8d7ed66e09
Updated ansible to 2.7.0 OBS-URL: https://build.opensuse.org/request/show/640531 OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=122
1822 lines
90 KiB
Plaintext
1822 lines
90 KiB
Plaintext
-------------------------------------------------------------------
|
|
Mon Oct 08 06:09:05 UTC 2018 - sean@suspend.net
|
|
|
|
- update to 2.7.0
|
|
Major changes:
|
|
* Allow config to enable native jinja types
|
|
* Remove support for simplejson
|
|
* yum and dnf modules now at feature parity
|
|
|
|
Minor changes:
|
|
* Changed the prefix of all Vultr modules from vr to vultr
|
|
* Enable installroot tests for yum4(dnf) integration testing, dnf backend now supports that
|
|
* Fixed timer in exponential backoff algorithm in vmware.py
|
|
|
|
Bugfixes:
|
|
* Security Fix - avoid loading host/group vars from cwd when not specifying a playbook or playbook base dir
|
|
* Security Fix - avoid using ansible.cfg in a world writable dir
|
|
* Some connection exception would cause no_log specified on a task to be ignored (stdout info disclosure)
|
|
* Fix glob path of rc.d (SUSE-specific)
|
|
* Fix lambda_policy updates
|
|
* Fix alt linux detection/matching
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Sep 11 09:29:01 UTC 2018 - lars@linux-schulserver.de
|
|
|
|
- update to 2.6.4
|
|
Minor Changes:
|
|
* add azure_rm_storageaccount support to StorageV2 kind.
|
|
* import_tasks - Do not allow import_tasks to transition to dynamic
|
|
if the file is missing
|
|
Bugfixes:
|
|
* Add md5sum check in nxos_file_copy module
|
|
* Allow arbitrary log_driver for docker_container
|
|
* Fix Python2.6 regex bug terminal plugin nxos, iosxr
|
|
* Fix check_mode in nxos_static_route module
|
|
* Fix glob path of rc.d Some distribtuions like SUSE has the rc%.d
|
|
directories under /etc/init.d
|
|
* Fix network config diff issue for lines
|
|
* Fixed an issue where ansible_facts.pkg_mgr would incorrectly set
|
|
to zypper on Debian/Ubuntu systems that happened to have the
|
|
command installed
|
|
* The docker_* modules respect the DOCKER_* environment variables again
|
|
* The fix for CVE-2018-10875 prints out a warning message about
|
|
skipping a config file from a world writable current working directory.
|
|
However, if the user is in a world writable current working directory
|
|
which does not contain a config file, it should not print a warning
|
|
message. This release fixes that extaneous warning.
|
|
* To resolve nios_network issue where vendor-encapsulated-options
|
|
can not have a use_option flag.
|
|
* To resolve the issue of handling exception for Nios lookup gracefully.
|
|
* always correctly template no log for tasks
|
|
* ansible-galaxy - properly list all roles in roles_path
|
|
* basic.py - catch ValueError in case a FIPS enabled platform
|
|
raises this exception
|
|
* docker_container: fixing working_dir idempotency problem
|
|
* docker_container: makes unit parsing for memory sizes more consistent,
|
|
and fixes idempotency problem when kernel_memory is set
|
|
* fix example code for AWS lightsail documentation
|
|
* fix the enable_snat parameter that is only supposed to be used by
|
|
an user with the right policies.
|
|
* fixes docker_container check and debug mode
|
|
* improves docker_container idempotency
|
|
* ios_l2_interface - fix bug when list of vlans ends with comma
|
|
* ios_l2_interface - fix issue with certain interface types
|
|
* ios_user - fix unable to delete user admin issue
|
|
* ios_vlan - fix unable to work on certain interface types issue
|
|
* nxos_facts test lldp feature and fix nxapi check_rc
|
|
* nxos_interface port-channel idempotence fix for mode
|
|
* nxos_linkagg mode fix
|
|
* nxos_system idempotence fix
|
|
* nxos_vlan refactor to support non structured output
|
|
* one_host - fixes settings via environment variables
|
|
* use retry_json nxos_banner
|
|
* user - Strip trailing comments in /etc/default/passwd
|
|
* user - when creating a new user without an expiration date,
|
|
properly set no expiration rather that expirining the account
|
|
* win_domain_computer - fixed deletion of computer active directory
|
|
object that have dependent objects
|
|
* win_domain_computer - fixed error in diff_support
|
|
* win_domain_computer - fixed error when description parameter is empty
|
|
* win_psexec - changed code to not escape the command option when building the args
|
|
* win_uri -- Fix support for JSON output when charset is set
|
|
* win_wait_for - fix issue where timeout doesn't wait unless state=drained
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Aug 27 19:35:38 UTC 2018 - matthias.eliasson@gmail.com
|
|
|
|
- update to 2.6.3
|
|
Bugfixes:
|
|
* Fix lxd module to be idempotent when the given configuration for
|
|
the lxd container has not changed
|
|
* Fix setting value type to str to avoid conversion during template
|
|
read. Fix Idempotency in case of 'no key'.
|
|
* Fix the mount module's handling of swap entries in fstab
|
|
* The fix for (CVE-2018-10875) prints out a warning message about
|
|
skipping a config file from a world writable current working
|
|
directory. However, if the user explicitly specifies that the
|
|
config file should be used via the ANSIBLE_CONFIG environment
|
|
variable then Ansible would honor that but still print out the
|
|
warning message. This has been fixed so that Ansible honors the
|
|
user's explicit wishes and does not print a warning message in
|
|
that circumstance.
|
|
* To fix the bug where existing host_record was deleted when existing
|
|
record name is used with different IP.
|
|
* VMware handle pnic in proxyswitch
|
|
* fix azure security group cannot add rules when purge_rule set to false.
|
|
* fix azure_rm_deployment collect tags from existing Resource Group.
|
|
* fix azure_rm_loadbalancer_facts list takes at least 2 arguments.
|
|
* fix for the bundled selectors module (used in the ssh and local
|
|
connection plugins) when a syscall is restarted after being
|
|
interrupted by a signal
|
|
* get_url - fix the bug that get_url does not change mode when checksum matches
|
|
* nicer error when multiprocessing breaks
|
|
* openssl_certificate - Convert valid_date to bytes for conversion
|
|
* openstack_inventory.py dynamic inventory file fixed the plugin to the
|
|
script so that it will work with current ansible-inventory. Also
|
|
redirect stdout before dumping the ouptput, because not doing so will
|
|
cause JSON parse errors in some cases.
|
|
* slack callback - Fix invocation by looking up data from cli.options
|
|
* sysvinit module: handle values of optional parameters. Don't disable
|
|
service when enabled parameter isn't set. Fix command when arguments
|
|
parameter isn't set.
|
|
* vars_prompt - properly template play level variables in vars_prompt
|
|
* win_domain - ensure the Netlogon service is up and running after
|
|
promoting host to controller
|
|
* win_domain_controller - ensure the Netlogon service is up and running
|
|
after promoting host to controller
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 30 15:05:07 UTC 2018 - lars@linux-schulserver.de
|
|
|
|
- update to 2.6.2
|
|
Minor Changes
|
|
+ Sceanrio guide for removing an existing virtual machine is added.
|
|
+ lineinfile - add warning when using an empty regexp
|
|
+ Restore module_utils.basic.BOOLEANS variable for backwards compatibility
|
|
with the module API in older ansible releases.
|
|
Bugfixes:
|
|
+ Add text output along with structured output in nxos_facts
|
|
+ Allow more than one page of results by using the right pagination
|
|
indicator ('NextMarker' instead of 'NextToken').
|
|
+ Fix an atomic_move error that is 'true', but misleading.
|
|
Now we show all 3 files involved and clarify what happened.
|
|
+ Fix eos_l2_interface eapi.
|
|
+ Fix fetching old style facts in junos_facts module
|
|
+ Fix get_device_info nxos zero or more whitespace regex
|
|
+ Fix nxos CI failures
|
|
+ Fix nxos_nxapi default http behavior
|
|
+ Fix nxos_vxlan_vtep_vni
|
|
+ Fix regex network_os_platform nxos
|
|
+ Refactor nxos cliconf get_device_info for non structured
|
|
output supported devices
|
|
+ To fix the NoneType error raised in ios_l2_interface when
|
|
Access Mode VLAN is unassigned
|
|
+ emtpy host/group name is an error
|
|
+ fix default SSL version for docker modules
|
|
+ fix mail module when using starttls
|
|
+ fix nmap config example
|
|
+ fix ps detection of service
|
|
+ fix the remote tmp folder permissions issue when becoming a non
|
|
admin user
|
|
+ fix typoe in sysvinit that breaks update.rc-d detection
|
|
+ fixes docker_container compatibilty with docker-py < 2.2
|
|
+ get_capabilities in nxapi module_utils should not return empty dictionary
|
|
+ inventory - When using an inventory directory, ensure extension
|
|
comparison uses text types
|
|
+ ios_vlan - fix unable to identify correct vlans issue
|
|
+ nxos_facts warning message improved
|
|
+ openvswitch_db - make 'key' argument optional
|
|
+ pause - do not set stdout to raw mode when redirecting to a file
|
|
+ pause - nest try except when importing curses to gracefully fail
|
|
if curses is not present
|
|
+ plugins/inventory/openstack.py - Do not create group with empty
|
|
name if region is not set
|
|
+ preseve delegation info on nolog
|
|
+ remove ambiguity when it comes to 'the source'
|
|
+ remove dupes from var precedence
|
|
+ restores filtering out conflicting facts
|
|
+ user - fix bug that resulted in module always reporting a change when
|
|
specifiying the home directory on FreeBSD
|
|
+ user - use correct attribute name in FreeBSD for creat_home
|
|
+ vultr - Do not fail trying to load configuration from ini files if
|
|
required variables have been set as environment variables.
|
|
+ vyos_command correcting conditionals looping
|
|
+ win_chocolatey - enable TLSv1.2 support when downloading the
|
|
Chocolatey installer
|
|
+ win_reboot - fix for handling an already scheduled reboot and other
|
|
minor log formatting issues
|
|
+ win_reboot - fix issue when overridding connection timeout hung
|
|
the post reboot uptime check
|
|
+ win_reboot - handle post reboots when running test_command
|
|
+ win_security_policy - allows an empty string to reset a policy value
|
|
+ win_share - discard any cmdlet output we don't use to ensure only the
|
|
return json is received by Ansible
|
|
+ win_unzip - discard any cmdlet output we don't use to ensure only the
|
|
return json is received by Ansible
|
|
+ win_updates - fixed module return value is lost in error in some cases
|
|
+ win_user - Use LogonUser to validate the password as it does not
|
|
rely on SMB/RPC to be available
|
|
+ Security Fix - avoid loading host/group vars from cwd when not
|
|
specifying a playbook or playbook base dir
|
|
+ Security Fix - avoid using ansible.cfg in a world writable dir.
|
|
+ Fix junos_config confirm commit timeout issue
|
|
(https://github.com/ansible/ansible/pull/41527)
|
|
+ file module - The touch subcommand had its diff output broken during
|
|
the 2.6.x development cycle. This is now fixed.
|
|
+ inventory manager - This fixes required options being populated before
|
|
the inventory config file is read, so the required options may be
|
|
set in the config file.
|
|
+ nsupdate - allow hmac-sha384 https://github.com/ansible/ansible/pull/42209
|
|
+ win_domain - fixes typo in one of the AD cmdlets
|
|
https://github.com/ansible/ansible/issues/41536
|
|
+ win_group_membership - uses the internal Ansible SID conversion logic
|
|
and uses that when comparing group membership instead of the name
|
|
- use fdupes to save some space in python_sitelib
|
|
- define BuildRoot on older distributions like SLE-11
|
|
- be a bit more flexible with the ending of manpage files to allow
|
|
Fedora builds to succeed
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 2 17:23:10 UTC 2018 - mrueckert@suse.de
|
|
|
|
- revert some unneeded changes from spec-cleaner
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jul 2 11:38:41 UTC 2018 - boris@steki.net
|
|
|
|
- updated to latest release 2.6.0
|
|
- New Plugins:
|
|
+ Callback:
|
|
- cgroup_memory_recap
|
|
- grafana_annotations
|
|
- sumologic
|
|
+ Connection:
|
|
- httpapi
|
|
+ Inventory:
|
|
- foreman
|
|
- gcp_compute
|
|
- generator
|
|
- nmap
|
|
+ Lookup:
|
|
- onepassword
|
|
- onepassword_raw
|
|
- Modules updates too many to mention here
|
|
please look at package documentation directory (/usr/share/doc/packages/.../changelogs)
|
|
- bug fixes:
|
|
- **Security Fix** - Some connection exceptions would cause no_log
|
|
specified on a task to be ignored. If this happened, the task information,
|
|
including any private information coul d have been displayed to stdout and
|
|
(if enabled, not the default) logged to a log file specified in
|
|
ansible.cfg's log_path. Additionally, sites which redirected stdout from
|
|
ansible runs to a log file may have stored that private information onto
|
|
disk that way as well. (https://github.com/ansible/ansible/pull/41414)
|
|
- Changed the admin_users config option to not include "admin" by default
|
|
as admin is frequently used for a non-privileged account
|
|
(https://github.com/ansible/ansible/pull/41164)
|
|
- Changed the output to "text" for "show vrf" command as default "json"
|
|
output format with respect to "eapi" transport was failing
|
|
(https://github.com/ansible/ansible/pull/41470)
|
|
- Document mode=preserve for both the copy and template module
|
|
- Fix added for Digital Ocean Volumes API change causing Ansible to
|
|
recieve an unexpected value in the response.
|
|
(https://github.com/ansible/ansible/pull/41431)
|
|
- Fix an encoding issue when parsing the examples from a plugins'
|
|
documentation
|
|
- Fix iosxr_config module to handle route-policy, community-set,
|
|
prefix-set, as-path-set and rd-set blocks. All these blocks are part of
|
|
route-policy language of iosxr.
|
|
- Fix mode=preserve with remote_src=True for the copy module
|
|
- Implement mode=preserve for the template module
|
|
- The yaml callback plugin now allows non-ascii characters to be
|
|
displayed.
|
|
- Various grafana_* modules - Port away from the deprecated
|
|
b64encodestring function to the b64encode function instead.
|
|
https://github.com/ansible/ansible/pull/38388
|
|
- added missing 'raise' to exception definition
|
|
https://github.com/ansible/ansible/pull/41690
|
|
- allow custom endpoints to be used in the aws_s3 module
|
|
(https://github.com/ansible/ansible/pull/36832)
|
|
- allow set_options to be called multiple times
|
|
https://github.com/ansible/ansible/pull/41913
|
|
- ansible-doc - fixed traceback on missing plugins
|
|
(https://github.com/ansible/ansible/pull/41167)
|
|
- cast the device_mapping volume size to an int in the ec2_ami module
|
|
(https://github.com/ansible/ansible/pull/40938)
|
|
- copy - fixed copy to only follow symlinks for files in the non-recursive case
|
|
- copy module - The copy module was attempting to change the mode of files
|
|
for remote_src=True even if mode was not set as a parameter. This
|
|
failed on filesystems which do not have permission bits
|
|
(https://github.com/ansible/ansible/pull/40099)
|
|
- copy module - fixed recursive copy with relative paths
|
|
(https://github.com/ansible/ansible/pull/40166)
|
|
- correct debug display for all cases
|
|
https://github.com/ansible/ansible/pull/41331
|
|
- correctly check hostvars for vars term
|
|
https://github.com/ansible/ansible/pull/41819
|
|
- correctly handle yaml inventory files when entries are null dicts
|
|
https://github.com/ansible/ansible/issues/41692
|
|
- dynamic includes - Allow inheriting attributes from static parents
|
|
(https://github.com/ansible/ansible/pull/38827)
|
|
- dynamic includes - Don't treat undefined vars for conditional includes
|
|
as truthy (https://github.com/ansible/ansible/pull/39377)
|
|
- dynamic includes - Fix IncludedFile comparison for free strategy
|
|
(https://github.com/ansible/ansible/pull/37083)
|
|
- dynamic includes - Improved performance by fixing re-parenting on copy
|
|
(https://github.com/ansible/ansible/pull/38747)
|
|
- dynamic includes - Use the copied and merged task for calculating task
|
|
vars (https://github.com/ansible/ansible/pull/39762)
|
|
- file - fixed the default follow behaviour of file to be true
|
|
- file module - Eliminate an error if we're asked to remove a file but
|
|
something removes it while we are processing the request
|
|
(https://github.com/ansible/ansible/pull/39466)
|
|
- file module - Fix error when recursively assigning permissions and a
|
|
symlink to a nonexistent file is present in the directory tree
|
|
(https://github.com/ansible/ansible/issues/39456)
|
|
- file module - Fix error when running a task which assures a symlink to a
|
|
nonexistent file exists for the second and subsequent times
|
|
(https://github.com/ansible/ansible/issues/39558)
|
|
- file module - The file module allowed the user to specify src as a
|
|
parameter when state was not link or hard. This is documented as only
|
|
applying to state=link or state=hard but in previous Ansible, this could
|
|
have an effect in rare cornercases. For instance, "ansible -m file -a
|
|
'state=directory path=/tmp src=/var/lib'" would create /tmp/lib. This
|
|
has been disabled and a warning emitted (will change to an error in
|
|
Ansible-2.10).
|
|
- file module - The touch subcommand had its diff output broken during the
|
|
2.6.x development cycle. This is now fixed
|
|
(https://github.com/ansible/ansible/issues/41755)
|
|
- fix BotoCoreError exception handling
|
|
- fix apt-mark on debian6 (https://github.com/ansible/ansible/pull/41530)
|
|
- fix async for the aws_s3 module by adding async support to the action
|
|
plugin (https://github.com/ansible/ansible/pull/40826)
|
|
- fix decrypting vault files for the aws_s3 module
|
|
(https://github.com/ansible/ansible/pull/39634)
|
|
- fix errors with S3-compatible APIs if they cannot use ACLs for buckets
|
|
or objects
|
|
- fix permission handling to try to download a file even if the user does
|
|
not have permission to list all objects in the bucket
|
|
- fixed config required handling, specifically for _terms in lookups
|
|
https://github.com/ansible/ansible/pull/41740
|
|
- gce_net - Fix sorting of allowed ports
|
|
(https://github.com/ansible/ansible/pull/41567)
|
|
- group_by - support implicit localhost
|
|
(https://github.com/ansible/ansible/pull/41860)
|
|
- import/include - Ensure role handlers have the proper parent, allowing
|
|
for correct attribute inheritance
|
|
(https://github.com/ansible/ansible/pull/39426)
|
|
- import_playbook - Pass vars applied to import_playbook into parsing of
|
|
the playbook as they may be needed to parse the imported plays
|
|
(https://github.com/ansible/ansible/pull/39521)
|
|
- include_role/import_role - Don't overwrite included role handlers with
|
|
play handlers on parse (https://github.com/ansible/ansible/pull/39563)
|
|
- include_role/import_role - Fix parameter templating
|
|
(https://github.com/ansible/ansible/pull/36372)
|
|
- include_role/import_role - Use the computed role name for
|
|
include_role/import_role so to diffentiate between names computed from
|
|
host vars (https://github.com/ansible/ansible/pull/39516)-
|
|
include_role/import_role - improved performance and recursion depth
|
|
(https://github.com/ansible/ansible/pull/36470)
|
|
- lineinfile - fix insertbefore when used with BOF to not insert duplicate
|
|
lines (https://github.com/ansible/ansible/issues/38219)
|
|
- password lookup - Do not load password lookup in network filters,
|
|
allowing the password lookup to be overriden
|
|
(https://github.com/ansible/ansible/pull/41907)
|
|
- pause - ensure ctrl+c interrupt works in all cases
|
|
(https://github.com/ansible/ansible/issues/35372)
|
|
- powershell - use the tmpdir set by `remote_tmp` for become/async tasks
|
|
instead of the generic $env:TEMP -
|
|
https://github.com/ansible/ansible/pull/40210
|
|
- selinux - correct check mode behavior to report same changes as normal
|
|
mode (https://github.com/ansible/ansible/pull/40721)
|
|
- spwd - With python 3.6 spwd.getspnam returns PermissionError instead of
|
|
KeyError if user does not have privileges
|
|
(https://github.com/ansible/ansible/issues/39472)
|
|
- synchronize - Ensure the local connection created by synchronize uses
|
|
_remote_is_local=True, which causes ActionBase to build a local tmpdir
|
|
(https://github.com/ansible/ansible/pull/40833)
|
|
- template - Fix for encoding issues when a template path contains
|
|
non-ascii characters and using the template path in ansible_managed
|
|
(https://github.com/ansible/ansible/issues/27262)
|
|
- template action plugin - fix the encoding of filenames to avoid
|
|
tracebacks on Python2 when characters that are not present in the user's
|
|
locale are present. (https://github.com/ansible/ansible/pull/39424)
|
|
- user - only change the expiration time when necessary
|
|
(https://github.com/ansible/ansible/issues/13235)
|
|
- uses correct conn info for reset_connection
|
|
https://github.com/ansible/ansible/issues/27520
|
|
- win_environment - Fix for issue where the environment value was deleted
|
|
when a null value or empty string was set -
|
|
https://github.com/ansible/ansible/issues/40450
|
|
- win_file - fix issue where special chars like [ and ] were not being
|
|
handled correctly https://github.com/ansible/ansible/pull/37901
|
|
- win_get_url - fixed a few bugs around authentication and force no when
|
|
using an FTP URL
|
|
- win_iis_webapppool - redirect some module output to null so Ansible can
|
|
read the output JSON https://github.com/ansible/ansible/issues/40874
|
|
- win_template - fix when specifying the dest option as a directory with
|
|
and without the trailing slash
|
|
https://github.com/ansible/ansible/issues/39886
|
|
- win_updates - Added the ability to run on a scheduled task for older
|
|
hosts so async starts working again -
|
|
https://github.com/ansible/ansible/issues/38364
|
|
- win_updates - Fix logic when using a whitelist for multiple updates
|
|
- win_updates - Fix typo that hid the download error when a download
|
|
failed
|
|
- win_updates - Fixed issue where running win_updates on async fails
|
|
without any error
|
|
- windows become - Show better error messages when the become process fails
|
|
- winrm - Add better error handling when the kinit process fails
|
|
- winrm - allow `ansible_user` or `ansible_winrm_user` to override
|
|
`ansible_ssh_user` when both are defined in an inventory -
|
|
https://github.com/ansible/ansible/issues/39844
|
|
- winrm - ensure pexpect is set to not echo the input on a failure and have
|
|
a manual sanity check afterwards
|
|
https://github.com/ansible/ansible/issues/41865
|
|
- winrm connection plugin - Fix exception messages sometimes raising a
|
|
traceback when the winrm connection plugin encounters an unrecoverable
|
|
error. https://github.com/ansible/ansible/pull/39333
|
|
- xenserver_facts - ensure module works with newer versions of XenServer
|
|
(https://github.com/ansible/ansible/pull/35821)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 26 13:55:07 UTC 2018 - mrueckert@suse.de
|
|
|
|
- use python3 on (open)SUSE 15 or newer
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jun 15 13:49:23 UTC 2018 - kbabioch@suse.com
|
|
|
|
- Update to 2.5.5
|
|
- Fixed the honouration of the no_log option with failed task iterations
|
|
(CVE-2018-10855 boo#1097775)
|
|
- Bufixes:
|
|
- Changed the admin_users config option to not include "admin" by default
|
|
as admin is frequently used for a non-privileged account
|
|
- aws_s3 - add async support to the action plugin
|
|
- aws_s3 - fix decrypting vault files
|
|
- ec2_ami - cast the device_mapping volume size to an int
|
|
- eos_logging - fix idempotency issues
|
|
- cache plugins - A cache timeout of 0 means the cache will not expire.
|
|
- ios_logging - fix idempotency issues
|
|
- ios/nxos/eos_config - don't retrieve config in running_config when config is provided for diff
|
|
- nxos_banner - fix multiline banner issue
|
|
- nxos terminal plugin - fix output truncation
|
|
- nxos_l3_interface - fix no switchport issue with loopback and svi interfaces
|
|
- nxos_snapshot - fix compare_option
|
|
- Applied spec-cleaner
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 24 15:32:37 UTC 2018 - lars@linux-schulserver.de
|
|
|
|
- Update to 2.5.1
|
|
Minor Changes
|
|
+ Updated example in vcenter_license module.
|
|
+ Updated virtual machine facts with instanceUUID which is unique
|
|
for each VM irrespective of name and BIOS UUID.
|
|
+ A lot of Bugfixes, please refer to the Changelog installed in
|
|
/usr/share/doc/packages/ansible/changelogs/CHANGELOG-v2.5.rst
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 27 15:45:03 UTC 2018 - lars@linux-schulserver.de
|
|
|
|
- Update to 2.5.0:
|
|
Major Changes
|
|
* Ansible Network improvements
|
|
+ Created new connection plugins network_cli and netconf to replace
|
|
connection=local. connection=local will continue to work for a
|
|
number of Ansible releases.
|
|
+ No more unable to open shell. A clear and descriptive message will
|
|
be displayed in normal ansible-playbook output without needing to enable debug mode
|
|
+ Loads of documentation, see Ansible for Network Automation Documentation.
|
|
+ Refactor common network shared code into package under module_utils/network/
|
|
+ Filters: Add a filter to convert XML response from a network device to JSON object.
|
|
+ Loads of bug fixes.
|
|
+ Plus lots more.
|
|
* New simpler and more intuitive 'loop' keyword for task loops. The
|
|
with_<lookup> loops will likely be deprecated in the near future
|
|
and eventually removed.
|
|
* Added fact namespacing; from now on facts will be available under
|
|
ansible_facts namespace (for example: ansible_facts.os_distribution)
|
|
without the ansible_ prefix. They will continue to be added into the
|
|
main namespace directly, but now with a configuration toggle to enable
|
|
this. This is currently on by default, but in the future it will default to off.
|
|
* Added a configuration file that a site administrator can use to
|
|
specify modules to exclude from being used.
|
|
Minor Changes
|
|
* please refer to /share/doc/packages/ansible/changelogs/CHANGELOG-v2.5.rst
|
|
Deprecated Features
|
|
* Previously deprecated 'hostfile' config settings have been 're-deprecated'
|
|
because previously code did not warn about deprecated configuration settings.
|
|
* Using Ansible-provided Jinja tests as filters is deprecated and will
|
|
be removed in Ansible 2.9.
|
|
* The stat and win_stat modules have deprecated get_md5 and the md5 return
|
|
values. These options will become undocumented in Ansible 2.9 and
|
|
removed in a later version.
|
|
* The redis_kv lookup has been deprecated in favor of new redis lookup
|
|
* Passing arbitrary parameters that begin with HEADER_ to the uri module,
|
|
used for passing http headers, is deprecated. Use the headers parameter
|
|
with a dictionary of header names to value instead.
|
|
This will be removed in Ansible 2.9
|
|
* Passing arbitrary parameters to the zfs module to set zfs properties is
|
|
deprecated. Use the extra_zfs_properties parameter with a dictionary of
|
|
property names to values instead. This will be removed in Ansible 2.9.
|
|
* Use of the AnsibleModule parameter check\_invalid\_arguments in custom
|
|
modules is deprecated. In the future, all parameters will be checked to
|
|
see whether they are listed in the arg spec and an error raised if they
|
|
are not listed. This behaviour is the current and future default so most
|
|
custom modules can simply remove check\_invalid\_arguments if they set it
|
|
to the default value of True. The check\_invalid\_arguments parameter
|
|
will be removed in Ansible 2.9.
|
|
* The nxos_ip_interface module is deprecated in Ansible 2.5.
|
|
Use nxos_l3_interface module instead.
|
|
* The nxos_portchannel module is deprecated in Ansible 2.5.
|
|
Use nxos_linkagg module instead.
|
|
* The nxos_switchport module is deprecated in Ansible 2.5.
|
|
Use nxos_l2_interface module instead.
|
|
* The ec2_ami_find has been deprecated; use ec2_ami_facts instead.
|
|
* panos_security_policy: Use panos_security_rule - the old module uses
|
|
deprecated API calls
|
|
* vsphere_guest is deprecated in Ansible 2.5 and will be removed in
|
|
Ansible-2.9. Use vmware_guest module instead.
|
|
Removed Features (previously deprecated)
|
|
* accelerate.
|
|
* boundary_meter: There was no deprecation period for this but the hosted
|
|
service it relied on has gone away so the module has been removed. #29387
|
|
* cl_ : cl_interface, cl_interface_policy, cl_bridge, cl_img_install,
|
|
cl_ports, cl_license, cl_bond. Use nclu instead
|
|
* docker. Use docker_container and docker_image instead.
|
|
* ec2_vpc.
|
|
* ec2_ami_search, use ec2_ami_facts instead.
|
|
* nxos_mtu. Use nxos_system's system_mtu option instead.
|
|
To specify an interface's MTU use nxos_interface.
|
|
* panos_nat_policy: Use panos_nat_rule the old module uses
|
|
deprecated API calls
|
|
- also package the changelogs directory below
|
|
/usr/share/doc/packages/ansible/ for better reference
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 6 09:47:28 UTC 2018 - lars@linux-schulserver.de
|
|
|
|
- License changed to GPL-3.0-or-later, as mentioned in the source
|
|
(former license focues on GPL-3.0 only)
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Feb 16 07:54:43 UTC 2018 - tbechtold@suse.com
|
|
|
|
- Add python-passlib as Requires (bsc#1080682)
|
|
passlib is needed for the "vars_prompt" feature of ansible
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Feb 4 16:36:34 UTC 2018 - mardnh@gmx.de
|
|
|
|
- Update to version 2.4.3.0:
|
|
* Fix `pamd` rule args regexp to match file paths.
|
|
* Check if SELinux policy exists before setting.
|
|
* Set locale to `C` in `letsencrypt` module to fix date parsing
|
|
errors.
|
|
* Fix include in loop when stategy=free.
|
|
* Fix save parameter in asa_config.
|
|
* Fix --vault-id support in ansible-pull.
|
|
* In nxos_interface_ospf, fail nicely if loopback is used with
|
|
passive_interface.
|
|
* Fix quote filter when given an integer to quote.
|
|
* nxos_vrf_interface fix when validating the interface.
|
|
* Fix for win_copy when sourcing files from an SMBv1 share.
|
|
* correctly report callback plugin file.
|
|
* restrict revaulting to vault cli.
|
|
* Fix python3 tracebacks in letsencrypt module.
|
|
* Fix ansible_*_interpreter variables to be templated prior to
|
|
being used.
|
|
* Fix setting of environment in a task that uses a loop
|
|
* Fix fetch on Windows failing to fetch files or particular
|
|
block size.
|
|
* preserve certain fields during no log.
|
|
* fix issue with order of declaration of sections in ini
|
|
inventory.
|
|
* Fix win_iis_webapppool to correctly stop a apppool.
|
|
* Fix CloudEngine host failed.
|
|
* Fix ios_config save issue.
|
|
* Handle vault filenames with nonascii chars when displaying
|
|
messages.
|
|
* Fix win_iis_webapppool to not return passwords.
|
|
* Fix extended file attributes detection and changing.
|
|
* correctly ensure 'ungrouped' membership rules.
|
|
* made warnings less noisy when empty/no inventory is supplied.
|
|
* Fixes a failure which prevents to create servers in module
|
|
cloudscale_server.
|
|
* Fix win_firewall_rule "Specified cast is invalid" error when
|
|
modifying a rule with all of Domain/Public/Private profiles set.
|
|
* Fix case for multilib when installing from a file in the yum
|
|
module.
|
|
* Fix WinRM parsing/escaping of IPv6 addresses.
|
|
* Fix win_package to detect MSI regardless of the extension case.
|
|
* Updated win_mapped_drive docs to clarify what it is used for.
|
|
* Fix file related modules run in check_mode when the file being
|
|
operated on does not exist.
|
|
* Make eos_vlan idempotent.
|
|
* Fix win_iis_website to properly check attributes before setting.
|
|
* Fixed the removal date for ios_config save and force parameters.
|
|
* cloudstack: fix timeout from ini config file being ignored.
|
|
* fixes memory usage issues with many blocks/includes.
|
|
* Fixes maximum recursion depth exceeded with include_role.
|
|
* Fix to win_dns_client module to take ordering of DNS servers to
|
|
resolve into account.
|
|
* Fix for the nxos_banner module where some nxos images nest the
|
|
output inside of an additional dict.
|
|
* Fix failure message "got multiple values for keyword argument
|
|
id" in the azure_rm_securitygroup module (caused by changes to
|
|
the azure python API).
|
|
* Bump Azure storage client minimum to 1.5.0 to fix
|
|
deserialization issues.
|
|
This will break Azure Stack until it receives storage API
|
|
version 2017-10-01 or changes are made to support multiple
|
|
versions.
|
|
* Flush stdin when passing the become password. Fixes some cases
|
|
of timeout on Python 3 with the ssh connection plugin.
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 30 06:58:48 UTC 2017 - tbechtold@suse.com
|
|
|
|
update to version v2.4.2.0:
|
|
* lock azure containerservice to below 2.0.0
|
|
* ovirt_host_networks: Fix label assignment
|
|
* Fix vault --ask-vault-pass with no tty (#31493)
|
|
* cherry-pick changes of azure_rm_common from devel to 2.4 (#32607)
|
|
* Fixes #31090. In network parse_cli filter plugin, this change moves the creation of a (#31092) (#32458)
|
|
* Use an abspath for network inventory ssh key path.
|
|
* Remove toLower on source (#31983)
|
|
* Add k8s_common.py logging fixes to the changelog
|
|
* inserts enable cmd hash with auth_pass used (#32107)
|
|
* Fix exception upon display.warn() (#31876)
|
|
* ios_system: Fix typo in unit test (#32284)
|
|
* yum: use the C locale when screen scraping (#32203)
|
|
* Use region derived from get_aws_connection_info() in dynamodb_table to fix tagging bug (#32557)
|
|
* fix item var in delegation (#32986)
|
|
* Add changelog entry for elb_application_lb fix
|
|
* Add a validate example to blockinfile. (#32088)
|
|
* Correct formatting --arguments (#31808)
|
|
* Add changelog for URI/get_url fix
|
|
* [cloud] Bugfix for aws_s3 empty directory creation (#32198)
|
|
* Fix junos integration test fixes as per connection refactor (#33050) (#33055)
|
|
* Update win_copy for #32677 (#32682)
|
|
* ios_interface testfix (#32381)
|
|
* Add proper check mode support to the script module (#31852)
|
|
* Add galaxy --force fix to changelog
|
|
* Fix non-ascii errors in config manager
|
|
* Add python3 urllib fixes to changelog
|
|
* Add changelog entry for the stdin py3 fix
|
|
* Update version info for the 2.4.2 release
|
|
* Add max_fail_percentage fix to changelog
|
|
* Changelog entry for script inventory plugin fix.
|
|
* Make RPM spec compatible with RHEL 6 (#31653)
|
|
* Add changelog entry for the yum locale fix
|
|
* Use vyos/1.1.8 in CI.
|
|
* Fix patching to epel package
|
|
* Pass proper error value to to_text (#33030)
|
|
* Fix and re-enable zypper* integration tests in CI.
|
|
* avoid chroot paths (#32778)
|
|
* Add changelog entry for inventory nonascii paths fix
|
|
* Fix ios_config integration test failures (#32959) (#32970)
|
|
* Fix ios_config file prompt issue (#32744) (#32780)
|
|
* Mdd module unit test docs (#31373)
|
|
* dont add all group vars to implicit on create
|
|
* Fix nxos_banner removal idempotence issue in N1 images (#31259)
|
|
* Clarify the release and maintenance cycle (#32402)
|
|
* Add ansible_distribution_major_version to macOS (#31708)
|
|
* Docs (#32718)
|
|
* Keep newlines when reading LXC container config file (#32219)
|
|
* Updated changelog for vmware logon error handling
|
|
* New release v2.4.2.0-0.2.beta2
|
|
* added doc notes about vars plugins in precedence
|
|
* revert module_utils/nxos change from #32846 (#32956)
|
|
* [cloud] add boto3 requirement to `cloudformation` module docs (#31135)
|
|
* Fixes #31056 (#31057)
|
|
* - Fix logging module issue where facility is being deleted along with host (#32234)
|
|
* Get the moid in a more failsafe manner (#32671)
|
|
* Integration Tests only: add static route, snmp_user, snapshot and hsrp it cases (#28933)
|
|
* Add the change to when we escape backslashes (for the template lookup plugin) to changelog
|
|
* correctly deal with changed (#31812)
|
|
* Add the template lookup escaping to the 2.4 porting guide (#32760)
|
|
* tests for InventoryModule error conditions (#31381)
|
|
* Disable pylint rules for stable-2.4.
|
|
* fix typo
|
|
* Enable TLS1.1 and TLS1.2 for win_package (#32184)
|
|
* Add remove host fix to changelog
|
|
* ios_interface provider issue testfix (#32335)
|
|
* win_service: quoted path fix (#32469)
|
|
* Add changes to succeeded/failed tests to the 2.4 porting guide (#33201)
|
|
* Run OS X tests in 3 groups in CI.
|
|
* ini inventory: document value parsing workaround
|
|
* Change netconf port in testcase as per test enviornment (#32883) (#32889)
|
|
* fix inventory loading for ansible-doc
|
|
* jsonify inventory (#32990)
|
|
* firewalld: don't reference undefined variable in error case (#31949)
|
|
* change ports to non well known ports and drop time_range for N1 (#31261)
|
|
* make vars only group declarations an error
|
|
* Add changelog for os_floating_ip fix
|
|
* Fix example on comparing master config (#32406)
|
|
* py2/py3 safer shas on hostvars (#31788)
|
|
* ensure we always have a basedir
|
|
* Add missing ansible-test --remote-terminate support. (#32918)
|
|
* Use show command to support wider platform set for nxos_interface module (#33037)
|
|
* ios_logging: change IOS command pipe to section to include (#33100) (#33116)
|
|
* win_find: allow module to skip on files it fails to check (#32105)
|
|
* New release v2.4.2.0-0.4.beta4
|
|
* multiple nxos fixes (#32905)
|
|
* Add changelog entry for git archive fix
|
|
* Add changelog entries for a myriad of 2.4.2 bugfixes
|
|
* iosxr integration testfix (#32344)
|
|
* Fix #31694: running with closed stdin on python 3 (#31695)
|
|
* Add eos_user fix to changelog
|
|
* updated changelog with win_find fix
|
|
* Added urls python3 fix to changelog
|
|
* [cloud] Support changeset_name parameter on CloudFormation stack create (#31436)
|
|
* use configured ansible_shell_executable
|
|
* New release v2.4.2.0-0.3.beta3
|
|
* Fix ec2_lc failing to create multi-volume configurations (#32191)
|
|
* Changelog win_package TLS fix
|
|
* Fix wrong prompt issue for network modules (#32426) (#32442)
|
|
* New release v2.4.2.0-0.1.beta1
|
|
* Exclude stack policy when running in check mode.
|
|
* change inventory_hostname to ansible_host to fix test (#32890) (#32891)
|
|
* Add azure_rm_acs check mode fix
|
|
* Updated changelog for win_copy fix
|
|
* corrected package docs
|
|
* make sure patterns are strings
|
|
* Add more bugfixes to changelog
|
|
* Fix junos netconf port issue in integration test (#32610) (#32668)
|
|
* fixed .loads error for non decoded json in Python 3 (#32065)
|
|
* nxos_config and nxos_facts - fixes for N35 platform. (#32762) (#32875)
|
|
* Add changelog entry for #32219
|
|
* Remove provider from ios integration test (#31037) (#32230)
|
|
* added note about serial behaviour (#32461)
|
|
* Fixes ios_logging unit test (#32240)
|
|
* Avoid AttributeError: internal_network on os_floating_ip (#32887)
|
|
* use to_str instead of json.dumps when serializing k8s object for logging
|
|
* Prefer the stdlib SSLContext over urllib3 context
|
|
* git: fix archive when update is set to no (#31829)
|
|
* Add elb_target_group port fix to the changelog
|
|
* Changelog entry for aws_s3 issue #32144
|
|
* Add error handling for user login (#32613)
|
|
* Move asa provider to suboptions (#32356)
|
|
* fix dci failure nxos (#32877) (#32878)
|
|
* Add inventory jsonification to the changelog
|
|
* eos_eapi: adding the desired state config to the new vrf fixes #32111 (#32112) (#32452)
|
|
* Handle ip name-server lines containing multiple nameservers (#32235) (#32373)
|
|
* Remove provider from prepare_ios_tests integration test (#31038)
|
|
* Add last minute bugfixes and doc updates for rc1
|
|
* Fix snmp bugs on Nexus 3500 platform (#32773) (#32847)
|
|
* validate that existing dest is valid directory
|
|
* Update the release data for 2.4.1 in the changelog
|
|
* add check mode for acs delete (#32063)
|
|
* More fixes added to changelog
|
|
* Add wait_for fix to the changelog
|
|
* removed psobject to hashtables that were missed (#32710)
|
|
* wait_for: treat broken connections as "unready" (#28839)
|
|
* Return all elements in a more robust way
|
|
* fix ios_interface test (#32372)
|
|
* Add missing packages to default docker image.
|
|
* fix nxos_igmp_snooping (#31688)
|
|
* - Fix to return error message back to the module. (#31035)
|
|
* Ensure that readonly result members are serialized (#33170)
|
|
* Keywords docs (#32807)
|
|
* remove hosts from removed when rescuing
|
|
* Add panos_security_rule docs typo fix to changelog
|
|
* Update vyos completion in network.txt.
|
|
* move to use ansible logging
|
|
* ovirt_clusters: Fix fencing and kuma comparision
|
|
* Documentation typo fixes (#32473)
|
|
* [fix] issue #30516 : take care about autoremove in upgrade function
|
|
* Enable ECHO in prompt module (#32083)
|
|
* calculate max fail against all hosts in batch
|
|
* Fix urlparse import for Python3 (#31240)
|
|
* Bunch of changelog updates for cherry-picks
|
|
* restore hostpattern regex/glob behaviour
|
|
* Better handling of malformed vault data envelope (#32515)
|
|
* Updated changelog regarding win_service quoted path fix
|
|
* nxos_interface error handling (#32846)
|
|
* An availability zone will be selected if none is provided. Set az to an empty string if it's None to avoid traceback. (#32216)
|
|
* Use to_native when validating proxy result (#32596)
|
|
* vmware_guest: refactor spec serialization (#32681)
|
|
* Add new default Docker container for ansible-test. (#31944)
|
|
* warn on bad keys in group
|
|
* NXOS: Integration tests to Ansible (part 3) (#29030)
|
|
* Add spec file fix to changelog
|
|
* eos_user testfix (#32264)
|
|
* iam.py: return iam.role dict when creating roles (#28964)
|
|
* Add networking bug fixes to changelog (#32201)
|
|
* [cloud] sns_topic: Fix unreferenced variable
|
|
* Fix service_mgr fact collection (#32086)
|
|
* Fix include_role unit tests (#31920)
|
|
* Updated changelog for win_iis_* modules things
|
|
* handle ignore_errors in loop
|
|
* adjust nohome param when using luser
|
|
* better cleanup on task results display (#27175)
|
|
* Improve python 2/3 ABC fallback for pylint. (#31848)
|
|
* fix html formatting
|
|
* Add ansible_shell_executable fix to changelog
|
|
* Move resource pool login to a separate function and fix undefined var reference (#32674)
|
|
* Update ansible-test sanity command. (#31958)
|
|
* ios_ping test fix (#32342)
|
|
* fix CI failure yaml syntax (#32374)
|
|
* Scan group_vars/host_vars in sorted order
|
|
* luseradd defaults to creating w/o need for -m (#32411)
|
|
* Integration Tests only: nxos_udld, nxos_udld_interface, nxos_vxlan_vtep_vni (#29143) (#32962)
|
|
* Fix: modifying existing application lb using certificates now properly sets certificates (#28217)
|
|
* ios_logging: Fix some smaller issues, add unit test (#32321)
|
|
* Fix nxos_snmp_host bug (#32916) (#32958)
|
|
* ovirt_hosts: Don't fail upgrade when NON_RESPONSIVE state
|
|
* ini plugin should recursively instantiate pending
|
|
* eos_user: sends user secret first on user creation fixes #31680 (#32162)
|
|
* Cast target port to an int in elb_target_group. Fixes #32098 (#32202)
|
|
* New release v2.4.2.0-0.5.rc1
|
|
* remove misleading group vars as they are flat (#32276)
|
|
* Fix typo
|
|
* Avoid default inventory proccessing for pull (#32135)
|
|
* Fix ansible-test default image. (#31966)
|
|
* removed superfluous `type` field from RecordSet constructor (#33167)
|
|
* Update k8s_common.py
|
|
* Add ios_logging fixes to changelog 2.4.2beta2 (#32447)
|
|
* Revert "Removed a force conditional (#28851)" (#32282)
|
|
* Add new documentation on writing unittests to the changelog
|
|
* Fix ansible-test race calling get_coverage_path.
|
|
* New release v2.4.2.0-1
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Oct 27 19:16:56 UTC 2017 - matthias.eliasson@gmail.com
|
|
|
|
- Update to 2.4.1.0:
|
|
* CVE-2017-7550: Prevent jenkins_plugin module from exposing
|
|
passwords in remote host logs (bsc#1065872)
|
|
* Various bug fixes and improvements
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 3 08:24:58 UTC 2017 - jengelh@inai.de
|
|
|
|
- Remove radical wording from descriptions.
|
|
Use improved find syntax.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Sep 23 09:05:01 UTC 2017 - lars@linux-schulserver.de
|
|
|
|
- update to 2.4.0.0 (final)
|
|
Major Changes
|
|
+ Support for Python-2.4 and Python-2.5 on the managed system's side
|
|
was dropped. If you need to manage a system that ships with Python-2.4
|
|
or Python-2.5, you'll need to install Python-2.6 or better on the
|
|
managed system or run Ansible-2.3 until you can upgrade the system.
|
|
+ New import/include keywords to replace the old bare include directives.
|
|
The use of static: {yes|no} on such includes is now deprecated.
|
|
++ Using import_* (import_playbook, import_tasks, import_role) directives are static.
|
|
++ Using include_* (include_tasks, include_role) directives are dynamic.
|
|
This is done to avoid collisions and possible security issues as
|
|
facts come from the remote targets and they might be compromised.
|
|
+ New order play level keyword that allows the user to change the
|
|
order in which Ansible processes hosts when dispatching tasks.
|
|
+ Users can now set group merge priority for groups of the same depth
|
|
(parent child relationship), using the new ansible_group_priority variable,
|
|
when values are the same or don't exist it will fallback to the previous
|
|
sorting by name'.
|
|
+ Inventory has been revamped:
|
|
++ Inventory classes have been split to allow for better
|
|
management and deduplication
|
|
++ Logic that each inventory source duplicated is now common and pushed
|
|
up to reconciliation
|
|
++ VariableManager has been updated for better interaction with inventory
|
|
++ Updated CLI with helper method to initialize base objects for plays
|
|
++ New inventory plugins for creating inventory
|
|
++ Old inventory formats are still supported via plugins
|
|
++ Inline host_list is also an inventory plugin, an example alternative
|
|
advanced_host_list is also provided (it supports ranges)
|
|
++ New configuration option to list enabled plugins and precedence
|
|
order: whitelist_inventory in ansible.cfg
|
|
++ vars_plugins have been reworked, they are now run from Vars manager
|
|
and API has changed (need docs)
|
|
++ Loading group_vars/host_vars is now a vars plugin and can be overridden
|
|
++ It is now possible to specify mulitple inventory sources in the
|
|
command line (-i /etc/hosts1 -i /opt/hosts2)
|
|
++ Inventory plugins can use the cache plugin (i.e. virtualbox) and
|
|
is affected by meta: refresh_inventory
|
|
++ Group variable precedence is now configurable via new 'precedence'
|
|
option in ansible.cfg (needs docs)
|
|
++ Improved warnings and error messages across the board
|
|
+ Configuration has been changed from a hardcoded listing in the
|
|
constants module to dynamically loaded from yaml definitions
|
|
++ Also added an ansible-config CLI to allow for listing config options
|
|
and dumping current config (including origin)
|
|
++ TODO: build upon this to add many features detailed in ansible-config
|
|
proposal https://github.com/ansible/proposals/issues/35
|
|
+ Windows modules now support the use of multiple shared module_utils
|
|
files in the form of Powershell modules (.psm1), via
|
|
#Requires -Module Ansible.ModuleUtils.Whatever.psm1
|
|
+ Python module argument_spec now supports custom validation logic
|
|
by accepting a callable as the type argument.
|
|
+ Windows become_method: runas now works across all authtypes and
|
|
will auto-elevate under UAC if WinRM user has "Act as part of the
|
|
operating system" privilege
|
|
- please refer to /usr/share/doc/packages/ansible/CHANGELOG.md for
|
|
further changes
|
|
- added ansible-inventory and ansible-config binaries and manpages
|
|
- package contrib and examples directories in docdir
|
|
- package all *md files as documentation for now
|
|
- recommend the following new packages for (open)SUSE:
|
|
+ python-httplib2
|
|
+ python-keyczar
|
|
+ python-six
|
|
- enable/fix build for RHEL and Fedora by redefining __python2 and
|
|
adding/enhancing the needed (build)requires if needed
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 8 08:20:55 UTC 2017 - johannes.grassler@suse.com
|
|
|
|
- update to 2.2.3.0 (bsc#1056094)
|
|
* Fixes for CVE-2017-7466 and CVE-2017-7481
|
|
* Various minor bug fixes
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Aug 8 17:06:10 UTC 2017 - michael@stroeder.com
|
|
|
|
- update to 2.3.2.0 (final)
|
|
- replaced hard-coded version by var
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jun 07 20:51:30 UTC 2017 - matthias.eliasson@gmail.com
|
|
|
|
- update to 2.3.1.0 (final)
|
|
- clean up of spec file with spec-cleaner
|
|
|
|
-------------------------------------------------------------------
|
|
Wed May 10 22:35:24 UTC 2017 - lars@linux-schulserver.de
|
|
|
|
- update to 2.3.1 RC1 (package version 2.3.0.1) (bsc#1056094):
|
|
* SECURITY (MODERATE): fix for CVE-2017-7481, in which data for
|
|
lookup plugins used as variables was not being correctly marked
|
|
as "unsafe".
|
|
* SECURITY (MODERATE): fix for CVE-2017-7466, which finally fixes
|
|
an arbitrary command execution vulnerability
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 28 08:30:35 UTC 2017 - michael@stroeder.com
|
|
|
|
- update to 2.3.0.0
|
|
for full list of changes see
|
|
/usr/share/doc/packages/ansible/CHANGELOG.md
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 27 21:26:31 UTC 2017 - michael@stroeder.com
|
|
|
|
- update to 2.2.2.0
|
|
This release fixes a few bugs introduced in the previous version,
|
|
as well as another small tweak to catch an additional way in
|
|
which CVE-2016-9587 could be triggered.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Jan 16 18:11:04 UTC 2017 - michael@stroeder.com
|
|
|
|
- update to 2.2.1.0 (final)
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jan 11 22:46:47 UTC 2017 - boris@steki.net
|
|
|
|
- security update to rc4 of 2.2.1.0 version
|
|
CVE-2016-9587, CVE-2016-8628 and CVE-2016-8614
|
|
for full list of changes see
|
|
/usr/share/doc/packages/ansible/CHANGELOG.md
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 17 18:11:08 UTC 2016 - michael@stroeder.com
|
|
|
|
- update to 2.2.0.0
|
|
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Sep 15 16:20:44 UTC 2016 - michael@stroeder.com
|
|
|
|
- update to 2.1.2.0
|
|
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jun 28 06:25:44 UTC 2016 - michael@stroeder.com
|
|
|
|
- update to 2.1.1.0
|
|
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
|
|
- changed download link to https://releases.ansible.com
|
|
|
|
-------------------------------------------------------------------
|
|
Sun May 29 18:51:07 UTC 2016 - michael@stroeder.com
|
|
|
|
- update to 2.1.0.0
|
|
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
|
|
- on SuSE platforms recommend package python-dnspython for
|
|
DNS lookups in playbooks
|
|
|
|
-------------------------------------------------------------------
|
|
Sat May 7 18:12:52 UTC 2016 - michael@stroeder.com
|
|
|
|
- update to 2.0.2.0:
|
|
* Backport of the 2.1 feature to ensure per-item callbacks are sent as they occur,
|
|
rather than all at once at the end of the task.
|
|
* Fixed bugs related to the iteration of tasks when certain combinations of roles,
|
|
blocks, and includes were used, especially when handling errors in rescue/always
|
|
portions of blocks.
|
|
* Fixed handling of redirects in our helper code, and ported the uri module to use
|
|
this helper code. This removes the httplib dependency for this module while fixing
|
|
some bugs related to redirects and SSL certs.
|
|
* Fixed some bugs related to the incorrect creation of extra temp directories for
|
|
uploading files, which were not cleaned up properly.
|
|
* Improved error reporting in certain situations, to provide more information such as
|
|
the playbook file/line.
|
|
* Fixed a bug related to the variable precedence of role parameters, especially when
|
|
a role may be used both as a dependency of a role and directly by itself within the
|
|
same play.
|
|
* Fixed some bugs in the 2.0 implementation of do/until.
|
|
* Fixed some bugs related to run_once:
|
|
- Ensure that all hosts are marked as failed if a task marked as run_once fails.
|
|
- Show a warning when using the free strategy when a run_once task is encountered, as
|
|
there is no way for the free strategy to guarantee the task is not run more than once.
|
|
* Fixed a bug where the assemble module was not honoring check mode in some situations.
|
|
* Fixed a bug related to delegate_to, where we were incorrectly using variables from
|
|
the inventory host rather than the delegated-to host.
|
|
* The 'package' meta-module now properly squashes items down to a single execution (as the
|
|
apt/yum/other package modules do).
|
|
* Fixed a bug related to the ansible-galaxy CLI command dealing with paged results from
|
|
the Galaxy server.
|
|
* Pipelining support is now available for the local and jail connection plugins, which is
|
|
useful for users who do not wish to have temp files/directories created when running
|
|
tasks with these connection types.
|
|
* Improvements in support for additional shell types.
|
|
* Improvements in the code which is used to calculate checksums for remote files.
|
|
* Some speed ups and bug fixes related to the variable merging code.
|
|
* Workaround bug in python subprocess on El Capitan that was making vault fail
|
|
when attempting to encrypt a file
|
|
* Fix lxc_container module having predictable temp file names and setting file
|
|
permissions on the temporary file too leniently on a temporary file that was
|
|
executed as a script. Addresses CVE-2016-3096
|
|
* Fix a bug in the uri module where setting headers via module params that
|
|
start with HEADER_ were causing a traceback.
|
|
* Fix bug in the free strategy that was causing it to synchronize its workers
|
|
after every task (making it a lot more like linear than it should have been).
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Mar 9 14:37:43 UTC 2016 - lars@linux-schulserver.de
|
|
|
|
- update to 2.0.1.0:
|
|
* Fixes a major compatibility break in the synchronize module shipped
|
|
with 2.0.0.x. That version of synchronize ran sudo on the controller
|
|
prior to running rsync. In 1.9.x and previous, sudo was run on the
|
|
host that rsync connected to. 2.0.1 restores the 1.9.x behaviour.
|
|
* Additionally, several other problems with where synchronize chose
|
|
to run when combined with delegate_to were fixed. In particular, if
|
|
a playbook targetted localhost and then delegated_to a remote host
|
|
the prior behavior (in 1.9.x and 2.0.0.x) was to copy files between
|
|
the src and destination directories on the delegated host. This has
|
|
now been fixed to copy between localhost and the delegated host.
|
|
* Fix a regression where synchronize was unable to deal with unicode paths.
|
|
* Fix a regression where synchronize deals with inventory hosts that
|
|
use localhost but with an alternate port.
|
|
* Fixes a regression where the retry files feature was not implemented.
|
|
* Fixes a regression where the any_errors_fatal option was implemented
|
|
in 2.0 incorrectly, and also adds a feature where any_errors_fatal
|
|
can be set at the block level.
|
|
* Fix tracebacks when playbooks or ansible itself were located in
|
|
directories with unicode characters.
|
|
* Fix bug when sending unicode characters to an external pager
|
|
for display.
|
|
* Fix a bug with squashing loops for special modules (mostly package
|
|
managers). The optimization was squashing when the loop did not
|
|
apply to the selection of packages. This has now been fixed.
|
|
* Temp files created when using vault are now "shredded" using the
|
|
unix shred program which overwrites the file with random data.
|
|
* Some fixes to cloudstack modules for case sensitivity
|
|
* Fix non-newstyle modules (non-python modules and old-style modules)
|
|
to disabled pipelining.
|
|
* Fix fetch module failing even if fail_on_missing is set to False
|
|
* Fix for cornercase when local connections, sudo, and raw were
|
|
used together.
|
|
* Fix dnf module to remove dependent packages when state=absent is
|
|
specified. This was a feature of the 1.9.x version that was left
|
|
out by mistake when the module was rewritten for 2.0.
|
|
* Fix bugs with non-english locales in yum, git, and apt modules
|
|
* Fix a bug with the dnf module where state=latest could only
|
|
upgrade, not install.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 15 13:23:26 UTC 2016 - eshmarnev@suse.com
|
|
|
|
- fix_zypper_errorhandling.patch is being deleted
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 11 10:44:40 UTC 2016 - erwin.vandevelde@gmail.com
|
|
|
|
- update to 2.0.0.2
|
|
Version 2.0 is a new major version with a lot of changes, among which:
|
|
+ New modules for cloud-based services and many more
|
|
+ The new block/rescue/always directives allow for making task blocks and exception-like semantics
|
|
+ Many API changes
|
|
- more info at:
|
|
https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#20-over-the-hills-and-far-away
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Oct 11 16:11:02 UTC 2015 - lars@linux-schulserver.de
|
|
|
|
- build again on SLE-11-SP4 by ignoring some dependencies that are
|
|
not available in the official OBS repository: python-paramiko,
|
|
python-Jinja2, python-PyYAML, python-pycrypto
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Oct 10 12:10:59 UTC 2015 - lars@linux-schulserver.de
|
|
|
|
- update to 1.9.4
|
|
This release addresses several bugs, most notably those related to
|
|
the yum module (introduced in 1.9.3):
|
|
+ Fixes a bug where yum state=latest would error if there were no
|
|
updates to install.
|
|
+ Fixes a bug where yum state=latest did not work with wildcard
|
|
package names.
|
|
+ Fixes a bug in lineinfile relating to escape sequences.
|
|
+ Fixes a bug where vars_prompt was not keeping passwords private
|
|
by default.
|
|
+ Fix ansible-galaxy and the hipchat callback plugin to check that
|
|
the host it is contacting matches its TLS Certificate.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Sep 26 14:01:30 UTC 2015 - m0ses@samaxi.de
|
|
|
|
- Added fix_zypper_errorhandling.patch as it`s have not been accepted
|
|
upstream, in lack of an reviewer. See patch for more comments
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Sep 11 16:10:12 UTC 2015 - robin.roth@kit.edu
|
|
|
|
- update to 1.9.3:
|
|
- Fixes a bug related to keyczar messing up encodings internally, resulting in decrypted
|
|
messages coming out as empty strings.
|
|
- AES Keys generated for use in accelerated mode are now 256-bit by default instead of 128.
|
|
- Fix url fetching for SNI with python-2.7.9 or greater. SNI does not work
|
|
with python < 2.7.9. The best workaround is probably to use the command
|
|
module with curl or wget.
|
|
- Fix url fetching to allow tls-1.1 and tls-1.2 if the system's openssl library
|
|
supports those protocols
|
|
- Fix ec2_ami_search module to check TLS Certificates
|
|
- Fix the following extras modules to check TLS Certificates:
|
|
- campfire
|
|
- layman
|
|
- librarto_annotate
|
|
- twilio
|
|
- typetalk
|
|
- Fix docker module's parsing of docker-py version for dev checkouts
|
|
- Fix docker module to work with docker server api 1.19
|
|
- Change yum module's state=latest feature to update all packages specified in
|
|
a single transaction. This is the same type of fix as was made for yum's
|
|
state=installed in 1.9.2 and both solves the same problems and with the same caveats.
|
|
- Fixed a bug where stdout from a module might be blank when there were were non-printable
|
|
ASCII characters contained within it
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Jul 15 09:17:54 UTC 2015 - lars@linux-schulserver.de
|
|
|
|
- update to 1.9.2:
|
|
- Security fixes to check that hostnames match certificates with
|
|
https urls (CVE-2015-3908; bnc #938161):
|
|
+ get_url and uri modules
|
|
+ url and etcd lookup plugins
|
|
- Security fixes to the zone (Solaris containers), jail (bsd
|
|
containers), and chroot connection plugins. These plugins can be
|
|
used to connect to their respective container types in leiu of the
|
|
standard ssh connection. Prior to this fix being applied these
|
|
connection plugins didn't properly handle symlinks within the containers
|
|
which could lead to files intended to be written to or read from the
|
|
container being written to or read from the host system instead. (CVE
|
|
pending)
|
|
- Fixed a bug in the service module where init scripts were being
|
|
incorrectly used instead of upstart/systemd.
|
|
- Fixed a bug where sudo/su settings were not inherited from
|
|
ansible.cfg correctly.
|
|
- Fixed a bug in the rds module where a traceback may occur due to an
|
|
unbound variable.
|
|
- Fixed a bug where certain remote file systems where the SELinux
|
|
context was not being properly set.
|
|
- Re-enabled several windows modules which had been partially merged
|
|
(via action plugins):
|
|
+ win_copy.ps1
|
|
+ win_copy.py
|
|
+ win_file.ps1
|
|
+ win_file.py
|
|
+ win_template.py
|
|
- Fix bug using with_sequence and a count that is zero. Also allows
|
|
counting backwards isntead of forwards
|
|
- Fix get_url module bug preventing use of custom ports with https
|
|
urls
|
|
- Fix bug disabling repositories in the yum module.
|
|
- Fix giving yum module a url to install a package from on
|
|
RHEL/CENTOS5
|
|
- Fix bug in dnf module preventing it from working when yum-utils was
|
|
not already installed
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Apr 28 19:03:01 UTC 2015 - boris@steki.net
|
|
|
|
- updated to version 1.9.1
|
|
* Fixed a bug related to Kerberos auth when using winrm with a domain account.
|
|
* Fixing several bugs in the s3 module.
|
|
* Fixed a bug with upstart service detection in the service module.
|
|
* Fixed several bugs with the user module when used on OSX.
|
|
* Fixed unicode handling in some module situations (assert and shell/command execution).
|
|
* Fixed a bug in redhat_subscription when using the activationkey parameter.
|
|
* Fixed a traceback in the gce module on EL6 distros when multiple pycrypto installations are available.
|
|
* Added support for PostgreSQL 9.4 in rds_param_group
|
|
* Several other minor fixes.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Mar 30 22:45:57 UTC 2015 - boris@steki.net
|
|
|
|
- updated to version 1.9.0.1
|
|
* Added kerberos support to winrm connection plugin.
|
|
* Tags rehaul: added 'all', 'always', 'untagged' and 'tagged' special
|
|
tags and normalized tag resolution. Added tag information to
|
|
--list-tasks and new --list-tags option.
|
|
* Privilege Escalation generalization, new 'Become' system and variables
|
|
now will handle existing and new methods. Sudo and su have been kept
|
|
for backwards compatibility. New methods pbrun and pfexec in 'alpha'
|
|
state, planned adding 'runas' for winrm connection plugin.
|
|
* Improved ssh connection error reporting, now you get back the specific
|
|
message from ssh.
|
|
* Added facility to document task module return values for registered
|
|
vars, both for ansible-doc and the docsite. Documented copy, stats and
|
|
acl modules, the rest must be updated individually (we will start doing
|
|
so incrementally).
|
|
* Optimize the plugin loader to cache available plugins much more
|
|
efficiently. For some use cases this can lead to dramatic improvements
|
|
in startup time.
|
|
* Overhaul of the checksum system, now supports more systems and more
|
|
cases more reliably and uniformly.
|
|
* Fix skipped tasks to not display their parameters if no_log is specified.
|
|
* Many fixes to unicode support, standarized functions to make it easier
|
|
to add to input/output boundries.
|
|
* Added travis integration to github for basic tests, this should speed
|
|
up ticket triage and merging.
|
|
* environment: directive now can also be applied to play and is
|
|
inhertited by tasks, which can still override it.
|
|
* expanded facts and OS/distribution support for existing facts and
|
|
improved performance with pypy.
|
|
* new 'wantlist' option to lookups allows for selecting a list typed
|
|
variable vs a command delimited string as the return.
|
|
* the shared module code for file backups now uses a timestamp resolution
|
|
of seconds (previouslly minutes).
|
|
* allow for empty inventories, this is now a warning and not an error
|
|
(for those using localhost and cloud modules).
|
|
* sped up YAML parsing in ansible by up to 25% by switching to CParser loader.
|
|
- more info at:
|
|
https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#19-dancing-in-the-street---mar-25-2015
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Feb 23 11:46:55 UTC 2015 - boris@steki.net
|
|
|
|
- updated to version 1.8.4 from 1.8.2
|
|
* Fixed regressions in ec2 and mount modules, introduced in 1.8.3
|
|
* Fixing a security bug related to the default permissions set on a
|
|
tempoary file created when using "ansible-vault view ".
|
|
* Many bug fixes, for both core code and core modules.
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Dec 5 15:11:43 UTC 2014 - boris@steki.net
|
|
|
|
- updated to version 1.8.2 from 1.8.1
|
|
* Windows modules should now be packaged correctly.
|
|
* A bug regarding wildcard grant strings in the mysql_user module has been fixed.
|
|
* Several other bugs regarding the postgresql modules have also been fixed.
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 1 18:28:18 UTC 2014 - boris@steki.net
|
|
|
|
- enable build for older RHEL and SLE distributions
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 27 11:17:53 UTC 2014 - boris@steki.net
|
|
|
|
- updated package to latest release ## 1.8.1 "You Really Got Me"
|
|
* Various bug fixes in postgresql and mysql modules.
|
|
* Fixed a bug related to lookup plugins used within roles not
|
|
finding files based on the relative paths to the roles files/ directory.
|
|
* Fixed a bug related to vars specified in plays being templated too early,
|
|
resulting in incorrect variable interpolation.
|
|
* Fixed a bug related to git submodules in bare repos.
|
|
* fact caching support, pluggable, initially supports Redis (DOCS pending)
|
|
* 'serial' size in a rolling update can be specified as a percentage
|
|
* added new Jinja2 filters, 'min' and 'max' that take lists
|
|
* new 'ansible_version' variable available contains a dictionary of version info
|
|
* For ec2 dynamic inventory, ec2.ini can has various new configuration options
|
|
* 'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
|
|
* no_log parameter now surpressess data from callbacks/output as well as syslog
|
|
* ansible-galaxy install -f requirements.yml allows advanced options and installs
|
|
from non-galaxy SCM sources and tarballs.
|
|
* command_warnings feature will warn about when usage of the shell/command module
|
|
can be simplified to use core modules - this can be enabled in ansible.cfg
|
|
* new omit value can be used to leave off a parameter when not set, like so
|
|
module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even
|
|
an empty value) if c was not set.
|
|
* developers: 'baby JSON' in module responses, originally intended for writing modules
|
|
in bash, is removed as a feature to simplify logic, script module remains available
|
|
for running bash scripts.
|
|
* async jobs started in "fire & forget" mode can now be checked on at a later time.
|
|
* added ability to subcategorize modules for docs.ansible.com
|
|
* added ability for shipped modules to have aliases with symlinks
|
|
* added ability to deprecate older modules by starting with "_" and
|
|
including "deprecated: message why" in module docs
|
|
|
|
+ New Modules:
|
|
* cloud: rax_cdb - manages Rackspace Cloud Database instances
|
|
* cloud: rax_cdb_database - manages Rackspace Cloud Databases
|
|
* cloud: rax_cdb_user - manages Rackspace Cloud Database users
|
|
* monitoring: zabbix_maintaince - handles outage windows with Zabbix
|
|
* monitoring: bigpanda - support for bigpanda
|
|
* net_infrastructure: a10_server - manages server objects on A10 devices
|
|
* net_infrastructure: a10_service_group - manages service group objects on A10 devices
|
|
* net_infrastructure: a10_virtual_server - manages virtual server objects on A10 devices
|
|
* system: getent - read getent databases
|
|
|
|
+ Some other notable changes:
|
|
* added the ability to set "instance filters" in the ec2.ini to limit results
|
|
from the inventory plugin.
|
|
* upgrades for various variable precedence items and parsing related items
|
|
* added a new "follow" parameter to the file and copy modules, which allows
|
|
actions to be taken on the target of a symlink rather than the symlink itself.
|
|
* if a module should ever traceback, it will return a standard error, catchable
|
|
by ignore_errors, versus an 'unreachable'
|
|
* ec2_lc: added support for multiple new parameters like kernel_id, ramdisk_id and ebs_optimized.
|
|
* ec2_elb_lb: added support for the connection_draining_timeout and cross_az_load_balancing options.
|
|
* support for symbolic representations (ie. u+rw) for file permission modes (file/copy/template modules etc.).
|
|
* docker: Added support for specifying the net type of the container.
|
|
* docker: support for specifying read-only volumes.
|
|
* docker: support for specifying the API version to use for the remote connection.
|
|
* openstack modules: various improvements
|
|
* irc: ssl support for the notification module
|
|
* npm: fix flags passed to package installation
|
|
* windows: improved error handling
|
|
* setup: additional facts on System Z
|
|
* apt_repository: certificate validation can be disabled if requested
|
|
* pagerduty module: misc improvements
|
|
* ec2_lc: public_ip boolean configurable in launch configurations
|
|
* ec2_asg: fixes related to proper termination of an autoscaling group
|
|
* win_setup: total memory fact correction
|
|
* ec2_vol: ability to list existing volumes
|
|
* ec2: can set optimized flag
|
|
* various parser improvements
|
|
* produce a friendly error message if the SSH key is too permissive
|
|
* ec2_ami_search: support for SSD and IOPS provisioned EBS images
|
|
* can set ansible_sudo_exe as an inventory variable which allows specifying
|
|
a different sudo (or equivalent) command
|
|
* git module: Submodule handling has changed. Previously if you used the
|
|
"recursive" parameter to handle submodules, ansible would track the
|
|
submodule upstream's head revision. This has been changed to checkout the
|
|
version of the submodule specified in the superproject's git repository.
|
|
This is inline with what git submodule update does. If you want the old
|
|
behaviour use the new module parameter track_submodules=yes
|
|
* Checksumming of transferred files has been made more portable and now uses
|
|
the sha1 algorithm instead of md5 to be compatible with FIPS-140.
|
|
+ As a small side effect, the fetch module no longer returns a useful value
|
|
in remote_md5. If you need a replacement, switch to using remote_checksum
|
|
which returns the sha1sum of the remote file.
|
|
* ansible-doc CLI tool contains various improvements for working with different terminals
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Oct 27 09:16:52 UTC 2014 - kgronlund@suse.com
|
|
- update to 1.7.2:
|
|
- Fixes a bug in accelerate mode which caused a traceback when trying to use that connection method.
|
|
- Fixes a bug in vault where the password file option was not being used correctly internally.
|
|
- Improved multi-line parsing when using YAML literal blocks (using > or |).
|
|
- Fixed a bug with the file module and the creation of relative symlinks.
|
|
- Fixed a bug where checkmode was not being honored during the templating of files.
|
|
- Other various bug fixes.
|
|
- Switch to xz for source package
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Sep 10 12:55:35 UTC 2014 - boris@steki.net
|
|
|
|
- add python-pywinrm to requirements to enable windows hosts automation
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Aug 17 15:21:38 UTC 2014 - lars@linux-schulserver.de
|
|
|
|
- update to 1.7.1:
|
|
Major new features:
|
|
+ Windows support (alpha) using native PowerShell remoting
|
|
+ Tasks can now specify run_once: true, meaning they will be executed
|
|
exactly once. This can be combined with delegate_to to trigger actions
|
|
you want done just the one time versus for every host in inventory.
|
|
|
|
New Modules:
|
|
+ cloud: azure
|
|
+ cloud: rax_meta
|
|
+ cloud: rax_scaling_group
|
|
+ cloud: rax_scaling_policy
|
|
+ windows: version of setup module
|
|
+ windows: version of slurp module
|
|
+ windows: win_feature
|
|
+ windows: win_get_url
|
|
+ windows: win_msi
|
|
+ windows: win_ping
|
|
+ windows: win_user
|
|
+ windows: win_service
|
|
+ windows: win_group
|
|
|
|
New inventory scripts:
|
|
+ SoftLayer
|
|
+ Windows Azure
|
|
|
|
Docker module bug fixes:
|
|
+ Fixed support for specifying rw/ro bind modes for volumes
|
|
+ Fixed support for allowing the tag in the image parameter
|
|
|
|
Other notable changes:
|
|
+ Performance enhancements related to previous security fixes, which
|
|
could cause slowness when modules returned very large JSON results.
|
|
This specifically impacted the unarchive module frequently, which
|
|
returns the details of all unarchived files in the result.
|
|
+ Inventory speed improvements for very large inventories.
|
|
+ Vault password files can now be executable, to support scripts
|
|
that fetch the vault password.
|
|
+ Fixes an issue with the copy module when copying a directory that
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Aug 15 15:25:04 UTC 2014 - boris@steki.net
|
|
|
|
- updated to upstream version 1.7.1
|
|
* Security fix to disallow specifying 'args:' as a string,
|
|
which could allow the insertion of extra module parameters through variables.
|
|
* Performance enhancements related to previous security fixes,
|
|
which could cause slowness when modules returned very large JSON results.
|
|
This specifically impacted the unarchive module frequently, which returns
|
|
the details of all unarchived files in the result.
|
|
* Docker module bug fixes:
|
|
+ Fixed support for specifying rw/ro bind modes for volumes
|
|
+ Fixed support for allowing the tag in the image parameter
|
|
* Major new features:
|
|
+ Windows support (alpha) using native PowerShell remoting
|
|
+ Tasks can now specify `run_once: true`, meaning they will
|
|
be executed exactly once. This can be combined with delegate_to
|
|
to trigger actions you want done just the one time versus for
|
|
every host in inventory.
|
|
* Inventory speed improvements for very large inventories.
|
|
* Vault password files can now be executable, to support
|
|
scripts that fetch the vault password.
|
|
|
|
* Fixes an issue with the copy module when copying a directory that
|
|
fails when changing file attributes and the target file already exists
|
|
+ Improved unicode handling when splitting args
|
|
|
|
+ Further improvements to module parameter parsing to address
|
|
additional regressions caused by security fixes
|
|
+ Corrects a regression in the way shell and command parameters
|
|
were being parsed
|
|
+ Various other bug fixes
|
|
|
|
Security fixes:
|
|
+ Security fix to disallow specifying 'args:' as a string, which could
|
|
allow the insertion of extra module parameters through variables.
|
|
+ Strip lookup calls out of inventory variables and clean unsafe
|
|
data returned from lookup plugins (CVE-2014-4966)
|
|
+ Make sure vars don't insert extra parameters into module args and
|
|
prevent duplicate params from superseding previous params (CVE-2014-4967)
|
|
- adapt specfile requirements for RedHat and Fedora
|
|
|
|
- fixed zypper and zypper_repository modules to support SLE 10
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jul 10 12:53:16 UTC 2014 - lars@linux-schulserver.de
|
|
|
|
- update to 1.6.6:
|
|
* Security updates to further protect against the incorrect
|
|
execution of untrusted data
|
|
* Additional tweaks to prevent the incorrect execution of
|
|
untrusted data
|
|
* Security update to prevent local operations from executing as
|
|
the result of specifically crafted untrusted data
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Jun 19 07:28:24 UTC 2014 - lars@linux-schulserver.de
|
|
|
|
- update to 1.6.3:
|
|
* The deprecated legacy variable templating system has been
|
|
finally removed. Use {{ foo }} always not $foo or ${foo}.
|
|
* Any data file can also be JSON. Use sparingly -- with great power
|
|
comes great responsibility. Starting file with "{" or "[" denotes JSON.
|
|
* Added 'gathering' param for ansible.cfg to change the default
|
|
gather_facts policy.
|
|
* Accelerate improvements:
|
|
+ multiple users can connect with different keys, when
|
|
accelerate_multi_key = yes is specified in the ansible.cfg.
|
|
+ daemon lifetime is now based on the time from the last activity,
|
|
not the time from the daemon's launch.
|
|
* ansible-playbook now accepts --force-handlers to run handlers
|
|
even if tasks result in failures.
|
|
* Added VMWare support with the vsphere_guest module.
|
|
* many new modules and ther notable changes, please read
|
|
/usr/share/doc/packages/ansible/CHANGELOG.md for details
|
|
- use new upstream URL(s)
|
|
- require python-httplib2 and python-setuptools
|
|
- ignore "wrong" permissions of synchronize.py
|
|
- ignore rpmlint warning about requiring python-httplib2 explicitely
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Mar 20 23:24:56 UTC 2014 - lars@linux-schulserver.de
|
|
|
|
- update to 1.5.3:
|
|
* Fixes to the git module related to host key checking
|
|
* Force command action to not be executed by the shell unless
|
|
specifically enabled.
|
|
* Validate SSL certs accessed through urllib*.
|
|
* Implement new default cipher class AES256 in ansible-vault.
|
|
* Misc bug fixes.
|
|
|
|
-------------------------------------------------------------------
|
|
Sat Mar 8 11:08:25 UTC 2014 - lars@linux-schulserver.de
|
|
|
|
- update to 1.5:
|
|
Major features/changes:
|
|
* when_foo which was previously deprecated is now removed, use
|
|
"when:" instead. Code generates appropriate error suggestion.
|
|
* include + with_items which was previously deprecated is now
|
|
removed, ditto. Use with_nested / with_together, etc.
|
|
* only_if, which is much older than when_foo and was deprecated,
|
|
is similarly removed.
|
|
* ssh connection plugin is now more efficient if you add
|
|
'pipelining=True' in ansible.cfg under [ssh_connection],
|
|
see example.cfg
|
|
* localhost/127.0.0.1 is not required to be in inventory if
|
|
referenced, if not in inventory, it does not implicitly appear
|
|
in the 'all' group.
|
|
* git module has new parameters (accept_hostkey, key_file, ssh_opts)
|
|
to ease the usage of git and ssh protocols.
|
|
* when using accelerate mode, the daemon will now be restarted
|
|
when specifying a different remote_user between plays.
|
|
* added no_log: option for tasks. When used, no logging information
|
|
will be sent to syslog during the module execution.
|
|
* acl module now handles 'default' and allows for either shorthand
|
|
entry or specific fields per entry section
|
|
* play_hosts is a new magic variable to provide a list of hosts
|
|
in scope for the current play.
|
|
* ec2 module now accepts 'exact_count' and 'count_tag' as a way to
|
|
enforce a running number of nodes by tags.
|
|
* all ec2 modules that work with Eucalyptus also now support a
|
|
'validate_certs' option, which can be set to 'off' for installations
|
|
using self-signed certs.
|
|
* Start of new integration test infrastructure (WIP)
|
|
* if repoquery is unavailble, the yum module will automatically
|
|
attempt to install yum-utils
|
|
* ansible-vault: a framework for encrypting your playbooks
|
|
and variable files
|
|
|
|
Other notable changes (many new module params & bugfixes may not not listed):
|
|
* no_reboot is now defaulted to "no" in the ec2_ami module to ensure
|
|
filesystem consistency in the resulting AMI.
|
|
* sysctl module overhauled
|
|
* authorized_key module overhauled
|
|
* synchronized module now handles local transport better
|
|
* apt_key module now ignores case on keys
|
|
* zypper_repository now skips on check mode
|
|
* file module now responds to force behavior when dealing with hardlinks
|
|
* new lookup plugin 'csvfile'
|
|
* fixes to allow hash_merge behavior to work with dynamic inventory
|
|
* mysql module will use port argument on dump/import
|
|
* subversion module now ignores locale to better intercept status messages
|
|
* rax api_key argument is no longer logged
|
|
* backwards/forwards compatibility for OpenStack modules, 'quantum'
|
|
modules grok neutron renaming
|
|
* hosts properly uniqueified if appearing in redundant groups
|
|
* hostname module support added for ScientificLinux
|
|
* ansible-pull can now show live stdout and pass verbosity levels
|
|
to ansible-playbook
|
|
* ec2 instances can now be stopped or started
|
|
* additional volumes can be created when creating new ec2 instances
|
|
* user module can move a home directory
|
|
* significant enhancement and cleanup of rackspace modules
|
|
* ansible_ssh_private_key_file can be templated
|
|
* docker module updated to support docker-py 0.3.0
|
|
* various other bug fixes
|
|
* md5 logic improved during sudo operation
|
|
* support for ed25519 keys in authorized_key module
|
|
* ability to set directory permissions during a recursive copy
|
|
(directory_mode parameter)
|
|
* update docker module, support for using docker python
|
|
library 0.3.0
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 27 17:39:07 UTC 2014 - lars@linux-schulserver.de
|
|
|
|
- update to 1.4.5:
|
|
+ fixed issue with permissions being incorrect on
|
|
fireball/accelerate keys when the umask setting was too loose.
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jan 19 03:12:17 UTC 2014 - lars@linux-schulserver.de
|
|
|
|
- update to 1.4.4:
|
|
+ Fixed issue with newer versions of pip not having --use-mirrors
|
|
+ Fixed role_path parsing from ansible.cfg
|
|
+ Fixed default role templates
|
|
+ Fixed a few bugs related to unicode
|
|
+ Fixed errors in the ssh connection method with large data returns
|
|
+ Miscellaneous fixes for a few modules
|
|
+ Add the ansible-galaxy command
|
|
|
|
-------------------------------------------------------------------
|
|
Mon Dec 16 21:28:31 UTC 2013 - lars@linux-schulserver.de
|
|
|
|
- update to 1.4.1:
|
|
* Misc fix updates
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 28 13:54:02 UTC 2013 - kgronlund@suse.com
|
|
|
|
- Update to release 1.4
|
|
|
|
- Highlighted new features:
|
|
|
|
+ Added do-until feature, which can be used to retry a failed task a
|
|
specified number of times with a delay in-between the retries.
|
|
+ Added failed_when option for tasks, which can be used to specify
|
|
logical statements that make it easier to determine when a task has
|
|
failed, or to make it easier to ignore certain non-zero return
|
|
codes for some commands.
|
|
+ Added the "subelement" lookup plugin, which allows iteration of the
|
|
keys of a dictionary or items in a list.
|
|
+ Added the capability to use either paramiko or ssh for the inital
|
|
setup connection of an accelerated playbook.
|
|
+ Automatically provide advice on common parser errors users
|
|
encounter.
|
|
+ Deprecation warnings are now shown for legacy features:
|
|
when_integer/etc, only_if, include+with_items, etc. Can be disabled
|
|
in ansible.cfg
|
|
+ The system will now provide helpful tips around possible YAML
|
|
syntax errors increasing ease of use for new users.
|
|
+ warnings are now shown for using {{ foo }} in loops and
|
|
conditionals, and suggest leaving the variable expressions bare as
|
|
per docs.
|
|
+ The roles search path is now configurable in
|
|
ansible.cfg. 'roles_path' in the config setting.
|
|
+ Includes with parameters can now be done like roles for
|
|
consistency: - { include: song.yml, year:1984, song:'jump' }
|
|
+ The name of each role is now shown before each task if roles are
|
|
being used
|
|
+ Adds a "var=" option to the debug module for debugging variable
|
|
data. "debug: var=hostvars['hostname']" and "debug: var=foo" are
|
|
all valid syntax.
|
|
+ Variables in {{ format }} can be used as references even if they
|
|
are structured data
|
|
+ Can force binding of accelerate to ipv6 ports.
|
|
+ the apt module will auto-install python-apt if not present rather
|
|
than requiring a manual installation
|
|
+ the copy module is now recursive if the local 'src' parameter is a
|
|
directory.
|
|
+ syntax checks now scan included task and variable files as well as
|
|
main files
|
|
|
|
- New modules and plugins:
|
|
|
|
+ cloud: ec2_eip -- manage AWS elastic IPs
|
|
+ cloud: ec2_vpc -- manage ec2 virtual private clouds
|
|
+ cloud: elasticcache -- Manages clusters in Amazon Elasticache
|
|
+ cloud: rax_network -- sets up Rackspace networks
|
|
+ cloud: rax_facts: retrieve facts about a Rackspace Cloud Server
|
|
+ cloud: rax_clb_nodes -- manage Rackspace cloud load balanced nodes
|
|
+ cloud: rax_clb -- manages Rackspace cloud load balancers
|
|
+ cloud: docker - instantiates/removes/manages docker containers
|
|
+ cloud: ovirt -- VM lifecycle controls for ovirt
|
|
+ files: acl -- set or get acls on a file
|
|
+ files: unarchive: pushes and extracts tarballs
|
|
+ files: synchronize: a useful wraper around rsyncing trees of files
|
|
+ system: firewalld -- manage the firewalld configuration
|
|
+ system: modprobe -- manage kernel modules on systems that support
|
|
modprobe/rmmod
|
|
+ system: open_iscsi -- manage targets on an initiator using
|
|
open-iscsi
|
|
+ system: blacklist: add or remove modules from the kernel blacklist
|
|
+ system: hostname - sets the systems hostname
|
|
+ utilities: include_vars -- dynamically load variables based on
|
|
conditions.
|
|
+ packaging: zypper_repository - adds or removes Zypper repositories
|
|
+ packaging: urpmi - work with urpmi packages
|
|
+ packaging: swdepot - a module for working with swdepot
|
|
+ notification: grove - notifies to Grove hosted IRC channels
|
|
+ web_infrastructure: ejabberd_user: add and remove users to ejabberd
|
|
+ web_infrastructure: jboss: deploys or undeploys apps to jboss
|
|
+ source_control: github_hooks: manages GitHub service hooks
|
|
+ net_infrastructure: bigip_monitor_http: manages F5 BIG-IP LTM http
|
|
monitors
|
|
+ net_infrastructure: bigip_monitor_tcp: manages F5 BIG-IP LTM TCP
|
|
monitors
|
|
+ net_infrastructure: bigip_pool_member: manages F5 BIG-IP LTM pool
|
|
members
|
|
+ net_infrastructure: bigip_node: manages F5 BIG-IP LTM nodes
|
|
+ net_infrastructure: openvswitch_port
|
|
+ net_infrastructure: openvswitch_bridge
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 1 15:09:48 UTC 2013 - kgronlund@suse.com
|
|
|
|
- Updated .spec file:
|
|
|
|
+ Remove deprecated fireball and node-fireball packages
|
|
+ Add dependency on python-keyczar
|
|
+ Add recommends for sshpass
|
|
+ Fix support for RHEL
|
|
+ Correct upstream URL
|
|
+ Use upstream release package for 1.3.4
|
|
+ Re-add CHANGELOG.md
|
|
+ Re-added man3 man pages
|
|
+ Updated short description to match upstream description
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Oct 31 17:26:44 UTC 2013 - lars@linux-schulserver.de
|
|
|
|
- update to 1.3.4:
|
|
Highlighted new features:
|
|
+ accelerated mode: An enhanced fireball mode that requires zero
|
|
bootstrapping and fewer requirements plus adds capabilities
|
|
like sudo commands.
|
|
+ role defaults: Allows roles to define a set of variables at the
|
|
lowest priority. These variables can be overridden by any
|
|
other variable.
|
|
+ new /etc/ansible/facts.d allows JSON or INI-style facts to be
|
|
provided from the remote node, and supports executable fact
|
|
programs in this dir. Files must end in *.fact.
|
|
+ added the ability to make undefined template variables raise
|
|
errors (see ansible.cfg)
|
|
+ (DOCS PENDING) sudo: True/False and sudo_user: True/False can be
|
|
set at include and role level
|
|
+ added changed_when: (expression) which allows overriding whether
|
|
a result is changed or not and can work with registered expressions
|
|
+ --extra-vars can now take a file as input, e.g., "-e @filename"
|
|
and can also be formatted as YAML
|
|
+ external inventory scripts may now return host variables in one
|
|
pass, which allows them to be much more efficient for large
|
|
numbers of hosts
|
|
+ if --forks exceeds the numbers of hosts, it will be automatically
|
|
reduced. Set forks to 0 and you get "as many forks as I have
|
|
hosts" out of the box.
|
|
+ enabled error_on_undefined_vars by default, which will make
|
|
errors in playbooks more obvious
|
|
+ role dependencies -- one role can now pull in another, with
|
|
parameters of its own.
|
|
+ added the ability to have tasks execute even during a check
|
|
run (always_run).
|
|
+ added the ability to set the maximum failure percentage for a
|
|
group of hosts.
|
|
...and a lot more information can be found at
|
|
/usr/share/doc/packages/ansible/CHANGELOG.md
|
|
- removed man3 man pages
|
|
- removed separate CHANGELOG.md source - now in upstream tarball
|
|
|
|
-------------------------------------------------------------------
|
|
Sun Jun 30 20:05:47 UTC 2013 - lars@linux-schulserver.de
|
|
|
|
- update to 1.2:
|
|
+ new feature: roles
|
|
+ massively improved variable support and conditionals
|
|
+ Pre and Post tasks provide greater controls to make rolling
|
|
updates even smoother
|
|
+ added 32 new modules:
|
|
++ including a openSUSE package management module
|
|
++ added team chat notification modules for Flowdock, Hipchat,
|
|
Campfire, IRC, and more
|
|
++ added monitoring modules to interact with New Relic, Airbrake,
|
|
Pingdom, Pagerduty and Monit
|
|
- added CHANGELOG.md to /usr/share/doc/packages/ansible/ to have
|
|
the complete changelog at hand
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 25 08:01:24 UTC 2013 - lars@linux-schulserver.de
|
|
|
|
- require python-pyzmq on (open)SUSE
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Apr 18 07:42:43 UTC 2013 - lars@linux-schulserver.de
|
|
|
|
- fix build on other distributions than openSUSE
|
|
- License in SPDX format
|
|
- added rpmlintrc
|
|
|
|
-------------------------------------------------------------------
|
|
Wed Apr 17 11:04:04 UTC 2013 - lars@linux-schulserver.de
|
|
|
|
- update to 1.1:
|
|
+ stderr shown when commands fail to parse
|
|
+ uses yaml.safe_dump in filter plugins
|
|
+ authentication Q&A no longer happens before --syntax-check, but after
|
|
+ ability to get hostvars data for nodes not in the setup cache yet
|
|
+ SSH timeout now correctly passed to native SSH connection plugin
|
|
+ raise an error when multiple when_ statements are provided
|
|
+ --list-hosts applies host limit selections better
|
|
+ (internals) template engine specifications to use template_ds everywhere
|
|
+ better error message when your host file can not be found
|
|
+ end of line comments now work in the inventory file
|
|
+ directory destinations now work better with remote md5 code
|
|
+ lookup plugin macros like $FILE and $ENV now work without
|
|
returning arrays in variable definitions/playbooks
|
|
+ uses yaml.safe_load everywhere
|
|
+ able to add EXAMPLES to documentation via EXAMPLES docstring,
|
|
rather than just in main documentation YAML
|
|
+ can set ANSIBLE_COW_SELECTION to pick other cowsay types (including random)
|
|
+ to_nice_yaml and to_nice_json available as Jinja2 filters that indent and sort
|
|
+ cowsay able to run out of macports (very important!)
|
|
+ improved logging for fireball mode
|
|
+ nicer error message when talking to an older system that needs a
|
|
JSON module installed
|
|
+ 'magic' variable 'inventory_basedir' now gives path to inventory file
|
|
+ 'magic' variable 'vars' works like 'hostvars' but gives global scope
|
|
variables, useful for debugging in templates mostly
|
|
+ conditionals can be used on plugins like add_host
|
|
+ ...and many more...
|
|
- specfile cleanup
|
|
- just recomend python-paramiko as the user can also use openssh
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Jan 22 13:47:16 UTC 2013 - julien.tognazzi@gmail.com
|
|
|
|
- Merge changes from upstream
|
|
|