* Tue May 04 2021 Michael Ströder <michael@stroeder.com>
- update to 2.9.21
* Fri Apr 16 2021 Alexander Graul <alexander.graul@suse.com>
- Drop python-coverage run-time requirement from openSUSE/SLE
* Fri Apr 16 2021 Alexander Graul <alexander.graul@suse.com>
- Switch to python3-cryptography in openSUSE/SLE
* Tue Apr 13 2021 Michael Ströder <michael@stroeder.com>
- update to version 2.9.20
maintenance release containing numerous bugfixes
* Tue Mar 16 2021 Michael Ströder <michael@stroeder.com>
- update to version 2.9.19 with minor changes and a few bug fixes
* Fri Feb 19 2021 Michael Ströder <michael@stroeder.com>
- update to version 2.9.18
* CVE-2021-20228 where default and fallback values for no_log parameters
to modules were not previously masked.
* CVE-2021-20178 where several parameters to the snmp_facts module were
logged and displayed despite containing sensitive information.
* CVE-2021-20180 where several parameters to the
bitbucket_pipeline_variable were logged and displayed despite
containing sensitive information.
* CVE-2021-20191 which addresses a number of modules whose parameters
were logged and displayed despite containing sensitive
information. For the full list of affected modules, refer to the
changelog linked below.
* Tue Jan 19 2021 Michael Ströder <michael@stroeder.com>
- update to version 2.9.17 with minor changes and a few bug fixes
* Tue Dec 15 2020 Michael Ströder <michael@stroeder.com>
- update to version 2.9.16 with minor changes and many bug fixes
* Tue Nov 03 2020 Michael Ströder <michael@stroeder.com>
- update to version 2.9.15 with following breaking change:
* ansible-galaxy login command has been removed
* Tue Oct 06 2020 Michael Ströder <michael@stroeder.com>
- update to version 2.9.14 with many small improvements and bug fixes,
most notably:
* kubectl - connection plugin now redact kubectl_token and
kubectl_password in console log (CVE-2020-1753).
- avoid trailing comments after %endif
* Tue Sep 01 2020 Michael Ströder <michael@stroeder.com>
- update to version 2.9.13 with many bug fixes, most notably:
* A security issue was addressed in the "dnf" module, which previously
did not check GPG signatures of packages.
* A bug in the "cron" module was fixed. In some cases prior to this
fix, the module would inadvertently remove cron entries.
- removed obsolete fix-cron-regression-71207.patch
* Wed Aug 12 2020 Michael Ströder <michael@stroeder.com>
- added fix-cron-regression-71207.patch
* Tue Aug 11 2020 Michael Ströder <michael@stroeder.com>
- update to version 2.9.12 with many bug fixes,
most notably the following security fixes:
* security issue - copy - Redact the value of the no_log 'content'
parameter in the result's invocation.module_args in check mode.
Previously when used with check mode and with '-vvv', the module would
not censor the content if a change would be made to the destination path.
(CVE-2020-14332)
* security issue atomic_move - change default permissions when creating
temporary files so they are not world readable
(https://github.com/ansible/ansible/issues/67794) (CVE-2020-1736)
* Fix warning for default permission change when no mode is specified.
Follow up to https://github.com/ansible/ansible/issues/67794.
(CVE-2020-1736)
* Sanitize no_log values from any response keys that might be returned
from the uri module (CVE-2020-14330).
* reset logging level to INFO due to CVE-2019-14846.
* Tue Jul 21 2020 Michael Ströder <michael@stroeder.com>
- update to version 2.9.11 with many bug fixes
- removed ansible_bugfix_640.diff obsoleted by upstream update
* Mon Jul 13 2020 Andrey Karepin <egdfree@opensuse.org>
- added ansible_bugfix_640.diff to fix gh#ansible-collections/community.general#640
* Mon Jun 22 2020 Michael Ströder <michael@stroeder.com>
- update to version 2.9.10 with many bug fixes.
- removed CVE-2020-1744_avoid_mkdir_p.patch obsoleted by upstream update
* Thu May 28 2020 Matej Cepl <mcepl@suse.com>
- Correct ID of CVE and rename the patch to
CVE-2020-1744_avoid_mkdir_p.patch
* Tue May 26 2020 Matej Cepl <mcepl@suse.com>
- Add CVE-2020-1733_avoid_mkdir_p.patch to fix CVE-2020-1733
(bsc#1164140)
- Add metadata information to this file to mark which SUSE
bugzilla have been already fixed.
* Tue May 12 2020 Michael Ströder <michael@stroeder.com>
- update to version 2.9.9
* fix for a regression introduced in 2.9.8
* Tue May 12 2020 Michael Ströder <michael@stroeder.com>
- update to version 2.9.8
maintenance release containing numerous bugfixes
Version: 2.8.1-bp150.3.9.1
* Sat Jun 08 2019 Lars Vogdt <lars@linux-schulserver.de>
- Update to version 2.8.1
Full changelog is at /usr/share/doc/packages/ansible/changelogs/
Bugfixes
- -------
- ACI - DO not encode query_string
- ACI modules - Fix non-signature authentication
- Add missing directory provided via ``--playbook-dir`` to adjacent collection loading
- Fix "Interface not found" errors when using eos_l2_interface with nonexistant
interfaces configured
- Fix cannot get credential when `source_auth` set to `credential_file`.
- Fix netconf_config backup string issue
- Fix privilege escalation support for the docker connection plugin when
credentials need to be supplied (e.g. sudo with password).
- Fix vyos cli prompt inspection
- Fixed loading namespaced documentation fragments from collections.
- Fixing bug came up after running cnos_vrf module against coverity.
- Properly handle data importer failures on PVC creation, instead of timing out.
- To fix the ios static route TC failure in CI
- To fix the nios member module params
- To fix the nios_zone module idempotency failure
- add terminal initial prompt for initial connection
- allow include_role to work with ansible command
- allow python_requirements_facts to report on dependencies containing dashes
- asa_config fix
- azure_rm_roledefinition - fix a small error in build scope.
- azure_rm_virtualnetworkpeering - fix cross subscriptions virtual network
peering.
- cgroup_perf_recap - When not using file_per_task, make sure we don't
prematurely close the perf files
- display underlying error when reporting an invalid ``tasks:`` block.
- dnf - fix wildcard matching for state: absent
- docker connection plugin - accept version ``dev`` as 'newest version' and
print warning.
- docker_container - ``oom_killer`` and ``oom_score_adj`` options are available
since docker-py 1.8.0, not 2.0.0 as assumed by the version check.
- docker_container - fix network creation when ``networks_cli_compatible`` is
enabled.
- docker_container - use docker API's ``restart`` instead of ``stop``/``start``
to restart a container.
- docker_image - if ``build`` was not specified, the wrong default for
``build.rm`` is used.
- docker_image - if ``nocache`` set to ``yes`` but not ``build.nocache``, the
module failed.
- docker_image - module failed when ``source: build`` was set but
``build.path`` options not specified.
- docker_network module - fix idempotency when using ``aux_addresses`` in
``ipam_config``.
- ec2_instance - make Name tag idempotent
- eos: don't fail modules without become set, instead show message and continue
- eos_config: check for session support when asked to 'diff_against: session'
- eos_eapi: fix idempotency issues when vrf was unspecified.
- fix bugs for ce - more info see
- fix incorrect uses of to_native that should be to_text instead.
- hcloud_volume - Fix idempotency when attaching a server to a volume.
- ibm_storage - Added a check for null fields in ibm_storage utils module.
- include_tasks - whitelist ``listen`` as a valid keyword
- k8s - resource updates applied with force work correctly now
- keep results subset also when not no_log.
- meraki_switchport - improve reliability with native VLAN functionality.
- netapp_e_iscsi_target - fix netapp_e_iscsi_target chap secret size and
clearing functionality
- netapp_e_volumes - fix workload profileId indexing when no previous workload
tags exist on the storage array.
- nxos_acl some platforms/versions raise when no ACLs are present
- nxos_facts fix <https://github.com/ansible/ansible/pull/57009>
- nxos_file_copy fix passwordless workflow
- nxos_interface Fix admin_state check for n6k
- nxos_snmp_traps fix group all for N35 platforms
- nxos_snmp_user fix platform fixes for get_snmp_user
- nxos_vlan mode idempotence bug
- nxos_vlan vlan names containing regex ctl chars should be escaped
- nxos_vtp_* modules fix n6k issues
- openssl_certificate - fix private key passphrase handling for
``cryptography`` backend.
- openssl_pkcs12 - fixes crash when private key has a passphrase and the module
is run a second time.
- os_stack - Apply tags conditionally so that the module does not throw up an
error when using an older distro of openstacksdk
- pass correct loading context to persistent connections other than local
- pkg_mgr - Ansible 2.8.0 failing to install yum packages on Amazon Linux
- postgresql - added initial SSL related tests
- postgresql - added missing_required_libs, removed excess param mapping
- postgresql - move connect_to_db and get_pg_version into
module_utils/postgres.py (https://github.com/ansible/ansible/pull/55514)
- postgresql_db - add note to the documentation about state dump and the
incorrect rc (https://github.com/ansible/ansible/pull/57297)
- postgresql_db - fix for postgresql_db fails if stderr contains output
- postgresql_ping - fixed a typo in the module documentation
- preserve actual ssh error when we cannot connect.
- route53_facts - the module did not advertise check mode support, causing it
not to be run in check mode.
- sysctl: the module now also checks the output of STDERR to report if values
are correctly set (https://github.com/ansible/ansible/pull/55695)
- ufw - correctly check status when logging is off
- uri - always return a value for status even during failure
- urls - Handle redirects properly for IPv6 address by not splitting on ``:``
and rely on already parsed hostname and port values
- vmware_vm_facts - fix the support with regular ESXi
- vyos_interface fix <https://github.com/ansible/ansible/pull/57169>
- we don't really need to template vars on definition as we do this on demand
in templating.
- win_acl - Fix qualifier parser when using UNC paths -
- win_hostname - Fix non netbios compliant name handling
- winrm - Fix issue when attempting to parse CLIXML on send input failure
- xenserver_guest - fixed an issue where VM whould be powered off even though
check mode is used if reconfiguration requires VM to be powered off.
- xenserver_guest - proper error message is shown when maximum number of
network interfaces is reached and multiple network interfaces are added at
once.
- yum - Fix false error message about autoremove not being supported
- yum - fix failure when using ``update_cache`` standalone
- yum - handle special "_none_" value for proxy in yum.conf and .repo files
* Wed May 22 2019 Marcel Kuehlhorn <tux93@opensuse.org>
- Update to version 2.8.0
Major changes:
* Experimental support for Ansible Collections and content namespacing -
Ansible content can now be packaged in a collection and addressed via
namespaces. This allows for easier sharing, distribution, and installation
of bundled modules/roles/plugins, and consistent rules for accessing
specific content via namespaces.
* Python interpreter discovery - The first time a Python module runs on a
target, Ansible will attempt to discover the proper default Python
interpreter to use for the target platform/version (instead of immediately
defaulting to /usr/bin/python). You can override this behavior by
setting ansible_python_interpreter or via config.
(see https://github.com/ansible/ansible/pull/50163)
* become - The deprecated CLI arguments for --sudo, --sudo-user,
- -ask-sudo-pass, -su, --su-user, and --ask-su-pass have been removed, in
favor of the more generic --become, --become-user, --become-method, and
- -ask-become-pass.
* become - become functionality has been migrated to a plugin architecture,
to allow customization of become functionality and 3rd party become methods
(https://github.com/ansible/ansible/pull/50991)
- addresses CVE-2018-16859, CVE-2018-16876, CVE-2019-3828, CVE-2018-16837
For the full changelog see /usr/share/doc/packages/ansible/changelogs or online:
https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
Version: 2.8.1-12.1
* Sat Jun 08 2019 lars@linux-schulserver.de
- Update to version 2.8.1
Full changelog is at /usr/share/doc/packages/ansible/changelogs/
Bugfixes
- -------
- ACI - DO not encode query_string
- ACI modules - Fix non-signature authentication
- Add missing directory provided via ``--playbook-dir`` to adjacent collection loading
- Fix "Interface not found" errors when using eos_l2_interface with nonexistant
interfaces configured
- Fix cannot get credential when `source_auth` set to `credential_file`.
- Fix netconf_config backup string issue
- Fix privilege escalation support for the docker connection plugin when
credentials need to be supplied (e.g. sudo with password).
- Fix vyos cli prompt inspection
- Fixed loading namespaced documentation fragments from collections.
- Fixing bug came up after running cnos_vrf module against coverity.
- Properly handle data importer failures on PVC creation, instead of timing out.
- To fix the ios static route TC failure in CI
- To fix the nios member module params
- To fix the nios_zone module idempotency failure
- add terminal initial prompt for initial connection
- allow include_role to work with ansible command
- allow python_requirements_facts to report on dependencies containing dashes
- asa_config fix
- azure_rm_roledefinition - fix a small error in build scope.
- azure_rm_virtualnetworkpeering - fix cross subscriptions virtual network
peering.
- cgroup_perf_recap - When not using file_per_task, make sure we don't
prematurely close the perf files
- display underlying error when reporting an invalid ``tasks:`` block.
- dnf - fix wildcard matching for state: absent
- docker connection plugin - accept version ``dev`` as 'newest version' and
print warning.
- docker_container - ``oom_killer`` and ``oom_score_adj`` options are available
since docker-py 1.8.0, not 2.0.0 as assumed by the version check.
- docker_container - fix network creation when ``networks_cli_compatible`` is
enabled.
- docker_container - use docker API's ``restart`` instead of ``stop``/``start``
to restart a container.
- docker_image - if ``build`` was not specified, the wrong default for
``build.rm`` is used.
- docker_image - if ``nocache`` set to ``yes`` but not ``build.nocache``, the
module failed.
- docker_image - module failed when ``source: build`` was set but
``build.path`` options not specified.
- docker_network module - fix idempotency when using ``aux_addresses`` in
``ipam_config``.
- ec2_instance - make Name tag idempotent
- eos: don't fail modules without become set, instead show message and continue
- eos_config: check for session support when asked to 'diff_against: session'
- eos_eapi: fix idempotency issues when vrf was unspecified.
- fix bugs for ce - more info see
- fix incorrect uses of to_native that should be to_text instead.
- hcloud_volume - Fix idempotency when attaching a server to a volume.
- ibm_storage - Added a check for null fields in ibm_storage utils module.
- include_tasks - whitelist ``listen`` as a valid keyword
- k8s - resource updates applied with force work correctly now
- keep results subset also when not no_log.
- meraki_switchport - improve reliability with native VLAN functionality.
- netapp_e_iscsi_target - fix netapp_e_iscsi_target chap secret size and
clearing functionality
- netapp_e_volumes - fix workload profileId indexing when no previous workload
tags exist on the storage array.
- nxos_acl some platforms/versions raise when no ACLs are present
- nxos_facts fix <https://github.com/ansible/ansible/pull/57009>
- nxos_file_copy fix passwordless workflow
- nxos_interface Fix admin_state check for n6k
- nxos_snmp_traps fix group all for N35 platforms
- nxos_snmp_user fix platform fixes for get_snmp_user
- nxos_vlan mode idempotence bug
- nxos_vlan vlan names containing regex ctl chars should be escaped
- nxos_vtp_* modules fix n6k issues
- openssl_certificate - fix private key passphrase handling for
``cryptography`` backend.
- openssl_pkcs12 - fixes crash when private key has a passphrase and the module
is run a second time.
- os_stack - Apply tags conditionally so that the module does not throw up an
error when using an older distro of openstacksdk
- pass correct loading context to persistent connections other than local
- pkg_mgr - Ansible 2.8.0 failing to install yum packages on Amazon Linux
- postgresql - added initial SSL related tests
- postgresql - added missing_required_libs, removed excess param mapping
- postgresql - move connect_to_db and get_pg_version into
module_utils/postgres.py (https://github.com/ansible/ansible/pull/55514)
- postgresql_db - add note to the documentation about state dump and the
incorrect rc (https://github.com/ansible/ansible/pull/57297)
- postgresql_db - fix for postgresql_db fails if stderr contains output
- postgresql_ping - fixed a typo in the module documentation
- preserve actual ssh error when we cannot connect.
- route53_facts - the module did not advertise check mode support, causing it
not to be run in check mode.
- sysctl: the module now also checks the output of STDERR to report if values
are correctly set (https://github.com/ansible/ansible/pull/55695)
- ufw - correctly check status when logging is off
- uri - always return a value for status even during failure
- urls - Handle redirects properly for IPv6 address by not splitting on ``:``
and rely on already parsed hostname and port values
- vmware_vm_facts - fix the support with regular ESXi
- vyos_interface fix <https://github.com/ansible/ansible/pull/57169>
- we don't really need to template vars on definition as we do this on demand
in templating.
- win_acl - Fix qualifier parser when using UNC paths -
- win_hostname - Fix non netbios compliant name handling
- winrm - Fix issue when attempting to parse CLIXML on send input failure
- xenserver_guest - fixed an issue where VM whould be powered off even though
check mode is used if reconfiguration requires VM to be powered off.
- xenserver_guest - proper error message is shown when maximum number of
network interfaces is reached and multiple network interfaces are added at
once.
- yum - Fix false error message about autoremove not being supported
- yum - fix failure when using ``update_cache`` standalone
- yum - handle special "_none_" value for proxy in yum.conf and .repo files
* Wed May 22 2019 tux93@opensuse.org
- Update to version 2.8.0
Major changes:
* Experimental support for Ansible Collections and content namespacing -
Ansible content can now be packaged in a collection and addressed via
namespaces. This allows for easier sharing, distribution, and installation
of bundled modules/roles/plugins, and consistent rules for accessing
specific content via namespaces.
* Python interpreter discovery - The first time a Python module runs on a
target, Ansible will attempt to discover the proper default Python
interpreter to use for the target platform/version (instead of immediately
defaulting to /usr/bin/python). You can override this behavior by
setting ansible_python_interpreter or via config.
(see https://github.com/ansible/ansible/pull/50163)
* become - The deprecated CLI arguments for --sudo, --sudo-user,
- -ask-sudo-pass, -su, --su-user, and --ask-su-pass have been removed, in
favor of the more generic --become, --become-user, --become-method, and
- -ask-become-pass.
* become - become functionality has been migrated to a plugin architecture,
to allow customization of become functionality and 3rd party become methods
(https://github.com/ansible/ansible/pull/50991)
- addresses CVE-2018-16859, CVE-2018-16876, CVE-2019-3828, CVE-2018-16837
For the full changelog see /usr/share/doc/packages/ansible/changelogs or online:
https://github.com/ansible/ansible/blob/stable-2.8/changelogs/CHANGELOG-v2.8.rst
* Thu Apr 04 2019 michael@stroeder.com
- Update to version 2.7.10
Minor Changes
- Catch all connection timeout related exceptions and raise AnsibleConnectionError instead
- openssl_pkcs12, openssl_privatekey, openssl_publickey - These modules no longer delete the output file before starting to regenerate the output, or when generating the output failed.
Bugfixes
- Backport of https://github.com/ansible/ansible/pull/54105, pamd - fix idempotence issue when removing rules
- Use custom JSON encoder in conneciton.py so that ansible objects (AnsibleVaultEncryptedUnicode, for example) can be sent to the persistent connection process
- allow 'dict()' jinja2 global to function the same even though it has changed in jinja2 versions
- azure_rm inventory plugin - fix missing hostvars properties (https://github.com/ansible/ansible/pull/53046)
- azure_rm inventory plugin - fix no nic type in vmss nic. (https://github.com/ansible/ansible/pull/53496)
- deprecate {Get/Set}ManagerAttributes commands (https://github.com/ansible/ansible/issues/47590)
- flatpak_remote - Handle empty output in remote_exists, fixes https://github.com/ansible/ansible/issues/51481
- foreman - fix Foreman returning host parameters
- get_url - Fix issue with checksum validation when using a file to ensure we skip lines in the file that do not contain exactly 2 parts. Also restrict exception handling to the minimum number of necessary lines (https://github.com/ansible/ansible/issues/48790)
- grafana_datasource - Fixed an issue when running Python3 and using basic auth (https://github.com/ansible/ansible/issues/49147)
- include_tasks - Fixed an unexpected exception if no file was given to include.
- openssl_certificate - fix ``state=absent``.
- openssl_certificate, openssl_csr, openssl_pkcs12, openssl_privatekey, openssl_publickey - The modules are now able to overwrite write-protected files (https://github.com/ansible/ansible/issues/48656).
- openssl_dhparam - fix ``state=absent`` idempotency and ``changed`` flag.
- openssl_pkcs12, openssl_privatekey - These modules now accept the output file mode in symbolic form or as a octal string (https://github.com/ansible/ansible/issues/53476).
- openssl_publickey - fixed crash on Python 3 when OpenSSH private keys were used with passphrases.
- openstack inventory plugin: allow "constructed" functionality (``compose``, ``groups``, and ``keyed_groups``) to work as documented.
- random_mac - generate a proper MAC address when the provided vendor prefix is two or four characters (https://github.com/ansible/ansible/issues/50838)
- replace - fix behavior when ``before`` and ``after`` are used together (https://github.com/ansible/ansible/issues/31354)
- report correct CPU information on ARM systems (https://github.com/ansible/ansible/pull/52884)
- slurp - Fix issues when using paths on Windows with glob like characters, e.g. ``[``, ``]``
- ssh - Check the return code of the ssh process before raising AnsibleConnectionFailure, as the error message for the ssh process will likely contain more useful information. This will improve the missing interpreter messaging when using modules such as setup which have a larger payload to transfer when combined with pipelining. (https://github.com/ansible/ansible/issues/53487)
- tower_settings - 'name' and 'value' parameters are always required, module can not be used in order to get a setting
- win_acl - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_acl_inheritance - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_certificate_store - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_chocolatey - Fix incompatibilities with the latest release of Chocolatey ``v0.10.12+``
- win_copy - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_file - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_find - Ensure found files are sorted alphabetically by the path instead of it being random
- win_find - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_owner - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_psexec - Support executables with a space in the path
- win_reboot - Fix reboot command validation failure when running under the psrp connection plugin
- win_tempfile - Always return the full NTFS absolute path and not a DOS 8.3 path.
- win_user_right - Fix output containing non json data - https://github.com/ansible/ansible/issues/54413
- windows - Fixed various module utils that did not work with path that had glob like chars
- yum - fix disable_excludes on systems with yum rhn plugin enabled (https://github.com/ansible/ansible/issues/53134)
* Sun Mar 17 2019 michael@stroeder.com
- Update to version 2.7.9
Minor Changes
* Add missing import for ConnectionError in edge and routeros module_utils.
* ``to_yaml`` filter updated to maintain formatting consistency when used
with ``pyyaml`` versions 5.1 and later
(https://github.com/ansible/ansible/pull/53772)
* docker_image * set ``changed`` to ``false`` when using ``force: yes`` to
tag or push an image that ends up being identical to one already present on
the Docker host or Docker registry.
* jenkins_plugin * Set new default value for the update_url parameter
(https://github.com/ansible/ansible/issues/52086)
Bugfixes
* Fix bug where some inventory parsing tracebacks were missing or reported under the wrong plugin.
* Fix rabbitmq_plugin idempotence due to information message in new version of rabbitmq (https://github.com/ansible/ansible/pull/52166)
* Fixed KeyError issue in vmware_host_config_manager when a supported option isn't already set (https://github.com/ansible/ansible/issues/44561).
* Fixed issue related to --yaml flag in vmware_vm_inventory. Also fixed caching issue in vmware_vm_inventory (https://github.com/ansible/ansible/issues/52381).
* If large integers are passed as options to modules under Python 2, module argument parsing will reject them as they are of type ``long`` and not of type ``int``.
* allow nice error to work when auto plugin reads file w/o `plugin` field
* ansible-doc * Fix traceback on providing arguemnt --all to ansible-doc command
* azure_rm_virtualmachine_facts * fixed crash related to attached managed disks (https://github.com/ansible/ansible/issues/52181)
* basic * modify the correct variable when determining available hashing algorithms to avoid errors when md5 is not available (https://github.com/ansible/ansible/issues/51355)
* cloudscale * Fix compatibilty with Python3 in version 3.5 and lower.
* convert input into text to ensure valid comparisons in nmap inventory plugin
* dict2items * Allow dict2items to work with hostvars
* dnsimple * fixed a KeyError exception related to record types handling.
* docker_container * now returns warnings from docker daemon on container creation and updating.
* docker_swarm * Fixed node_id parameter not working for node removal (https://github.com/ansible/ansible/issues/53501)
* docker_swarm * do not crash with older docker daemons (https://github.com/ansible/ansible/issues/51175).
* docker_swarm * fixes idempotency for the ``ca_force_rotate`` option.
* docker_swarm * improve Swarm detection.
* docker_swarm * improve idempotency checking; ``rotate_worker_token`` and ``rotate_manager_token`` are now also used when all other parameters have not changed.
* docker_swarm * now supports docker-py 1.10.0 and newer for most operations, instead only docker 2.6.0 and newer.
* docker_swarm * properly implement check mode (it did apply changes).
* docker_swarm * the ``force`` option was ignored when ``state: present``.
* docker_swarm_service * do basic validation of ``publish`` option if specified (must be list of dicts).
* docker_swarm_service * don't crash when ``publish`` is not specified.
* docker_swarm_service * fix problem with docker daemons which do not return ``UpdateConfig`` in the swarm service spec.
* docker_swarm_service * the return value was documented as ``ansible_swarm_service``, but the module actually returned ``ansible_docker_service``. Documentation and code have been updated so that the variable is now called ``swarm_service``. In Ansible 2.7.x, the old name ``ansible_docker_service`` can still be used to access the result.
* ec2 * if the private_ip has been provided for the new network interface it shouldn't also be added to top level parameters for run_instances()
* fix DNSimple to ensure check works even when the number of records is larger than 100
* get_url * return no change in check mode when checksum matches
* inventory plugins * Fix creating groups from composed variables by getting the latest host variables
* inventory_aws_ec2 * fix no_log indentation so AWS temporary credentials aren't displayed in tests
* jenkins_plugin * Prevent plugin to be reinstalled when state=present (https://github.com/ansible/ansible/issues/43728)
* lvol * fixed ValueError when using float size (https://github.com/ansible/ansible/issues/32886, https://github.com/ansible/ansible/issues/29429)
* mysql * MySQLdb doesn't import the cursors module for its own purposes so it has to be imported in MySQL module utilities before it can be used in dependent modules like the proxysql module family.
* mysql * fixing unexpected keyword argument 'cursorclass' issue after migration from MySQLdb to PyMySQL.
* mysql_user: match backticks, single and double quotes when checking user privileges.
* onepassword_facts * Fixes issues which prevented this module working with 1Password CLI version 0.5.5 (or greater). Older versions of the CLI were deprecated by 1Password and will no longer function.
* openssl_certificate * ``has_expired`` correctly checks if the certificate is expired or not
* openssl_certificate * fix Python 3 string/bytes problems for `notBefore`/`notAfter` for self-signed and ownCA providers.
* openssl_certificate * make sure that extensions are actually present when their values should be checked.
* openssl_csr * improve ``subject`` validation.
* openssl_csr * improve error messages for invalid SANs.
* play order is now applied under all circumstances, fixes
* remote_management foreman * Fixed issue where it was impossible to createdelete a product because product was missing in dict choices ( https://github.com/ansible/ansible/issues/48594 )
* rhsm_repository * handle systems without any repos
* skip invalid plugin after warning in loader
* urpmi module * fixed issue
* win_certificate_store * Fix exception handling typo
* win_chocolatey * Fix issue when parsing a beta Chocolatey install * https://github.com/ansible/ansible/issues/52331
* win_chocolatey_source * fix bug where a Chocolatey source could not be disabled unless ``source`` was also set * https://github.com/ansible/ansible/issues/50133
* win_domain * Do not fail if DC is already promoted but a reboot is required, return ``reboot_required: True``
* win_domain * Fix when running without credential delegated authentication * https://github.com/ansible/ansible/issues/53182
* win_file * Fix issue when managing hidden files and directories * https://github.com/ansible/ansible/issues/42466
* winrm * attempt to recover from a WinRM send input failure if possible
* zabbix_hostmacro: fixes truncation of macro contexts that contain colons (see https://github.com/ansible/ansible/pull/51853)
New Plugins
* vmware_vm_inventory * VMware Guest inventory source
Version: 2.7.8-bp150.3.6.1
* Sat Mar 16 2019 Lars Vogdt <lars@linux-schulserver.de>
- update URL (use SSL version of the URL)
- prepare update for multiple releases (bsc#1102126, bsc#1109957)
* Sun Feb 24 2019 Michael Ströder <michael@stroeder.com>
- Update to version 2.7.8
Minor Changes:
* Raise AnsibleConnectionError on winrm connnection errors
Bugfixes:
* Backport of https://github.com/ansible/ansible/pull/46478 , fixes name collision in haproxy module
* Fix aws_ec2 inventory plugin code to automatically populate regions when missing as documentation states, also leverage config system vs self default/type validation
* Fix unexpected error when using Jinja2 native types with non-strict constructed keyed_groups (https://github.com/ansible/ansible/issues/52158).
* If an ios module uses a section filter on a device which does not support it, retry the command without the filter.
* acme_challenge_cert_helper * the module no longer crashes when the required ``cryptography`` library cannot be found.
* azure_rm_managed_disk_facts * added missing implementation of listing managed disks by resource group
* azure_rm_mysqlserver * fixed issues with passing parameters while updating existing server instance
* azure_rm_postgresqldatabase * fix force_update bug (https://github.com/ansible/ansible/issues/50978).
* azure_rm_postgresqldatabase * fix force_update bug.
* azure_rm_postgresqlserver * fixed issues with passing parameters while updating existing server instance
* azure_rm_sqlserver * fix for tags support
* azure_rm_virtualmachine * fixed several crashes in module
* azure_rm_virtualmachine_facts * fix crash when vm created from custom image
* azure_rm_virtualmachine_facts * fixed crash related to VM with managed disk attached
* ec2 * Correctly sets the end date of the Spot Instance request. Sets `ValidUntil` value in proper way so it will be auto-canceled through `spot_wait_timeout` interval.
* openssl_csr * fixes idempotence problem with PyOpenSSL backend when no Subject Alternative Names were specified.
* openstack inventory plugin * send logs from sdk to stderr so they do not combine with output
* psrp * do not display bootstrap wrapper for each module exec run
* redfish_utils * get standard properties for firmware entries (https://github.com/ansible/ansible/issues/49832)
* remote home directory * Disallow use of remote home directories that include relative pathing by means of `..` (CVE-2019-3828) (https://github.com/ansible/ansible/pull/52133)
* ufw * when using ``state: reset`` in check mode, ``ufw --dry-run reset`` was executed, which causes a loss of firewall rules. The ``ufw`` module was adjusted to no longer run ``ufw --dry-run reset`` to prevent this from happening.
* ufw: make sure that only valid values for ``direction`` are passed on.
* update GetBiosBootOrder to use standard Redfish resources (https://github.com/ansible/ansible/issues/47571)
* win become * Fix some scenarios where become failed to create an elevated process
* win_psmodule * the NuGet package provider will be updated, if needed, to avoid issue under adding a repository
* yum * Remove incorrect disable_includes error message when using disable_excludes (https://github.com/ansible/ansible/issues/51697)
* yum * properly handle a proxy config in yum.conf for an unauthenticated proxy
* Sat Feb 09 2019 Matthias Eliasson <matthias.eliasson@gmail.com>
- Update to version 2.7.7
Minor Changes:
* Allow check_mode with supports_generate_diff capability in cli_config. (https://github.com/ansible/ansible/pull/51417)
* Fixed typo in vmware documentation fragment. Changed "supported added" to "support added".
Bugfixes:
* All K8S_AUTH_* environment variables are now properly loaded by the k8s lookup plugin
* Change backup file globbing for network _config modules so backing up one host's config will not delete the backed up config of any host whose hostname is a subset of the first host's hostname (e.g., switch1 and switch11)
* Fixes bug where nios_a_record wasn't getting deleted if an uppercase named a_record was being passed. (https://github.com/ansible/ansible/pull/51539)
* aci_aaa_user - Fix setting user description (https://github.com/ansible/ansible/issues/51406)
* apt_repository - fixed failure under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
* archive - Fix check if archive is created in path to be removed
* azure_rm inventory plugin - fix azure batch request (https://github.com/ansible/ansible/pull/50006)
* cnos_backup - fixed syntax error (https://github.com/ansible/ansible/pull/47219)
* cnos_image - fixed syntax error (https://github.com/ansible/ansible/pull/47219)
* consul_kv - minor error-handling bugfix under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
* copy - align invocation in return value between check and normal mode
* delegate_facts - fix to work properly under block and include_role (https://github.com/ansible/ansible/pull/51553)
* docker_swarm_service - fix endpoint_mode and publish idempotency.
* ec2_instance - Correctly adds description when adding a single ENI to the instance
* ensure we have a XDG_RUNTIME_DIR, as it is not handled correctly by some privilege escalation configurations
* file - Allow state=touch on file the user does not own https://github.com/ansible/ansible/issues/50943
* fix ansible-pull hanlding of extra args, complex quoting is needed for inline JSON
* fix ansible_connect_timeout variable in network_cli,netconf,httpapi and nxos_install_os timeout check
* netapp_e_storagepool - fixed failure under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
* onepassword_facts - Fix an issue looking up some 1Password items which have a 'password' attribute alongside the 'fields' attribute, not inside it.
* prevent import_role from inserting dupe into roles: execution when duplicate signature role already exists in the section.
* reboot - Fix bug where the connection timeout was not reset in the same task after rebooting
* ssh connection - do not retry with invalid credentials to prevent account lockout (https://github.com/ansible/ansible/issues/48422)
* systemd - warn when exeuting in a chroot environment rather than failing (https://github.com/ansible/ansible/pull/43904)
* win_chocolatey - Fix hang when used with proxy for the first time - https://github.com/ansible/ansible/issues/47669
* win_power_plan - Fix issue where win_power_plan failed on newer Windows 10 builds - https://github.com/ansible/ansible/issues/43827
Version: 2.7.8-9.1
* Sat Mar 16 2019 lars@linux-schulserver.de
- update URL (use SSL version of the URL)
- prepare update for multiple releases (bsc#1102126, bsc#1109957)
* Sun Feb 24 2019 michael@stroeder.com
- Update to version 2.7.8
Minor Changes:
* Raise AnsibleConnectionError on winrm connnection errors
Bugfixes:
* Backport of https://github.com/ansible/ansible/pull/46478 , fixes name collision in haproxy module
* Fix aws_ec2 inventory plugin code to automatically populate regions when missing as documentation states, also leverage config system vs self default/type validation
* Fix unexpected error when using Jinja2 native types with non-strict constructed keyed_groups (https://github.com/ansible/ansible/issues/52158).
* If an ios module uses a section filter on a device which does not support it, retry the command without the filter.
* acme_challenge_cert_helper * the module no longer crashes when the required ``cryptography`` library cannot be found.
* azure_rm_managed_disk_facts * added missing implementation of listing managed disks by resource group
* azure_rm_mysqlserver * fixed issues with passing parameters while updating existing server instance
* azure_rm_postgresqldatabase * fix force_update bug (https://github.com/ansible/ansible/issues/50978).
* azure_rm_postgresqldatabase * fix force_update bug.
* azure_rm_postgresqlserver * fixed issues with passing parameters while updating existing server instance
* azure_rm_sqlserver * fix for tags support
* azure_rm_virtualmachine * fixed several crashes in module
* azure_rm_virtualmachine_facts * fix crash when vm created from custom image
* azure_rm_virtualmachine_facts * fixed crash related to VM with managed disk attached
* ec2 * Correctly sets the end date of the Spot Instance request. Sets `ValidUntil` value in proper way so it will be auto-canceled through `spot_wait_timeout` interval.
* openssl_csr * fixes idempotence problem with PyOpenSSL backend when no Subject Alternative Names were specified.
* openstack inventory plugin * send logs from sdk to stderr so they do not combine with output
* psrp * do not display bootstrap wrapper for each module exec run
* redfish_utils * get standard properties for firmware entries (https://github.com/ansible/ansible/issues/49832)
* remote home directory * Disallow use of remote home directories that include relative pathing by means of `..` (CVE-2019-3828) (https://github.com/ansible/ansible/pull/52133)
* ufw * when using ``state: reset`` in check mode, ``ufw --dry-run reset`` was executed, which causes a loss of firewall rules. The ``ufw`` module was adjusted to no longer run ``ufw --dry-run reset`` to prevent this from happening.
* ufw: make sure that only valid values for ``direction`` are passed on.
* update GetBiosBootOrder to use standard Redfish resources (https://github.com/ansible/ansible/issues/47571)
* win become * Fix some scenarios where become failed to create an elevated process
* win_psmodule * the NuGet package provider will be updated, if needed, to avoid issue under adding a repository
* yum * Remove incorrect disable_includes error message when using disable_excludes (https://github.com/ansible/ansible/issues/51697)
* yum * properly handle a proxy config in yum.conf for an unauthenticated proxy
* Sat Feb 09 2019 matthias.eliasson@gmail.com
- Update to version 2.7.7
Minor Changes:
* Allow check_mode with supports_generate_diff capability in cli_config. (https://github.com/ansible/ansible/pull/51417)
* Fixed typo in vmware documentation fragment. Changed "supported added" to "support added".
Bugfixes:
* All K8S_AUTH_* environment variables are now properly loaded by the k8s lookup plugin
* Change backup file globbing for network _config modules so backing up one host's config will not delete the backed up config of any host whose hostname is a subset of the first host's hostname (e.g., switch1 and switch11)
* Fixes bug where nios_a_record wasn't getting deleted if an uppercase named a_record was being passed. (https://github.com/ansible/ansible/pull/51539)
* aci_aaa_user - Fix setting user description (https://github.com/ansible/ansible/issues/51406)
* apt_repository - fixed failure under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
* archive - Fix check if archive is created in path to be removed
* azure_rm inventory plugin - fix azure batch request (https://github.com/ansible/ansible/pull/50006)
* cnos_backup - fixed syntax error (https://github.com/ansible/ansible/pull/47219)
* cnos_image - fixed syntax error (https://github.com/ansible/ansible/pull/47219)
* consul_kv - minor error-handling bugfix under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
* copy - align invocation in return value between check and normal mode
* delegate_facts - fix to work properly under block and include_role (https://github.com/ansible/ansible/pull/51553)
* docker_swarm_service - fix endpoint_mode and publish idempotency.
* ec2_instance - Correctly adds description when adding a single ENI to the instance
* ensure we have a XDG_RUNTIME_DIR, as it is not handled correctly by some privilege escalation configurations
* file - Allow state=touch on file the user does not own https://github.com/ansible/ansible/issues/50943
* fix ansible-pull hanlding of extra args, complex quoting is needed for inline JSON
* fix ansible_connect_timeout variable in network_cli,netconf,httpapi and nxos_install_os timeout check
* netapp_e_storagepool - fixed failure under Python 3.7 (https://github.com/ansible/ansible/pull/47219)
* onepassword_facts - Fix an issue looking up some 1Password items which have a 'password' attribute alongside the 'fields' attribute, not inside it.
* prevent import_role from inserting dupe into roles: execution when duplicate signature role already exists in the section.
* reboot - Fix bug where the connection timeout was not reset in the same task after rebooting
* ssh connection - do not retry with invalid credentials to prevent account lockout (https://github.com/ansible/ansible/issues/48422)
* systemd - warn when exeuting in a chroot environment rather than failing (https://github.com/ansible/ansible/pull/43904)
* win_chocolatey - Fix hang when used with proxy for the first time - https://github.com/ansible/ansible/issues/47669
* win_power_plan - Fix issue where win_power_plan failed on newer Windows 10 builds - https://github.com/ansible/ansible/issues/43827
* Sun Jan 20 2019 matthias.eliasson@gmail.com
- update to version 2.7.6
Minor Changes:
* Added documentation about using VMware dynamic inventory plugin.
* Fixed bug around populating host_ip in hostvars in vmware_vm_inventory.
* Image reference change in Azure VMSS is detected and applied correctly.
* docker_volume - reverted changed behavior of force, which was released in Ansible 2.7.1 to 2.7.5, and Ansible 2.6.8 to 2.6.11. Volumes are now only recreated if the parameters changed and force is set to true (instead of or). This is the behavior which has been described in the documentation all the time.
* set ansible_os_family from name variable in os-release
* yum and dnf can now handle installing packages from URIs that are proxy redirects and don't end in the .rpm file extension
Bugfixes:
* Added log message at -vvvv when using netconf connection listing connection details.
* Changes how ansible-connection names socket lock files. They now use the same name as the socket itself, and as such do not lock other attempts on connections to the same host, or cause issues with overly-long hostnames.
* Fix mandatory statement error for junos modules (https://github.com/ansible/ansible/pull/50138)
* Moved error in netconf connection plugin from at import to on connection.
* This reverts some changes from commit 723daf3. If a line is found in the file, exactly or via regexp matching, it must not be added again. insertafter/insertbefore options are used only when a line is to be inserted, to specify where it must be added.
* allow using openstack inventory plugin w/o a cache
* callbacks - Do not filter out exception, warnings, deprecations on failure when using debug (https://github.com/ansible/ansible/issues/47576)
* certificate_complete_chain - fix behavior when invalid file is parsed while reading intermediate or root certificates.
* copy - Ensure that the src file contents is converted to unicode in diff information so that it is properly wrapped by AnsibleUnsafeText to prevent unexpected templating of diff data in Python3 (https://github.com/ansible/ansible/issues/45717)
* correct behaviour of verify_file for vmware inventory plugin, it was always returning True
* dnf - fix issue where conf_file was not being loaded properly
* dnf - fix update_cache combined with install operation to not cause dnf transaction failure
* docker_container - fix network_mode idempotency if the container:<container-name> form is used (as opposed to container:<container-id>) (https://github.com/ansible/ansible/issues/49794)
* docker_container - warning when non-string env values are found, avoiding YAML parsing issues. Will be made an error in Ansible 2.8. (https://github.com/ansible/ansible/issues/49802)
* docker_swarm_service - Document labels and container_labels with correct type.
* docker_swarm_service - Document limit_memory and reserve_memory correctly on how to specify sizes.
* docker_swarm_service - Document minimal API version for configs and secrets.
* docker_swarm_service - fix use of Docker API so that services are not detected as present if there is an existing service whose name is a substring of the desired service
* docker_swarm_service - fixing falsely reporting update_order as changed when option is not used.
* document old option that was initally missed
* ec2_instance now respects check mode https://github.com/ansible/ansible/pull/46774
* fix for network_cli - ansible_command_timeout not working as expected (#49466)
* fix handling of firewalld port if protocol is missing
* fix lastpass lookup failure on python 3 (https://github.com/ansible/ansible/issues/42062)
* flatpak - Fixed Python 2/3 compatibility
* flatpak - Fixed issue where newer versions of flatpak failed on flatpak removal
* flatpak_remote - Fixed Python 2/3 compatibility
* gcp_compute_instance - fix crash when the instance metadata is not set
* grafana_dashboard - Fix a pair of unicode string handling issues with version checking (https://github.com/ansible/ansible/pull/49194)
* host execution order - Fix reverse_inventory not to change the order of the items before reversing on python2 and to not backtrace on python3
* icinga2_host - fixed the issue with not working use_proxy option of the module.
* influxdb_user - An unspecified password now sets the password to blank, except on existing users. This previously caused an unhandled exception.
* influxdb_user - Fixed unhandled exception when using invalid login credentials (https://github.com/ansible/ansible/issues/50131)
* openssl_* - fix error when path contains a file name without path.
* openssl_csr - fix problem with idempotency of keyUsage option.
* openssl_pkcs12 - now does proper path expansion for ca_certificates.
* os_security_group_rule - os_security_group_rule doesn't exit properly when secgroup doesn't exist and state=absent (https://github.com/ansible/ansible/issues/50057)
* paramiko_ssh - add auth_timeout parameter to ssh.connect when supported by installed paramiko version. This will prevent "Authentication timeout" errors when a slow authentication step (>30s) happens with a host (https://github.com/ansible/ansible/issues/42596)
* purefa_facts and purefb_facts now correctly adds facts into main ansible_fact dictionary (https://github.com/ansible/ansible/pull/50349)
* reboot - add appropriate commands to make the plugin work with VMware ESXi (https://github.com/ansible/ansible/issues/48425)
* reboot - add support for rebooting AIX (https://github.com/ansible/ansible/issues/49712)
* reboot - gather distribution information in order to support Alpine and other distributions (https://github.com/ansible/ansible/issues/46723)
* reboot - search common paths for the shutdown command and use the full path to the binary rather than depending on the PATH of the remote system (https://github.com/ansible/ansible/issues/47131)
* reboot - use a common set of commands for older and newer Solaris and SunOS variants (https://github.com/ansible/ansible/pull/48986)
* redfish_utils - fix reference to local variable 'systems_service'
* setup - fix the rounding of the ansible_memtotal_mb value on VMWare vm's (https://github.com/ansible/ansible/issues/49608)
* vultr_server - fixed multiple ssh keys were not handled.
* win_copy - Fix copy of a dir that contains an empty directory - https://github.com/ansible/ansible/issues/50077
* win_firewall_rule - Remove invalid 'bypass' action
* win_lineinfile - Fix issue where a malformed json block was returned causing an error
* win_updates - Correctly report changes on success
* Sun Dec 16 2018 matthias.eliasson@gmail.com
- update to version 2.7.5
Minor Changes:
* Add warning about falling back to jinja2_native=false when Jinja2 version is lower than 2.10.
* Change the position to search os-release since clearlinux new versions are providing /etc/os-release too
* Fixed typo in ansible-galaxy info command.
* Improve the deprecation message for squashing, to not give misleading advice
* Update docs and return section of vmware_host_service_facts module.
* ansible-galaxy: properly warn when git isn't found in an installed bin path instead of traceback
* dnf module properly load and initialize dnf package manager plugins
* docker_swarm_service: use docker defaults for the user parameter if it is set to null
Bugfixes:
* ACME modules: improve error messages in some cases (include error returned by server).
* Added unit test for VMware module_utils.
* Also check stdout for interpreter errors for more intelligent messages to user
* Backported support for Devuan-based distribution
* Convert hostvars data in OpenShift inventory plugin to be serializable by ansible-inventory
* Fix AttributeError (Python 3 only) when an exception occurs while rendering a template
* Fix N3K power supply facts (https://github.com/ansible/ansible/pull/49150).
* Fix NameError nxos_facts (https://github.com/ansible/ansible/pull/48981).
* Fix VMware module utils for self usage.
* Fix error in OpenShift inventory plugin when a pod has errored and is empty
* Fix if the route table changed to none (https://github.com/ansible/ansible/pull/49533)
* Fix iosxr netconf plugin response namespace (https://github.com/ansible/ansible/pull/49300)
* Fix issues with nxos_install_os module for nxapi (https://github.com/ansible/ansible/pull/48811).
* Fix lldp and cdp neighbors information (https://github.com/ansible/ansible/pull/48318)(https://github.com/ansible/ansible/pull/48087)(https://github.com/ansible/ansible/pull/49024).
* Fix nxos_interface and nxos_linkagg Idempotence issue (https://github.com/ansible/ansible/pull/46437).
* Fix traceback when updating facts and the fact cache plugin was nonfunctional
* Fix using vault encrypted data with jinja2_native (https://github.com/ansible/ansible/issues/48950)
* Fixed: Make sure that the files excluded when extracting the archive are not checked. https://github.com/ansible/ansible/pull/45122
* Fixes issue where a password parameter was not set to no_log
* Respect no_log on retry and high verbosity (CVE-2018-16876)
* aci_rest - Fix issue ignoring custom port
* acme_account, acme_account_facts - in some cases, it could happen that the modules return information on disabled accounts accidentally returned by the ACME server.
* docker_swarm - decreased minimal required API version from 1.35 to 1.25; some features require API version 1.30 though.
* docker_swarm_service: fails because of default "user: root" (https://github.com/ansible/ansible/issues/49199)
* ec2_metadata_facts - Parse IAM role name from the security credential field since the instance profile name is different
* fix azure_rm_image module use positional parameter (https://github.com/ansible/ansible/pull/49394)
* fixes an issue with dict_merge in network utils (https://github.com/ansible/ansible/pull/49474)
* gcp_utils - fix google auth scoping issue with application default credentials or google cloud engine credentials. Only scope credentials that can be scoped.
* mail - fix python 2.7 regression
* openstack - fix parameter handling when cloud provided as dict https://github.com/ansible/ansible/issues/42858
* os_user - Include domain parameter in user deletion https://github.com/ansible/ansible/issues/42901
* os_user - Include domain parameter in user lookup https://github.com/ansible/ansible/issues/42901
* ovirt_storage_connection - comparing passwords breaks idempotency in update_check (https://github.com/ansible/ansible/issues/48933)
* paramiko_ssh - improve log message to state the connection type
* reboot - use IndexError instead of TypeError in exception
* redis cache - Support version 3 of the redis python library (https://github.com/ansible/ansible/issues/49341)
* sensu_silence - Cast int for expire field to avoid call failure to sensu API.
* vmware_host_service_facts - handle exception when service package does not have package name.
* win_nssm - Switched to Argv-ToString for escaping NSSM credentials (https://github.com/ansible/ansible/issues/48728)
* zabbix_hostmacro - Added missing validate_certs logic for running module against Zabbix servers with untrused SSL certificates (https://github.com/ansible/ansible/issues/47611)
* zabbix_hostmacro - Fixed support for user macros with context (https://github.com/ansible/ansible/issues/46953)
* Sun Dec 02 2018 matthias.eliasson@gmail.com
- update to version 2.7.4
Bugfixes:
* powershell - add lib/ansible/executor/powershell to the packaging data
* Sun Dec 02 2018 matthias.eliasson@gmail.com
- update to version 2.7.3
Minor Changes:
* Document Path and Port are mutually exclusive parameters in wait_for module
* Puppet module remove --ignorecache to allow Puppet 6 support
* dnf properly support modularity appstream installation via overloaded group
modifier syntax
* proxmox_kvm - fix exception
* win_security_policy - warn users to use win_user_right instead when editing
Privilege Rights
Bugfixes:
* Fix the issue that FTD HTTP API retries authentication-related HTTP requests
* Fix the issue that module fails when the Swagger model does not have required fields
* Fix the issue with comparing string-like objects
* Fix using omit on play keywords
* Windows - prevent sensitive content from appearing in scriptblock logging (CVE-2018-16859)
* apt_key - Disable TTY requirement in GnuPG for the module to work correctly
when SSH pipelining is enabled
* better error message when bad type in config, deal with EVNAR= more gracefully
* configuration retrieval would fail on non primed plugins
* cs_template - Fixed a KeyError on state=extracted
* docker_container - fix idempotency problems with docker-py caused by previous
init idempotency fix
* docker_container - fix interplay of docker-py version check with argument_spec
validation improvements
* docker_network - driver_options containing Python booleans would cause Docker
to throw exceptions
* ec2_group - Fix comparison of determining which rules to purge by ignoring descriptions
* pip module - fix setuptools/distutils replacement
* sysvinit - enabling a service should use "defaults" if no runlevels are specified
* Wed Nov 28 2018 matthias.eliasson@gmail.com
- update to version 2.7.2
Minor changes:
* Fix documentation for cloning template
* Parsing plugin filter may raise TypeError, gracefully handle this
exception and let user know about the syntax error in plugin filter file
* Scenario guide for VMware HTTP API usage
* Update plugin filter documentation
* fix yum and dnf autoremove input sanitization to properly warn user if
invalid options passed and update documentation to match
* improve readability and fix privileges names on vmware scenario_clone_template
* k8s - updated module documentation to mention how to avoid SSL validation errors
* yum - when checking for updates, now properly include Obsoletes
(both old and new) package data in the module JSON output
Version: 2.7.6-bp150.3.3.1
* Sun Jan 20 2019 Matthias Eliasson <matthias.eliasson@gmail.com>
- update to version 2.7.6
Minor Changes:
* Added documentation about using VMware dynamic inventory plugin.
* Fixed bug around populating host_ip in hostvars in vmware_vm_inventory.
* Image reference change in Azure VMSS is detected and applied correctly.
* docker_volume - reverted changed behavior of force, which was released in Ansible 2.7.1 to 2.7.5, and Ansible 2.6.8 to 2.6.11. Volumes are now only recreated if the parameters changed and force is set to true (instead of or). This is the behavior which has been described in the documentation all the time.
* set ansible_os_family from name variable in os-release
* yum and dnf can now handle installing packages from URIs that are proxy redirects and don't end in the .rpm file extension
Bugfixes:
* Added log message at -vvvv when using netconf connection listing connection details.
* Changes how ansible-connection names socket lock files. They now use the same name as the socket itself, and as such do not lock other attempts on connections to the same host, or cause issues with overly-long hostnames.
* Fix mandatory statement error for junos modules (https://github.com/ansible/ansible/pull/50138)
* Moved error in netconf connection plugin from at import to on connection.
* This reverts some changes from commit 723daf3. If a line is found in the file, exactly or via regexp matching, it must not be added again. insertafter/insertbefore options are used only when a line is to be inserted, to specify where it must be added.
* allow using openstack inventory plugin w/o a cache
* callbacks - Do not filter out exception, warnings, deprecations on failure when using debug (https://github.com/ansible/ansible/issues/47576)
* certificate_complete_chain - fix behavior when invalid file is parsed while reading intermediate or root certificates.
* copy - Ensure that the src file contents is converted to unicode in diff information so that it is properly wrapped by AnsibleUnsafeText to prevent unexpected templating of diff data in Python3 (https://github.com/ansible/ansible/issues/45717)
* correct behaviour of verify_file for vmware inventory plugin, it was always returning True
* dnf - fix issue where conf_file was not being loaded properly
* dnf - fix update_cache combined with install operation to not cause dnf transaction failure
* docker_container - fix network_mode idempotency if the container:<container-name> form is used (as opposed to container:<container-id>) (https://github.com/ansible/ansible/issues/49794)
* docker_container - warning when non-string env values are found, avoiding YAML parsing issues. Will be made an error in Ansible 2.8. (https://github.com/ansible/ansible/issues/49802)
* docker_swarm_service - Document labels and container_labels with correct type.
* docker_swarm_service - Document limit_memory and reserve_memory correctly on how to specify sizes.
* docker_swarm_service - Document minimal API version for configs and secrets.
* docker_swarm_service - fix use of Docker API so that services are not detected as present if there is an existing service whose name is a substring of the desired service
* docker_swarm_service - fixing falsely reporting update_order as changed when option is not used.
* document old option that was initally missed
* ec2_instance now respects check mode https://github.com/ansible/ansible/pull/46774
* fix for network_cli - ansible_command_timeout not working as expected (#49466)
* fix handling of firewalld port if protocol is missing
* fix lastpass lookup failure on python 3 (https://github.com/ansible/ansible/issues/42062)
* flatpak - Fixed Python 2/3 compatibility
* flatpak - Fixed issue where newer versions of flatpak failed on flatpak removal
* flatpak_remote - Fixed Python 2/3 compatibility
* gcp_compute_instance - fix crash when the instance metadata is not set
* grafana_dashboard - Fix a pair of unicode string handling issues with version checking (https://github.com/ansible/ansible/pull/49194)
* host execution order - Fix reverse_inventory not to change the order of the items before reversing on python2 and to not backtrace on python3
* icinga2_host - fixed the issue with not working use_proxy option of the module.
* influxdb_user - An unspecified password now sets the password to blank, except on existing users. This previously caused an unhandled exception.
* influxdb_user - Fixed unhandled exception when using invalid login credentials (https://github.com/ansible/ansible/issues/50131)
* openssl_* - fix error when path contains a file name without path.
* openssl_csr - fix problem with idempotency of keyUsage option.
* openssl_pkcs12 - now does proper path expansion for ca_certificates.
* os_security_group_rule - os_security_group_rule doesn't exit properly when secgroup doesn't exist and state=absent (https://github.com/ansible/ansible/issues/50057)
* paramiko_ssh - add auth_timeout parameter to ssh.connect when supported by installed paramiko version. This will prevent "Authentication timeout" errors when a slow authentication step (>30s) happens with a host (https://github.com/ansible/ansible/issues/42596)
* purefa_facts and purefb_facts now correctly adds facts into main ansible_fact dictionary (https://github.com/ansible/ansible/pull/50349)
* reboot - add appropriate commands to make the plugin work with VMware ESXi (https://github.com/ansible/ansible/issues/48425)
* reboot - add support for rebooting AIX (https://github.com/ansible/ansible/issues/49712)
* reboot - gather distribution information in order to support Alpine and other distributions (https://github.com/ansible/ansible/issues/46723)
* reboot - search common paths for the shutdown command and use the full path to the binary rather than depending on the PATH of the remote system (https://github.com/ansible/ansible/issues/47131)
* reboot - use a common set of commands for older and newer Solaris and SunOS variants (https://github.com/ansible/ansible/pull/48986)
* redfish_utils - fix reference to local variable 'systems_service'
* setup - fix the rounding of the ansible_memtotal_mb value on VMWare vm's (https://github.com/ansible/ansible/issues/49608)
* vultr_server - fixed multiple ssh keys were not handled.
* win_copy - Fix copy of a dir that contains an empty directory - https://github.com/ansible/ansible/issues/50077
* win_firewall_rule - Remove invalid 'bypass' action
* win_lineinfile - Fix issue where a malformed json block was returned causing an error
* win_updates - Correctly report changes on success
* Sun Dec 16 2018 Matthias Eliasson <matthias.eliasson@gmail.com>
- update to version 2.7.5
Minor Changes:
* Add warning about falling back to jinja2_native=false when Jinja2 version is lower than 2.10.
* Change the position to search os-release since clearlinux new versions are providing /etc/os-release too
* Fixed typo in ansible-galaxy info command.
* Improve the deprecation message for squashing, to not give misleading advice
* Update docs and return section of vmware_host_service_facts module.
* ansible-galaxy: properly warn when git isn't found in an installed bin path instead of traceback
* dnf module properly load and initialize dnf package manager plugins
* docker_swarm_service: use docker defaults for the user parameter if it is set to null
Bugfixes:
* ACME modules: improve error messages in some cases (include error returned by server).
* Added unit test for VMware module_utils.
* Also check stdout for interpreter errors for more intelligent messages to user
* Backported support for Devuan-based distribution
* Convert hostvars data in OpenShift inventory plugin to be serializable by ansible-inventory
* Fix AttributeError (Python 3 only) when an exception occurs while rendering a template
* Fix N3K power supply facts (https://github.com/ansible/ansible/pull/49150).
* Fix NameError nxos_facts (https://github.com/ansible/ansible/pull/48981).
* Fix VMware module utils for self usage.
* Fix error in OpenShift inventory plugin when a pod has errored and is empty
* Fix if the route table changed to none (https://github.com/ansible/ansible/pull/49533)
* Fix iosxr netconf plugin response namespace (https://github.com/ansible/ansible/pull/49300)
* Fix issues with nxos_install_os module for nxapi (https://github.com/ansible/ansible/pull/48811).
* Fix lldp and cdp neighbors information (https://github.com/ansible/ansible/pull/48318)(https://github.com/ansible/ansible/pull/48087)(https://github.com/ansible/ansible/pull/49024).
* Fix nxos_interface and nxos_linkagg Idempotence issue (https://github.com/ansible/ansible/pull/46437).
* Fix traceback when updating facts and the fact cache plugin was nonfunctional
* Fix using vault encrypted data with jinja2_native (https://github.com/ansible/ansible/issues/48950)
* Fixed: Make sure that the files excluded when extracting the archive are not checked. https://github.com/ansible/ansible/pull/45122
* Fixes issue where a password parameter was not set to no_log
* Respect no_log on retry and high verbosity (CVE-2018-16876)
* aci_rest - Fix issue ignoring custom port
* acme_account, acme_account_facts - in some cases, it could happen that the modules return information on disabled accounts accidentally returned by the ACME server.
* docker_swarm - decreased minimal required API version from 1.35 to 1.25; some features require API version 1.30 though.
* docker_swarm_service: fails because of default "user: root" (https://github.com/ansible/ansible/issues/49199)
* ec2_metadata_facts - Parse IAM role name from the security credential field since the instance profile name is different
* fix azure_rm_image module use positional parameter (https://github.com/ansible/ansible/pull/49394)
* fixes an issue with dict_merge in network utils (https://github.com/ansible/ansible/pull/49474)
* gcp_utils - fix google auth scoping issue with application default credentials or google cloud engine credentials. Only scope credentials that can be scoped.
* mail - fix python 2.7 regression
* openstack - fix parameter handling when cloud provided as dict https://github.com/ansible/ansible/issues/42858
* os_user - Include domain parameter in user deletion https://github.com/ansible/ansible/issues/42901
* os_user - Include domain parameter in user lookup https://github.com/ansible/ansible/issues/42901
* ovirt_storage_connection - comparing passwords breaks idempotency in update_check (https://github.com/ansible/ansible/issues/48933)
* paramiko_ssh - improve log message to state the connection type
* reboot - use IndexError instead of TypeError in exception
* redis cache - Support version 3 of the redis python library (https://github.com/ansible/ansible/issues/49341)
* sensu_silence - Cast int for expire field to avoid call failure to sensu API.
* vmware_host_service_facts - handle exception when service package does not have package name.
* win_nssm - Switched to Argv-ToString for escaping NSSM credentials (https://github.com/ansible/ansible/issues/48728)
* zabbix_hostmacro - Added missing validate_certs logic for running module against Zabbix servers with untrused SSL certificates (https://github.com/ansible/ansible/issues/47611)
* zabbix_hostmacro - Fixed support for user macros with context (https://github.com/ansible/ansible/issues/46953)
* Sun Dec 02 2018 Matthias Eliasson <matthias.eliasson@gmail.com>
- update to version 2.7.4
Bugfixes:
* powershell - add lib/ansible/executor/powershell to the packaging data
* Sun Dec 02 2018 Matthias Eliasson <matthias.eliasson@gmail.com>
- update to version 2.7.3
Minor Changes:
* Document Path and Port are mutually exclusive parameters in wait_for module
* Puppet module remove --ignorecache to allow Puppet 6 support
* dnf properly support modularity appstream installation via overloaded group
modifier syntax
* proxmox_kvm - fix exception
* win_security_policy - warn users to use win_user_right instead when editing
Privilege Rights
Bugfixes:
* Fix the issue that FTD HTTP API retries authentication-related HTTP requests
* Fix the issue that module fails when the Swagger model does not have required fields
* Fix the issue with comparing string-like objects
* Fix using omit on play keywords
* Windows - prevent sensitive content from appearing in scriptblock logging (CVE-2018-16859)
* apt_key - Disable TTY requirement in GnuPG for the module to work correctly
when SSH pipelining is enabled
* better error message when bad type in config, deal with EVNAR= more gracefully
* configuration retrieval would fail on non primed plugins
* cs_template - Fixed a KeyError on state=extracted
* docker_container - fix idempotency problems with docker-py caused by previous
init idempotency fix
* docker_container - fix interplay of docker-py version check with argument_spec
validation improvements
* docker_network - driver_options containing Python booleans would cause Docker
to throw exceptions
* ec2_group - Fix comparison of determining which rules to purge by ignoring descriptions
* pip module - fix setuptools/distutils replacement
* sysvinit - enabling a service should use "defaults" if no runlevels are specified
* Wed Nov 28 2018 Matthias Eliasson <matthias.eliasson@gmail.com>
- update to version 2.7.2
Minor changes:
* Fix documentation for cloning template
* Parsing plugin filter may raise TypeError, gracefully handle this
exception and let user know about the syntax error in plugin filter file
* Scenario guide for VMware HTTP API usage
* Update plugin filter documentation
* fix yum and dnf autoremove input sanitization to properly warn user if
invalid options passed and update documentation to match
* improve readability and fix privileges names on vmware scenario_clone_template
* k8s - updated module documentation to mention how to avoid SSL validation errors
* yum - when checking for updates, now properly include Obsoletes
(both old and new) package data in the module JSON output
* Sat Oct 27 2018 sean@suspend.net
- update to 2.7.1
Minor changes:
* Fix yum module to properly check for empty conf_file value
* added capability to set the scheme for the consul_kv lookup
* added optional certificate and certificate validation for consul_kv lookups
* dnf - properly handle modifying the enable/disable excludes data field
* dnf appropriately handles disable_excludes repoid argument
* dnf proerly honors disable_gpg_check for local package installation
* fix yum module to handle list argument optional empty strings properly
* netconf_config - Make default_operation optional in netconf_config module
* yum - properly handle proxy password and username embedded in url
* yum/dnf - fail when space separated string of names
* Mon Oct 08 2018 sean@suspend.net
- update to 2.7.0
Major changes:
* Allow config to enable native jinja types
* Remove support for simplejson
* yum and dnf modules now at feature parity
Minor changes:
* Changed the prefix of all Vultr modules from vr to vultr
* Enable installroot tests for yum4(dnf) integration testing, dnf backend now supports that
* Fixed timer in exponential backoff algorithm in vmware.py
Bugfixes:
* Security Fix - avoid loading host/group vars from cwd when not specifying a playbook or playbook base dir
* Security Fix - avoid using ansible.cfg in a world writable dir
* Some connection exception would cause no_log specified on a task to be ignored (stdout info disclosure)
* Fix glob path of rc.d (SUSE-specific)
* Fix lambda_policy updates
* Fix alt linux detection/matching
* Tue Sep 11 2018 lars@linux-schulserver.de
- update to 2.6.4
Minor Changes:
* add azure_rm_storageaccount support to StorageV2 kind.
* import_tasks - Do not allow import_tasks to transition to dynamic
if the file is missing
Bugfixes:
* Add md5sum check in nxos_file_copy module
* Allow arbitrary log_driver for docker_container
* Fix Python2.6 regex bug terminal plugin nxos, iosxr
* Fix check_mode in nxos_static_route module
* Fix glob path of rc.d Some distribtuions like SUSE has the rc%.d
directories under /etc/init.d
* Fix network config diff issue for lines
* Fixed an issue where ansible_facts.pkg_mgr would incorrectly set
to zypper on Debian/Ubuntu systems that happened to have the
command installed
* The docker_* modules respect the DOCKER_* environment variables again
* The fix for CVE-2018-10875 prints out a warning message about
skipping a config file from a world writable current working directory.
However, if the user is in a world writable current working directory
which does not contain a config file, it should not print a warning
message. This release fixes that extaneous warning.
* To resolve nios_network issue where vendor-encapsulated-options
can not have a use_option flag.
* To resolve the issue of handling exception for Nios lookup gracefully.
* always correctly template no log for tasks
* ansible-galaxy - properly list all roles in roles_path
* basic.py - catch ValueError in case a FIPS enabled platform
raises this exception
* docker_container: fixing working_dir idempotency problem
* docker_container: makes unit parsing for memory sizes more consistent,
and fixes idempotency problem when kernel_memory is set
* fix example code for AWS lightsail documentation
* fix the enable_snat parameter that is only supposed to be used by
an user with the right policies.
* fixes docker_container check and debug mode
* improves docker_container idempotency
* ios_l2_interface - fix bug when list of vlans ends with comma
* ios_l2_interface - fix issue with certain interface types
* ios_user - fix unable to delete user admin issue
* ios_vlan - fix unable to work on certain interface types issue
* nxos_facts test lldp feature and fix nxapi check_rc
* nxos_interface port-channel idempotence fix for mode
* nxos_linkagg mode fix
* nxos_system idempotence fix
* nxos_vlan refactor to support non structured output
* one_host - fixes settings via environment variables
* use retry_json nxos_banner
* user - Strip trailing comments in /etc/default/passwd
* user - when creating a new user without an expiration date,
properly set no expiration rather that expirining the account
* win_domain_computer - fixed deletion of computer active directory
object that have dependent objects
* win_domain_computer - fixed error in diff_support
* win_domain_computer - fixed error when description parameter is empty
* win_psexec - changed code to not escape the command option when building the args
* win_uri -- Fix support for JSON output when charset is set
* win_wait_for - fix issue where timeout doesn't wait unless state=drained
* Mon Aug 27 2018 matthias.eliasson@gmail.com
- update to 2.6.3
Bugfixes:
* Fix lxd module to be idempotent when the given configuration for
the lxd container has not changed
* Fix setting value type to str to avoid conversion during template
read. Fix Idempotency in case of 'no key'.
* Fix the mount module's handling of swap entries in fstab
* The fix for (CVE-2018-10875) prints out a warning message about
skipping a config file from a world writable current working
directory. However, if the user explicitly specifies that the
config file should be used via the ANSIBLE_CONFIG environment
variable then Ansible would honor that but still print out the
warning message. This has been fixed so that Ansible honors the
user's explicit wishes and does not print a warning message in
that circumstance.
* To fix the bug where existing host_record was deleted when existing
record name is used with different IP.
* VMware handle pnic in proxyswitch
* fix azure security group cannot add rules when purge_rule set to false.
* fix azure_rm_deployment collect tags from existing Resource Group.
* fix azure_rm_loadbalancer_facts list takes at least 2 arguments.
* fix for the bundled selectors module (used in the ssh and local
connection plugins) when a syscall is restarted after being
interrupted by a signal
* get_url - fix the bug that get_url does not change mode when checksum matches
* nicer error when multiprocessing breaks
* openssl_certificate - Convert valid_date to bytes for conversion
* openstack_inventory.py dynamic inventory file fixed the plugin to the
script so that it will work with current ansible-inventory. Also
redirect stdout before dumping the ouptput, because not doing so will
cause JSON parse errors in some cases.
* slack callback - Fix invocation by looking up data from cli.options
* sysvinit module: handle values of optional parameters. Don't disable
service when enabled parameter isn't set. Fix command when arguments
parameter isn't set.
* vars_prompt - properly template play level variables in vars_prompt
* win_domain - ensure the Netlogon service is up and running after
promoting host to controller
* win_domain_controller - ensure the Netlogon service is up and running
after promoting host to controller
* Mon Jul 30 2018 lars@linux-schulserver.de
- update to 2.6.2
Minor Changes
+ Sceanrio guide for removing an existing virtual machine is added.
+ lineinfile - add warning when using an empty regexp
+ Restore module_utils.basic.BOOLEANS variable for backwards compatibility
with the module API in older ansible releases.
Bugfixes:
+ Add text output along with structured output in nxos_facts
+ Allow more than one page of results by using the right pagination
indicator ('NextMarker' instead of 'NextToken').
+ Fix an atomic_move error that is 'true', but misleading.
Now we show all 3 files involved and clarify what happened.
+ Fix eos_l2_interface eapi.
+ Fix fetching old style facts in junos_facts module
+ Fix get_device_info nxos zero or more whitespace regex
+ Fix nxos CI failures
+ Fix nxos_nxapi default http behavior
+ Fix nxos_vxlan_vtep_vni
+ Fix regex network_os_platform nxos
+ Refactor nxos cliconf get_device_info for non structured
output supported devices
+ To fix the NoneType error raised in ios_l2_interface when
Access Mode VLAN is unassigned
+ emtpy host/group name is an error
+ fix default SSL version for docker modules
+ fix mail module when using starttls
+ fix nmap config example
+ fix ps detection of service
+ fix the remote tmp folder permissions issue when becoming a non
admin user
+ fix typoe in sysvinit that breaks update.rc-d detection
+ fixes docker_container compatibilty with docker-py < 2.2
+ get_capabilities in nxapi module_utils should not return empty dictionary
+ inventory - When using an inventory directory, ensure extension
comparison uses text types
+ ios_vlan - fix unable to identify correct vlans issue
+ nxos_facts warning message improved
+ openvswitch_db - make 'key' argument optional
+ pause - do not set stdout to raw mode when redirecting to a file
+ pause - nest try except when importing curses to gracefully fail
if curses is not present
+ plugins/inventory/openstack.py - Do not create group with empty
name if region is not set
+ preseve delegation info on nolog
+ remove ambiguity when it comes to 'the source'
+ remove dupes from var precedence
+ restores filtering out conflicting facts
+ user - fix bug that resulted in module always reporting a change when
specifiying the home directory on FreeBSD
+ user - use correct attribute name in FreeBSD for creat_home
+ vultr - Do not fail trying to load configuration from ini files if
required variables have been set as environment variables.
+ vyos_command correcting conditionals looping
+ win_chocolatey - enable TLSv1.2 support when downloading the
Chocolatey installer
+ win_reboot - fix for handling an already scheduled reboot and other
minor log formatting issues
+ win_reboot - fix issue when overridding connection timeout hung
the post reboot uptime check
+ win_reboot - handle post reboots when running test_command
+ win_security_policy - allows an empty string to reset a policy value
+ win_share - discard any cmdlet output we don't use to ensure only the
return json is received by Ansible
+ win_unzip - discard any cmdlet output we don't use to ensure only the
return json is received by Ansible
+ win_updates - fixed module return value is lost in error in some cases
+ win_user - Use LogonUser to validate the password as it does not
rely on SMB/RPC to be available
+ Security Fix - avoid loading host/group vars from cwd when not
specifying a playbook or playbook base dir
+ Security Fix - avoid using ansible.cfg in a world writable dir.
+ Fix junos_config confirm commit timeout issue
(https://github.com/ansible/ansible/pull/41527)
+ file module - The touch subcommand had its diff output broken during
the 2.6.x development cycle. This is now fixed.
+ inventory manager - This fixes required options being populated before
the inventory config file is read, so the required options may be
set in the config file.
+ nsupdate - allow hmac-sha384 https://github.com/ansible/ansible/pull/42209
+ win_domain - fixes typo in one of the AD cmdlets
https://github.com/ansible/ansible/issues/41536
+ win_group_membership - uses the internal Ansible SID conversion logic
and uses that when comparing group membership instead of the name
- use fdupes to save some space in python_sitelib
- define BuildRoot on older distributions like SLE-11
- be a bit more flexible with the ending of manpage files to allow
Fedora builds to succeed
* Mon Jul 02 2018 mrueckert@suse.de
- revert some unneeded changes from spec-cleaner
* Mon Jul 02 2018 boris@steki.net
- updated to latest release 2.6.0
- New Plugins:
+ Callback:
- cgroup_memory_recap
- grafana_annotations
- sumologic
+ Connection:
- httpapi
+ Inventory:
- foreman
- gcp_compute
- generator
- nmap
+ Lookup:
- onepassword
- onepassword_raw
- Modules updates too many to mention here
please look at package documentation directory (/usr/share/doc/packages/.../changelogs)
- bug fixes:
- **Security Fix** - Some connection exceptions would cause no_log
specified on a task to be ignored. If this happened, the task information,
including any private information coul d have been displayed to stdout and
(if enabled, not the default) logged to a log file specified in
ansible.cfg's log_path. Additionally, sites which redirected stdout from
ansible runs to a log file may have stored that private information onto
disk that way as well. (https://github.com/ansible/ansible/pull/41414)
- Changed the admin_users config option to not include "admin" by default
as admin is frequently used for a non-privileged account
(https://github.com/ansible/ansible/pull/41164)
- Changed the output to "text" for "show vrf" command as default "json"
output format with respect to "eapi" transport was failing
(https://github.com/ansible/ansible/pull/41470)
- Document mode=preserve for both the copy and template module
- Fix added for Digital Ocean Volumes API change causing Ansible to
recieve an unexpected value in the response.
(https://github.com/ansible/ansible/pull/41431)
- Fix an encoding issue when parsing the examples from a plugins'
documentation
- Fix iosxr_config module to handle route-policy, community-set,
prefix-set, as-path-set and rd-set blocks. All these blocks are part of
route-policy language of iosxr.
- Fix mode=preserve with remote_src=True for the copy module
- Implement mode=preserve for the template module
- The yaml callback plugin now allows non-ascii characters to be
displayed.
- Various grafana_* modules - Port away from the deprecated
b64encodestring function to the b64encode function instead.
https://github.com/ansible/ansible/pull/38388
- added missing 'raise' to exception definition
https://github.com/ansible/ansible/pull/41690
- allow custom endpoints to be used in the aws_s3 module
(https://github.com/ansible/ansible/pull/36832)
- allow set_options to be called multiple times
https://github.com/ansible/ansible/pull/41913
- ansible-doc - fixed traceback on missing plugins
(https://github.com/ansible/ansible/pull/41167)
- cast the device_mapping volume size to an int in the ec2_ami module
(https://github.com/ansible/ansible/pull/40938)
- copy - fixed copy to only follow symlinks for files in the non-recursive case
- copy module - The copy module was attempting to change the mode of files
for remote_src=True even if mode was not set as a parameter. This
failed on filesystems which do not have permission bits
(https://github.com/ansible/ansible/pull/40099)
- copy module - fixed recursive copy with relative paths
(https://github.com/ansible/ansible/pull/40166)
- correct debug display for all cases
https://github.com/ansible/ansible/pull/41331
- correctly check hostvars for vars term
https://github.com/ansible/ansible/pull/41819
- correctly handle yaml inventory files when entries are null dicts
https://github.com/ansible/ansible/issues/41692
- dynamic includes - Allow inheriting attributes from static parents
(https://github.com/ansible/ansible/pull/38827)
- dynamic includes - Don't treat undefined vars for conditional includes
as truthy (https://github.com/ansible/ansible/pull/39377)
- dynamic includes - Fix IncludedFile comparison for free strategy
(https://github.com/ansible/ansible/pull/37083)
- dynamic includes - Improved performance by fixing re-parenting on copy
(https://github.com/ansible/ansible/pull/38747)
- dynamic includes - Use the copied and merged task for calculating task
vars (https://github.com/ansible/ansible/pull/39762)
- file - fixed the default follow behaviour of file to be true
- file module - Eliminate an error if we're asked to remove a file but
something removes it while we are processing the request
(https://github.com/ansible/ansible/pull/39466)
- file module - Fix error when recursively assigning permissions and a
symlink to a nonexistent file is present in the directory tree
(https://github.com/ansible/ansible/issues/39456)
- file module - Fix error when running a task which assures a symlink to a
nonexistent file exists for the second and subsequent times
(https://github.com/ansible/ansible/issues/39558)
- file module - The file module allowed the user to specify src as a
parameter when state was not link or hard. This is documented as only
applying to state=link or state=hard but in previous Ansible, this could
have an effect in rare cornercases. For instance, "ansible -m file -a
'state=directory path=/tmp src=/var/lib'" would create /tmp/lib. This
has been disabled and a warning emitted (will change to an error in
Ansible-2.10).
- file module - The touch subcommand had its diff output broken during the
2.6.x development cycle. This is now fixed
(https://github.com/ansible/ansible/issues/41755)
- fix BotoCoreError exception handling
- fix apt-mark on debian6 (https://github.com/ansible/ansible/pull/41530)
- fix async for the aws_s3 module by adding async support to the action
plugin (https://github.com/ansible/ansible/pull/40826)
- fix decrypting vault files for the aws_s3 module
(https://github.com/ansible/ansible/pull/39634)
- fix errors with S3-compatible APIs if they cannot use ACLs for buckets
or objects
- fix permission handling to try to download a file even if the user does
not have permission to list all objects in the bucket
- fixed config required handling, specifically for _terms in lookups
https://github.com/ansible/ansible/pull/41740
- gce_net - Fix sorting of allowed ports
(https://github.com/ansible/ansible/pull/41567)
- group_by - support implicit localhost
(https://github.com/ansible/ansible/pull/41860)
- import/include - Ensure role handlers have the proper parent, allowing
for correct attribute inheritance
(https://github.com/ansible/ansible/pull/39426)
- import_playbook - Pass vars applied to import_playbook into parsing of
the playbook as they may be needed to parse the imported plays
(https://github.com/ansible/ansible/pull/39521)
- include_role/import_role - Don't overwrite included role handlers with
play handlers on parse (https://github.com/ansible/ansible/pull/39563)
- include_role/import_role - Fix parameter templating
(https://github.com/ansible/ansible/pull/36372)
- include_role/import_role - Use the computed role name for
include_role/import_role so to diffentiate between names computed from
host vars (https://github.com/ansible/ansible/pull/39516)-
include_role/import_role - improved performance and recursion depth
(https://github.com/ansible/ansible/pull/36470)
- lineinfile - fix insertbefore when used with BOF to not insert duplicate
lines (https://github.com/ansible/ansible/issues/38219)
- password lookup - Do not load password lookup in network filters,
allowing the password lookup to be overriden
(https://github.com/ansible/ansible/pull/41907)
- pause - ensure ctrl+c interrupt works in all cases
(https://github.com/ansible/ansible/issues/35372)
- powershell - use the tmpdir set by `remote_tmp` for become/async tasks
instead of the generic $env:TEMP -
https://github.com/ansible/ansible/pull/40210
- selinux - correct check mode behavior to report same changes as normal
mode (https://github.com/ansible/ansible/pull/40721)
- spwd - With python 3.6 spwd.getspnam returns PermissionError instead of
KeyError if user does not have privileges
(https://github.com/ansible/ansible/issues/39472)
- synchronize - Ensure the local connection created by synchronize uses
_remote_is_local=True, which causes ActionBase to build a local tmpdir
(https://github.com/ansible/ansible/pull/40833)
- template - Fix for encoding issues when a template path contains
non-ascii characters and using the template path in ansible_managed
(https://github.com/ansible/ansible/issues/27262)
- template action plugin - fix the encoding of filenames to avoid
tracebacks on Python2 when characters that are not present in the user's
locale are present. (https://github.com/ansible/ansible/pull/39424)
- user - only change the expiration time when necessary
(https://github.com/ansible/ansible/issues/13235)
- uses correct conn info for reset_connection
https://github.com/ansible/ansible/issues/27520
- win_environment - Fix for issue where the environment value was deleted
when a null value or empty string was set -
https://github.com/ansible/ansible/issues/40450
- win_file - fix issue where special chars like [ and ] were not being
handled correctly https://github.com/ansible/ansible/pull/37901
- win_get_url - fixed a few bugs around authentication and force no when
using an FTP URL
- win_iis_webapppool - redirect some module output to null so Ansible can
read the output JSON https://github.com/ansible/ansible/issues/40874
- win_template - fix when specifying the dest option as a directory with
and without the trailing slash
https://github.com/ansible/ansible/issues/39886
- win_updates - Added the ability to run on a scheduled task for older
hosts so async starts working again -
https://github.com/ansible/ansible/issues/38364
- win_updates - Fix logic when using a whitelist for multiple updates
- win_updates - Fix typo that hid the download error when a download
failed
- win_updates - Fixed issue where running win_updates on async fails
without any error
- windows become - Show better error messages when the become process fails
- winrm - Add better error handling when the kinit process fails
- winrm - allow `ansible_user` or `ansible_winrm_user` to override
`ansible_ssh_user` when both are defined in an inventory -
https://github.com/ansible/ansible/issues/39844
- winrm - ensure pexpect is set to not echo the input on a failure and have
a manual sanity check afterwards
https://github.com/ansible/ansible/issues/41865
- winrm connection plugin - Fix exception messages sometimes raising a
traceback when the winrm connection plugin encounters an unrecoverable
error. https://github.com/ansible/ansible/pull/39333
- xenserver_facts - ensure module works with newer versions of XenServer
(https://github.com/ansible/ansible/pull/35821)
* Tue Jun 26 2018 mrueckert@suse.de
- use python3 on (open)SUSE 15 or newer
* Fri Jun 15 2018 kbabioch@suse.com
- Update to 2.5.5
- Fixed the honouration of the no_log option with failed task iterations
(CVE-2018-10855 boo#1097775)
- Bufixes:
- Changed the admin_users config option to not include "admin" by default
as admin is frequently used for a non-privileged account
- aws_s3 - add async support to the action plugin
- aws_s3 - fix decrypting vault files
- ec2_ami - cast the device_mapping volume size to an int
- eos_logging - fix idempotency issues
- cache plugins - A cache timeout of 0 means the cache will not expire.
- ios_logging - fix idempotency issues
- ios/nxos/eos_config - don't retrieve config in running_config when config is provided for diff
- nxos_banner - fix multiline banner issue
- nxos terminal plugin - fix output truncation
- nxos_l3_interface - fix no switchport issue with loopback and svi interfaces
- nxos_snapshot - fix compare_option
- Applied spec-cleaner
Version: 2.7.10-bp151.1.3
* Thu Apr 04 2019 Michael Ströder <michael@stroeder.com>
- Update to version 2.7.10
Minor Changes
- Catch all connection timeout related exceptions and raise AnsibleConnectionError instead
- openssl_pkcs12, openssl_privatekey, openssl_publickey - These modules no longer delete the output file before starting to regenerate the output, or when generating the output failed.
Bugfixes
- Backport of https://github.com/ansible/ansible/pull/54105, pamd - fix idempotence issue when removing rules
- Use custom JSON encoder in conneciton.py so that ansible objects (AnsibleVaultEncryptedUnicode, for example) can be sent to the persistent connection process
- allow 'dict()' jinja2 global to function the same even though it has changed in jinja2 versions
- azure_rm inventory plugin - fix missing hostvars properties (https://github.com/ansible/ansible/pull/53046)
- azure_rm inventory plugin - fix no nic type in vmss nic. (https://github.com/ansible/ansible/pull/53496)
- deprecate {Get/Set}ManagerAttributes commands (https://github.com/ansible/ansible/issues/47590)
- flatpak_remote - Handle empty output in remote_exists, fixes https://github.com/ansible/ansible/issues/51481
- foreman - fix Foreman returning host parameters
- get_url - Fix issue with checksum validation when using a file to ensure we skip lines in the file that do not contain exactly 2 parts. Also restrict exception handling to the minimum number of necessary lines (https://github.com/ansible/ansible/issues/48790)
- grafana_datasource - Fixed an issue when running Python3 and using basic auth (https://github.com/ansible/ansible/issues/49147)
- include_tasks - Fixed an unexpected exception if no file was given to include.
- openssl_certificate - fix ``state=absent``.
- openssl_certificate, openssl_csr, openssl_pkcs12, openssl_privatekey, openssl_publickey - The modules are now able to overwrite write-protected files (https://github.com/ansible/ansible/issues/48656).
- openssl_dhparam - fix ``state=absent`` idempotency and ``changed`` flag.
- openssl_pkcs12, openssl_privatekey - These modules now accept the output file mode in symbolic form or as a octal string (https://github.com/ansible/ansible/issues/53476).
- openssl_publickey - fixed crash on Python 3 when OpenSSH private keys were used with passphrases.
- openstack inventory plugin: allow "constructed" functionality (``compose``, ``groups``, and ``keyed_groups``) to work as documented.
- random_mac - generate a proper MAC address when the provided vendor prefix is two or four characters (https://github.com/ansible/ansible/issues/50838)
- replace - fix behavior when ``before`` and ``after`` are used together (https://github.com/ansible/ansible/issues/31354)
- report correct CPU information on ARM systems (https://github.com/ansible/ansible/pull/52884)
- slurp - Fix issues when using paths on Windows with glob like characters, e.g. ``[``, ``]``
- ssh - Check the return code of the ssh process before raising AnsibleConnectionFailure, as the error message for the ssh process will likely contain more useful information. This will improve the missing interpreter messaging when using modules such as setup which have a larger payload to transfer when combined with pipelining. (https://github.com/ansible/ansible/issues/53487)
- tower_settings - 'name' and 'value' parameters are always required, module can not be used in order to get a setting
- win_acl - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_acl_inheritance - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_certificate_store - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_chocolatey - Fix incompatibilities with the latest release of Chocolatey ``v0.10.12+``
- win_copy - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_file - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_find - Ensure found files are sorted alphabetically by the path instead of it being random
- win_find - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_owner - Fix issues when using paths with glob like characters, e.g. ``[``, ``]``
- win_psexec - Support executables with a space in the path
- win_reboot - Fix reboot command validation failure when running under the psrp connection plugin
- win_tempfile - Always return the full NTFS absolute path and not a DOS 8.3 path.
- win_user_right - Fix output containing non json data - https://github.com/ansible/ansible/issues/54413
- windows - Fixed various module utils that did not work with path that had glob like chars
- yum - fix disable_excludes on systems with yum rhn plugin enabled (https://github.com/ansible/ansible/issues/53134)
* Sun Mar 17 2019 Michael Ströder <michael@stroeder.com>
- Update to version 2.7.9
Minor Changes
* Add missing import for ConnectionError in edge and routeros module_utils.
* ``to_yaml`` filter updated to maintain formatting consistency when used
with ``pyyaml`` versions 5.1 and later
(https://github.com/ansible/ansible/pull/53772)
* docker_image * set ``changed`` to ``false`` when using ``force: yes`` to
tag or push an image that ends up being identical to one already present on
the Docker host or Docker registry.
* jenkins_plugin * Set new default value for the update_url parameter
(https://github.com/ansible/ansible/issues/52086)
Bugfixes
* Fix bug where some inventory parsing tracebacks were missing or reported under the wrong plugin.
* Fix rabbitmq_plugin idempotence due to information message in new version of rabbitmq (https://github.com/ansible/ansible/pull/52166)
* Fixed KeyError issue in vmware_host_config_manager when a supported option isn't already set (https://github.com/ansible/ansible/issues/44561).
* Fixed issue related to --yaml flag in vmware_vm_inventory. Also fixed caching issue in vmware_vm_inventory (https://github.com/ansible/ansible/issues/52381).
* If large integers are passed as options to modules under Python 2, module argument parsing will reject them as they are of type ``long`` and not of type ``int``.
* allow nice error to work when auto plugin reads file w/o `plugin` field
* ansible-doc * Fix traceback on providing arguemnt --all to ansible-doc command
* azure_rm_virtualmachine_facts * fixed crash related to attached managed disks (https://github.com/ansible/ansible/issues/52181)
* basic * modify the correct variable when determining available hashing algorithms to avoid errors when md5 is not available (https://github.com/ansible/ansible/issues/51355)
* cloudscale * Fix compatibilty with Python3 in version 3.5 and lower.
* convert input into text to ensure valid comparisons in nmap inventory plugin
* dict2items * Allow dict2items to work with hostvars
* dnsimple * fixed a KeyError exception related to record types handling.
* docker_container * now returns warnings from docker daemon on container creation and updating.
* docker_swarm * Fixed node_id parameter not working for node removal (https://github.com/ansible/ansible/issues/53501)
* docker_swarm * do not crash with older docker daemons (https://github.com/ansible/ansible/issues/51175).
* docker_swarm * fixes idempotency for the ``ca_force_rotate`` option.
* docker_swarm * improve Swarm detection.
* docker_swarm * improve idempotency checking; ``rotate_worker_token`` and ``rotate_manager_token`` are now also used when all other parameters have not changed.
* docker_swarm * now supports docker-py 1.10.0 and newer for most operations, instead only docker 2.6.0 and newer.
* docker_swarm * properly implement check mode (it did apply changes).
* docker_swarm * the ``force`` option was ignored when ``state: present``.
* docker_swarm_service * do basic validation of ``publish`` option if specified (must be list of dicts).
* docker_swarm_service * don't crash when ``publish`` is not specified.
* docker_swarm_service * fix problem with docker daemons which do not return ``UpdateConfig`` in the swarm service spec.
* docker_swarm_service * the return value was documented as ``ansible_swarm_service``, but the module actually returned ``ansible_docker_service``. Documentation and code have been updated so that the variable is now called ``swarm_service``. In Ansible 2.7.x, the old name ``ansible_docker_service`` can still be used to access the result.
* ec2 * if the private_ip has been provided for the new network interface it shouldn't also be added to top level parameters for run_instances()
* fix DNSimple to ensure check works even when the number of records is larger than 100
* get_url * return no change in check mode when checksum matches
* inventory plugins * Fix creating groups from composed variables by getting the latest host variables
* inventory_aws_ec2 * fix no_log indentation so AWS temporary credentials aren't displayed in tests
* jenkins_plugin * Prevent plugin to be reinstalled when state=present (https://github.com/ansible/ansible/issues/43728)
* lvol * fixed ValueError when using float size (https://github.com/ansible/ansible/issues/32886, https://github.com/ansible/ansible/issues/29429)
* mysql * MySQLdb doesn't import the cursors module for its own purposes so it has to be imported in MySQL module utilities before it can be used in dependent modules like the proxysql module family.
* mysql * fixing unexpected keyword argument 'cursorclass' issue after migration from MySQLdb to PyMySQL.
* mysql_user: match backticks, single and double quotes when checking user privileges.
* onepassword_facts * Fixes issues which prevented this module working with 1Password CLI version 0.5.5 (or greater). Older versions of the CLI were deprecated by 1Password and will no longer function.
* openssl_certificate * ``has_expired`` correctly checks if the certificate is expired or not
* openssl_certificate * fix Python 3 string/bytes problems for `notBefore`/`notAfter` for self-signed and ownCA providers.
* openssl_certificate * make sure that extensions are actually present when their values should be checked.
* openssl_csr * improve ``subject`` validation.
* openssl_csr * improve error messages for invalid SANs.
* play order is now applied under all circumstances, fixes
* remote_management foreman * Fixed issue where it was impossible to createdelete a product because product was missing in dict choices ( https://github.com/ansible/ansible/issues/48594 )
* rhsm_repository * handle systems without any repos
* skip invalid plugin after warning in loader
* urpmi module * fixed issue
* win_certificate_store * Fix exception handling typo
* win_chocolatey * Fix issue when parsing a beta Chocolatey install * https://github.com/ansible/ansible/issues/52331
* win_chocolatey_source * fix bug where a Chocolatey source could not be disabled unless ``source`` was also set * https://github.com/ansible/ansible/issues/50133
* win_domain * Do not fail if DC is already promoted but a reboot is required, return ``reboot_required: True``
* win_domain * Fix when running without credential delegated authentication * https://github.com/ansible/ansible/issues/53182
* win_file * Fix issue when managing hidden files and directories * https://github.com/ansible/ansible/issues/42466
* winrm * attempt to recover from a WinRM send input failure if possible
* zabbix_hostmacro: fixes truncation of macro contexts that contain colons (see https://github.com/ansible/ansible/pull/51853)
New Plugins
* vmware_vm_inventory * VMware Guest inventory source
Version: 2.5.1-bp150.2.4
* Tue Apr 24 2018 lars@linux-schulserver.de
- Update to 2.5.1
Minor Changes
+ Updated example in vcenter_license module.
+ Updated virtual machine facts with instanceUUID which is unique
for each VM irrespective of name and BIOS UUID.
+ A lot of Bugfixes, please refer to the Changelog installed in
/usr/share/doc/packages/ansible/changelogs/CHANGELOG-v2.5.rst
* Tue Mar 27 2018 lars@linux-schulserver.de
- Update to 2.5.0:
Major Changes
* Ansible Network improvements
+ Created new connection plugins network_cli and netconf to replace
connection=local. connection=local will continue to work for a
number of Ansible releases.
+ No more unable to open shell. A clear and descriptive message will
be displayed in normal ansible-playbook output without needing to enable debug mode
+ Loads of documentation, see Ansible for Network Automation Documentation.
+ Refactor common network shared code into package under module_utils/network/
+ Filters: Add a filter to convert XML response from a network device to JSON object.
+ Loads of bug fixes.
+ Plus lots more.
* New simpler and more intuitive 'loop' keyword for task loops. The
with_<lookup> loops will likely be deprecated in the near future
and eventually removed.
* Added fact namespacing; from now on facts will be available under
ansible_facts namespace (for example: ansible_facts.os_distribution)
without the ansible_ prefix. They will continue to be added into the
main namespace directly, but now with a configuration toggle to enable
this. This is currently on by default, but in the future it will default to off.
* Added a configuration file that a site administrator can use to
specify modules to exclude from being used.
Minor Changes
* please refer to /share/doc/packages/ansible/changelogs/CHANGELOG-v2.5.rst
Deprecated Features
* Previously deprecated 'hostfile' config settings have been 're-deprecated'
because previously code did not warn about deprecated configuration settings.
* Using Ansible-provided Jinja tests as filters is deprecated and will
be removed in Ansible 2.9.
* The stat and win_stat modules have deprecated get_md5 and the md5 return
values. These options will become undocumented in Ansible 2.9 and
removed in a later version.
* The redis_kv lookup has been deprecated in favor of new redis lookup
* Passing arbitrary parameters that begin with HEADER_ to the uri module,
used for passing http headers, is deprecated. Use the headers parameter
with a dictionary of header names to value instead.
This will be removed in Ansible 2.9
* Passing arbitrary parameters to the zfs module to set zfs properties is
deprecated. Use the extra_zfs_properties parameter with a dictionary of
property names to values instead. This will be removed in Ansible 2.9.
* Use of the AnsibleModule parameter check\_invalid\_arguments in custom
modules is deprecated. In the future, all parameters will be checked to
see whether they are listed in the arg spec and an error raised if they
are not listed. This behaviour is the current and future default so most
custom modules can simply remove check\_invalid\_arguments if they set it
to the default value of True. The check\_invalid\_arguments parameter
will be removed in Ansible 2.9.
* The nxos_ip_interface module is deprecated in Ansible 2.5.
Use nxos_l3_interface module instead.
* The nxos_portchannel module is deprecated in Ansible 2.5.
Use nxos_linkagg module instead.
* The nxos_switchport module is deprecated in Ansible 2.5.
Use nxos_l2_interface module instead.
* The ec2_ami_find has been deprecated; use ec2_ami_facts instead.
* panos_security_policy: Use panos_security_rule - the old module uses
deprecated API calls
* vsphere_guest is deprecated in Ansible 2.5 and will be removed in
Ansible-2.9. Use vmware_guest module instead.
Removed Features (previously deprecated)
* accelerate.
* boundary_meter: There was no deprecation period for this but the hosted
service it relied on has gone away so the module has been removed. #29387
* cl_ : cl_interface, cl_interface_policy, cl_bridge, cl_img_install,
cl_ports, cl_license, cl_bond. Use nclu instead
* docker. Use docker_container and docker_image instead.
* ec2_vpc.
* ec2_ami_search, use ec2_ami_facts instead.
* nxos_mtu. Use nxos_system's system_mtu option instead.
To specify an interface's MTU use nxos_interface.
* panos_nat_policy: Use panos_nat_rule the old module uses
deprecated API calls
- also package the changelogs directory below
/usr/share/doc/packages/ansible/ for better reference
* Tue Mar 06 2018 lars@linux-schulserver.de
- License changed to GPL-3.0-or-later, as mentioned in the source
(former license focues on GPL-3.0 only)
* Fri Feb 16 2018 tbechtold@suse.com
- Add python-passlib as Requires (bsc#1080682)
passlib is needed for the "vars_prompt" feature of ansible
* Sun Feb 04 2018 mardnh@gmx.de
- Update to version 2.4.3.0:
* Fix `pamd` rule args regexp to match file paths.
* Check if SELinux policy exists before setting.
* Set locale to `C` in `letsencrypt` module to fix date parsing
errors.
* Fix include in loop when stategy=free.
* Fix save parameter in asa_config.
* Fix --vault-id support in ansible-pull.
* In nxos_interface_ospf, fail nicely if loopback is used with
passive_interface.
* Fix quote filter when given an integer to quote.
* nxos_vrf_interface fix when validating the interface.
* Fix for win_copy when sourcing files from an SMBv1 share.
* correctly report callback plugin file.
* restrict revaulting to vault cli.
* Fix python3 tracebacks in letsencrypt module.
* Fix ansible_*_interpreter variables to be templated prior to
being used.
* Fix setting of environment in a task that uses a loop
* Fix fetch on Windows failing to fetch files or particular
block size.
* preserve certain fields during no log.
* fix issue with order of declaration of sections in ini
inventory.
* Fix win_iis_webapppool to correctly stop a apppool.
* Fix CloudEngine host failed.
* Fix ios_config save issue.
* Handle vault filenames with nonascii chars when displaying
messages.
* Fix win_iis_webapppool to not return passwords.
* Fix extended file attributes detection and changing.
* correctly ensure 'ungrouped' membership rules.
* made warnings less noisy when empty/no inventory is supplied.
* Fixes a failure which prevents to create servers in module
cloudscale_server.
* Fix win_firewall_rule "Specified cast is invalid" error when
modifying a rule with all of Domain/Public/Private profiles set.
* Fix case for multilib when installing from a file in the yum
module.
* Fix WinRM parsing/escaping of IPv6 addresses.
* Fix win_package to detect MSI regardless of the extension case.
* Updated win_mapped_drive docs to clarify what it is used for.
* Fix file related modules run in check_mode when the file being
operated on does not exist.
* Make eos_vlan idempotent.
* Fix win_iis_website to properly check attributes before setting.
* Fixed the removal date for ios_config save and force parameters.
* cloudstack: fix timeout from ini config file being ignored.
* fixes memory usage issues with many blocks/includes.
* Fixes maximum recursion depth exceeded with include_role.
* Fix to win_dns_client module to take ordering of DNS servers to
resolve into account.
* Fix for the nxos_banner module where some nxos images nest the
output inside of an additional dict.
* Fix failure message "got multiple values for keyword argument
id" in the azure_rm_securitygroup module (caused by changes to
the azure python API).
* Bump Azure storage client minimum to 1.5.0 to fix
deserialization issues.
This will break Azure Stack until it receives storage API
version 2017-10-01 or changes are made to support multiple
versions.
* Flush stdin when passing the become password. Fixes some cases
of timeout on Python 3 with the ssh connection plugin.
* Thu Nov 30 2017 tbechtold@suse.com
update to version v2.4.2.0:
* lock azure containerservice to below 2.0.0
* ovirt_host_networks: Fix label assignment
* Fix vault --ask-vault-pass with no tty (#31493)
* cherry-pick changes of azure_rm_common from devel to 2.4 (#32607)
* Fixes #31090. In network parse_cli filter plugin, this change moves the creation of a (#31092) (#32458)
* Use an abspath for network inventory ssh key path.
* Remove toLower on source (#31983)
* Add k8s_common.py logging fixes to the changelog
* inserts enable cmd hash with auth_pass used (#32107)
* Fix exception upon display.warn() (#31876)
* ios_system: Fix typo in unit test (#32284)
* yum: use the C locale when screen scraping (#32203)
* Use region derived from get_aws_connection_info() in dynamodb_table to fix tagging bug (#32557)
* fix item var in delegation (#32986)
* Add changelog entry for elb_application_lb fix
* Add a validate example to blockinfile. (#32088)
* Correct formatting --arguments (#31808)
* Add changelog for URI/get_url fix
* [cloud] Bugfix for aws_s3 empty directory creation (#32198)
* Fix junos integration test fixes as per connection refactor (#33050) (#33055)
* Update win_copy for #32677 (#32682)
* ios_interface testfix (#32381)
* Add proper check mode support to the script module (#31852)
* Add galaxy --force fix to changelog
* Fix non-ascii errors in config manager
* Add python3 urllib fixes to changelog
* Add changelog entry for the stdin py3 fix
* Update version info for the 2.4.2 release
* Add max_fail_percentage fix to changelog
* Changelog entry for script inventory plugin fix.
* Make RPM spec compatible with RHEL 6 (#31653)
* Add changelog entry for the yum locale fix
* Use vyos/1.1.8 in CI.
* Fix patching to epel package
* Pass proper error value to to_text (#33030)
* Fix and re-enable zypper* integration tests in CI.
* avoid chroot paths (#32778)
* Add changelog entry for inventory nonascii paths fix
* Fix ios_config integration test failures (#32959) (#32970)
* Fix ios_config file prompt issue (#32744) (#32780)
* Mdd module unit test docs (#31373)
* dont add all group vars to implicit on create
* Fix nxos_banner removal idempotence issue in N1 images (#31259)
* Clarify the release and maintenance cycle (#32402)
* Add ansible_distribution_major_version to macOS (#31708)
* Docs (#32718)
* Keep newlines when reading LXC container config file (#32219)
* Updated changelog for vmware logon error handling
* New release v2.4.2.0-0.2.beta2
* added doc notes about vars plugins in precedence
* revert module_utils/nxos change from #32846 (#32956)
* [cloud] add boto3 requirement to `cloudformation` module docs (#31135)
* Fixes #31056 (#31057)
* - Fix logging module issue where facility is being deleted along with host (#32234)
* Get the moid in a more failsafe manner (#32671)
* Integration Tests only: add static route, snmp_user, snapshot and hsrp it cases (#28933)
* Add the change to when we escape backslashes (for the template lookup plugin) to changelog
* correctly deal with changed (#31812)
* Add the template lookup escaping to the 2.4 porting guide (#32760)
* tests for InventoryModule error conditions (#31381)
* Disable pylint rules for stable-2.4.
* fix typo
* Enable TLS1.1 and TLS1.2 for win_package (#32184)
* Add remove host fix to changelog
* ios_interface provider issue testfix (#32335)
* win_service: quoted path fix (#32469)
* Add changes to succeeded/failed tests to the 2.4 porting guide (#33201)
* Run OS X tests in 3 groups in CI.
* ini inventory: document value parsing workaround
* Change netconf port in testcase as per test enviornment (#32883) (#32889)
* fix inventory loading for ansible-doc
* jsonify inventory (#32990)
* firewalld: don't reference undefined variable in error case (#31949)
* change ports to non well known ports and drop time_range for N1 (#31261)
* make vars only group declarations an error
* Add changelog for os_floating_ip fix
* Fix example on comparing master config (#32406)
* py2/py3 safer shas on hostvars (#31788)
* ensure we always have a basedir
* Add missing ansible-test --remote-terminate support. (#32918)
* Use show command to support wider platform set for nxos_interface module (#33037)
* ios_logging: change IOS command pipe to section to include (#33100) (#33116)
* win_find: allow module to skip on files it fails to check (#32105)
* New release v2.4.2.0-0.4.beta4
* multiple nxos fixes (#32905)
* Add changelog entry for git archive fix
* Add changelog entries for a myriad of 2.4.2 bugfixes
* iosxr integration testfix (#32344)
* Fix #31694: running with closed stdin on python 3 (#31695)
* Add eos_user fix to changelog
* updated changelog with win_find fix
* Added urls python3 fix to changelog
* [cloud] Support changeset_name parameter on CloudFormation stack create (#31436)
* use configured ansible_shell_executable
* New release v2.4.2.0-0.3.beta3
* Fix ec2_lc failing to create multi-volume configurations (#32191)
* Changelog win_package TLS fix
* Fix wrong prompt issue for network modules (#32426) (#32442)
* New release v2.4.2.0-0.1.beta1
* Exclude stack policy when running in check mode.
* change inventory_hostname to ansible_host to fix test (#32890) (#32891)
* Add azure_rm_acs check mode fix
* Updated changelog for win_copy fix
* corrected package docs
* make sure patterns are strings
* Add more bugfixes to changelog
* Fix junos netconf port issue in integration test (#32610) (#32668)
* fixed .loads error for non decoded json in Python 3 (#32065)
* nxos_config and nxos_facts - fixes for N35 platform. (#32762) (#32875)
* Add changelog entry for #32219
* Remove provider from ios integration test (#31037) (#32230)
* added note about serial behaviour (#32461)
* Fixes ios_logging unit test (#32240)
* Avoid AttributeError: internal_network on os_floating_ip (#32887)
* use to_str instead of json.dumps when serializing k8s object for logging
* Prefer the stdlib SSLContext over urllib3 context
* git: fix archive when update is set to no (#31829)
* Add elb_target_group port fix to the changelog
* Changelog entry for aws_s3 issue #32144
* Add error handling for user login (#32613)
* Move asa provider to suboptions (#32356)
* fix dci failure nxos (#32877) (#32878)
* Add inventory jsonification to the changelog
* eos_eapi: adding the desired state config to the new vrf fixes #32111 (#32112) (#32452)
* Handle ip name-server lines containing multiple nameservers (#32235) (#32373)
* Remove provider from prepare_ios_tests integration test (#31038)
* Add last minute bugfixes and doc updates for rc1
* Fix snmp bugs on Nexus 3500 platform (#32773) (#32847)
* validate that existing dest is valid directory
* Update the release data for 2.4.1 in the changelog
* add check mode for acs delete (#32063)
* More fixes added to changelog
* Add wait_for fix to the changelog
* removed psobject to hashtables that were missed (#32710)
* wait_for: treat broken connections as "unready" (#28839)
* Return all elements in a more robust way
* fix ios_interface test (#32372)
* Add missing packages to default docker image.
* fix nxos_igmp_snooping (#31688)
* - Fix to return error message back to the module. (#31035)
* Ensure that readonly result members are serialized (#33170)
* Keywords docs (#32807)
* remove hosts from removed when rescuing
* Add panos_security_rule docs typo fix to changelog
* Update vyos completion in network.txt.
* move to use ansible logging
* ovirt_clusters: Fix fencing and kuma comparision
* Documentation typo fixes (#32473)
* [fix] issue #30516 : take care about autoremove in upgrade function
* Enable ECHO in prompt module (#32083)
* calculate max fail against all hosts in batch
* Fix urlparse import for Python3 (#31240)
* Bunch of changelog updates for cherry-picks
* restore hostpattern regex/glob behaviour
* Better handling of malformed vault data envelope (#32515)
* Updated changelog regarding win_service quoted path fix
* nxos_interface error handling (#32846)
* An availability zone will be selected if none is provided. Set az to an empty string if it's None to avoid traceback. (#32216)
* Use to_native when validating proxy result (#32596)
* vmware_guest: refactor spec serialization (#32681)
* Add new default Docker container for ansible-test. (#31944)
* warn on bad keys in group
* NXOS: Integration tests to Ansible (part 3) (#29030)
* Add spec file fix to changelog
* eos_user testfix (#32264)
* iam.py: return iam.role dict when creating roles (#28964)
* Add networking bug fixes to changelog (#32201)
* [cloud] sns_topic: Fix unreferenced variable
* Fix service_mgr fact collection (#32086)
* Fix include_role unit tests (#31920)
* Updated changelog for win_iis_* modules things
* handle ignore_errors in loop
* adjust nohome param when using luser
* better cleanup on task results display (#27175)
* Improve python 2/3 ABC fallback for pylint. (#31848)
* fix html formatting
* Add ansible_shell_executable fix to changelog
* Move resource pool login to a separate function and fix undefined var reference (#32674)
* Update ansible-test sanity command. (#31958)
* ios_ping test fix (#32342)
* fix CI failure yaml syntax (#32374)
* Scan group_vars/host_vars in sorted order
* luseradd defaults to creating w/o need for -m (#32411)
* Integration Tests only: nxos_udld, nxos_udld_interface, nxos_vxlan_vtep_vni (#29143) (#32962)
* Fix: modifying existing application lb using certificates now properly sets certificates (#28217)
* ios_logging: Fix some smaller issues, add unit test (#32321)
* Fix nxos_snmp_host bug (#32916) (#32958)
* ovirt_hosts: Don't fail upgrade when NON_RESPONSIVE state
* ini plugin should recursively instantiate pending
* eos_user: sends user secret first on user creation fixes #31680 (#32162)
* Cast target port to an int in elb_target_group. Fixes #32098 (#32202)
* New release v2.4.2.0-0.5.rc1
* remove misleading group vars as they are flat (#32276)
* Fix typo
* Avoid default inventory proccessing for pull (#32135)
* Fix ansible-test default image. (#31966)
* removed superfluous `type` field from RecordSet constructor (#33167)
* Update k8s_common.py
* Add ios_logging fixes to changelog 2.4.2beta2 (#32447)
* Revert "Removed a force conditional (#28851)" (#32282)
* Add new documentation on writing unittests to the changelog
* Fix ansible-test race calling get_coverage_path.
* New release v2.4.2.0-1
Version: 2.4.1.0-6.1
* Fri Oct 27 2017 matthias.eliasson@gmail.com
- Update to 2.4.1.0:
* CVE-2017-7550: Prevent jenkins_plugin module from exposing
passwords in remote host logs (bsc#1065872)
* Various bug fixes and improvements
* Tue Oct 03 2017 jengelh@inai.de
- Remove radical wording from descriptions.
Use improved find syntax.
* Sat Sep 23 2017 lars@linux-schulserver.de
- update to 2.4.0.0 (final)
Major Changes
+ Support for Python-2.4 and Python-2.5 on the managed system's side
was dropped. If you need to manage a system that ships with Python-2.4
or Python-2.5, you'll need to install Python-2.6 or better on the
managed system or run Ansible-2.3 until you can upgrade the system.
+ New import/include keywords to replace the old bare include directives.
The use of static: {yes|no} on such includes is now deprecated.
++ Using import_* (import_playbook, import_tasks, import_role) directives are static.
++ Using include_* (include_tasks, include_role) directives are dynamic.
This is done to avoid collisions and possible security issues as
facts come from the remote targets and they might be compromised.
+ New order play level keyword that allows the user to change the
order in which Ansible processes hosts when dispatching tasks.
+ Users can now set group merge priority for groups of the same depth
(parent child relationship), using the new ansible_group_priority variable,
when values are the same or don't exist it will fallback to the previous
sorting by name'.
+ Inventory has been revamped:
++ Inventory classes have been split to allow for better
management and deduplication
++ Logic that each inventory source duplicated is now common and pushed
up to reconciliation
++ VariableManager has been updated for better interaction with inventory
++ Updated CLI with helper method to initialize base objects for plays
++ New inventory plugins for creating inventory
++ Old inventory formats are still supported via plugins
++ Inline host_list is also an inventory plugin, an example alternative
advanced_host_list is also provided (it supports ranges)
++ New configuration option to list enabled plugins and precedence
order: whitelist_inventory in ansible.cfg
++ vars_plugins have been reworked, they are now run from Vars manager
and API has changed (need docs)
++ Loading group_vars/host_vars is now a vars plugin and can be overridden
++ It is now possible to specify mulitple inventory sources in the
command line (-i /etc/hosts1 -i /opt/hosts2)
++ Inventory plugins can use the cache plugin (i.e. virtualbox) and
is affected by meta: refresh_inventory
++ Group variable precedence is now configurable via new 'precedence'
option in ansible.cfg (needs docs)
++ Improved warnings and error messages across the board
+ Configuration has been changed from a hardcoded listing in the
constants module to dynamically loaded from yaml definitions
++ Also added an ansible-config CLI to allow for listing config options
and dumping current config (including origin)
++ TODO: build upon this to add many features detailed in ansible-config
proposal https://github.com/ansible/proposals/issues/35
+ Windows modules now support the use of multiple shared module_utils
files in the form of Powershell modules (.psm1), via
[#]Requires -Module Ansible.ModuleUtils.Whatever.psm1
+ Python module argument_spec now supports custom validation logic
by accepting a callable as the type argument.
+ Windows become_method: runas now works across all authtypes and
will auto-elevate under UAC if WinRM user has "Act as part of the
operating system" privilege
- please refer to /usr/share/doc/packages/ansible/CHANGELOG.md for
further changes
- added ansible-inventory and ansible-config binaries and manpages
- package contrib and examples directories in docdir
- package all *md files as documentation for now
- recommend the following new packages for (open)SUSE:
+ python-httplib2
+ python-keyczar
+ python-six
- enable/fix build for RHEL and Fedora by redefining __python2 and
adding/enhancing the needed (build)requires if needed
* Tue Aug 08 2017 michael@stroeder.com
- update to 2.3.2.0 (final)
- replaced hard-coded version by var
* Wed Jun 07 2017 matthias.eliasson@gmail.com
- update to 2.3.1.0 (final)
- clean up of spec file with spec-cleaner
* Wed May 10 2017 lars@linux-schulserver.de
- update to 2.3.1 RC1 (package version 2.3.0.1) (bsc#1056094):
* SECURITY (MODERATE): fix for CVE-2017-7481, in which data for
lookup plugins used as variables was not being correctly marked
as "unsafe".
* SECURITY (MODERATE): fix for CVE-2017-7466, which finally fixes
an arbitrary command execution vulnerability
* Tue Mar 28 2017 michael@stroeder.com
- update to 2.3.0.0
for full list of changes see
/usr/share/doc/packages/ansible/CHANGELOG.md
* Mon Mar 27 2017 michael@stroeder.com
- update to 2.2.2.0
This release fixes a few bugs introduced in the previous version,
as well as another small tweak to catch an additional way in
which CVE-2016-9587 could be triggered.
* Mon Jan 16 2017 michael@stroeder.com
- update to 2.2.1.0 (final)
* Wed Jan 11 2017 boris@steki.net
- security update to rc4 of 2.2.1.0 version
CVE-2016-9587, CVE-2016-8628 and CVE-2016-8614
for full list of changes see
/usr/share/doc/packages/ansible/CHANGELOG.md
* Mon Oct 17 2016 michael@stroeder.com
- update to 2.2.0.0
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
* Thu Sep 15 2016 michael@stroeder.com
- update to 2.1.2.0
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
Version: 2.1.1.0-2.1
* Tue Jun 28 2016 michael@stroeder.com
- update to 2.1.1.0
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
- changed download link to https://releases.ansible.com
* Sun May 29 2016 michael@stroeder.com
- update to 2.1.0.0
(see /usr/share/doc/packages/ansible/CHANGELOG.md for details)
- on SuSE platforms recommend package python-dnspython for
DNS lookups in playbooks
* Sat May 07 2016 michael@stroeder.com
- update to 2.0.2.0:
* Backport of the 2.1 feature to ensure per-item callbacks are sent as they occur,
rather than all at once at the end of the task.
* Fixed bugs related to the iteration of tasks when certain combinations of roles,
blocks, and includes were used, especially when handling errors in rescue/always
portions of blocks.
* Fixed handling of redirects in our helper code, and ported the uri module to use
this helper code. This removes the httplib dependency for this module while fixing
some bugs related to redirects and SSL certs.
* Fixed some bugs related to the incorrect creation of extra temp directories for
uploading files, which were not cleaned up properly.
* Improved error reporting in certain situations, to provide more information such as
the playbook file/line.
* Fixed a bug related to the variable precedence of role parameters, especially when
a role may be used both as a dependency of a role and directly by itself within the
same play.
* Fixed some bugs in the 2.0 implementation of do/until.
* Fixed some bugs related to run_once:
- Ensure that all hosts are marked as failed if a task marked as run_once fails.
- Show a warning when using the free strategy when a run_once task is encountered, as
there is no way for the free strategy to guarantee the task is not run more than once.
* Fixed a bug where the assemble module was not honoring check mode in some situations.
* Fixed a bug related to delegate_to, where we were incorrectly using variables from
the inventory host rather than the delegated-to host.
* The 'package' meta-module now properly squashes items down to a single execution (as the
apt/yum/other package modules do).
* Fixed a bug related to the ansible-galaxy CLI command dealing with paged results from
the Galaxy server.
* Pipelining support is now available for the local and jail connection plugins, which is
useful for users who do not wish to have temp files/directories created when running
tasks with these connection types.
* Improvements in support for additional shell types.
* Improvements in the code which is used to calculate checksums for remote files.
* Some speed ups and bug fixes related to the variable merging code.
* Workaround bug in python subprocess on El Capitan that was making vault fail
when attempting to encrypt a file
* Fix lxc_container module having predictable temp file names and setting file
permissions on the temporary file too leniently on a temporary file that was
executed as a script. Addresses CVE-2016-3096
* Fix a bug in the uri module where setting headers via module params that
start with HEADER_ were causing a traceback.
* Fix bug in the free strategy that was causing it to synchronize its workers
after every task (making it a lot more like linear than it should have been).
* Wed Mar 09 2016 lars@linux-schulserver.de
- update to 2.0.1.0:
* Fixes a major compatibility break in the synchronize module shipped
with 2.0.0.x. That version of synchronize ran sudo on the controller
prior to running rsync. In 1.9.x and previous, sudo was run on the
host that rsync connected to. 2.0.1 restores the 1.9.x behaviour.
* Additionally, several other problems with where synchronize chose
to run when combined with delegate_to were fixed. In particular, if
a playbook targetted localhost and then delegated_to a remote host
the prior behavior (in 1.9.x and 2.0.0.x) was to copy files between
the src and destination directories on the delegated host. This has
now been fixed to copy between localhost and the delegated host.
* Fix a regression where synchronize was unable to deal with unicode paths.
* Fix a regression where synchronize deals with inventory hosts that
use localhost but with an alternate port.
* Fixes a regression where the retry files feature was not implemented.
* Fixes a regression where the any_errors_fatal option was implemented
in 2.0 incorrectly, and also adds a feature where any_errors_fatal
can be set at the block level.
* Fix tracebacks when playbooks or ansible itself were located in
directories with unicode characters.
* Fix bug when sending unicode characters to an external pager
for display.
* Fix a bug with squashing loops for special modules (mostly package
managers). The optimization was squashing when the loop did not
apply to the selection of packages. This has now been fixed.
* Temp files created when using vault are now "shredded" using the
unix shred program which overwrites the file with random data.
* Some fixes to cloudstack modules for case sensitivity
* Fix non-newstyle modules (non-python modules and old-style modules)
to disabled pipelining.
* Fix fetch module failing even if fail_on_missing is set to False
* Fix for cornercase when local connections, sudo, and raw were
used together.
* Fix dnf module to remove dependent packages when state=absent is
specified. This was a feature of the 1.9.x version that was left
out by mistake when the module was rewritten for 2.0.
* Fix bugs with non-english locales in yum, git, and apt modules
* Fix a bug with the dnf module where state=latest could only
upgrade, not install.
* Mon Feb 15 2016 eshmarnev@suse.com
- fix_zypper_errorhandling.patch is being deleted
* Thu Feb 11 2016 erwin.vandevelde@gmail.com
- update to 2.0.0.2
Version 2.0 is a new major version with a lot of changes, among which:
+ New modules for cloud-based services and many more
+ The new block/rescue/always directives allow for making task blocks and exception-like semantics
+ Many API changes
- more info at:
https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#20-over-the-hills-and-far-away
* Sun Oct 11 2015 lars@linux-schulserver.de
- build again on SLE-11-SP4 by ignoring some dependencies that are
not available in the official OBS repository: python-paramiko,
python-Jinja2, python-PyYAML, python-pycrypto
* Sat Oct 10 2015 lars@linux-schulserver.de
- update to 1.9.4
This release addresses several bugs, most notably those related to
the yum module (introduced in 1.9.3):
+ Fixes a bug where yum state=latest would error if there were no
updates to install.
+ Fixes a bug where yum state=latest did not work with wildcard
package names.
+ Fixes a bug in lineinfile relating to escape sequences.
+ Fixes a bug where vars_prompt was not keeping passwords private
by default.
+ Fix ansible-galaxy and the hipchat callback plugin to check that
the host it is contacting matches its TLS Certificate.
* Sat Sep 26 2015 m0ses@samaxi.de
- Added fix_zypper_errorhandling.patch as it`s have not been accepted
upstream, in lack of an reviewer. See patch for more comments
* Fri Sep 11 2015 robin.roth@kit.edu
- update to 1.9.3:
- Fixes a bug related to keyczar messing up encodings internally, resulting in decrypted
messages coming out as empty strings.
- AES Keys generated for use in accelerated mode are now 256-bit by default instead of 128.
- Fix url fetching for SNI with python-2.7.9 or greater. SNI does not work
with python < 2.7.9. The best workaround is probably to use the command
module with curl or wget.
- Fix url fetching to allow tls-1.1 and tls-1.2 if the system's openssl library
supports those protocols
- Fix ec2_ami_search module to check TLS Certificates
- Fix the following extras modules to check TLS Certificates:
- campfire
- layman
- librarto_annotate
- twilio
- typetalk
- Fix docker module's parsing of docker-py version for dev checkouts
- Fix docker module to work with docker server api 1.19
- Change yum module's state=latest feature to update all packages specified in
a single transaction. This is the same type of fix as was made for yum's
state=installed in 1.9.2 and both solves the same problems and with the same caveats.
- Fixed a bug where stdout from a module might be blank when there were were non-printable
ASCII characters contained within it
* Wed Jul 15 2015 lars@linux-schulserver.de
- update to 1.9.2:
- Security fixes to check that hostnames match certificates with
https urls (CVE-2015-3908; bnc #938161):
+ get_url and uri modules
+ url and etcd lookup plugins
- Security fixes to the zone (Solaris containers), jail (bsd
containers), and chroot connection plugins. These plugins can be
used to connect to their respective container types in leiu of the
standard ssh connection. Prior to this fix being applied these
connection plugins didn't properly handle symlinks within the containers
which could lead to files intended to be written to or read from the
container being written to or read from the host system instead. (CVE
pending)
- Fixed a bug in the service module where init scripts were being
incorrectly used instead of upstart/systemd.
- Fixed a bug where sudo/su settings were not inherited from
ansible.cfg correctly.
- Fixed a bug in the rds module where a traceback may occur due to an
unbound variable.
- Fixed a bug where certain remote file systems where the SELinux
context was not being properly set.
- Re-enabled several windows modules which had been partially merged
(via action plugins):
+ win_copy.ps1
+ win_copy.py
+ win_file.ps1
+ win_file.py
+ win_template.py
- Fix bug using with_sequence and a count that is zero. Also allows
counting backwards isntead of forwards
- Fix get_url module bug preventing use of custom ports with https
urls
- Fix bug disabling repositories in the yum module.
- Fix giving yum module a url to install a package from on
RHEL/CENTOS5
- Fix bug in dnf module preventing it from working when yum-utils was
not already installed
* Tue Apr 28 2015 boris@steki.net
- updated to version 1.9.1
* Fixed a bug related to Kerberos auth when using winrm with a domain account.
* Fixing several bugs in the s3 module.
* Fixed a bug with upstart service detection in the service module.
* Fixed several bugs with the user module when used on OSX.
* Fixed unicode handling in some module situations (assert and shell/command execution).
* Fixed a bug in redhat_subscription when using the activationkey parameter.
* Fixed a traceback in the gce module on EL6 distros when multiple pycrypto installations are available.
* Added support for PostgreSQL 9.4 in rds_param_group
* Several other minor fixes.
* Mon Mar 30 2015 boris@steki.net
- updated to version 1.9.0.1
* Added kerberos support to winrm connection plugin.
* Tags rehaul: added 'all', 'always', 'untagged' and 'tagged' special
tags and normalized tag resolution. Added tag information to
- -list-tasks and new --list-tags option.
* Privilege Escalation generalization, new 'Become' system and variables
now will handle existing and new methods. Sudo and su have been kept
for backwards compatibility. New methods pbrun and pfexec in 'alpha'
state, planned adding 'runas' for winrm connection plugin.
* Improved ssh connection error reporting, now you get back the specific
message from ssh.
* Added facility to document task module return values for registered
vars, both for ansible-doc and the docsite. Documented copy, stats and
acl modules, the rest must be updated individually (we will start doing
so incrementally).
* Optimize the plugin loader to cache available plugins much more
efficiently. For some use cases this can lead to dramatic improvements
in startup time.
* Overhaul of the checksum system, now supports more systems and more
cases more reliably and uniformly.
* Fix skipped tasks to not display their parameters if no_log is specified.
* Many fixes to unicode support, standarized functions to make it easier
to add to input/output boundries.
* Added travis integration to github for basic tests, this should speed
up ticket triage and merging.
* environment: directive now can also be applied to play and is
inhertited by tasks, which can still override it.
* expanded facts and OS/distribution support for existing facts and
improved performance with pypy.
* new 'wantlist' option to lookups allows for selecting a list typed
variable vs a command delimited string as the return.
* the shared module code for file backups now uses a timestamp resolution
of seconds (previouslly minutes).
* allow for empty inventories, this is now a warning and not an error
(for those using localhost and cloud modules).
* sped up YAML parsing in ansible by up to 25% by switching to CParser loader.
- more info at:
https://github.com/ansible/ansible/blob/devel/CHANGELOG.md#19-dancing-in-the-street---mar-25-2015
* Mon Feb 23 2015 boris@steki.net
- updated to version 1.8.4 from 1.8.2
* Fixed regressions in ec2 and mount modules, introduced in 1.8.3
* Fixing a security bug related to the default permissions set on a
tempoary file created when using "ansible-vault view ".
* Many bug fixes, for both core code and core modules.
* Fri Dec 05 2014 boris@steki.net
- updated to version 1.8.2 from 1.8.1
* Windows modules should now be packaged correctly.
* A bug regarding wildcard grant strings in the mysql_user module has been fixed.
* Several other bugs regarding the postgresql modules have also been fixed.
* Mon Dec 01 2014 boris@steki.net
- enable build for older RHEL and SLE distributions
* Thu Nov 27 2014 boris@steki.net
- updated package to latest release ## 1.8.1 "You Really Got Me"
* Various bug fixes in postgresql and mysql modules.
* Fixed a bug related to lookup plugins used within roles not
finding files based on the relative paths to the roles files/ directory.
* Fixed a bug related to vars specified in plays being templated too early,
resulting in incorrect variable interpolation.
* Fixed a bug related to git submodules in bare repos.
* fact caching support, pluggable, initially supports Redis (DOCS pending)
* 'serial' size in a rolling update can be specified as a percentage
* added new Jinja2 filters, 'min' and 'max' that take lists
* new 'ansible_version' variable available contains a dictionary of version info
* For ec2 dynamic inventory, ec2.ini can has various new configuration options
* 'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
* no_log parameter now surpressess data from callbacks/output as well as syslog
* ansible-galaxy install -f requirements.yml allows advanced options and installs
from non-galaxy SCM sources and tarballs.
* command_warnings feature will warn about when usage of the shell/command module
can be simplified to use core modules - this can be enabled in ansible.cfg
* new omit value can be used to leave off a parameter when not set, like so
module_name: a=1 b={{ c | default(omit) }}, would not pass value for b (not even
an empty value) if c was not set.
* developers: 'baby JSON' in module responses, originally intended for writing modules
in bash, is removed as a feature to simplify logic, script module remains available
for running bash scripts.
* async jobs started in "fire & forget" mode can now be checked on at a later time.
* added ability to subcategorize modules for docs.ansible.com
* added ability for shipped modules to have aliases with symlinks
* added ability to deprecate older modules by starting with "_" and
including "deprecated: message why" in module docs
+ New Modules:
* cloud: rax_cdb - manages Rackspace Cloud Database instances
* cloud: rax_cdb_database - manages Rackspace Cloud Databases
* cloud: rax_cdb_user - manages Rackspace Cloud Database users
* monitoring: zabbix_maintaince - handles outage windows with Zabbix
* monitoring: bigpanda - support for bigpanda
* net_infrastructure: a10_server - manages server objects on A10 devices
* net_infrastructure: a10_service_group - manages service group objects on A10 devices
* net_infrastructure: a10_virtual_server - manages virtual server objects on A10 devices
* system: getent - read getent databases
+ Some other notable changes:
* added the ability to set "instance filters" in the ec2.ini to limit results
from the inventory plugin.
* upgrades for various variable precedence items and parsing related items
* added a new "follow" parameter to the file and copy modules, which allows
actions to be taken on the target of a symlink rather than the symlink itself.
* if a module should ever traceback, it will return a standard error, catchable
by ignore_errors, versus an 'unreachable'
* ec2_lc: added support for multiple new parameters like kernel_id, ramdisk_id and ebs_optimized.
* ec2_elb_lb: added support for the connection_draining_timeout and cross_az_load_balancing options.
* support for symbolic representations (ie. u+rw) for file permission modes (file/copy/template modules etc.).
* docker: Added support for specifying the net type of the container.
* docker: support for specifying read-only volumes.
* docker: support for specifying the API version to use for the remote connection.
* openstack modules: various improvements
* irc: ssl support for the notification module
* npm: fix flags passed to package installation
* windows: improved error handling
* setup: additional facts on System Z
* apt_repository: certificate validation can be disabled if requested
* pagerduty module: misc improvements
* ec2_lc: public_ip boolean configurable in launch configurations
* ec2_asg: fixes related to proper termination of an autoscaling group
* win_setup: total memory fact correction
* ec2_vol: ability to list existing volumes
* ec2: can set optimized flag
* various parser improvements
* produce a friendly error message if the SSH key is too permissive
* ec2_ami_search: support for SSD and IOPS provisioned EBS images
* can set ansible_sudo_exe as an inventory variable which allows specifying
a different sudo (or equivalent) command
* git module: Submodule handling has changed. Previously if you used the
"recursive" parameter to handle submodules, ansible would track the
submodule upstream's head revision. This has been changed to checkout the
version of the submodule specified in the superproject's git repository.
This is inline with what git submodule update does. If you want the old
behaviour use the new module parameter track_submodules=yes
* Checksumming of transferred files has been made more portable and now uses
the sha1 algorithm instead of md5 to be compatible with FIPS-140.
+ As a small side effect, the fetch module no longer returns a useful value
in remote_md5. If you need a replacement, switch to using remote_checksum
which returns the sha1sum of the remote file.
* ansible-doc CLI tool contains various improvements for working with different terminals
* Mon Oct 27 2014 kgronlund@suse.com
- update to 1.7.2:
- Fixes a bug in accelerate mode which caused a traceback when trying to use that connection method.
- Fixes a bug in vault where the password file option was not being used correctly internally.
- Improved multi-line parsing when using YAML literal blocks (using > or |).
- Fixed a bug with the file module and the creation of relative symlinks.
- Fixed a bug where checkmode was not being honored during the templating of files.
- Other various bug fixes.
- Switch to xz for source package
* Wed Sep 10 2014 boris@steki.net
- add python-pywinrm to requirements to enable windows hosts automation
* Sun Aug 17 2014 lars@linux-schulserver.de
- update to 1.7.1:
Major new features:
+ Windows support (alpha) using native PowerShell remoting
+ Tasks can now specify run_once: true, meaning they will be executed
exactly once. This can be combined with delegate_to to trigger actions
you want done just the one time versus for every host in inventory.
New Modules:
+ cloud: azure
+ cloud: rax_meta
+ cloud: rax_scaling_group
+ cloud: rax_scaling_policy
+ windows: version of setup module
+ windows: version of slurp module
+ windows: win_feature
+ windows: win_get_url
+ windows: win_msi
+ windows: win_ping
+ windows: win_user
+ windows: win_service
+ windows: win_group
New inventory scripts:
+ SoftLayer
+ Windows Azure
Docker module bug fixes:
+ Fixed support for specifying rw/ro bind modes for volumes
+ Fixed support for allowing the tag in the image parameter
Other notable changes:
+ Performance enhancements related to previous security fixes, which
could cause slowness when modules returned very large JSON results.
This specifically impacted the unarchive module frequently, which
returns the details of all unarchived files in the result.
+ Inventory speed improvements for very large inventories.
+ Vault password files can now be executable, to support scripts
that fetch the vault password.
+ Fixes an issue with the copy module when copying a directory that