solaris containers), jail (bsd containers), and chroot connection plugins. These plugins can be used to connect to their respective container types in leiu of the standard ssh connection. Prior to this fix being applied these connection plugins didn't properly handle symlinks within the containers which could lead to files intended to be written to or read from the container being written to or read from the host system instead. (CVE pending) - Fixed a bug in the service module where init scripts were being incorrectly used instead of upstart/systemd. - Fixed a bug where sudo/su settings were not inherited from ansible.cfg correctly. - Fixed a bug in the rds module where a traceback may occur due to an unbound variable. - Fixed a bug where certain remote file systems where the SELinux context was not being properly set. - Re-enabled several windows modules which had been partially merged (via action plugins): + win_copy.ps1 + win_copy.py + win_file.ps1 + win_file.py + win_template.py - Fix bug using with_sequence and a count that is zero. Also allows counting backwards isntead of forwards - Fix get_url module bug preventing use of custom ports with https urls - Fix bug disabling repositories in the yum module. - Fix giving yum module a url to install a package from on RHEL/CENTOS5 - Fix bug in dnf module preventing it from working when yum-utils was not already installed ------------------------------------------------------------------- Tue Apr 28 19:03:01 UTC 2015 - boris@steki.net - updated to version 1.9.1 * Fixed a bug related to Kerberos auth when using winrm with a domain account. * Fixing several bugs in the s3 module. * Fixed a bug with upstart service detection in the service module. * Fixed several bugs with the user module when used on OSX. * Fixed unicode handling in some module situations (assert and shell/command execution). * Fixed a bug in redhat_subscription when using the activationkey parameter. * Fixed a traceback in the gce module on EL6 distros when multiple pycrypto installations are available. * Added support for PostgreSQL 9.4 in rds_param_group * Several other minor fixes. ------------------------------------------------------------------- Mon Mar 30 22:45:57 UTC 2015 - boris@steki.net - updated to version 1.9.0.1 * Added kerberos support to winrm connection plugin. * Tags rehaul: added 'all', 'always', 'untagged' and 'tagged' special tags and normalized tag resolution. Added tag information to --list-tasks and new --list-tags option. * Privilege Escalation generalization, new 'Become' system and variables now will handle existing and new methods. Sudo and su have been kept for backwards compatibility. New methods pbrun and pfexec in 'alpha' state, planned adding 'runas' for winrm connection plugin. * Improved ssh connection error reporting, now you get back the specific message from ssh. * Added facility to document task module return values for registered vars, both for ansible-doc and the docsite. Documented copy, stats and acl modules, the rest must be updated individually (we will start doing so incrementally). * Optimize the plugin loader to cache available plugins much more efficiently. For some use cases this can lead to dramatic improvements in startup time. * Overhaul of the checksum system, now supports more systems and more cases more reliably and uniformly. * Fix skipped tasks to not display their parameters if no_log is specified. * Many fixes to unicode support, standarized functions to make it easier to add to input/output boundries. * Added travis integration to github for basic tests, this should speed up ticket triage and merging. * environment: directive now can also be applied to play and is inhertited by tasks, which can still override it. * expanded facts and OS/distribution support for existing facts and improved performance with pypy. * new 'wantlist' option to lookups allows for selecting a list typed variable vs a command delimited string as the return. * the shared module code for file backups now uses a timestamp resolution of seconds (previouslly minutes). * allow for empty inventories, this is now a warning and not an error (for those using localhost and cloud modules). * sped up YAML parsing in ansible by up to 25% by switching to CParser loader. - more info at: https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#19-dancing-in-the-street---mar-25-2015 ------------------------------------------------------------------- Mon Feb 23 11:46:55 UTC 2015 - boris@steki.net - updated to version 1.8.4 from 1.8.2 * Fixed regressions in ec2 and mount modules, introduced in 1.8.3 * Fixing a security bug related to the default permissions set on a tempoary file created when using "ansible-vault view ". * Many bug fixes, for both core code and core modules. ------------------------------------------------------------------- Fri Dec 5 15:11:43 UTC 2014 - boris@steki.net - updated to version 1.8.2 from 1.8.1 * Windows modules should now be packaged correctly. * A bug regarding wildcard grant strings in the mysql_user module has been fixed. * Several other bugs regarding the postgresql modules have also been fixed. ------------------------------------------------------------------- Mon Dec 1 18:28:18 UTC 2014 - boris@steki.net - enable build for older RHEL and SLE distributions ------------------------------------------------------------------- Thu Nov 27 11:17:53 UTC 2014 - boris@steki.net - updated package to latest release ## 1.8.1 "You Really Got Me" * Various bug fixes in postgresql and mysql modules. * Fixed a bug related to lookup plugins used within roles not finding files based on the relative paths to the roles files/ directory. * Fixed a bug related to vars specified in plays being templated too early, resulting in incorrect variable interpolation. * Fixed a bug related to git submodules in bare repos. * fact caching support, pluggable, initially supports Redis (DOCS pending) * 'serial' size in a rolling update can be specified as a percentage * added new Jinja2 filters, 'min' and 'max' that take lists * new 'ansible_version' variable available contains a dictionary of version info * For ec2 dynamic inventory, ec2.ini can has various new configuration options * 'ansible vault view filename.yml' opens filename.yml decrypted in a pager. * no_log parameter now surpressess data from callbacks/output as well as syslog * ansible-galaxy install -f requirements.yml allows advanced options and installs from non-galaxy SCM sources and tarballs. * command_warnings feature will warn about when usage of the shell/command module can be simplified to use core modules - this can be enabled in ansible.cfg * new omit value can be used to leave off a parameter when not set, like so module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even an empty value) if c was not set. * developers: 'baby JSON' in module responses, originally intended for writing modules in bash, is removed as a feature to simplify logic, script module remains available for running bash scripts. * async jobs started in "fire & forget" mode can now be checked on at a later time. * added ability to subcategorize modules for docs.ansible.com * added ability for shipped modules to have aliases with symlinks * added ability to deprecate older modules by starting with "_" and including "deprecated: message why" in module docs + New Modules: * cloud: rax_cdb - manages Rackspace Cloud Database instances * cloud: rax_cdb_database - manages Rackspace Cloud Databases * cloud: rax_cdb_user - manages Rackspace Cloud Database users * monitoring: zabbix_maintaince - handles outage windows with Zabbix * monitoring: bigpanda - support for bigpanda * net_infrastructure: a10_server - manages server objects on A10 devices * net_infrastructure: a10_service_group - manages service group objects on A10 devices * net_infrastructure: a10_virtual_server - manages virtual server objects on A10 devices * system: getent - read getent databases + Some other notable changes: * added the ability to set "instance filters" in the ec2.ini to limit results from the inventory plugin. * upgrades for various variable precedence items and parsing related items * added a new "follow" parameter to the file and copy modules, which allows actions to be taken on the target of a symlink rather than the symlink itself. * if a module should ever traceback, it will return a standard error, catchable by ignore_errors, versus an 'unreachable' * ec2_lc: added support for multiple new parameters like kernel_id, ramdisk_id and ebs_optimized. * ec2_elb_lb: added support for the connection_draining_timeout and cross_az_load_balancing options. * support for symbolic representations (ie. u+rw) for file permission modes (file/copy/template modules etc.). * docker: Added support for specifying the net type of the container. * docker: support for specifying read-only volumes. * docker: support for specifying the API version to use for the remote connection. * openstack modules: various improvements * irc: ssl support for the notification module * npm: fix flags passed to package installation * windows: improved error handling * setup: additional facts on System Z * apt_repository: certificate validation can be disabled if requested * pagerduty module: misc improvements * ec2_lc: public_ip boolean configurable in launch configurations * ec2_asg: fixes related to proper termination of an autoscaling group * win_setup: total memory fact correction * ec2_vol: ability to list existing volumes * ec2: can set optimized flag * various parser improvements * produce a friendly error message if the SSH key is too permissive * ec2_ami_search: support for SSD and IOPS provisioned EBS images * can set ansible_sudo_exe as an inventory variable which allows specifying a different sudo (or equivalent) command * git module: Submodule handling has changed. Previously if you used the "recursive" parameter to handle submodules, ansible would track the submodule upstream's head revision. This has been changed to checkout the version of the submodule specified in the superproject's git repository. This is inline with what git submodule update does. If you want the old behaviour use the new module parameter track_submodules=yes * Checksumming of transferred files has been made more portable and now uses the sha1 algorithm instead of md5 to be compatible with FIPS-140. + As a small side effect, the fetch module no longer returns a useful value in remote_md5. If you need a replacement, switch to using remote_checksum which returns the sha1sum of the remote file. * ansible-doc CLI tool contains various improvements for working with different terminals ------------------------------------------------------------------- Mon Oct 27 09:16:52 UTC 2014 - kgronlund@suse.com - update to 1.7.2: - Fixes a bug in accelerate mode which caused a traceback when trying to use that connection method. - Fixes a bug in vault where the password file option was not being used correctly internally. - Improved multi-line parsing when using YAML literal blocks (using > or |). - Fixed a bug with the file module and the creation of relative symlinks. - Fixed a bug where checkmode was not being honored during the templating of files. - Other various bug fixes. - Switch to xz for source package ------------------------------------------------------------------- Wed Sep 10 12:55:35 UTC 2014 - boris@steki.net - add python-pywinrm to requirements to enable windows hosts automation ------------------------------------------------------------------- Sun Aug 17 15:21:38 UTC 2014 - lars@linux-schulserver.de - update to 1.7.1: Major new features: + Windows support (alpha) using native PowerShell remoting + Tasks can now specify run_once: true, meaning they will be executed exactly once. This can be combined with delegate_to to trigger actions you want done just the one time versus for every host in inventory. New Modules: + cloud: azure + cloud: rax_meta + cloud: rax_scaling_group + cloud: rax_scaling_policy + windows: version of setup module + windows: version of slurp module + windows: win_feature + windows: win_get_url + windows: win_msi + windows: win_ping + windows: win_user + windows: win_service + windows: win_group New inventory scripts: + SoftLayer + Windows Azure Docker module bug fixes: + Fixed support for specifying rw/ro bind modes for volumes + Fixed support for allowing the tag in the image parameter Other notable changes: + Performance enhancements related to previous security fixes, which could cause slowness when modules returned very large JSON results. This specifically impacted the unarchive module frequently, which returns the details of all unarchived files in the result. + Inventory speed improvements for very large inventories. + Vault password files can now be executable, to support scripts that fetch the vault password. + Fixes an issue with the copy module when copying a directory that ------------------------------------------------------------------- Fri Aug 15 15:25:04 UTC 2014 - boris@steki.net - updated to upstream version 1.7.1 * Security fix to disallow specifying 'args:' as a string, which could allow the insertion of extra module parameters through variables. * Performance enhancements related to previous security fixes, which could cause slowness when modules returned very large JSON results. This specifically impacted the unarchive module frequently, which returns the details of all unarchived files in the result. * Docker module bug fixes: + Fixed support for specifying rw/ro bind modes for volumes + Fixed support for allowing the tag in the image parameter * Major new features: + Windows support (alpha) using native PowerShell remoting + Tasks can now specify `run_once: true`, meaning they will be executed exactly once. This can be combined with delegate_to to trigger actions you want done just the one time versus for every host in inventory. * Inventory speed improvements for very large inventories. * Vault password files can now be executable, to support scripts that fetch the vault password. * Fixes an issue with the copy module when copying a directory that fails when changing file attributes and the target file already exists + Improved unicode handling when splitting args + Further improvements to module parameter parsing to address additional regressions caused by security fixes + Corrects a regression in the way shell and command parameters were being parsed + Various other bug fixes Security fixes: + Security fix to disallow specifying 'args:' as a string, which could allow the insertion of extra module parameters through variables. + Strip lookup calls out of inventory variables and clean unsafe data returned from lookup plugins (CVE-2014-4966) + Make sure vars don't insert extra parameters into module args and prevent duplicate params from superseding previous params (CVE-2014-4967) - adapt specfile requirements for RedHat and Fedora - fixed zypper and zypper_repository modules to support SLE 10 ------------------------------------------------------------------- Thu Jul 10 12:53:16 UTC 2014 - lars@linux-schulserver.de - update to 1.6.6: * Security updates to further protect against the incorrect execution of untrusted data * Additional tweaks to prevent the incorrect execution of untrusted data * Security update to prevent local operations from executing as the result of specifically crafted untrusted data ------------------------------------------------------------------- Thu Jun 19 07:28:24 UTC 2014 - lars@linux-schulserver.de - update to 1.6.3: * The deprecated legacy variable templating system has been finally removed. Use {{ foo }} always not $foo or ${foo}. * Any data file can also be JSON. Use sparingly -- with great power comes great responsibility. Starting file with "{" or "[" denotes JSON. * Added 'gathering' param for ansible.cfg to change the default gather_facts policy. * Accelerate improvements: + multiple users can connect with different keys, when accelerate_multi_key = yes is specified in the ansible.cfg. + daemon lifetime is now based on the time from the last activity, not the time from the daemon's launch. * ansible-playbook now accepts --force-handlers to run handlers even if tasks result in failures. * Added VMWare support with the vsphere_guest module. * many new modules and ther notable changes, please read /usr/share/doc/packages/ansible/CHANGELOG.md for details - use new upstream URL(s) - require python-httplib2 and python-setuptools - ignore "wrong" permissions of synchronize.py - ignore rpmlint warning about requiring python-httplib2 explicitely ------------------------------------------------------------------- Thu Mar 20 23:24:56 UTC 2014 - lars@linux-schulserver.de - update to 1.5.3: * Fixes to the git module related to host key checking * Force command action to not be executed by the shell unless specifically enabled. * Validate SSL certs accessed through urllib*. * Implement new default cipher class AES256 in ansible-vault. * Misc bug fixes. ------------------------------------------------------------------- Sat Mar 8 11:08:25 UTC 2014 - lars@linux-schulserver.de - update to 1.5: Major features/changes: * when_foo which was previously deprecated is now removed, use "when:" instead. Code generates appropriate error suggestion. * include + with_items which was previously deprecated is now removed, ditto. Use with_nested / with_together, etc. * only_if, which is much older than when_foo and was deprecated, is similarly removed. * ssh connection plugin is now more efficient if you add 'pipelining=True' in ansible.cfg under [ssh_connection], see example.cfg * localhost/127.0.0.1 is not required to be in inventory if referenced, if not in inventory, it does not implicitly appear in the 'all' group. * git module has new parameters (accept_hostkey, key_file, ssh_opts) to ease the usage of git and ssh protocols. * when using accelerate mode, the daemon will now be restarted when specifying a different remote_user between plays. * added no_log: option for tasks. When used, no logging information will be sent to syslog during the module execution. * acl module now handles 'default' and allows for either shorthand entry or specific fields per entry section * play_hosts is a new magic variable to provide a list of hosts in scope for the current play. * ec2 module now accepts 'exact_count' and 'count_tag' as a way to enforce a running number of nodes by tags. * all ec2 modules that work with Eucalyptus also now support a 'validate_certs' option, which can be set to 'off' for installations using self-signed certs. * Start of new integration test infrastructure (WIP) * if repoquery is unavailble, the yum module will automatically attempt to install yum-utils * ansible-vault: a framework for encrypting your playbooks and variable files Other notable changes (many new module params & bugfixes may not not listed): * no_reboot is now defaulted to "no" in the ec2_ami module to ensure filesystem consistency in the resulting AMI. * sysctl module overhauled * authorized_key module overhauled * synchronized module now handles local transport better * apt_key module now ignores case on keys * zypper_repository now skips on check mode * file module now responds to force behavior when dealing with hardlinks * new lookup plugin 'csvfile' * fixes to allow hash_merge behavior to work with dynamic inventory * mysql module will use port argument on dump/import * subversion module now ignores locale to better intercept status messages * rax api_key argument is no longer logged * backwards/forwards compatibility for OpenStack modules, 'quantum' modules grok neutron renaming * hosts properly uniqueified if appearing in redundant groups * hostname module support added for ScientificLinux * ansible-pull can now show live stdout and pass verbosity levels to ansible-playbook * ec2 instances can now be stopped or started * additional volumes can be created when creating new ec2 instances * user module can move a home directory * significant enhancement and cleanup of rackspace modules * ansible_ssh_private_key_file can be templated * docker module updated to support docker-py 0.3.0 * various other bug fixes * md5 logic improved during sudo operation * support for ed25519 keys in authorized_key module * ability to set directory permissions during a recursive copy (directory_mode parameter) * update docker module, support for using docker python library 0.3.0 ------------------------------------------------------------------- Thu Feb 27 17:39:07 UTC 2014 - lars@linux-schulserver.de - update to 1.4.5: + fixed issue with permissions being incorrect on fireball/accelerate keys when the umask setting was too loose. ------------------------------------------------------------------- Sun Jan 19 03:12:17 UTC 2014 - lars@linux-schulserver.de - update to 1.4.4: + Fixed issue with newer versions of pip not having --use-mirrors + Fixed role_path parsing from ansible.cfg + Fixed default role templates + Fixed a few bugs related to unicode + Fixed errors in the ssh connection method with large data returns + Miscellaneous fixes for a few modules + Add the ansible-galaxy command ------------------------------------------------------------------- Mon Dec 16 21:28:31 UTC 2013 - lars@linux-schulserver.de - update to 1.4.1: * Misc fix updates ------------------------------------------------------------------- Thu Nov 28 13:54:02 UTC 2013 - kgronlund@suse.com - Update to release 1.4 - Highlighted new features: + Added do-until feature, which can be used to retry a failed task a specified number of times with a delay in-between the retries. + Added failed_when option for tasks, which can be used to specify logical statements that make it easier to determine when a task has failed, or to make it easier to ignore certain non-zero return codes for some commands. + Added the "subelement" lookup plugin, which allows iteration of the keys of a dictionary or items in a list. + Added the capability to use either paramiko or ssh for the inital setup connection of an accelerated playbook. + Automatically provide advice on common parser errors users encounter. + Deprecation warnings are now shown for legacy features: when_integer/etc, only_if, include+with_items, etc. Can be disabled in ansible.cfg + The system will now provide helpful tips around possible YAML syntax errors increasing ease of use for new users. + warnings are now shown for using {{ foo }} in loops and conditionals, and suggest leaving the variable expressions bare as per docs. + The roles search path is now configurable in ansible.cfg. 'roles_path' in the config setting. + Includes with parameters can now be done like roles for consistency: - { include: song.yml, year:1984, song:'jump' } + The name of each role is now shown before each task if roles are being used + Adds a "var=" option to the debug module for debugging variable data. "debug: var=hostvars['hostname']" and "debug: var=foo" are all valid syntax. + Variables in {{ format }} can be used as references even if they are structured data + Can force binding of accelerate to ipv6 ports. + the apt module will auto-install python-apt if not present rather than requiring a manual installation + the copy module is now recursive if the local 'src' parameter is a directory. + syntax checks now scan included task and variable files as well as main files - New modules and plugins: + cloud: ec2_eip -- manage AWS elastic IPs + cloud: ec2_vpc -- manage ec2 virtual private clouds + cloud: elasticcache -- Manages clusters in Amazon Elasticache + cloud: rax_network -- sets up Rackspace networks + cloud: rax_facts: retrieve facts about a Rackspace Cloud Server + cloud: rax_clb_nodes -- manage Rackspace cloud load balanced nodes + cloud: rax_clb -- manages Rackspace cloud load balancers + cloud: docker - instantiates/removes/manages docker containers + cloud: ovirt -- VM lifecycle controls for ovirt + files: acl -- set or get acls on a file + files: unarchive: pushes and extracts tarballs + files: synchronize: a useful wraper around rsyncing trees of files + system: firewalld -- manage the firewalld configuration + system: modprobe -- manage kernel modules on systems that support modprobe/rmmod + system: open_iscsi -- manage targets on an initiator using open-iscsi + system: blacklist: add or remove modules from the kernel blacklist + system: hostname - sets the systems hostname + utilities: include_vars -- dynamically load variables based on conditions. + packaging: zypper_repository - adds or removes Zypper repositories + packaging: urpmi - work with urpmi packages + packaging: swdepot - a module for working with swdepot + notification: grove - notifies to Grove hosted IRC channels + web_infrastructure: ejabberd_user: add and remove users to ejabberd + web_infrastructure: jboss: deploys or undeploys apps to jboss + source_control: github_hooks: manages GitHub service hooks + net_infrastructure: bigip_monitor_http: manages F5 BIG-IP LTM http monitors + net_infrastructure: bigip_monitor_tcp: manages F5 BIG-IP LTM TCP monitors + net_infrastructure: bigip_pool_member: manages F5 BIG-IP LTM pool members + net_infrastructure: bigip_node: manages F5 BIG-IP LTM nodes + net_infrastructure: openvswitch_port + net_infrastructure: openvswitch_bridge ------------------------------------------------------------------- Fri Nov 1 15:09:48 UTC 2013 - kgronlund@suse.com - Updated .spec file: + Remove deprecated fireball and node-fireball packages + Add dependency on python-keyczar + Add recommends for sshpass + Fix support for RHEL + Correct upstream URL + Use upstream release package for 1.3.4 + Re-add CHANGELOG.md + Re-added man3 man pages + Updated short description to match upstream description ------------------------------------------------------------------- Thu Oct 31 17:26:44 UTC 2013 - lars@linux-schulserver.de - update to 1.3.4: Highlighted new features: + accelerated mode: An enhanced fireball mode that requires zero bootstrapping and fewer requirements plus adds capabilities like sudo commands. + role defaults: Allows roles to define a set of variables at the lowest priority. These variables can be overridden by any other variable. + new /etc/ansible/facts.d allows JSON or INI-style facts to be provided from the remote node, and supports executable fact programs in this dir. Files must end in *.fact. + added the ability to make undefined template variables raise errors (see ansible.cfg) + (DOCS PENDING) sudo: True/False and sudo_user: True/False can be set at include and role level + added changed_when: (expression) which allows overriding whether a result is changed or not and can work with registered expressions + --extra-vars can now take a file as input, e.g., "-e @filename" and can also be formatted as YAML + external inventory scripts may now return host variables in one pass, which allows them to be much more efficient for large numbers of hosts + if --forks exceeds the numbers of hosts, it will be automatically reduced. Set forks to 0 and you get "as many forks as I have hosts" out of the box. + enabled error_on_undefined_vars by default, which will make errors in playbooks more obvious + role dependencies -- one role can now pull in another, with parameters of its own. + added the ability to have tasks execute even during a check run (always_run). + added the ability to set the maximum failure percentage for a group of hosts. ...and a lot more information can be found at /usr/share/doc/packages/ansible/CHANGELOG.md - removed man3 man pages - removed separate CHANGELOG.md source - now in upstream tarball ------------------------------------------------------------------- Sun Jun 30 20:05:47 UTC 2013 - lars@linux-schulserver.de - update to 1.2: + new feature: roles + massively improved variable support and conditionals + Pre and Post tasks provide greater controls to make rolling updates even smoother + added 32 new modules: ++ including a openSUSE package management module ++ added team chat notification modules for Flowdock, Hipchat, Campfire, IRC, and more ++ added monitoring modules to interact with New Relic, Airbrake, Pingdom, Pagerduty and Monit - added CHANGELOG.md to /usr/share/doc/packages/ansible/ to have the complete changelog at hand ------------------------------------------------------------------- Thu Apr 25 08:01:24 UTC 2013 - lars@linux-schulserver.de - require python-pyzmq on (open)SUSE ------------------------------------------------------------------- Thu Apr 18 07:42:43 UTC 2013 - lars@linux-schulserver.de - fix build on other distributions than openSUSE - License in SPDX format - added rpmlintrc ------------------------------------------------------------------- Wed Apr 17 11:04:04 UTC 2013 - lars@linux-schulserver.de - update to 1.1: + stderr shown when commands fail to parse + uses yaml.safe_dump in filter plugins + authentication Q&A no longer happens before --syntax-check, but after + ability to get hostvars data for nodes not in the setup cache yet + SSH timeout now correctly passed to native SSH connection plugin + raise an error when multiple when_ statements are provided + --list-hosts applies host limit selections better + (internals) template engine specifications to use template_ds everywhere + better error message when your host file can not be found + end of line comments now work in the inventory file + directory destinations now work better with remote md5 code + lookup plugin macros like $FILE and $ENV now work without returning arrays in variable definitions/playbooks + uses yaml.safe_load everywhere + able to add EXAMPLES to documentation via EXAMPLES docstring, rather than just in main documentation YAML + can set ANSIBLE_COW_SELECTION to pick other cowsay types (including random) + to_nice_yaml and to_nice_json available as Jinja2 filters that indent and sort + cowsay able to run out of macports (very important!) + improved logging for fireball mode + nicer error message when talking to an older system that needs a JSON module installed + 'magic' variable 'inventory_basedir' now gives path to inventory file + 'magic' variable 'vars' works like 'hostvars' but gives global scope variables, useful for debugging in templates mostly + conditionals can be used on plugins like add_host + ...and many more... - specfile cleanup - just recomend python-paramiko as the user can also use openssh ------------------------------------------------------------------- Tue Jan 22 13:47:16 UTC 2013 - julien.tognazzi@gmail.com - Merge changes from upstream