Pkgsrc changes:
* Adapt patches and PLIST.
Upstream changes (partial, see CHANGELOG.md for the full list):
== 2.4.0.0 "Dancing Days" 19 Sep 2017
=== Major Changes
* Support for Python-2.4 and Python-2.5 on the managed system's side
was dropped. If you need to manage a system that ships with
Python-2.4 or Python-2.5, you'll need to install Python-2.6 or
better on the managed system or run Ansible-2.3 until you can
upgrade the system.
* New import/include keywords to replace the old bare `include`
directives. The use of `static: {yes|no}` on such includes is now
deprecated.
- Using `import_*` (`import_playbook`, `import_tasks`,
`import_role`) directives are static.
- Using `include_*` (`include_tasks`, `include_role`) directives
are dynamic.
This is done to avoid collisions and possible security issues as
facts come from the remote targets and they might be compromised.
* New `order` play level keyword that allows the user to change the
order in which Ansible processes hosts when dispatching tasks.
* Users can now set group merge priority for groups of the same depth
(parent child relationship), using the new `ansible_group_priority`
variable, when values are the same or don't exist it will fallback
to the previous sorting by name'.
* Inventory has been revamped:
- Inventory classes have been split to allow for better management
and deduplication
- Logic that each inventory source duplicated is now common and
pushed up to reconciliation
- VariableManager has been updated for better interaction with inventory
- Updated CLI with helper method to initialize base objects for plays
- New inventory plugins for creating inventory
- Old inventory formats are still supported via plugins
- Inline host_list is also an inventory plugin, an example
alternative `advanced_host_list` is also provided (it supports
ranges)
- New configuration option to list enabled plugins and precedence
order: `whitelist_inventory` in ansible.cfg
- vars_plugins have been reworked, they are now run from Vars
manager and API has changed (need docs)
- Loading group_vars/host_vars is now a vars plugin and can be overridden
- It is now possible to specify mulitple inventory sources in the
command line (-i /etc/hosts1 -i /opt/hosts2)
- Inventory plugins can use the cache plugin (i.e. virtualbox) and
is affected by `meta: refresh_inventory`
- Group variable precedence is now configurable via new 'precedence'
option in ansible.cfg (needs docs)
- Improved warnings and error messages across the board
* Configuration has been changed from a hardcoded listing in the
constants module to dynamically loaded from yaml definitions
- Also added an ansible-config CLI to allow for listing config
options and dumping current config (including origin)
- TODO: build upon this to add many features detailed in
ansible-config proposal
https://github.com/ansible/proposals/issues/35
* Windows modules now support the use of multiple shared module_utils
files in the form of Powershell modules (.psm1), via `#Requires
-Module Ansible.ModuleUtils.Whatever.psm1`
* Python module argument_spec now supports custom validation logic by
accepting a callable as the `type` argument.
* Windows become_method: runas now works across all authtypes and will
auto-elevate under UAC if WinRM user has "Act as part of the
operating system" privilege
=== Deprecations
* The behaviour when specifying `--tags` (or `--skip-tags`) multiple
times on the command line has changed so that the tags are merged
together by default. See the documentation for how to temporarily
use the old behaviour if needed:
https://docs.ansible.com/ansible/intro_configuration.html#merge-multiple-cli-tags
* The `fetch` module's `validate_md5` parameter has been deprecated
and will be removed in 2.8. If you wish to disable post-validation
of the downloaded file, use validate_checksum instead.
* Those using ansible as a library should note that the
`ansible.vars.unsafe_proxy` module is deprecated and slated to go
away in 2.8. The functionality has been moved to
`ansible.utils.unsafe_proxy` to avoid a circular import.
* The win_get_url module has the dictionary 'win_get_url' in its
results deprecated, its content is now also available directly in
the resulting output, like other modules.
==== Deprecated Modules (to be removed in 2.8):
* azure: use M(azure_rm_virtualmachine) instead
* cs_nic: replaced by cs_instance_nic_secondaryip, also see new module
cs_instance_nic for managing nics
* ec2_facts: replaced by ec2_metadata_facts
* ec2_remote_facts: replaced by ec2_instance_facts
* panos_address: use M(panos_object) instead
* panos_nat_policy: use M(panos_nat_rule) instead
* panos_security_policy: use M(panos_security_rule) instead
* panos_service: use M(panos_object) instead
* s3: replaced by aws_s3
* win_msi: use M(win_package) instead
==== Removed Modules (previously deprecated):
* eos_template: use eos_config instead
* ios_template: use ios_config instead
* iosxr_template: use iosxr_config instead
* junos_template: use junos_config instead
* nxos_template: use nxos_config instead
* openswitch
* ops_template: use ops_config instead
=== Minor Changes
* Now deprecated configuration options issue warnings when set.
* Removed unused and deprecated config option `pattern`
* Updated the copy of six bundled for modules to use from 1.4.1 to 1.10.0
* The `include_dir` var is not a global anymore, as we now allow
multiple inventory sources, it is now host dependant.
This means it cannot be used wherever host vars are not permitted,
for example in task/handler names.
* Fixed a cornercase with ini inventory vars. Previously, if an inventory var
was a quoted string with hash marks ("#") in it then the parsed string
included the quotes. Now the string will not be quoted. Previously, if the
quoting ended before the string finished and then the hash mark appeared, the
hash mark was included as part of the string. Now it is treated as
a trailing comment:
* Before:
var1="string#comment" ===> var1: "\"string#comment\""
var1="string" #comment ===> var1: "\"string\" #comment"
* After:
var1="string#comment" ===> var1: "string#comment"
var1="string" #comment ===> var1: "string"
The new behaviour mirrors how the variables would appear if there was no hash
mark in the string.
* As of 2.4.0, the fetch module fails if there are errors reading the
remote file.
Use `ignore_errors` or `failed_when` in playbooks if you wish to
ignore errors.
* Experimentally added pmrun become method.
* Enable the docker connection plugin to use su as a become method
* Add an encoding parameter for the replace module so that it can
operate on non-utf-8 files
* By default, Ansible now uses the cryptography module to implement
vault instead of the older pycrypto module.
* Changed task state resulting from both `rc` and `failed` fields
returned, 'rc' no longer overrides 'failed'. Test plugins have also
been updated accordingly.
* The win_unzip module no longer includes dictionary 'win_unzip' in
its results, the content is now directly in the resulting output,
like pretty much every other module.
* Rewrite of the copy module so that it handles cornercases with
symbolic links and empty directories. The copy module has a new
parameter, `local_follow` which controls how links on the source
system are treated. (The older parameter, follow is for links on the
remote system.)
* Update the handling of symbolic file permissions in file-related mode
parameters to deal with multiple operators. For instance,
`mode='u=rw+x-X'` to set the execute bit on directories, remove it
from filea, and set read-write on both is now supported
* Added better cookie parsing to fetch_url/open_url. Cookies are now
in a dictionary named `cookies` in the fetch_url result. Anything
using `open_url` directly can pass a cookie object as a named arg
(`cookies`), and then parse/format the cookies in the result.
* The bundled copy of six in lib/ansible/module_utils/six is now used
unconditionally. The code to fallback on a system six interfered
with static analysis of the code so the cost of using the fallback
code became too high. Distributions which wish to unbundle may do
so by replacing the bundled six in
ansible/module_utils/six/__init__.py. Six is tricky to unbundle,
however, so they may want to base their efforts off the code we were using:
* 2fff690caa/lib/ansible/module_utils/six/__init__.py
* Update ipaddr Jinja filters to replace existing non RFC compliant
ones. Added additional filters for easier use
of handling IP addresses. (PR# 26566)
* datetime filter updated to use default format of datetime.datetime
(ISO8601)
* The junit plugin now has an option to report a junit test failure on
changes for idempotent testing.
* New 'diff' keyword allows setting diff mode on playbook objects,
overriding command line option and config.
* New config settings for inventory to:
- control inventory plugins used
- extensions of files to ignore when using inventory directory
- patterns of flies to ignore when using inventory directory
- option to toggle failed inventory source parsing between an
error or a warning
* More fixes for Python 3 across the code base.
* win_shell and win_command modules now properly preserve quoted
arguments passed on the command-line. Tasks that attempted to work
around the issue by adding extra quotes/escaping may need to be
reworked. See https://github.com/ansible/ansible/issues/23019 for
additional detail.
Detailed information about additional subjects omitted here, see
CHANGES.md for the actual details; we just mention the headings of the
pared-down sections here:
==== New Callbacks:
==== New Connection plugins:
==== New Filters:
==== New Inventory Plugins:
==== New Inventory scripts:
==== New Lookups:
==== New Tests:
=== Module Notes
=== New Modules
==== Cloud
==== Commands
==== Crypto
==== Files
==== Identity
==== Monitoring
==== Network
==== Notification
==== Remote Management
==== Source Control
==== Storage
==== System
==== Web Infrastructure
==== Windows
== 2.3.3 "Ramble On" - TBD (not yet released)
=== Bugfixes
* Fix alternatives module handlling of non existing options
* Fix synchronize traceback with the docker connection plugin
* Do not escape backslashes in the template lookup plugin to mirror
what the template module does
* Fix the expires option of the postgresq_user module
* Fix for win_acl when settings permissions on registry objects that
use `ALL APPLICATION PACKAGES` and `ALL RESTRICTED APPLICATION
PACKAGES`
* Python3 fixes
* asorted azure modules
* pause module
* hacking/env-setup script
* Fix traceback when checking for passwords in logged strings when
logging executed commands.
* docker_login module
* Workaround python-libselinux API change in the seboolean module
* digital_ocean_tag module
* Fix the zip filter
* Fix user module combining bytes and text
* Fix for security groups in the amazon efs module
* Fix for the jail connection plugin not finding the named jail
* Fix for blockinfile's parameters insertbefore and insertafter
* ios_config: Fix traceback when the efaults parameter is not set
* iosxr_config: Fixed unicode error when UTF-8 characters are in configs
* Fix check mode in archive module
* Fix UnboundLocalError in check mode in cs_role module
* Fix to always use lowercase hostnames for host keys in known_hosts module
* Added missing return results for win_stat
* Fix rabbitmq modules to give a helpful error if requests is not installed
* Fix yum module not deleting rpms that it downloaded
* Fix yum module failing with a URL to an rpm
* Fix file module inappropriately expanding literal dollar signs in a path read
from the filesystem as an environment variable.
* Fix the ssh "smart" transport setting which automatically selects
the best means of transferring files over ssh (sftp, ssh, piped).
* Fix authentication by api_key parameter in exoscale modules.
* vmware module_utils shared code ssl/validate_certs fixes in connection logic
* allow 'bridge' facts to work for certain containers that create
conflicting ones with connection plugins
* Fix for win_get_url to use TLS 1.2/1.1 if it is available on the host
* Fix for the filetree lookup with non-ascii group names
* Better message for invalid keywords/options in task due to undefined
expressions
* Fixed check mode for enable on Solaris for service module
* Fix cloudtrail module to allow AWS profiles other than the default
* Fix an encoding issue with secret (password) vars_prompts