./sysutils/ansible, SSH-based configuration management, deployment, and task execution

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.9.4nb2, Package name: ansible-1.9.4nb2, Maintainer: pkgsrc-users

Ansible is a radically simple model-driven configuration management,
multi-node deployment, and remote task execution system. Ansible works
over SSH and does not require any software or daemons to be installed
on remote nodes. Extension modules can be written in any language and
are transferred to managed machines automatically.


Required to run:
[textproc/py-yaml] [security/py-paramiko] [devel/py-setuptools] [textproc/py-jinja2] [security/py-crypto] [lang/python27]

Master sites:

SHA1: f71f451d96239d08396d20fff2d9b8840426f714
RMD160: a88a7a1a19a82e6ca17ca77ae8d64a428cf37fe8
Filesize: 915.156 KB

Version history: (Expand)


CVS history: (Expand)


   2016-02-18 10:24:25 by Havard Eidnes | Files touched by this commit (3) | Package updated
Log message:
Move the ansible/roles file tree out from under etc/ to share/,
so that any packages which want to install files there don't have
to battle with pkgsrc's requirement to use CONF_FILES.

Bump PKGREVISION.
   2016-02-17 21:31:45 by Havard Eidnes | Files touched by this commit (30) | Package updated
Log message:
Upgrade to version 1.9.4nb1, copied over from pkgsrc-wip.

Upstream changes:
Version 1.9.4, "Dancing In the Street" - Oct 9, 2015:
 * Fixes a bug where yum state=latest would error if there were no
   updates to install.
 * Fixes a bug where yum state=latest did not work with wildcard package names.
 * Fixes a bug in lineinfile relating to escape sequences.
 * Fixes a bug where vars_prompt was not keeping passwords private by default.
 * Fix ansible-galaxy and the hipchat callback plugin to check that
   the host it is contacting matches its TLS Certificate.

Version 1.9.3, "Dancing In the Street" - Sep 3, 2015:
 * Fixes a bug related to keyczar messing up encodings internally,
   resulting in decrypted messages coming out as empty strings.
 * AES Keys generated for use in accelerated mode are now 256-bit
   by default instead of 128.
 * Fix url fetching for SNI with python-2.7.9 or greater. SNI does
   not work with python < 2.7.9. The best workaround is probably
   to use the command module with curl or wget.
 * Fix url fetching to allow tls-1.1 and tls-1.2 if the system's
   openssl library supports those protocols
 * Fix ec2_ami_search module to check TLS Certificates
 * Fix the following extras modules to check TLS Certificates:
        campfire
        layman
        librarto_annotate
        twilio
        typetalk
 * Fix docker module's parsing of docker-py version for dev checkouts
 * Fix docker module to work with docker server api 1.19
 * Change yum module's state=latest feature to update all packages
   specified in a single transaction. This is the same type of fix
   as was made for yum's state=installed in 1.9.2 and both solves
   the same problems and with the same caveats.
 * Fixed a bug where stdout from a module might be blank when there
   were were non-printable ASCII characters contained within it

Version 1.9.2, "Dancing In the Street" - Jun 26, 2015:
 * Security fixes to check that hostnames match certificates with
   https urls (CVE-2015-3908)
        get_url and uri modules
        url and etcd lookup plugins
 * Security fixes to the zone (Solaris containers), jail (bsd
   containers), and chroot connection plugins. These plugins can
   be used to connect to their respective container types in leiu
   of the standard ssh connection. Prior to this fix being applied
   these connection plugins didn't properly handle symlinks within
   the containers which could lead to files intended to be written
   to or read from the container being written to or read from the
   host system instead. (CVE pending)
 * Fixed a bug in the service module where init scripts were being
   incorrectly used instead of upstart/systemd.
 * Fixed a bug where sudo/su settings were not inherited from
   ansible.cfg correctly.
 * Fixed a bug in the rds module where a traceback may occur due
   to an unbound variable.
 * Fixed a bug where certain remote file systems where the SELinux
   context was not being properly set.
 * Re-enabled several windows modules which had been partially
   merged (via action plugins):
       win_copy.ps1
       win_copy.py
       win_file.ps1
       win_file.py
       win_template.py
 * Fix bug using with_sequence and a count that is zero. Also allows
   counting backwards isntead of forwards
 * Fix get_url module bug preventing use of custom ports with https urls
 * Fix bug disabling repositories in the yum module.
 * Fix giving yum module a url to install a package from on RHEL/CENTOS5
 * Fix bug in dnf module preventing it from working when yum-utils
   was not already installed

Version 1.9.1, "Dancing In the Street" - Apr 27, 2015:
 * Fixed a bug related to Kerberos auth when using winrm with a domain account.
 * Fixing several bugs in the s3 module.
 * Fixed a bug with upstart service detection in the service module.
 * Fixed several bugs with the user module when used on OSX.
 * Fixed unicode handling in some module situations (assert and
   shell/command execution).
 * Fixed a bug in redhat_subscription when using the activationkey parameter.
 * Fixed a traceback in the gce module on EL6 distros when multiple
   pycrypto installations are available.
 * Added support for PostgreSQL 9.4 in rds_param_group
 * Several other minor fixes.

Version 1.9, "Dancing In the Street" - Mar 25, 2015:
Major changes:
 * Added kerberos support to winrm connection plugin.
 * Tags rehaul: added 'all', 'always', 'untagged' and 'tagged'
   special tags and normalized tag resolution. Added tag information
   to --list-tasks and new --list-tags option.
 * Privilege Escalation generalization, new 'Become' system and
   variables now will handle existing and new methods. Sudo and
   su have been kept for backwards compatibility. New methods
   pbrun and pfexec in 'alpha' state, planned adding 'runas' for
   winrm connection plugin.
 * Improved ssh connection error reporting, now you get back the
   specific message from ssh.
 * Added facility to document task module return values for
   registered vars, both for ansible-doc and the docsite. Documented
   copy, stats and acl modules, the rest must be updated individually
   (we will start doing so incrementally).
 * Optimize the plugin loader to cache available plugins much more
   efficiently. For some use cases this can lead to dramatic
   improvements in startup time.
 * Overhaul of the checksum system, now supports more systems and
   more cases more reliably and uniformly.
 * Fix skipped tasks to not display their parameters if no_log is specified.
 * Many fixes to unicode support, standarized functions to make
   it easier to add to input/output boundaries.
 * Added travis integration to github for basic tests, this should
   speed up ticket triage and merging.
 * environment: directive now can also be applied to play and is
   inhertited by tasks, which can still override it.
 * expanded facts and OS/distribution support for existing facts
   and improved performance with pypy.
 * new 'wantlist' option to lookups allows for selecting a list
   typed variable vs a comma delimited string as the return.
 * the shared module code for file backups now uses a timestamp
   resolution of seconds (previouslly minutes).
 * allow for empty inventories, this is now a warning and not an
   error (for those using localhost and cloud modules).
 * sped up YAML parsing in ansible by up to 25% by switching to
   CParser loader.
New Modules:
 * cryptab: manages linux encrypted block devices
 * gce_img: for utilizing GCE image resources
 * gluster_volume: manage glusterfs volumes
 * haproxy: for the load balancer of same name
 * known_hosts: manages the ssh known_hosts file
 * lxc_container: manage lxc containers
 * patch: allows for patching files on target systems
 * pkg5: installing and uninstalling packages on Solaris
 * pkg5_publisher: manages Solaris pkg5 repository configuration
 * postgresql_ext: manage postgresql extensions
 * snmp_facts: gather facts via snmp
 * svc: manages daemontools based services
 * uptimerobot: manage monitoring with this service
New Filters:
 * ternary: allows for trueval/falseval assignment dependent on conditional
 * cartesian: returns the Cartesian product of 2 lists
 * to_uuid: given a string it will return an ansible domain specific UUID
 * checksum: uses the ansible internal checksum to return a hash from a string
 * hash: get a hash from a string (md5, sha1, etc)
 * password_hash: get a hash form as string that can be used as a
   password in the user module (and others)
 * A whole set of ip/network manipulation filters:
   ipaddr,ipwrap,ipv4,ipv6ipsubnet,nthhost,hwaddr,macaddr

Version 1.8.4, "You Really Got Me" - Feb 19, 2015:
 * Fixed regressions in ec2 and mount modules, introduced in 1.8.3

Version 1.8.3, "You Really Got Me" - Feb 17, 2015:
 * Fixing a security bug related to the default permissions set on
   a temporary file created when using "ansible-vault view ".
 * Many bug fixes, for both core code and core modules.

Version 1.8.2, "You Really Got Me" - Dec 04, 2014:
 * Various bug fixes for packaging issues related to modules.
 * Various bug fixes for lookup plugins.
 * Various bug fixes for some modules (continued cleanup of postgresql
   issues, etc.).
 * Add a clone parameter to git module that allows you to get
   information about a remote repo even if it doesn't exist locally.

Version 1.8.1, "You Really Got Me" - Nov 26, 2014:
 * Various bug fixes in postgresql and mysql modules.
 * Fixed a bug related to lookup plugins used within roles not
   finding files based on the relative paths to the roles files/
   directory.
 * Fixed a bug related to vars specified in plays being templated
   too early, resulting in incorrect variable interpolation.
 * Fixed a bug related to git submodules in bare repos.

Version 1.8, "You Really Got Me" - Nov 25, 2014:
Major changes:
 * fact caching support, pluggable, initially supports Redis (DOCS pending)
 * 'serial' size in a rolling update can be specified as a percentage
 * added new Jinja2 filters, 'min' and 'max' that take lists
 * new 'ansible_version' variable available contains a dictionary
   of version info
 * For ec2 dynamic inventory, ec2.ini can has various new configuration options
   'ansible vault view filename.yml' opens filename.yml decrypted in a pager.
   no_log parameter now surpressess data from callbacks/output as
   well as syslog
 * ansible-galaxy install -f requirements.yml allows advanced
   options and installs from non-galaxy SCM sources and tarballs.
 * command_warnings feature will warn about when usage of the
   shell/command module can be simplified to use core modules -
   this can be enabled in ansible.cfg
 * new omit value can be used to leave off a parameter when not
   set, like so module_name: a=1 b={{ c | default(omit) }}, would
   not pass value for b (not even an empty value) if c was not set.
 * developers: 'baby JSON' in module responses, originally intended
   for writing modules in bash, is removed as a feature to simplify
   logic, script module remains available for running bash scripts.
 * async jobs started in "fire & forget" mode can now be checked
   on at a later time.
 * added ability to subcategorize modules for docs.ansible.com
 * added ability for shipped modules to have aliases with symlinks
 * added ability to deprecate older modules by starting with "_"
   and including "deprecated: message why" in module docs
New Modules:
 * cloud: rax_cdb - manages Rackspace Cloud Database instances
 * cloud: rax_cdb_database - manages Rackspace Cloud Databases
 * cloud: rax_cdb_user - manages Rackspace Cloud Database users
 * monitoring: zabbix_maintaince - handles outage windows with Zabbix
 * monitoring: bigpanda - support for bigpanda
 * net_infrastructure: a10_server - manages server objects on A10 devices
 * net_infrastructure: a10_service_group - manages service group
   objects on A10 devices
 * net_infrastructure: a10_virtual_server - manages virtual server
   objects on A10 devices
 * system: getent - read getent databases

Version 1.7.2, "Summer Nights" - Sep 24, 2014:
 * Fixes a bug in accelerate mode which caused a traceback when
   trying to use that connection method.
 * Fixes a bug in vault where the password file option was not
   being used correctly internally.
 * Improved multi-line parsing when using YAML literal blocks (using > or |).
 * Fixed a bug with the file module and the creation of relative symlinks.
 * Fixed a bug where checkmode was not being honoured during the
   templating of files.
 * Other various bug fixes.

Version 1.7.1, "Summer Nights" - Aug 14, 2014:
 * Security fix to disallow specifying 'args:' as a string, which
   could allow the insertion of extra module parameters through
   variables.
 * Performance enhancements related to previous security fixes,
   which could cause slowness when modules returned very large
   JSON results. This specifically impacted the unarchive module
   frequently, which returns the details of all unarchived files
   in the result.
 * Docker module bug fixes:
      Fixed support for specifying rw/ro bind modes for volumes
      Fixed support for allowing the tag in the image parameter
 * Various other bug fixes

Version 1.7, "Summer Nights" - Aug 06, 2014:
Major new features:
 * Windows support (alpha) using native PowerShell remoting
 * Tasks can now specify run_once: true, meaning they will be
   executed exactly once. This can be combined with delegate_to
   to trigger actions you want done just the one time versus for
   every host in inventory.
New inventory scripts:
 * SoftLayer
 * Windows Azure
New Modules:
 * cloud: azure
 * cloud: rax_meta
 * cloud: rax_scaling_group
 * cloud: rax_scaling_policy
 * windows: version of setup module
 * windows: version of slurp module
 * windows: win_feature
 * windows: win_get_url
 * windows: win_msi
 * windows: win_ping
 * windows: win_user
 * windows: win_service
 * windows: win_group
Other notable changes:
 * Security fixes
    * Prevent the use of lookups when using legacy "{{ }}" syntax
      round variables and with_* loops.
    * Remove relative paths in TAR-archived file names used by ansible-galaxy.
 * Inventory speed improvements for very large inventories.
 * Vault password files can now be executable, to support scripts
   that fetch the vault password.
   2015-12-05 22:26:09 by Adam Ciarcinski | Files touched by this commit (578)
Log message:
Extend PYTHON_VERSIONS_INCOMPATIBLE to 35
   2015-11-04 02:32:42 by Alistair G. Crooks | Files touched by this commit (499)
Log message:
Add SHA512 digests for distfiles for sysutils category

Problems found with existing digests:
	Package memconf distfile memconf-2.16/memconf.gz
	b6f4b736cac388dddc5070670351cf7262aba048 [recorded]
	95748686a5ad8144232f4d4abc9bf052721a196f [calculated]

Problems found locating distfiles:
	Package dc-tools: missing distfile dc-tools/abs0-dc-burn-netbsd-1.5-0-gae55ec9
	Package ipw-firmware: missing distfile ipw2100-fw-1.2.tgz
	Package iwi-firmware: missing distfile ipw2200-fw-2.3.tgz
	Package nvnet: missing distfile nvnet-netbsd-src-20050620.tgz
	Package syslog-ng: missing distfile syslog-ng-3.7.2.tar.gz

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.
   2015-10-04 00:56:21 by Blue Rats | Files touched by this commit (2)
Log message:
Neither ansible nor fabric don't work under py3x due to paramiko - they
don't have py3x support.
   2015-06-25 15:21:03 by Jonathan Perkin | Files touched by this commit (11) | Package updated
Log message:
Fix a couple of issues:

 - pkgin changed its output delimiter from a space to ';' when outputting
   to a non-tty, breaking various configuration management systems which
   relied on the previous behaviour.  Handle both types in ansible until
   NetBSDfr/pkgin#46 is resolved.

 - OS X 10.10 changed the behaviour of sysctl(8) to hide certain entries
   unless they are explicitly named.  Apply patch to fix hw.model and
   hw.usermem from https://github.com/ansible/ansible/pull/8171/files

Clean up patches while here.  Bump PKGREVISION.
   2015-02-05 16:22:06 by Fredrik Pettai | Files touched by this commit (4) | Package updated
Log message:
Add all the rest releases of 1.6.x:

1.6.10
   Fixes an issue with the copy module when copying a directory that fails when \ 
changing file attributes and the target file already exists
   Improved unicode handling when splitting args

1.6.9
   Further improvements to module parameter parsing to address additional \ 
regressions caused by security fixes

1.6.8
   Corrects a regression in the way shell and command parameters were being parsed

1.6.7
   Security fixes:
   Strip lookup calls out of inventory variables and clean unsafe data returned \ 
from lookup plugins (CVE-2014-4966)
   Make sure vars don't insert extra parameters into module args and prevent \ 
duplicate params from superseding previous params (CVE-2014-4967)

1.6.6
   Security updates to further protect against the incorrect execution of \ 
untrusted data

1.6.4, 1.6.5
   Security updates related to evaluation of untrusted remote inputs
   2014-06-15 02:54:26 by Blue Rats | Files touched by this commit (1)
Log message:
Uncommitted changes - CATEGORIES+=python, i think.