./sysutils/ansible, SSH-based configuration management, deployment, and task execution

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 2.9.18, Package name: ansible-2.9.18, Maintainer: pkgsrc-users

Ansible is a radically simple model-driven configuration management,
multi-node deployment, and remote task execution system. Ansible works
over SSH and does not require any software or daemons to be installed
on remote nodes. Extension modules can be written in any language and
are transferred to managed machines automatically.


Required to run:
[textproc/py-yaml] [security/py-paramiko] [devel/py-setuptools] [textproc/py-jinja2] [security/py-cryptography] [lang/python37]

Required to build:
[pkgtools/cwrappers]

Master sites:

SHA1: 772872760864f4b6920e47902230e9fa1bad5315
RMD160: da92840276ada90997cf7ab37aa42c3b5fc3f7ce
Filesize: 13923.918 KB

Version history: (Expand)


CVS history: (Expand)


   2021-02-25 13:35:58 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
ansible: updated to 2.9.18

v2.9.18
=======

Release Summary
---------------

| Release Date: 2021-02-18
| `Porting Guide \ 
<https://docs.ansible.com/ansible/devel/porting_guides.html>`__

Minor Changes
-------------

- ansible-test - The ``pylint`` sanity test is now supported on Python 3.8.
- inventory cache - do not show a warning when the cache file does not (yet) exist.

Security Fixes
--------------

- **security issue** - Mask default and fallback values for ``no_log`` module \ 
options (CVE-2021-20228)
- _sf_account_manager - `initiator_secret` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- _sf_account_manager - `target_secret` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_active_directory - `api_key` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_active_directory - `secret_key` is now masked with no_log and \ 
no longer emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_filesystems - `api_key` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_filesystems - `secret_key` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_pool - `api_key` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_pool - `secret_key` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_snapshots - `api_key` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- aws_netapp_cvs_snapshots - `secret_key` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- bitbucket_pipeline_variable - hide user sensitive information which are marked \ 
as ``secured`` from logging into the console \ 
(https://github.com/ansible-collections/ … /pull/1635) \ 
(CVE-2021-20180).
- ce_vrrp - `auth_key` is now masked with no_log and no longer emitted in \ 
logging/output (CVE-2021-20191).
- cp_mgmt_vpn_community_meshed - `shared_secret` is now masked with no_log and \ 
no longer emitted in logging/output (CVE-2021-20191).
- cp_mgmt_vpn_community_star - `shared_secret` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- docker_swarm - `signing_ca_key` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- gcp_compute_backend_service - `oauth2_client_secret` is now masked with no_log \ 
and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_disk - `disk_encryption_key` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_disk - `source_image_encryption_key` is now masked with no_log and \ 
no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_disk - `source_snapshot_encryption_key` is now masked with no_log \ 
and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_image - `image_encryption_key` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_image - `source_disk_encryption_key` is now masked with no_log and \ 
no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_instance_template - `disk_encryption_key` is now masked with \ 
no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_instance_template - `source_image_encryption_key` is now masked \ 
with no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_region_disk - `disk_encryption_key` is now masked with no_log and \ 
no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_region_disk - `source_snapshot_encryption_key` is now masked with \ 
no_log and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_snapshot - `snapshot_encryption_key` is now masked with no_log and \ 
no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_snapshot - `source_disk_encryption_key` is now masked with no_log \ 
and no longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_ssl_certificate - `private_key` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- gcp_compute_vpn_tunnel - `shared_secret` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- gcp_sql_instance - `client_key` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- gitlab_runner - `registration_token` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- iap_start_workflow - `token_key` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- ibm_sa_host - `iscsi_chap_secret` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- keycloak_client - `auth_client_secret` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- keycloak_client - `registration_access_token` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- keycloak_clienttemplate - `auth_client_secret` is now masked with no_log and \ 
no longer emitted in logging/output (CVE-2021-20191).
- keycloak_group - `auth_client_secret` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- librato_annotation - `api_key` is now masked with no_log and no longer emitted \ 
in logging/output (CVE-2021-20191).
- na_elementsw_account - `initiator_secret` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- na_elementsw_account - `target_secret` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- netscaler_lb_monitor - `radkey` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- nios_nsgroup - `tsig_key` is now masked with no_log and no longer emitted in \ 
logging/output (CVE-2021-20191).
- nxos_aaa_server - `global_key` is now masked with no_log and no longer emitted \ 
in logging/output (CVE-2021-20191).
- nxos_pim_interface - `hello_auth_key` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- oneandone_firewall_policy - `auth_token` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- oneandone_load_balancer - `auth_token` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- oneandone_monitoring_policy - `auth_token` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- oneandone_private_network - `auth_token` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- oneandone_public_ip - `auth_token` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- ovirt - `instance_rootpw` is now masked with no_log and no longer emitted in \ 
logging/output (CVE-2021-20191).
- pagerduty_alert - `api_key` is now masked with no_log and no longer emitted in \ 
logging/output (CVE-2021-20191).
- pagerduty_alert - `integration_key` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- pagerduty_alert - `service_key` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- pulp_repo - `feed_client_key` is now masked with no_log and no longer emitted \ 
in logging/output (CVE-2021-20191).
- rax_clb_ssl - `private_key` is now masked with no_log and no longer emitted in \ 
logging/output (CVE-2021-20191).
- snmp_facts - hide user sensitive information such as ``privkey`` and \ 
``authkey`` from logging into the console \ 
(https://github.com/ansible-collections/ … /pull/1621) \ 
(CVE-2021-20178).
- spotinst_aws_elastigroup - `multai_token` is now masked with no_log and no \ 
longer emitted in logging/output (CVE-2021-20191).
- spotinst_aws_elastigroup - `token` is now masked with no_log and no longer \ 
emitted in logging/output (CVE-2021-20191).
- utm_proxy_auth_profile - `frontend_cookie_secret` is now masked with no_log \ 
and no longer emitted in logging/output (CVE-2021-20191).

Bugfixes
--------

- Fix incorrect variable scoping when using ``import with context`` in Jinja2 \ 
templates. (https://github.com/ansible/ansible/issues/72615)
- ansible-test - Temporarily limit ``cryptography`` to versions before 3.4 to \ 
enable tests to function.
- ansible-test - The ``--remote`` option has been updated for Python 2.7 to work \ 
around breaking changes in the newly released ``get-pip.py`` bootstrapper.
- ansible-test - The ``--remote`` option has been updated to use a versioned \ 
``get-pip.py`` bootstrapper to avoid issues with future releases.
- display correct error information when an error exists in the last line of the \ 
file (https://github.com/ansible/ansible/issues/16456)
- facts - properly report virtualization facts for Linux guests running on bhyve \ 
(https://github.com/ansible/ansible/issues/73167)
- mysql_user - add ``INVOKE LAMBDA`` privilege support \ 
(https://github.com/ansible-collections/ … issues/283).
- mysql_user - add ``SHOW_ROUTINE`` privilege support \ 
(https://github.com/ansible-collections/ … /issues/86).
- mysql_user - add missed privileges to support \ 
(https://github.com/ansible-collections/ … issues/617).
- pause - do not warn when running in the background if a timeout is provided \ 
(https://github.com/ansible/ansible/issues/73042)
- postgresql_info - fix crash caused by wrong PgSQL version parsing \ 
(https://github.com/ansible-collections/ … /issues/40).
- postgresql_ping - fix crash caused by wrong PgSQL version parsing \ 
(https://github.com/ansible-collections/ … /issues/40).
- postgresql_query - fix datetime.timedelta type handling \ 
(https://github.com/ansible-collections/ … /issues/47).
- postgresql_query - fix decimal handling \ 
(https://github.com/ansible-collections/ … /issues/45).
- postgresql_set - return a message instead of traceback when a passed parameter \ 
has not been found \ 
(https://github.com/ansible-collections/ … /issues/41).
- psrp connection plugin - ``to_text(stdout)`` before json.loads in \ 
psrp.Connection.put_file in case stdout is bytes.
- win_find - Get-FileStat used [int] instead of [int64] for file size calculations

v2.9.17
=======

Release Summary
---------------

| Release Date: 2021-01-18
| `Porting Guide \ 
<https://docs.ansible.com/ansible/devel/porting_guides.html>`__

Minor Changes
-------------

- ansible-test - Added a ``--export`` option to the ``ansible-test coverage \ 
combine`` command to facilitate multi-stage aggregation of coverage in CI \ 
pipelines.
- ansible-test - added a ``--venv-system-site-packages`` option for use with the \ 
``--venv`` option
- ansible-test - virtualenv helper scripts now prefer ``venv`` on Python 3 over \ 
``virtualenv`` if the ``ANSIBLE_TEST_PREFER_VENV`` environment variable is set
- bigiq_device_info module - add information on BIG-IQ 7.x support

Bugfixes
--------

- Fix bytestring vs string comparison in \ 
module_utils.basic.is_special_selinux_path() so that special-cased filesystems \ 
which don't support SELinux context attributes still allow files to be \ 
manipulated on them. (https://github.com/ansible/ansible/issues/70244)
- Freeform actions did not work with ``ansible.builtin.`` or ``ansible.legacy.`` \ 
FQCN (https://github.com/ansible/ansible/pull/72958).
- async - Fix Python 3 interpreter parsing from module by comparing with bytes \ 
(https://github.com/ansible/ansible/issues/70690)
- bigiq_device_info module - fix iteration bug in a _transform_name_attribute method
- docker_image - if ``push=true`` is used with ``repository``, and the image \ 
does not need to be tagged, still push. This can happen if ``repository`` and \ 
``name`` are equal \ 
(https://github.com/ansible-collections/ … issues/52, \ 
https://github.com/ansible-collections/ … er/pull/53).
- docker_image - report error when loading a broken archive that contains no \ 
image (https://github.com/ansible-collections/ … issues/46, \ 
https://github.com/ansible-collections/ … er/pull/55).
- docker_image - report error when the loaded archive does not contain the \ 
specified image \ 
(https://github.com/ansible-collections/ … issues/41, \ 
https://github.com/ansible-collections/ … er/pull/55).
- inventory - pass the vars dictionary to combine_vars instead of an individual \ 
key's value (https://github.com/ansible/ansible/issues/72975).
- k8s - add support for python-kubernetes v12 and later - backport of support in \ 
community.kubernetes
- paramiko connection plugin - Ensure we only reset the connection when one has \ 
been previously established (https://github.com/ansible/ansible/issues/65812)
- systemd - preserve the full unit name when using a templated service and \ 
``systemd`` failed to parse dbus due to a known bug in ``systemd`` \ 
(https://github.com/ansible/ansible/pull/72985)

- unsafe_proxy - Ensure that data within a tuple is marked as unsafe \ 
(https://github.com/ansible/ansible/issues/65722)
- user - do the right thing when ``password_lock=True`` and ``password`` are \ 
used together (https://github.com/ansible/ansible/issues/72992)

v2.9.16
=======

Release Summary
---------------

| Release Date: 2020-12-14
| `Porting Guide \ 
<https://docs.ansible.com/ansible/devel/porting_guides.html>`__

Minor Changes
-------------

- ansible-doc - provide ``has_action`` field in JSON output for modules. That \ 
information is currently only available in the text view \ 
(https://github.com/ansible/ansible/pull/72359).
- ansible-galaxy - find any collection dependencies in the globally configured \ 
Galaxy servers and not just the server the parent collection is from.

- ansible-test - Added the ``-remote rhel/7.9`` option to run tests on RHEL 7.9
- ansible-test - Fix container hostname/IP discovery for the ``acme`` test plugin.
- ansible-test - centos6 end of life - container image updated to point to vault \ 
base repository (https://github.com/ansible/distro-test- … rs/pull/54)
- iptables - reorder comment postition to be at the end \ 
(https://github.com/ansible/ansible/issues/71444).
- lvol - fix idempotency issue when using lvol with ``%VG`` or ``%PVS`` size \ 
options and VG is fully allocated \ 
(https://github.com/ansible-collections/ … l/pull/229).

Bugfixes
--------

- Adjust various hard-coded action names to also include their \ 
``ansible.builtin.`` and ``ansible.legacy.`` prefixed version \ 
(https://github.com/ansible/ansible/issues/71817, \ 
https://github.com/ansible/ansible/issues/71818, \ 
https://github.com/ansible/ansible/pull/71824).
- Collection callbacks were ignoring options and rules for stdout and adhoc cases.
- Fix virt module to support list_vms with a status of paused \ 
(https://github.com/ansible/ansible/issues/72059)
- Fixed issue when `netstat` is either missing or doesn't have execution \ 
permissions leading to incorrect command being executed.
- Try to load action plugin from the same collection as the module \ 
(https://github.com/ansible/ansible/pull/66701)
- account for bug in Python 2.6 that occurs during interpreter shutdown to avoid \ 
stack trace
- ansible-test - Correctly detect changes in a GitHub pull request when running \ 
on Azure Pipelines.
- ansible-test - Skip installing requirements if they are already installed.
- ansible-test - add constraint for ``cffi`` to prevent failure on systems with \ 
older versions of ``gcc`` (https://foss.heptapod.net/pypy/cffi/-/issues/480)

- ansible-test - convert target paths to unicode on Python 2 to avoid \ 
``UnicodeDecodeError`` (https://github.com/ansible/ansible/issues/68398, \ 
https://github.com/ansible/ansible/pull/72623).
- ansible-test - improve classification of changes to ``.gitignore``, \ 
``COPYING``, ``LICENSE``, ``Makefile``, and all files ending with one of ``.in`, \ 
``.md`, ``.rst``, ``.toml``, ``.txt`` in the collection root directory \ 
(https://github.com/ansible/ansible/pull/72353).
- ansible-test now uses GNU tar format instead of the Python default when \ 
creating payloads for remote systems
- azure_rm inventory plugin - update to fetch availability zone information of \ 
VM in hostvars. (https://github.com/ansible-collections/azure/issues/161)
- dnf - fix filtering to avoid dependncy conflicts \ 
(https://github.com/ansible/ansible/issues/72316)
- ec2_group - Fixes error handling during tagging failures \ 
(https://github.com/ansible-collections/ … issues/210).
- ensure 'local' connection always has the correct default user for actions to \ 
consume.
- network_cli - Update paramiko play_context when network_cli's play context is \ 
updated so that ssh parameters can be updated as well.
- network_cli connection plugin - Perform privilege escalation before setting \ 
terminal.
- pause - Fix indefinite hang when using a pause task on a background process \ 
(https://github.com/ansible/ansible/issues/32142)

- remove redundant remote_user setting in play_context for local as plugin \ 
already does it, also removes fork/thread issue from use of pwd library.
- set_mode_if_different - handle symlink if it is inside a directory with sticky \ 
bit set (https://github.com/ansible/ansible/pull/45198)

- systemd - account for templated unit files using ``@`` when searching for the \ 
unit file (https://github.com/ansible/ansible/pull … -730626228)

- systemd - follow up fix to https://github.com/ansible/ansible/issues/72338 to \ 
use ``list-unit-files`` rather than ``list-units`` in order to show all units \ 
files on the system.

- systemd - work around bug with ``systemd`` 245 and 5.8 kernel that does not \ 
correctly report service state (https://github.com/ansible/ansible/issues/71528)

- wait_for - catch and ignore errors when getting active connections with psutil \ 
(https://github.com/ansible/ansible/issues/72322)

v2.9.15
=======

Release Summary
---------------

| Release Date: 2020-11-02
| `Porting Guide \ 
<https://docs.ansible.com/ansible/devel/porting_guides.html>`__

Minor Changes
-------------

- ansible-test - Add a ``--docker-network`` option to choose the network for \ 
running containers when using the ``--docker`` option.
- ansible-test - Collections can now specify pip constraints for unit and \ 
integration test requirements using ``tests/unit/constraints.txt`` and \ 
``tests/integration/constraints.txt`` respectively.
- dnf - now shows specific package changes (installations/removals) under \ 
``results`` in check_mode. (https://github.com/ansible/ansible/issues/66132)
- module_defaults - add new module s3_metrics_configuration from community.aws \ 
to aws module_defaults group (https://github.com/ansible/ansible/pull/72145).
- vmware_guest_custom_attributes - Fixed issue when trying to set a VM custom \ 
attribute when there are custom attributes with the same name for other object \ 
types (https://github.com/ansible-collections/ … issues/412).

Breaking Changes / Porting Guide
--------------------------------

- ansible-galaxy login command has been removed (see \ 
https://github.com/ansible/ansible/issues/71560)

Bugfixes
--------

- Restore the ability for changed_when/failed_when to function with group_by.
- ansible-test - Always connect additional Docker containers to the network used \ 
by the current container (if any).
- ansible-test - Always map ``/var/run/docker.sock`` into test containers \ 
created by the ``--docker`` option if the docker host is not ``localhost``.
- ansible-test - Attempt to detect the Docker hostname instead of assuming \ 
``localhost``.
- ansible-test - Correctly detect running in a Docker container on Azure Pipelines.
- ansible-test - Prefer container IP at \ 
``.NetworkSettings.Networks.{NetworkName}.IPAddress`` over \ 
``.NetworkSettings.IPAddress``.
- ansible-test - The ``cs`` and ``openshift`` test plugins now search for \ 
containers on the current network instead of assuming the ``bridge`` network.
- ansible-test - Using the ``--remote`` option on Azure Pipelines now works from \ 
a job running in a container.
- ansible-test - disable ansible-doc sanity test for vars plugins in \ 
collections, which are not supported by Ansible 2.9 \ 
(https://github.com/ansible/ansible/pull/72336).
- async_wrapper - Fix race condition when ``~/.ansible_async`` folder tries to \ 
be created by multiple async tasks at the same time - \ 
https://github.com/ansible/ansible/issues/59306
- dnf - it is now possible to specify both ``security: true`` and ``bugfix: \ 
true`` to install updates of both types. Previously, only security would get \ 
installed if both were true. (https://github.com/ansible/ansible/issues/70854)
- facts - fix distribution fact for SLES4SAP \ 
(https://github.com/ansible/ansible/pull/71559).
- kubectl - follow up fix in _build_exec_cmd API \ 
(https://github.com/ansible/ansible/issues/72171).
- nmcli - typecast parameters to string as required \ 
(https://github.com/ansible/ansible/issues/59095).
- ovirt_disk - don't move disk when already in storage_domain \ 
(https://github.com/oVirt/ovirt-ansible- … n/pull/135).
- postgresql_pg_hba - fix a crash when a new rule with an 'options' field \ 
replaces a rule without or vice versa \ 
(https://github.com/ansible-collections/ … ssues/1108).
- postgresql_privs - fix the module mistakes a procedure for a function \ 
(https://github.com/ansible-collections/ … issues/994)
- powershell - remove getting the PowerShell version from the env var \ 
``POWERSHELL_VERSION``. This feature never worked properly and can cause \ 
conflicts with other libraries that use this var
- user - AnsibleModule.run_command returns a tuple of return code, stdout and \ 
stderr. The module main function of the user module expects user.create_user to \ 
return a tuple of return code, stdout and stderr. Fix the locations where stdout \ 
and stderr got reversed.

- user - Local users with an expiry date cannot be created as the ``luseradd`` / \ 
``lusermod`` commands do not support the ``-e`` option. Set the expiry time in \ 
this case via ``lchage`` after the user was created / modified. \ 
(https://github.com/ansible/ansible/issues/71942)

- zfs - fixed ``invalid character '@' in pool name"`` error when working \ 
with snapshots on a root zvol \ 
(https://github.com/ansible-collections/ … issues/932).

v2.9.14
=======

Release Summary
---------------

| Release Date: 2020-10-05
| `Porting Guide \ 
<https://docs.ansible.com/ansible/devel/porting_guides.html>`__

Minor Changes
-------------

- ansible-test - Added CI provider support for Azure Pipelines.
- ansible-test - Added support for Ansible Core CI request signing for Shippable.
- ansible-test - Allow custom ``--remote-stage`` options for development and testing.
- ansible-test - Fix ``ansible-test coverage`` reporting sub-commands \ 
(``report``, ``html``, ``xml``) on Python 2.6.
- ansible-test - Refactored CI related logic into a basic provider abstraction.
- ansible-test - Remove the discontinued ``us-east-2`` choice from the \ 
``--remote-aws-region`` option.
- ansible-test - Request remote resources by provider name for all provider types.
- ansible-test - Show a warning when the obsolete ``--remote-aws-region`` option \ 
is used.
- ansible-test - Support custom remote endpoints with the ``--remote-endpoint`` \ 
option.
- ansible-test - Update built-in service endpoints for the ``--remote`` option.
- ansible-test - Use new endpoint for Parallels based instances with the \ 
``--remote`` option.
- vmware_guest - Support HW version 15 / vSphere 6.7U2 \ 
(https://github.com/ansible-collections/vmware/pull/99).

Security Fixes
--------------

- kubectl - connection plugin now redact kubectl_token and kubectl_password in \ 
console log \ 
(https://github.com/ansible-collections/ … /issues/65) \ 
(CVE-2020-1753).

Bugfixes
--------

- Handle write_files option in cgroup_perf_recap callback plugin \ 
(https://github.com/ansible/ansible/issues/64936).
- Prevent templating unused variables for {% include %} \ 
(https://github.com/ansible/ansible/issues/68699)
- Provide more information in AnsibleUndefinedVariable \ 
(https://github.com/ansible/ansible/issues/55152)
- ansible-doc - do not crash if plugin name cannot be found \ 
(https://github.com/ansible/ansible/pull/71965).
- ansible-doc - properly show plugin name when ``name:`` is used instead of \ 
``<plugin_type>:`` (https://github.com/ansible/ansible/pull/71965).
- ansible-test - Change classification using ``--changed`` now consistently \ 
handles common configuration files for supported CI providers.
- ansible-test - The ``resource_prefix`` variable provided to tests running on \ 
Azure Pipelines is now converted to lowercase to match other CI providers.
- ansible-test - for local change detection, allow to specify branch to compare \ 
to with ``--base-branch`` for all types of tests \ 
(https://github.com/ansible/ansible/pull/69508).
- docker_login - now correctly reports changed status on logout for Docker \ 
versions released after June 2020.
- docker_login - now obeys check_mode for logout
- interfaces_file - escape regular expression characters in old value \ 
(https://github.com/ansible-collections/ … issues/777).
- ovirt_disk - fix upload when direct upload fails \ 
(https://github.com/oVirt/ovirt-ansible- … n/pull/120).
- postgres_user - remove false positive ``no_log`` warning for \ 
``no_password_changes`` option \ 
(https://github.com/ansible/ansible/issues/68106).
- psrp - Fix hang when copying an empty file to the remote target
- runas - create a new token when running as ``SYSTEM`` to ensure it has the \ 
full privileges assigned to that account
   2020-12-04 21:45:51 by Nia Alarie | Files touched by this commit (456)
Log message:
Revbump packages with a runtime Python dep but no version prefix.

For the Python 3.8 default switch.
   2020-09-08 19:51:49 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
ansible: updated to 2.9.13

v2.9.13
=======

Minor Changes
-------------
- Updated network integration auth timeout to 90 secs.
- ansible-test - Remove ``pytest < 6.0.0`` constraint for managed \ 
installations on Python 3.x now that pytest 6 is supported.
- known_hosts - fix reference to non-existent parameter in example \ 
(https://github.com/ansible/ansible/issues/71417)

Security Fixes
--------------
- The fix for CVE-2020-1736 has been reverted. Users are encouraged to specify a \ 
``mode`` parameter in their file-based tasks when the files being manipulated \ 
contain sensitive data.
- dnf - Previously, regardless of the ``disable_gpg_check`` option, packages \ 
were not GPG validated. They are now. (CVE-2020-14365)

Bugfixes
--------
- Confirmed commit fails with TypeError in IOS XR netconf plugin \ 
(https://github.com/ansible-collections/ … /issues/74)
- Fix an exit code for a non-failing playbook \ 
(https://github.com/ansible/ansible/issues/71306)
- Fix execution of the meta tasks 'clear_facts', 'clear_host_errors', \ 
'end_play', 'end_host', and 'reset_connection' when the CLI flag '--flush-cache' \ 
is provided.
- Fix statistics reporting when rescue block contains another block (issue \ 
https://github.com/ansible/ansible/issues/61253).
- Fixed Ansible reporting validate not supported by netconf server when enabled \ 
in netconf - \ 
(https://github.com/ansible-collections/ … issues/119).
- TOML inventory - Ensure we register dump functions for ``AnsibleUnsafe`` to \ 
support dumping unsafe values. Note that the TOML format has no functionality to \ 
mark that the data is unsafe for re-consumption. \ 
(https://github.com/ansible/ansible/issues/71307)
- ansible-test units - fixed collection location code to work under pytest >= \ 
6.0.0
- aws_acm_info - fix `KeyError` failure when retrieving keys with a `Failed` \ 
status (https://github.com/ansible-collections/ … issues/198)
- cron - cron file should not be empty after adding var \ 
(https://github.com/ansible/ansible/pull/71207)
- mongodb_replicaset - fixes authentication to determine replicaset name \ 
(https://github.com/ansible-collections/ … issues/136).
- powershell - fix escaping of strings that broken modules like fetch when \ 
dealing with special chars - https://github.com/ansible/ansible/issues/62781
- powershell - fix the CLIXML parser when it contains nested CLIXML objects - \ 
https://github.com/ansible/ansible/issues/69550
- psrp - Use native PSRP mechanism when copying files to support custom endpoints
- setup - Add a null check for ``Win32_Bios.ReleaseData`` to avoid a failure \ 
when that value is not set - https://github.com/ansible/ansible/issues/69736
- strftime filter - Input epoch is allowed to be a float \ 
(https://github.com/ansible/ansible/issues/71257)
- systemd - fixed chroot usage on new versions of systemd, that broke because of \ 
upstream changes in systemctl output
- systemd - made the systemd module work correctly when the SYSTEMD_OFFLINE \ 
environment variable is set
- zabbix_host - fixed inventory_mode key error, which occurs with Zabbix 4.4.1 \ 
or more (https://github.com/ansible/ansible/issues/65304).
- zabbix_proxy - fixed support for Zabbix 5.0
   2020-08-24 12:58:41 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
ansible: updated to 2.9.12

v2.9.12
=======

Minor Changes
-------------
- ansible-test - the ACME test container was updated, it now supports external \ 
account creation and has a basic OCSP responder \ 
(https://github.com/ansible/ansible/pull/71097, \ 
https://github.com/ansible/acme-test-co … /tag/2.0.0).
- debconf - add a note about no_log=True since module might expose sensitive \ 
information to logs (https://github.com/ansible/ansible/issues/32386).

Security Fixes
--------------
- **security issue** - copy - Redact the value of the no_log 'content' parameter \ 
in the result's invocation.module_args in check mode. Previously when used with \ 
check mode and with '-vvv', the module would not censor the content if a change \ 
would be made to the destination path. (CVE-2020-14332)

- **security issue** atomic_move - change default permissions when creating \ 
temporary files so they are not world readable \ 
(https://github.com/ansible/ansible/issues/67794) (CVE-2020-1736)

- Fix warning for default permission change when no mode is specified. Follow up \ 
to https://github.com/ansible/ansible/issues/67794. (CVE-2020-1736)

- Sanitize no_log values from any response keys that might be returned from the \ 
uri module (CVE-2020-14330).
- reset logging level to INFO due to CVE-2019-14846.

Bugfixes
--------
- Address compat with rpmfluff-0.6 for integration tests
- Ensure password passed in by -k is used on delegated hosts that do not have \ 
ansible_password set
- Template connection variables before using them \ 
(https://github.com/ansible/ansible/issues/70598).
- Terminal plugins - add "\e[m" to the list of ANSI sequences stripped \ 
from device output
- add magic/connection vars updates from delegated host info.
- ansible-galaxy collection install - fix fallback mechanism if the AH server \ 
did not have the collection requested - \ 
https://github.com/ansible/ansible/issues/70940
- ansible-test - Add ``pytest < 6.0.0`` constraint for managed installations \ 
on Python 3.x to avoid issues with relative imports.
- ansible-test - Change detection now properly resolves relative imports instead \ 
of treating them as absolute imports.
- api - time.clock is removed in Python 3.8, add backward compatible code \ 
(https://github.com/ansible/ansible/issues/70649).
- avoid clobbering existing facts inside loop when task also returns ansible_facts.
- basic - use PollSelector implementation when DefaultSelector fails \ 
(https://github.com/ansible/ansible/issues/70238).
- cron - encode and decode crontab files in UTF-8 explicitly to allow non-ascii \ 
chars in cron filepath and job (https://github.com/ansible/ansible/issues/69492)
- ensure delegated vars can resolve hostvars object and access vars from \ 
hostvars[inventory_hostname].
- facts - account for Slackware OS with ``+`` in the name \ 
(https://github.com/ansible/ansible/issues/38760)
- facts - fix incorrect UTC timestamp in ``iso8601_micro`` and ``iso8601``
- fix issue with inventory_hostname and delegated host vars mixing on connection \ 
settings.
- hashi_vault - Handle equal sign in key=value \ 
(https://github.com/ansible/ansible/issues/55658).
- ipa_hostgroup - fix an issue with load-balanced ipa and cookie handling with \ 
Python 3 - (https://github.com/ansible/ansible/issues/71110).
- lineinfile - fix not subscriptable error in exception handling around file creation
- linux network facts - get the correct value for broadcast address \ 
(https://github.com/ansible/ansible/issues/64384)
- mysql_user - fix overriding password to the same \ 
(https://github.com/ansible-collections/ … issues/543).
- net_put - Fixed UnboundLocalError when there is no change This is a backport \ 
from U(https://github.com/ansible-collections/ … mon/pull/6)
- nxos_user - do not fail when a custom role is used \ 
(https://github.com/ansible-collections/ … s/pull/130)
- ovirt_vm - fix cd_iso search
- playbooks - detect and propagate failures in ``always`` blocks after \ 
``rescue`` (https://github.com/ansible/ansible/issues/70000)
- profile_tasks - typecast result before slicing it \ 
(https://github.com/ansible/ansible/issues/59059).
- reboot - Add support for the runit init system, used on Void Linux, that does \ 
not support the normal Linux syntax.
- redfish_info, redfish_config, redfish_command - Fix Redfish response payload \ 
decode on Python 3.5 (https://github.com/ansible/ansible/issues/65889)
- shell - fix quoting of mkdir command in creation of remote_tmp in order to \ 
allow spaces and other special characters \ 
(https://github.com/ansible/ansible/issues/69577).
- templating - fix error message for ``x in y`` when y is undefined \ 
(https://github.com/ansible/ansible/issues/70984)
- unarchive - check ``fut_gid`` against ``run_gid`` in addition to supplemental \ 
groups (https://github.com/ansible/ansible/issues/49284)
- user - don't create home directory and missing parents when create_home == \ 
false (https://github.com/ansible/ansible/pull/70600).
- yum - fix yum list crashing if repoquery (used internally) prints errors in \ 
stdout (https://github.com/ansible/ansible/issues/56800)
   2020-08-07 09:40:42 by Maya Rashish | Files touched by this commit (3) | Package updated
Log message:
ansible: parse the output of mount(8) instead of /etc/fstab.
bump PKGREVISION

PR pkg/55544
   2020-07-29 15:54:07 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
ansible: updated to 2.9.11

v2.9.11
=======

Minor Changes
-------------
- The ``items2dict`` filter can now create a dict whose values are the original \ 
elements of the input list, and whose keys are the value of some key in each \ 
dict. When the resulting dict is stored, this allows for O(1) lookup of a \ 
particular key without having to scan the entire list each time.
- k8s - update openshift requirements in documentation
- pipe lookup - update docs for Popen with shell=True usages \ 
(https://github.com/ansible/ansible/issues/70159).

Bugfixes
--------
- Allow TypeErrors on Undefined variables in filters to be handled or deferred \ 
when processing for loops.
- Fix ``delegate_facts: true`` when ``ansible_python_interpreter`` is not set. \ 
(https://github.com/ansible/ansible/issues/70168)
- Support check mode in NXOS BGP modules \ 
(https://github.com/ansible/ansible/pull/57360).
- TaskExecutor - Handle unexpected errors as failed while post validating loops \ 
(https://github.com/ansible/ansible/issues/70050).
- The `ansible_become` value was not being treated as a boolean value when set \ 
in an INI format inventory file (fixes bug \ 
https://github.com/ansible/ansible/issues/70476).
- To fix ios_l2_interfaces facts parsing issue \ 
(https://github.com/ansible-collections/ … os/pull/59)
- To fix ios_user and ios_command test case failure fix \ 
(https://github.com/ansible-collections/ … os/pull/82)
- Vault - Allow single vault encrypted values to be used directly as module \ 
parameters. (https://github.com/ansible/ansible/issues/68275)
- add constraints file for ``anisble_runner`` test since an update to ``psutil`` \ 
is now causing test failures
- ansible-galaxy - Instead of assuming the first defined server is galaxy, \ 
filter based on the servers that support the v1 API, and return the first of \ 
those (https://github.com/ansible/ansible/issues/65440)
- ansible-test no longer tracebacks during change analysis due to processing an \ 
empty python file
- ansible-test now correctly recognizes imports in collections when using the \ 
``--changed`` option.
- ansible-test now ignores empty ``*.py`` files when analyzing module_utils \ 
imports for change detection
- assemble - fix decrypt argument in the module \ 
(https://github.com/ansible/ansible/issues/65450).
- docker_container - various error fixes in string handling for Python 2 to \ 
avoid crashes when non-ASCII characters are used in strings \ 
(https://github.com/ansible-collections/ … issues/640).
- eos_eapi - enable eapi by default
- group_by now should correctly refect changed status.
- json callback - Fix host result to task references in the resultant JSON \ 
output for non-lockstep strategy plugins such as free \ 
(https://github.com/ansible/ansible/issues/65931)
- nmcli - Add compatibility for new networkmanager library \ 
(https://github.com/ansible/ansible/pull/65726).
- puppet - fix command line construction for check mode and ``manifest:`` \ 
(https://github.com/ansible/ansible/issues/60576).
- selective callback - mark task failed correctly \ 
(https://github.com/ansible/ansible/issues/63767).
- windows async - use full path when calling PowerShell to reduce reliance on \ 
environment vars being correct - https://github.com/ansible/ansible/issues/70655
- winrm - preserve winrm forensic data on put_file failures
   2020-06-20 08:55:04 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
ansible: updated to 2.9.10

v2.9.10
=======

Minor Changes
-------------
- Add new magic variable ``ansible_collection`` that contains the collection name
- Add new magic variable ``ansible_role_name`` that contains the FQCN of the role
- Added missing platform guide for FRR
- Fix a typo in remove_signature flag in podman_image module
- Remove the deprecation message for the ``TRANSFORM_INVALID_GROUP_CHARS`` setting.
- The results queue and counter for results are now split for standard / handler \ 
results. This allows the governing strategy to be truly independent from the \ 
handler strategy, which basically follows the linear methodology.
- Updates ``ansible_role_names``, ``ansible_play_role_names``, and \ 
``ansible_dependent_role_names`` to include the FQCN
- ``Display.deprecated()``, ``AnsibleModule.deprecate()`` and \ 
``Ansible.Basic.Deprecate()`` now also accept the deprecation-by-date parameters \ 
and collection name parameters from Ansible 2.10, so plugins and modules in \ 
collections that conform to Ansible 2.10 will run with newer versions of Ansible \ 
2.9.
- ovirt: update operating system options
- ovirt_storage_vm_info: fix example
- ovirt_vm: fix quotas example

Deprecated Features
-------------------
- Using the DefaultCallback without the correspodning doc_fragment or copying \ 
the documentation.

Bugfixes
--------
- Allow tasks to notify a fqcn handler name
- Avoid bare select() for running commands to avoid too large file descriptor \ 
numbers failing tasks
- Avoid running subfunctions that are passed to show_vars function when it will \ 
be a noop.
- Create an ``import_module`` compat util, for use across the codebase, to allow \ 
collection loading to work properly on Python26
- Do not keep empty blocks in PlayIterator after skipping tasks with tags.
- Ensure that ``--version`` works with non-ascii ansible project paths
- Fix content encoding/decoding and do not fail when key based auth is used
- Fix gather_facts not working for network platforms when network_os is in FQCN \ 
format
- Fix issue with nxos_l2_interfaces where replaced doesn't remove superfluous config
- Fix nxos_facts with VDC having no interfaces
- Fix nxos_interfaces enabled not working properly because of broken system \ 
default dict generation
- Fix the issue when OS secgroup rule couldn't be imported from a different tenant
- Fixed the equality check for IncludedFiles to ensure they are not accidently \ 
merged when process_include_results runs.
- Prevent a race condition when running handlers using a combination of the free \ 
strategy and include_role.
- Properly handle unicode in ``safe_eval``.
- Remove unused and invalid import from FRR cliconf plugin
- RoleRequirement - include stderr in the error message if a scm command fails
- To fix ios_l3_interfaces Loopback issue
- To fix ios_vlans vtp version 2 issue
- Update NX-OS cliconf to accomodate MDS
- Update terminal plugin to check feature privilege only when escalation is needed
- Validate include args in handlers.
- added 'unimplemented' prefix to file based caching
- added new option for default callback to compat variable to avoid old 3rd \ 
party plugins from erroring out.
- ansible-doc - Allow and give precedence to `removed_at_date` for deprecated \ 
modules.
- ansible-galaxy - Fix ``multipart/form-data`` body to include extra CRLF
- ansible-galaxy - Preserve symlinks when building and installing a collection
- ansible-galaxy collection build - Command did not ignore .git files, which had \ 
the potential to cause troubles later on (for example, when importing into \ 
Automation Hub)
- ansible-test - Disabled the ``duplicate-code`` and ``cyclic-import`` checks \ 
for the ``pylint`` sanity test due to inconsistent results.
- ansible-test - The shebang sanity test now correctly identifies modules in \ 
subdirectories in collections.
- ansible-test change detection - Run only sanity tests on ``docs/`` and \ 
``changelogs/`` in collections, to avoid triggering full CI runs of integration \ 
and unit tests when files in these directories change.
- ansible-test is now able to find its ``egg-info`` directory when it contains \ 
the Ansible version number
- ansible-test no longer optimizes setting ``PATH`` by prepending the directory \ 
containing the selected Python interpreter when it is named ``python``. This \ 
avoids unintentionally making other programs available on ``PATH``, including an \ 
already installed version of Ansible.
- ansible-test pylint sanity test - do not crash when ``version`` specified to \ 
``AnsibleModule.deprecate()`` or ``Display.deprecated()`` contains string \ 
components, f.ex. tagged version numbers for Ansible 2.10.
- archive - fix issue with empty file exclusion from archive
- avoid fatal traceback when a bad FQCN for a callback is supplied in the whitelist.
- ce - Modify the way of parsing NETCONF XML message in ce.py
- collection loader - fix file/module/class confusion issues on case-insensitive \ 
filesystems
- copy - Fixed copy module not working in case that remote_src is enabled and \ 
dest ends in a /
- discovery will NOT update incorrect host anymore when in delegate_to task.
- dnf - enable logging using setup_loggers() API in dnf-4.2.17-6 or later
- docker_machine - fallback to ip subcommand output if IPAddress is missing
- ensure we pass on interpreter discovery values to delegated host.
- file - return ``'state': 'absent'`` when a file does not exist
- fixed issues when using net_get & net_put before the persistent connection \ 
has been started
- interpreter discovery will now use correct vars (from delegated host) when in \ 
delegate_to task.
- k8s - Handle set object retrieved from lookup plugin.
- lineinfile - use ``module.tmpdir`` to allow configuration of the remote temp \ 
directory
- lxd_container - enables to set keys not present in existing config
- ovirt_disk fix activate
- ovirt_disk: fix upload/download of images for ovirt 4.4
- ovirt_disk: force wait when uploading disk
- ovirt_vm: fix cd_iso search by name
- profile_tasks - typecast results before using it
- sesu - make use of the prompt specified in the code
- syslog_json callback - fix plugin exception when running
- yum/dnf - check type of elements in a name
- zfs_delegate_admin - add missing choices diff/hold/release to the permissions \ 
parameter
   2020-05-19 14:58:46 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
ansible: updated to 2.9.9

v2.9.9

Bugfixes
--------
- Fix an issue with the ``fileglob`` plugin where passing a subdirectory of \ 
non-existent directory would cause it to fail - \ 
https://github.com/ansible/ansible/issues/69450

v2.9.8
======

Minor Changes
-------------
- Add test for reboot & wait_for_connection on EOS & IOS \ 
(https://github.com/ansible/ansible/pull/63014)
- Fixed 'intersect' filter spelling in constructed inventory plugin example.
- Move cli prompt check logic from action to cliconf plugin \ 
(https://github.com/ansible/ansible/pull/63945)
- Point inventory script location to their respective version rather than devel \ 
version in documentation.
- ansible-test - Now includes testing support for RHEL 8.2
- ansible-test - Remove obsolete support for provisioning remote vCenter \ 
instances. The supporting services are no longer available.

Bugfixes
--------
- Collections - Allow a collection role to call a stand alone role, without \ 
needing to explicitly add ``ansible.legacy`` to the collection search order \ 
within the collection role. (https://github.com/ansible/ansible/issues/69101)
- Fix cli context check for network_cli connection \ 
(https://github.com/ansible/ansible/pull/64697)
- Revert 5f6427b1fc7449a5c42212013d3f628665701c3d as it breaks netconf connection
- Role Installation - Ensure that a role containing files with non-ascii \ 
characters can be installed (https://github.com/ansible/ansible/issues/69133)
- Update ActionBase._low_level_execute_command to honor executable \ 
(https://github.com/ansible/ansible/issues/68054)
- collections - Handle errors better for filters and tests in collections, where \ 
a non-existent collection is specified, or importing the plugin results in an \ 
exception (https://github.com/ansible/ansible/issues/66721)
- deal with cases in which just a file is pased and not a path with directories, \ 
now fileglob correctly searches in 'files/' subdirs.
- dnf - Unified error messages when trying to install a nonexistent package with \ 
newer dnf (4.2.18) vs older dnf (4.2.9)
- dnf - Unified error messages when trying to remove a wildcard name that is not \ 
currently installed, with newer dnf (4.2.18) vs older dnf (4.2.9)
- hostname - make module work on Manjaro Linux \ 
(https://github.com/ansible/ansible/issues/61382)
- mysql_user - fix the error No database selected \ 
(https://github.com/ansible/ansible/issues/68070).
- ovirt_disk: add warning when uploading wrong format
- ovirt_disk: upload image auto detect size
- ovirt_network: allow to remove vlan_tag
- pip - The virtualenv_command option can now include arguments without \ 
requiring the full path to the binary. \ 
(https://github.com/ansible/ansible/issues/52275)
- pip - check_mode with ``state: present`` now returns the correct state for \ 
pre-release versioned packages
- postgresql_set - fix converting value to uppercase \ 
(https://github.com/ansible/ansible/issues/67377).
- redfish_config - fix support for boolean bios attrs \ 
(https://github.com/ansible/ansible/pull/68251)
- service_facts - Now correctly parses systemd list-unit-files for systemd >=245
- sysvinit - Add missing parameter ``module`` in call to ``daemonize()``.
- the default parsing will now show existing JSON errors and not just YAML (last \ 
attempted), also we avoid YAML parsing when we know we only want JSON issue
- win_psmodule - Fix TLS 1.2 compatibility with PSGallery.
- win_psrepository - Fix TLS 1.2 compatibility with PSGallery.
- win_psrepository - Fix ``Ignore`` error when trying to retrieve the list of \ 
registered repositories
- zabbix_template - no longer fails with KeyError when there are no macros \ 
present in existing template (see \ 
https://github.com/ansible-collections/ … /issues/19)