pool/ansible
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
9166054613
ansible/ansible.changes
Lars Vogdt 9166054613 - update to 1.6.6: 
* Security updates to further protect against the incorrect 
    execution of untrusted data
  * Additional tweaks to prevent the incorrect execution of 
    untrusted data
  * Security update to prevent local operations from executing as
    the result of specifically crafted untrusted data

OBS-URL: https://build.opensuse.org/package/show/systemsmanagement/ansible?expand=0&rev=26
2014-07-10 12:53:54 +00:00

355 lines
16 KiB
Plaintext
Raw Blame History

-------------------------------------------------------------------
Thu Jul 10 12:53:16 UTC 2014 - lars@linux-schulserver.de
- update to 1.6.6:
* Security updates to further protect against the incorrect
execution of untrusted data
* Additional tweaks to prevent the incorrect execution of
untrusted data
* Security update to prevent local operations from executing as
the result of specifically crafted untrusted data
-------------------------------------------------------------------
Thu Jun 19 07:28:24 UTC 2014 - lars@linux-schulserver.de
- update to 1.6.3:
* The deprecated legacy variable templating system has been
finally removed. Use {{ foo }} always not $foo or ${foo}.
* Any data file can also be JSON. Use sparingly -- with great power
comes great responsibility. Starting file with "{" or "[" denotes JSON.
* Added 'gathering' param for ansible.cfg to change the default
gather_facts policy.
* Accelerate improvements:
+ multiple users can connect with different keys, when
accelerate_multi_key = yes is specified in the ansible.cfg.
+ daemon lifetime is now based on the time from the last activity,
not the time from the daemon's launch.
* ansible-playbook now accepts --force-handlers to run handlers
even if tasks result in failures.
* Added VMWare support with the vsphere_guest module.
* many new modules and ther notable changes, please read
/usr/share/doc/packages/ansible/CHANGELOG.md for details
- use new upstream URL(s)
- require python-httplib2 and python-setuptools
- ignore "wrong" permissions of synchronize.py
- ignore rpmlint warning about requiring python-httplib2 explicitely
-------------------------------------------------------------------
Thu Mar 20 23:24:56 UTC 2014 - lars@linux-schulserver.de
- update to 1.5.3:
* Fixes to the git module related to host key checking
* Force command action to not be executed by the shell unless
specifically enabled.
* Validate SSL certs accessed through urllib*.
* Implement new default cipher class AES256 in ansible-vault.
* Misc bug fixes.
-------------------------------------------------------------------
Sat Mar 8 11:08:25 UTC 2014 - lars@linux-schulserver.de
- update to 1.5:
Major features/changes:
* when_foo which was previously deprecated is now removed, use
"when:" instead. Code generates appropriate error suggestion.
* include + with_items which was previously deprecated is now
removed, ditto. Use with_nested / with_together, etc.
* only_if, which is much older than when_foo and was deprecated,
is similarly removed.
* ssh connection plugin is now more efficient if you add
'pipelining=True' in ansible.cfg under [ssh_connection],
see example.cfg
* localhost/127.0.0.1 is not required to be in inventory if
referenced, if not in inventory, it does not implicitly appear
in the 'all' group.
* git module has new parameters (accept_hostkey, key_file, ssh_opts)
to ease the usage of git and ssh protocols.
* when using accelerate mode, the daemon will now be restarted
when specifying a different remote_user between plays.
* added no_log: option for tasks. When used, no logging information
will be sent to syslog during the module execution.
* acl module now handles 'default' and allows for either shorthand
entry or specific fields per entry section
* play_hosts is a new magic variable to provide a list of hosts
in scope for the current play.
* ec2 module now accepts 'exact_count' and 'count_tag' as a way to
enforce a running number of nodes by tags.
* all ec2 modules that work with Eucalyptus also now support a
'validate_certs' option, which can be set to 'off' for installations
using self-signed certs.
* Start of new integration test infrastructure (WIP)
* if repoquery is unavailble, the yum module will automatically
attempt to install yum-utils
* ansible-vault: a framework for encrypting your playbooks
and variable files
Other notable changes (many new module params & bugfixes may not not listed):
* no_reboot is now defaulted to "no" in the ec2_ami module to ensure
filesystem consistency in the resulting AMI.
* sysctl module overhauled
* authorized_key module overhauled
* synchronized module now handles local transport better
* apt_key module now ignores case on keys
* zypper_repository now skips on check mode
* file module now responds to force behavior when dealing with hardlinks
* new lookup plugin 'csvfile'
* fixes to allow hash_merge behavior to work with dynamic inventory
* mysql module will use port argument on dump/import
* subversion module now ignores locale to better intercept status messages
* rax api_key argument is no longer logged
* backwards/forwards compatibility for OpenStack modules, 'quantum'
modules grok neutron renaming
* hosts properly uniqueified if appearing in redundant groups
* hostname module support added for ScientificLinux
* ansible-pull can now show live stdout and pass verbosity levels
to ansible-playbook
* ec2 instances can now be stopped or started
* additional volumes can be created when creating new ec2 instances
* user module can move a home directory
* significant enhancement and cleanup of rackspace modules
* ansible_ssh_private_key_file can be templated
* docker module updated to support docker-py 0.3.0
* various other bug fixes
* md5 logic improved during sudo operation
* support for ed25519 keys in authorized_key module
* ability to set directory permissions during a recursive copy
(directory_mode parameter)
* update docker module, support for using docker python
library 0.3.0
-------------------------------------------------------------------
Thu Feb 27 17:39:07 UTC 2014 - lars@linux-schulserver.de
- update to 1.4.5:
+ fixed issue with permissions being incorrect on
fireball/accelerate keys when the umask setting was too loose.
-------------------------------------------------------------------
Sun Jan 19 03:12:17 UTC 2014 - lars@linux-schulserver.de
- update to 1.4.4:
+ Fixed issue with newer versions of pip not having --use-mirrors
+ Fixed role_path parsing from ansible.cfg
+ Fixed default role templates
+ Fixed a few bugs related to unicode
+ Fixed errors in the ssh connection method with large data returns
+ Miscellaneous fixes for a few modules
+ Add the ansible-galaxy command
-------------------------------------------------------------------
Mon Dec 16 21:28:31 UTC 2013 - lars@linux-schulserver.de
- update to 1.4.1:
* Misc fix updates
-------------------------------------------------------------------
Thu Nov 28 13:54:02 UTC 2013 - kgronlund@suse.com
- Update to release 1.4
- Highlighted new features:
+ Added do-until feature, which can be used to retry a failed task a
specified number of times with a delay in-between the retries.
+ Added failed_when option for tasks, which can be used to specify
logical statements that make it easier to determine when a task has
failed, or to make it easier to ignore certain non-zero return
codes for some commands.
+ Added the "subelement" lookup plugin, which allows iteration of the
keys of a dictionary or items in a list.
+ Added the capability to use either paramiko or ssh for the inital
setup connection of an accelerated playbook.
+ Automatically provide advice on common parser errors users
encounter.
+ Deprecation warnings are now shown for legacy features:
when_integer/etc, only_if, include+with_items, etc. Can be disabled
in ansible.cfg
+ The system will now provide helpful tips around possible YAML
syntax errors increasing ease of use for new users.
+ warnings are now shown for using {{ foo }} in loops and
conditionals, and suggest leaving the variable expressions bare as
per docs.
+ The roles search path is now configurable in
ansible.cfg. 'roles_path' in the config setting.
+ Includes with parameters can now be done like roles for
consistency: - { include: song.yml, year:1984, song:'jump' }
+ The name of each role is now shown before each task if roles are
being used
+ Adds a "var=" option to the debug module for debugging variable
data. "debug: var=hostvars['hostname']" and "debug: var=foo" are
all valid syntax.
+ Variables in {{ format }} can be used as references even if they
are structured data
+ Can force binding of accelerate to ipv6 ports.
+ the apt module will auto-install python-apt if not present rather
than requiring a manual installation
+ the copy module is now recursive if the local 'src' parameter is a
directory.
+ syntax checks now scan included task and variable files as well as
main files
- New modules and plugins:
+ cloud: ec2_eip -- manage AWS elastic IPs
+ cloud: ec2_vpc -- manage ec2 virtual private clouds
+ cloud: elasticcache -- Manages clusters in Amazon Elasticache
+ cloud: rax_network -- sets up Rackspace networks
+ cloud: rax_facts: retrieve facts about a Rackspace Cloud Server
+ cloud: rax_clb_nodes -- manage Rackspace cloud load balanced nodes
+ cloud: rax_clb -- manages Rackspace cloud load balancers
+ cloud: docker - instantiates/removes/manages docker containers
+ cloud: ovirt -- VM lifecycle controls for ovirt
+ files: acl -- set or get acls on a file
+ files: unarchive: pushes and extracts tarballs
+ files: synchronize: a useful wraper around rsyncing trees of files
+ system: firewalld -- manage the firewalld configuration
+ system: modprobe -- manage kernel modules on systems that support
modprobe/rmmod
+ system: open_iscsi -- manage targets on an initiator using
open-iscsi
+ system: blacklist: add or remove modules from the kernel blacklist
+ system: hostname - sets the systems hostname
+ utilities: include_vars -- dynamically load variables based on
conditions.
+ packaging: zypper_repository - adds or removes Zypper repositories
+ packaging: urpmi - work with urpmi packages
+ packaging: swdepot - a module for working with swdepot
+ notification: grove - notifies to Grove hosted IRC channels
+ web_infrastructure: ejabberd_user: add and remove users to ejabberd
+ web_infrastructure: jboss: deploys or undeploys apps to jboss
+ source_control: github_hooks: manages GitHub service hooks
+ net_infrastructure: bigip_monitor_http: manages F5 BIG-IP LTM http
monitors
+ net_infrastructure: bigip_monitor_tcp: manages F5 BIG-IP LTM TCP
monitors
+ net_infrastructure: bigip_pool_member: manages F5 BIG-IP LTM pool
members
+ net_infrastructure: bigip_node: manages F5 BIG-IP LTM nodes
+ net_infrastructure: openvswitch_port
+ net_infrastructure: openvswitch_bridge
-------------------------------------------------------------------
Fri Nov 1 15:09:48 UTC 2013 - kgronlund@suse.com
- Updated .spec file:
+ Remove deprecated fireball and node-fireball packages
+ Add dependency on python-keyczar
+ Add recommends for sshpass
+ Fix support for RHEL
+ Correct upstream URL
+ Use upstream release package for 1.3.4
+ Re-add CHANGELOG.md
+ Re-added man3 man pages
+ Updated short description to match upstream description
-------------------------------------------------------------------
Thu Oct 31 17:26:44 UTC 2013 - lars@linux-schulserver.de
- update to 1.3.4:
Highlighted new features:
+ accelerated mode: An enhanced fireball mode that requires zero
bootstrapping and fewer requirements plus adds capabilities
like sudo commands.
+ role defaults: Allows roles to define a set of variables at the
lowest priority. These variables can be overridden by any
other variable.
+ new /etc/ansible/facts.d allows JSON or INI-style facts to be
provided from the remote node, and supports executable fact
programs in this dir. Files must end in *.fact.
+ added the ability to make undefined template variables raise
errors (see ansible.cfg)
+ (DOCS PENDING) sudo: True/False and sudo_user: True/False can be
set at include and role level
+ added changed_when: (expression) which allows overriding whether
a result is changed or not and can work with registered expressions
+ --extra-vars can now take a file as input, e.g., "-e @filename"
and can also be formatted as YAML
+ external inventory scripts may now return host variables in one
pass, which allows them to be much more efficient for large
numbers of hosts
+ if --forks exceeds the numbers of hosts, it will be automatically
reduced. Set forks to 0 and you get "as many forks as I have
hosts" out of the box.
+ enabled error_on_undefined_vars by default, which will make
errors in playbooks more obvious
+ role dependencies -- one role can now pull in another, with
parameters of its own.
+ added the ability to have tasks execute even during a check
run (always_run).
+ added the ability to set the maximum failure percentage for a
group of hosts.
...and a lot more information can be found at
/usr/share/doc/packages/ansible/CHANGELOG.md
- removed man3 man pages
- removed separate CHANGELOG.md source - now in upstream tarball
-------------------------------------------------------------------
Sun Jun 30 20:05:47 UTC 2013 - lars@linux-schulserver.de
- update to 1.2:
+ new feature: roles
+ massively improved variable support and conditionals
+ Pre and Post tasks provide greater controls to make rolling
updates even smoother
+ added 32 new modules:
++ including a openSUSE package management module
++ added team chat notification modules for Flowdock, Hipchat,
Campfire, IRC, and more
++ added monitoring modules to interact with New Relic, Airbrake,
Pingdom, Pagerduty and Monit
- added CHANGELOG.md to /usr/share/doc/packages/ansible/ to have
the complete changelog at hand
-------------------------------------------------------------------
Thu Apr 25 08:01:24 UTC 2013 - lars@linux-schulserver.de
- require python-pyzmq on (open)SUSE
-------------------------------------------------------------------
Thu Apr 18 07:42:43 UTC 2013 - lars@linux-schulserver.de
- fix build on other distributions than openSUSE
- License in SPDX format
- added rpmlintrc
-------------------------------------------------------------------
Wed Apr 17 11:04:04 UTC 2013 - lars@linux-schulserver.de
- update to 1.1:
+ stderr shown when commands fail to parse
+ uses yaml.safe_dump in filter plugins
+ authentication Q&A no longer happens before --syntax-check, but after
+ ability to get hostvars data for nodes not in the setup cache yet
+ SSH timeout now correctly passed to native SSH connection plugin
+ raise an error when multiple when_ statements are provided
+ --list-hosts applies host limit selections better
+ (internals) template engine specifications to use template_ds everywhere
+ better error message when your host file can not be found
+ end of line comments now work in the inventory file
+ directory destinations now work better with remote md5 code
+ lookup plugin macros like $FILE and $ENV now work without
returning arrays in variable definitions/playbooks
+ uses yaml.safe_load everywhere
+ able to add EXAMPLES to documentation via EXAMPLES docstring,
rather than just in main documentation YAML
+ can set ANSIBLE_COW_SELECTION to pick other cowsay types (including random)
+ to_nice_yaml and to_nice_json available as Jinja2 filters that indent and sort
+ cowsay able to run out of macports (very important!)
+ improved logging for fireball mode
+ nicer error message when talking to an older system that needs a
JSON module installed
+ 'magic' variable 'inventory_basedir' now gives path to inventory file
+ 'magic' variable 'vars' works like 'hostvars' but gives global scope
variables, useful for debugging in templates mostly
+ conditionals can be used on plugins like add_host
+ ...and many more...
- specfile cleanup
- just recomend python-paramiko as the user can also use openssh
-------------------------------------------------------------------
Tue Jan 22 13:47:16 UTC 2013 - julien.tognazzi@gmail.com
- Merge changes from upstream
Reference in New Issue View Git Blame Copy Permalink