* Tue Jun 28 2016 michael@stroeder.com
- update to 2.1.1.0
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
- changed download link to https://releases.ansible.com
* Sun May 29 2016 michael@stroeder.com
- update to 2.1.0.0
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
- on SuSE platforms recommend package python-dnspython for
DNS lookups in playbooks
* Sat May 07 2016 michael@stroeder.com
- update to 2.0.2.0:
* Backport of the 2.1 feature to ensure per-item callbacks are sent as they occur,
rather than all at once at the end of the task.
* Fixed bugs related to the iteration of tasks when certain combinations of roles,
blocks, and includes were used, especially when handling errors in rescue/always
portions of blocks.
* Fixed handling of redirects in our helper code, and ported the uri module to use
this helper code. This removes the httplib dependency for this module while fixing
some bugs related to redirects and SSL certs.
* Fixed some bugs related to the incorrect creation of extra temp directories for
uploading files, which were not cleaned up properly.
* Improved error reporting in certain situations, to provide more information such as
the playbook file/line.
* Fixed a bug related to the variable precedence of role parameters, especially when
a role may be used both as a dependency of a role and directly by itself within the
same play.
* Fixed some bugs in the 2.0 implementation of do/until.
* Fixed some bugs related to run_once:
- Ensure that all hosts are marked as failed if a task marked as run_once fails.
- Show a warning when using the free strategy when a run_once task is encountered, as
there is no way for the free strategy to guarantee the task is not run more than once.
* Fixed a bug where the assemble module was not honoring check mode in some situations.
* Fixed a bug related to delegate_to, where we were incorrectly using variables from
the inventory host rather than the delegated-to host.
* The 'package' meta-module now properly squashes items down to a single execution (as the
apt/yum/other package modules do).
* Fixed a bug related to the ansible-galaxy CLI command dealing with paged results from
the Galaxy server.
* Pipelining support is now available for the local and jail connection plugins, which is
useful for users who do not wish to have temp files/directories created when running
tasks with these connection types.
* Improvements in support for additional shell types.
* Improvements in the code which is used to calculate checksums for remote files.
* Some speed ups and bug fixes related to the variable merging code.
* Workaround bug in python subprocess on El Capitan that was making vault fail
when attempting to encrypt a file
* Fix lxc_container module having predictable temp file names and setting file
permissions on the temporary file too leniently on a temporary file that was
executed as a script. Addresses CVE-2016-3096
* Fix a bug in the uri module where setting headers via module params that
start with HEADER_ were causing a traceback.
* Fix bug in the free strategy that was causing it to synchronize its workers
after every task (making it a lot more like linear than it should have been).
* Wed Mar 09 2016 lars@linux-schulserver.de
- update to 2.0.1.0:
* Fixes a major compatibility break in the synchronize module shipped
with 2.0.0.x. That version of synchronize ran sudo on the controller
prior to running rsync. In 1.9.x and previous, sudo was run on the
host that rsync connected to. 2.0.1 restores the 1.9.x behaviour.
* Additionally, several other problems with where synchronize chose
to run when combined with delegate_to were fixed. In particular, if
a playbook targetted localhost and then delegated_to a remote host
the prior behavior (in 1.9.x and 2.0.0.x) was to copy files between
the src and destination directories on the delegated host. This has
now been fixed to copy between localhost and the delegated host.
* Fix a regression where synchronize was unable to deal with unicode paths.
* Fix a regression where synchronize deals with inventory hosts that
use localhost but with an alternate port.
* Fixes a regression where the retry files feature was not implemented.
* Fixes a regression where the any_errors_fatal option was implemented
in 2.0 incorrectly, and also adds a feature where any_errors_fatal
can be set at the block level.
* Fix tracebacks when playbooks or ansible itself were located in
directories with unicode characters.
* Fix bug when sending unicode characters to an external pager
for display.
* Fix a bug with squashing loops for special modules (mostly package
managers). The optimization was squashing when the loop did not
apply to the selection of packages. This has now been fixed.
* Temp files created when using vault are now "shredded" using the
unix shred program which overwrites the file with random data.
* Some fixes to cloudstack modules for case sensitivity
* Fix non-newstyle modules (non-python modules and old-style modules)
to disabled pipelining.
* Fix fetch module failing even if fail_on_missing is set to False
* Fix for cornercase when local connections, sudo, and raw were
used together.
* Fix dnf module to remove dependent packages when state=absent is
specified. This was a feature of the 1.9.x version that was left
out by mistake when the module was rewritten for 2.0.
* Fix bugs with non-english locales in yum, git, and apt modules
* Fix a bug with the dnf module where state=latest could only
upgrade, not install.
* Mon Feb 15 2016 eshmarnev@suse.com
- fix_zypper_errorhandling.patch is being deleted
* Thu Feb 11 2016 erwin.vandevelde@gmail.com
- update to 2.0.0.2
Version 2.0 is a new major version with a lot of changes, among which:
+ New modules for cloud-based services and many more
+ The new block/rescue/always directives allow for making task blocks and exception-like semantics
+ Many API changes
- more info at:
https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#20-over-the-hills-and-far-away
* Sun Oct 11 2015 lars@linux-schulserver.de
- build again on SLE-11-SP4 by ignoring some dependencies that are
not available in the official OBS repository: python-paramiko,
python-Jinja2, python-PyYAML, python-pycrypto
* Sat Oct 10 2015 lars@linux-schulserver.de
- update to 1.9.4
This release addresses several bugs, most notably those related to
the yum module (introduced in 1.9.3):
+ Fixes a bug where yum state=latest would error if there were no
updates to install.
+ Fixes a bug where yum state=latest did not work with wildcard
package names.
+ Fixes a bug in lineinfile relating to escape sequences.
+ Fixes a bug where vars_prompt was not keeping passwords private
by default.
+ Fix ansible-galaxy and the hipchat callback plugin to check that
the host it is contacting matches its TLS Certificate.
* Sat Sep 26 2015 m0ses@samaxi.de
- Added fix_zypper_errorhandling.patch as it`s have not been accepted
upstream, in lack of an reviewer. See patch for more comments
* Fri Sep 11 2015 robin.roth@kit.edu
- update to 1.9.3:
- Fixes a bug related to keyczar messing up encodings internally, resulting in decrypted
messages coming out as empty strings.
- AES Keys generated for use in accelerated mode are now 256-bit by default instead of 128.
- Fix url fetching for SNI with python-2.7.9 or greater. SNI does not work
with python < 2.7.9. The best workaround is probably to use the command
module with curl or wget.
- Fix url fetching to allow tls-1.1 and tls-1.2 if the system's openssl library
supports those protocols
- Fix ec2_ami_search module to check TLS Certificates
- Fix the following extras modules to check TLS Certificates:
- campfire
- layman
- librarto_annotate
- twilio
- typetalk
- Fix docker module's parsing of docker-py version for dev checkouts
- Fix docker module to work with docker server api 1.19
- Change yum module's state=latest feature to update all packages specified in
a single transaction. This is the same type of fix as was made for yum's
state=installed in 1.9.2 and both solves the same problems and with the same caveats.
- Fixed a bug where stdout from a module might be blank when there were were non-printable
ASCII characters contained within it
* Wed Jul 15 2015 lars@linux-schulserver.de
- update to 1.9.2:
- Security fixes to check that hostnames match certificates with
https urls (CVE-2015-3908; bnc #938161):
+ get_url and uri modules
+ url and etcd lookup plugins
- Security fixes to the zone (Solaris containers), jail (bsd
containers), and chroot connection plugins. These plugins can be
used to connect to their respective container types in leiu of the
standard ssh connection. Prior to this fix being applied these
connection plugins didn't properly handle symlinks within the containers
which could lead to files intended to be written to or read from the
container being written to or read from the host system instead. (CVE
pending)
- Fixed a bug in the service module where init scripts were being
incorrectly used instead of upstart/systemd.
- Fixed a bug where sudo/su settings were not inherited from
ansible.cfg correctly.
- Fixed a bug in the rds module where a traceback may occur due to an
unbound variable.
- Fixed a bug where certain remote file systems where the SELinux
context was not being properly set.
- Re-enabled several windows modules which had been partially merged
(via action plugins):
+ win_copy.ps1
+ win_copy.py
+ win_file.ps1
+ win_file.py
+ win_template.py
- Fix bug using with_sequence and a count that is zero. Also allows
counting backwards isntead of forwards
- Fix get_url module bug preventing use of custom ports with https
urls
- Fix bug disabling repositories in the yum module.
- Fix giving yum module a url to install a package from on
RHEL/CENTOS5
- Fix bug in dnf module preventing it from working when yum-utils was
not already installed
* Tue Apr 28 2015 boris@steki.net
- updated to version 1.9.1
* Fixed a bug related to Kerberos auth when using winrm with a domain account.
* Fixing several bugs in the s3 module.
* Fixed a bug with upstart service detection in the service module.
* Fixed several bugs with the user module when used on OSX.
* Fixed unicode handling in some module situations (assert and shell/command execution).
* Fixed a bug in redhat_subscription when using the activationkey parameter.
* Fixed a traceback in the gce module on EL6 distros when multiple pycrypto installations are available.
* Added support for PostgreSQL 9.4 in rds_param_group
* Several other minor fixes.
* Mon Mar 30 2015 boris@steki.net
- updated to version 1.9.0.1
* Added kerberos support to winrm connection plugin.
* Tags rehaul: added 'all', 'always', 'untagged' and 'tagged' special
tags and normalized tag resolution. Added tag information to
- -list-tasks and new --list-tags option.
* Privilege Escalation generalization, new 'Become' system and variables
now will handle existing and new methods. Sudo and su have been kept
for backwards compatibility. New methods pbrun and pfexec in 'alpha'
state, planned adding 'runas' for winrm connection plugin.
* Improved ssh connection error reporting, now you get back the specific
message from ssh.
* Added facility to document task module return values for registered
vars, both for ansible-doc and the docsite. Documented copy, stats and
acl modules, the rest must be updated individually (we will start doing
so incrementally).
* Optimize the plugin loader to cache available plugins much more
efficiently. For some use cases this can lead to dramatic improvements
in startup time.
* Overhaul of the checksum system, now supports more systems and more
cases more reliably and uniformly.
* Fix skipped tasks to not display their parameters if no_log is specified.
* Many fixes to unicode support, standarized functions to make it easier
to add to input/output boundries.
* Added travis integration to github for basic tests, this should speed
up ticket triage and merging.
* environment: directive now can also be applied to play and is
inhertited by tasks, which can still override it.
* expanded facts and OS/distribution support for existing facts and
improved performance with pypy.
* new 'wantlist' option to lookups allows for selecting a list typed
variable vs a command delimited string as the return.
* the shared module code for file backups now uses a timestamp resolution
of seconds (previouslly minutes).
* allow for empty inventories, this is now a warning and not an error
(for those using localhost and cloud modules).
* sped up YAML parsing in ansible by up to 25% by switching to CParser loader.
- more info at:
https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#19-dancing-in-the-street---mar-25-2015
* Mon Feb 23 2015 boris@steki.net
- updated to version 1.8.4 from 1.8.2
* Fixed regressions in ec2 and mount modules, introduced in 1.8.3
* Fixing a security bug related to the default permissions set on a
tempoary file created when using "ansible-vault view ".
* Many bug fixes, for both core code and core modules.
* Fri Dec 05 2014 boris@steki.net
- updated to version 1.8.2 from 1.8.1
* Windows modules should now be packaged correctly.
* A bug regarding wildcard grant strings in the mysql_user module has been fixed.
* Several other bugs regarding the postgresql modules have also been fixed.
* Mon Dec 01 2014 boris@steki.net
- enable build for older RHEL and SLE distributions
* Thu Nov 27 2014 boris@steki.net
- updated package to latest release ## 1.8.1 "You Really Got Me"
* Various bug fixes in postgresql and mysql modules.
* Fixed a bug related to lookup plugins used within roles not
finding files based on the relative paths to the roles files/ directory.
* Fixed a bug related to vars specified in plays being templated too early,
resulting in incorrect variable interpolation.
* Fixed a bug related to git submodules in bare repos.
* fact caching support, pluggable, initially supports Redis (DOCS pending)
* 'serial' size in a rolling update can be specified as a percentage
* added new Jinja2 filters, 'min' and 'max' that take lists
* new 'ansible_version' variable available contains a dictionary of version info
* For ec2 dynamic inventory, ec2.ini can has various new configuration options
* 'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
* no_log parameter now surpressess data from callbacks/output as well as syslog
* ansible-galaxy install -f requirements.yml allows advanced options and installs
from non-galaxy SCM sources and tarballs.
* command_warnings feature will warn about when usage of the shell/command module
can be simplified to use core modules - this can be enabled in ansible.cfg
* new omit value can be used to leave off a parameter when not set, like so
module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even
an empty value) if c was not set.
* developers: 'baby JSON' in module responses, originally intended for writing modules
in bash, is removed as a feature to simplify logic, script module remains available
for running bash scripts.
* async jobs started in "fire & forget" mode can now be checked on at a later time.
* added ability to subcategorize modules for docs.ansible.com
* added ability for shipped modules to have aliases with symlinks
* added ability to deprecate older modules by starting with "_" and
including "deprecated: message why" in module docs
+ New Modules:
* cloud: rax_cdb - manages Rackspace Cloud Database instances
* cloud: rax_cdb_database - manages Rackspace Cloud Databases
* cloud: rax_cdb_user - manages Rackspace Cloud Database users
* monitoring: zabbix_maintaince - handles outage windows with Zabbix
* monitoring: bigpanda - support for bigpanda
* net_infrastructure: a10_server - manages server objects on A10 devices
* net_infrastructure: a10_service_group - manages service group objects on A10 devices
* net_infrastructure: a10_virtual_server - manages virtual server objects on A10 devices
* system: getent - read getent databases
+ Some other notable changes:
* added the ability to set "instance filters" in the ec2.ini to limit results
from the inventory plugin.
* upgrades for various variable precedence items and parsing related items
* added a new "follow" parameter to the file and copy modules, which allows
actions to be taken on the target of a symlink rather than the symlink itself.
* if a module should ever traceback, it will return a standard error, catchable
by ignore_errors, versus an 'unreachable'
* ec2_lc: added support for multiple new parameters like kernel_id, ramdisk_id and ebs_optimized.
* ec2_elb_lb: added support for the connection_draining_timeout and cross_az_load_balancing options.
* support for symbolic representations (ie. u+rw) for file permission modes (file/copy/template modules etc.).
* docker: Added support for specifying the net type of the container.
* docker: support for specifying read-only volumes.
* docker: support for specifying the API version to use for the remote connection.
* openstack modules: various improvements
* irc: ssl support for the notification module
* npm: fix flags passed to package installation
* windows: improved error handling
* setup: additional facts on System Z
* apt_repository: certificate validation can be disabled if requested
* pagerduty module: misc improvements
* ec2_lc: public_ip boolean configurable in launch configurations
* ec2_asg: fixes related to proper termination of an autoscaling group
* win_setup: total memory fact correction
* ec2_vol: ability to list existing volumes
* ec2: can set optimized flag
* various parser improvements
* produce a friendly error message if the SSH key is too permissive
* ec2_ami_search: support for SSD and IOPS provisioned EBS images
* can set ansible_sudo_exe as an inventory variable which allows specifying
a different sudo (or equivalent) command
* git module: Submodule handling has changed. Previously if you used the
"recursive" parameter to handle submodules, ansible would track the
submodule upstream's head revision. This has been changed to checkout the
version of the submodule specified in the superproject's git repository.
This is inline with what git submodule update does. If you want the old
behaviour use the new module parameter track_submodules=yes
* Checksumming of transferred files has been made more portable and now uses
the sha1 algorithm instead of md5 to be compatible with FIPS-140.
+ As a small side effect, the fetch module no longer returns a useful value
in remote_md5. If you need a replacement, switch to using remote_checksum
which returns the sha1sum of the remote file.
* ansible-doc CLI tool contains various improvements for working with different terminals
* Mon Oct 27 2014 kgronlund@suse.com
- update to 1.7.2:
- Fixes a bug in accelerate mode which caused a traceback when trying to use that connection method.
- Fixes a bug in vault where the password file option was not being used correctly internally.
- Improved multi-line parsing when using YAML literal blocks (using > or |).
- Fixed a bug with the file module and the creation of relative symlinks.
- Fixed a bug where checkmode was not being honored during the templating of files.
- Other various bug fixes.
- Switch to xz for source package
* Wed Sep 10 2014 boris@steki.net
- add python-pywinrm to requirements to enable windows hosts automation
* Sun Aug 17 2014 lars@linux-schulserver.de
- update to 1.7.1:
Major new features:
+ Windows support (alpha) using native PowerShell remoting
+ Tasks can now specify run_once: true, meaning they will be executed
exactly once. This can be combined with delegate_to to trigger actions
you want done just the one time versus for every host in inventory.
New Modules:
+ cloud: azure
+ cloud: rax_meta
+ cloud: rax_scaling_group
+ cloud: rax_scaling_policy
+ windows: version of setup module
+ windows: version of slurp module
+ windows: win_feature
+ windows: win_get_url
+ windows: win_msi
+ windows: win_ping
+ windows: win_user
+ windows: win_service
+ windows: win_group
New inventory scripts:
+ SoftLayer
+ Windows Azure
Docker module bug fixes:
+ Fixed support for specifying rw/ro bind modes for volumes
+ Fixed support for allowing the tag in the image parameter
Other notable changes:
+ Performance enhancements related to previous security fixes, which
could cause slowness when modules returned very large JSON results.
This specifically impacted the unarchive module frequently, which
returns the details of all unarchived files in the result.
+ Inventory speed improvements for very large inventories.
+ Vault password files can now be executable, to support scripts
that fetch the vault password.
+ Fixes an issue with the copy module when copying a directory that