New release v2.13.0b0 (#77502)

pull/77508/head v2.13.0b0
Dimitri Savineau 3 years ago committed by GitHub
parent 2cba3e8c42
commit 220917e2af
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -0,0 +1,316 @@
=========================================================
ansible-core 2.13 "Nobody's Fault but Mine" Release Notes
=========================================================
.. contents:: Topics
v2.13.0b0
=========
Release Summary
---------------
| Release Date: 2022-04-11
| `Porting Guide <https://docs.ansible.com/ansible/devel/porting_guides.html>`__
Major Changes
-------------
- Jinja2 Controller Requirement - Jinja2 3.0.0 or newer is required for the control node (the machine that runs Ansible) (https://github.com/ansible/ansible/pull/75881)
- Templating - remove ``safe_eval`` in favor of using ``NativeEnvironment`` but utilizing ``literal_eval`` only in cases when ``safe_eval`` was used (https://github.com/ansible/ansible/pull/75587)
Minor Changes
-------------
- Action Plugins - Add helper method for argument spec validation, and extend to pause and async_wrapper
- Added AIX root CA certs folders - enhance the TLS support in ``uri`` task on AIX
- Added ``module_utils.compat.typing`` to facilitate type-hinting on all supported Python versions.
- Ansible.Basic - small changes to allow use in PowerShell modules running on non-Windows platforms (https://github.com/ansible/ansible/pull/76924).
- AnsibleModule.run_command() now has a toggle to allow caller to decide to handle exceptions from executing the command itself
- Attach concat function to an environment class (https://github.com/ansible/ansible/pull/76282)
- Clarify in a comment that unrolling an iterator in ``Templar._finalize`` is actually necessary. Also switch to using the ``_unroll_iterator`` decorator directly to deduplicate code in ``Templar._finalize``. (https://github.com/ansible/ansible/pull/76436)
- Installation - modernize our python installation, to reduce dynamic code in setup.py, and migrate what is feasible to setup.cfg. This will enable shipping wheels in the future.
- PlayIterator - introduce public methods to access ``PlayIterator._host_states`` (https://github.com/ansible/ansible/pull/74416)
- PlayIterator - use enums for Iterating and Failed states (https://github.com/ansible/ansible/pull/74511)
- Reduce number of iterations through PlayIterator (https://github.com/ansible/ansible/pull/74175)
- Remove more Python 2.x compatibility code from controller (https://github.com/ansible/ansible/pull/77320).
- Start of moving away from using Six, Python 2 and 3 compatibility library (https://github.com/ansible/ansible/pull/75863)
- The collection loader now reports a Python warning if an attempt is made to install the Ansible collection loader a second time. Previously this condition was reported using an Ansible warning.
- ``ansible-galaxy collection [install|verify]`` - allow user-provided signature sources in addition to those from the Galaxy server. Each collection entry in a requirements file can specify a ``signatures`` key followed by a list of sources. Collection name(s) provided on the CLI can specify additional signature sources by using the ``--signatures`` CLI option. Signature sources should be URIs that can be opened with ``urllib.request.urlopen()``, such as "https://example.com/path/to/detached_signature.asc" or "file:///path/to/detached_signature.asc". The ``--keyring`` option must be specified if signature sources are provided.
- ``ansible-galaxy collection [install|verify]`` - use gpg to verify the authenticity of the signed ``MANIFEST.json`` with ASCII armored detached signatures provided by the Galaxy server. The keyring (which is not managed by ``ansible-galaxy``) must be provided with the ``--keyring`` option to use signature verification. If no ``--keyring`` is specified and the collection to ``install|verify`` has associated detached signatures on the Galaxy server, a warning is provided.
- ``ansible-galaxy collection install`` - Add a global configuration to modify the required number of signatures that must verify the authenticity of the collection. By default, the number of required successful signatures is 1. Set this option to ``all`` to require all signatures verify the collection. To ensure signature verification fails if there are no valid signatures, prepend the value with '+', such as ``+all`` or ``+1``.
- ``ansible-galaxy collection install`` - Add a global ignore list for gpg signature errors. This can be used to ignore certain signatures when the number of required successful signatures is all. When the required number of successful signatures is a positive integer, the only effect this has is to display fewer errors to the user on failure (success is determined by having the minimum number of successful signatures, in which case all errors are disregarded).
- ``ansible-galaxy collection install`` - Add a global toggle to turn off GPG signature verification.
- ``ansible-galaxy collection install`` - Store Galaxy server metadata alongside installed collections for provenance. Signatures obtained from the Galaxy server can be used for offline verification with ``ansible-galaxy collection verify --offline``.
- ansible-console - Provide a way to customize the stdout callback
- ansible-core modules - Remove unused Python shebangs from built-in modules.
- ansible-doc metadata dump - add option ``--no-fail-on-errors`` which allows to not fail the ansible-doc invocation when errors happen during docs parsing or processing. Instead they are reported in the JSON result in an ``error`` key for the affected plugins (https://github.com/ansible/ansible/pull/77035).
- ansible-galaxy - the option to skip certificate verification now also applies when cloning via SCM (git/hg) (https://github.com/ansible/ansible/issues/41077)
- ansible-test - Accept new-style Python modules without a shebang.
- ansible-test - Add ``--version`` support to show the ansible-core version.
- ansible-test - Add support for ``rhel/8.5`` remote instances.
- ansible-test - Add support for remote testing of FreeBSD 12.3.
- ansible-test - Add support for running container tests with ``podman remote`` (https://github.com/ansible/ansible/pull/75753)
- ansible-test - Added the ``fedora35`` test container.
- ansible-test - Change the maximum number of open files in a test container from the default to ``10240``.
- ansible-test - Declare public dependencies of ansible-core and use to limit unguarded imports in plugins.
- ansible-test - Importing ``distutils`` now results in an error.
- ansible-test - Installation of ``cryptography`` is no longer version constrained when ``openssl`` 1.1.0 or later is installed.
- ansible-test - Miscellaneous code cleanup and type hint fixes.
- ansible-test - PowerShell in the ``base`` and ``default`` containers has been upgraded to version 7.1.4.
- ansible-test - Remove RHEL 8.4 remote (``rhel/8.4``) support.
- ansible-test - Remove ``idna`` constraint.
- ansible-test - Remove obsolete ``MAXFD`` display.
- ansible-test - Remove obsolete constraints for Python 2.6.
- ansible-test - Remove support for FreeBSD 12.2 remote provisioning.
- ansible-test - Remove support for macOS 11.1 remote provisioning.
- ansible-test - Remove support for provisioning remote AIX instances.
- ansible-test - Remove the ``centos8`` test container since CentOS 8 will reach end-of-life soon.
- ansible-test - Remove the ``fedora33`` test container since Fedora 33 will reach end-of-life soon.
- ansible-test - Remove unused Python 2.x compatibility code.
- ansible-test - Removed support for Sherlock from the Azure provisioning plugin.
- ansible-test - Removed used ``MarkupSafe`` constraint for Python 3.5 and earlier.
- ansible-test - Requirements for the plugin import test are now frozen.
- ansible-test - Shellcheck in the ``base`` and ``default`` containers has been upgraded to version 0.7.0.
- ansible-test - Stop early with an error if the current working directory contains an invalid collection namespace or name.
- ansible-test - The ``--help`` option is now available when an unsupported cwd is in use.
- ansible-test - The ``--help`` output now shows the same instructions about cwd as would be shown in error messages if the cwd is unsupported.
- ansible-test - The ``pip`` and ``wheel`` packages are removed from all sanity test virtual environments after installation completes to reduce their size. Previously they were only removed from the environments used for the ``import`` sanity test.
- ansible-test - The explanation about cwd usage has been improved to explain more clearly what is required.
- ansible-test - The hash for all managed sanity test virtual environments has changed. Containers that include ``ansible-test sanity --prime-venvs`` will need to be rebuilt to continue using primed virtual environments.
- ansible-test - Update ``base`` container to version 2.1.0.
- ansible-test - Update ``base`` container to version 2.2.0.
- ansible-test - Update ``default`` containers to version 5.2.0.
- ansible-test - Update ``default`` containers to version 5.4.0.
- ansible-test - Update ``default`` containers to version 5.5.0.
- ansible-test - Update ``default`` containers to version 5.6.2.
- ansible-test - Update ``default`` containers to version 5.7.0.
- ansible-test - Update ``default`` containers to version 5.8.0.
- ansible-test - Update ``pip`` used to bootstrap remote FreeBSD instances from version 20.3.4 to 21.3.1.
- ansible-test - Update sanity test requirements.
- ansible-test - Update the NIOS test plugin container to version 1.4.0.
- ansible-test - Update the ``alpine`` container to version 3.3.0. This updates the base image from 3.14.2 to 3.15.0, which includes support for installing binary wheels using pip.
- ansible-test - Update the ``base`` and ``default`` containers from Python 3.10.0rc2 to 3.10.0.
- ansible-test - Update the ``base`` and ``default`` containers from a Ubuntu 18.04 to Ubuntu 20.04 base image.
- ansible-test - Update the ``default`` containers to version 5.1.0.
- ansible-test - Update the ``galaxy`` test plugin to get its container from a copy on quay.io.
- ansible-test - Update the ``openshift`` test plugin to get its container from a copy on quay.io.
- ansible-test - Use Python 3.10 as the default Python version for the ``base`` and ``default`` containers.
- ansible-test - add macOS 12.0 as a remote target (https://github.com/ansible/ansible/pull/76328)
- ansible-test - handle JSON decode error gracefully in podman environment.
- ansible-test pslint - Added the `AvoidLongLines <https://github.com/PowerShell/PSScriptAnalyzer/blob/master/docs/Rules/AvoidLongLines.md>`_ rule set to a length of 160.
- ansible-test pslint - Added the `PlaceCloseBrace <https://github.com/PowerShell/PSScriptAnalyzer/blob/master/docs/Rules/PlaceCloseBrace.md>`_ rule set to enforce close braces on a newline.
- ansible-test pslint - Added the `PlaceOpenBrace <https://github.com/PowerShell/PSScriptAnalyzer/blob/master/docs/Rules/PlaceOpenBrace.md>`_ rule set to enforce open braces on the same line and a subsequent newline.
- ansible-test pslint - Added the `UseConsistentIndentation <https://github.com/PowerShell/PSScriptAnalyzer/blob/master/docs/Rules/UseConsistentIndentation.md>`_ rule to enforce indentation is done with 4 spaces.
- ansible-test pslint - Added the `UseConsistentWhitespace <https://github.com/PowerShell/PSScriptAnalyzer/blob/master/docs/Rules/UseConsistentWhitespace.md>`_ rule to enforce whitespace consistency in PowerShell.
- ansible-test pslint - Updated ``PowerShellScriptAnalyzer`` to 1.20.0
- ansible-test sanity validate-modules - the validate-modules sanity test now also checks the documentation of documentable plugin types (https://github.com/ansible/ansible/pull/71734).
- ansible-test validate-modules sanity test - add more schema checks to improve quality of plugin documentation (https://github.com/ansible/ansible/pull/77268).
- ansible-test validate_modules - allow ``choices`` for return values (https://github.com/ansible/ansible/pull/76009).
- apt - Add support for using ">=" in package version number matching.
- apt - Adds APT option ``--allow-change-held-packages`` as module parameter ``allow_change_held_packages`` to allow APT up- or downgrading a package which is on APTs hold list (https://github.com/ansible/ansible/issues/65325)
- auto inventory plugin will now give plugin loading information on verbose output
- callbacks - Add result serialization format options to ``_dump_results`` allowing plugins such as the ``default`` callback to emit ``YAML`` serialized task results in addition to ``JSON``
- dnf - add more specific error message for GPG validation (https://github.com/ansible/ansible/issues/76192)
- env lookup, add default option
- facts - report prefix length for IPv4 addresses in Linux network facts.
- get_parsable_locale now logs result when in debug mode.
- git - display the destination directory path in error msg when local_mods detects local modifications conflict so that users see the exact location
- iptables - add the ``chain_management`` parameter that controls iptables chain creation and deletion
- jinja2_native - keep same behavior on Python 3.10.
- junit callback - Add support for replacing the directory portion of out-of-tree relative task paths with a placeholder.
- k8s - scenario guides for kubernetes migrated to ``kubernetes.core`` collection.
- module_utils.distro - Add missing ``typing`` import from original code.
- package_facts - add pkg_info support for OpenBSD and NetBSD (https://github.com/ansible/ansible/pull/76580)
- services_facts - Add support for openrc (https://github.com/ansible/ansible/pull/76373).
- setting DEFAULT_FACT_PATH is being deprecated in favor of the generic module_defaults keyword
- uri - Avoid reading the response body when not needed
- uri - Eliminate multiple requests to determine the final URL for file naming with ``dest``
- validate-modules - do some basic validation on the ``M(...)``, ``U(...)``, ``L(..., ...)`` and ``R(..., ...)`` documentation markups (https://github.com/ansible/ansible/pull/76262).
- vmware - migrated vmware scenario guides to `community.vmware` repo.
- yum, dnf - add sslverify option to temporarily disable certificate validation for a repository
Breaking Changes / Porting Guide
--------------------------------
- Module Python Dependency - Drop support for Python 2.6 in module execution.
- Templating - it is no longer allowed to perform arithmetic and concatenation operations outside of the jinja template (https://github.com/ansible/ansible/pull/75587)
- The ``finalize`` method is no longer exposed in the globals for use in templating.
Deprecated Features
-------------------
- ansible-core - Remove support for Python 2.6.
- ansible-test - Remove support for Python 2.6.
- ssh connection plugin option scp_if_ssh in favor of ssh_transfer_method.
Removed Features (previously deprecated)
----------------------------------------
- Remove deprecated ``Templar.set_available_variables()`` method (https://github.com/ansible/ansible/issues/75828)
- cli - remove deprecated ability to set verbosity before the sub-command (https://github.com/ansible/ansible/issues/75823)
- copy - remove deprecated ``thirsty`` alias (https://github.com/ansible/ansible/issues/75824)
- psrp - Removed fallback on ``put_file`` with older ``pypsrp`` versions. Users must have at least ``pypsrp>=0.4.0``.
- url_argument_spec - remove deprecated ``thirsty`` alias for ``get_url`` and ``uri`` modules (https://github.com/ansible/ansible/issues/75825, https://github.com/ansible/ansible/issues/75826)
Security Fixes
--------------
- Do not include params in exception when a call to ``set_options`` fails. Additionally, block the exception that is returned from being displayed to stdout. (CVE-2021-3620)
Bugfixes
--------
- Add a YAML representer for ``NativeJinjaText``
- Add a YAML representer for ``NativeJinjaUnsafeText``
- AnsiballZ - Ensure we use the full python package in the module cache filename to avoid a case where ``collections:`` is used to execute a module via short name, where the short name duplicates another module from ``ansible.builtin`` or another collection that was executed previously.
- Ansible.ModuleUtils.LinkUtil - Ignore the ``LIB`` environment variable when loading the ``LinkUtil`` code
- Ansible.ModuleUtils.SID - Use user principal name as is for lookup in the ``Convert-ToSID`` function - https://github.com/ansible/ansible/issues/77316
- Detect package manager for Amazon Linux 2022 (AL2022) as dnf
- Ensure the correct ``environment_class`` is set on ``AnsibleJ2Template``
- Fix ``AttributeError`` when providing password file via ``--connection-password-file`` (https://github.com/ansible/ansible/issues/76530)
- Fix ``end_play`` to end the current play only (https://github.com/ansible/ansible/issues/76672)
- Fix collection filter/test plugin redirects (https://github.com/ansible/ansible/issues/77192).
- Fix executing includes in the always section in the free strategy (https://github.com/ansible/ansible/issues/75642)
- Fix for when templating empty template file resulted in file with string 'None' (https://github.com/ansible/ansible/issues/76610)
- Fix help message for the 'ansible-galaxy collection verify' positional argument. The positional argument must be a collection name (https://github.com/ansible/ansible/issues/76087).
- Fix module logging issue when using custom module on WSL2 (https://github.com/ansible/ansible/issues/76320)
- Fix task debugger to work with ``run_once`` using ``linear`` strategy (https://github.com/ansible/ansible/issues/76049)
- Fix traceback when installing a collection from a git repository and git is not installed (https://github.com/ansible/ansible/issues/77479).
- Interpreter Discovery - Fallback to OS family if the distro is not found in ``INTERPRETER_PYTHON_DISTRO_MAP`` (https://github.com/ansible/ansible/issues/75560)
- Interpreter discovery - Add ``RHEL`` to ``OS_FAMILY_MAP`` for correct family fallback for interpreter discovery (https://github.com/ansible/ansible/issues/77368)
- Make include_role/include_tasks work with any_errors_fatal (https://github.com/ansible/ansible/issues/50897)
- Parser errors from within includes should not be rescueable (https://github.com/ansible/ansible/issues/73657)
- Templating - Ensure we catch exceptions when getting ``.filters`` and ``.tests`` attributes on their respective plugins and properly error, instead of aborting which results in no filters being added to the jinja2 environment
- Trigger an undefined error when an undefined variable is detected within a dictionary and/or list (https://github.com/ansible/ansible/pull/75587)
- _run_loop - Add the task name to the warning (https://github.com/ansible/ansible/issues/76011)
- ``Templar.copy_with_new_env`` - set the ``finalize`` method of the new ``Templar`` object for the new environment (https://github.com/ansible/ansible/issues/76379)
- add_host/group_by: fix using changed_when in a loop (https://github.com/ansible/ansible/issues/71627)
- ansible-config avoid showing _terms and _input when --only-changed.
- ansible-doc - Fix ansible-doc -l ansible.builtin / ansible.legacy not returning anything
- ansible-doc - ignore plugin deprecation warnings (https://github.com/ansible/ansible/issues/75671)
- ansible-galaxy - Add galaxy_collection_skeleton/galaxy_collection_skeleton_ignore configuration options
- ansible-galaxy - Fix using the '--ignore-certs' option when there is no server-specific configuration for the Galaxy server.
- ansible-galaxy - installing/downloading collections with invalid versions in git repositories and directories now gives a formatted error message (https://github.com/ansible/ansible/issues/76425, https://github.com/ansible/ansible/issues/75404).
- ansible-galaxy - when installing a role properly raise an error when inaccessible path is specified multiple times in roles_path (e.g. via environment variable and command line option) (https://github.com/ansible/ansible/issues/76316)
- ansible-galaxy collection build - Ignore any existing ``MANIFEST.json`` and ``FILES.json`` in the root directory when building a collection.
- ansible-galaxy collection verify - display files/directories not included in the FILES.json as modified content.
- ansible-galaxy publish - Fix warning and error detection in import messages to properly display them in Ansible
- ansible-pull handle case where hostname and nodename are empty
- ansible-test - Add default entry for Windows remotes to be used with unknown versions.
- ansible-test - All virtual environments managed by ansible-test are marked as usable after being bootstrapped, to avoid errors caused by use of incomplete environments. Previously this was only done for sanity tests. Existing environments from previous versions of ansible-test will be recreated on demand due to lacking the new marker.
- ansible-test - Automatic target requirements installation is now based on the target environment instead of the controller environment.
- ansible-test - Correctly detect when running as the ``root`` user (UID 0) on the origin host. The result of the detection was incorrectly being inverted.
- ansible-test - Don't fail if network cannot be disconnected (https://github.com/ansible/ansible/pull/77472)
- ansible-test - Fix Python real prefix detection when running in a ``venv`` virtual environment.
- ansible-test - Fix ``windows-integration`` and ``network-integration`` when used with the ``--docker`` option and user-provided inventory.
- ansible-test - Fix installation and usage of ``pyyaml`` requirement for the ``import`` sanity test for collections.
- ansible-test - Fix path to inventory file for ``windows-integration`` and ``network-integration`` commands for collections.
- ansible-test - Fix plugin loading.
- ansible-test - Fix skipping of tests marked ``needs/python`` on the origin host.
- ansible-test - Fix skipping of tests marked ``needs/root`` on the origin host.
- ansible-test - Fix the ``import`` sanity test to work properly when Ansible's built-in vendoring support is in use.
- ansible-test - Fix the ``validate-modules`` sanity test to avoid double-loading the collection loader and possibly failing on import of the ``packaging`` module.
- ansible-test - Fix traceback in ``import`` sanity test on Python 2.7 when ``pip`` is not available.
- ansible-test - Fix traceback in the ``validate-modules`` sanity test when testing an Ansible module without any callables.
- ansible-test - Fix traceback when running from an install and delegating execution to a different Python interpreter.
- ansible-test - Fix traceback when using the ``--all`` option with PowerShell code coverage.
- ansible-test - Fix type hints.
- ansible-test - Import ``yaml.cyaml.CParser`` instead of ``_yaml.CParser`` in the ``yamllint`` sanity test.
- ansible-test - Limit ``paramiko`` installation to versions before 2.9.0. This is required to maintain support for systems which do not support RSA SHA-2 algorithms.
- ansible-test - Pylint Deprecated Plugin - Use correct message symbols when date or version is not a float or str (https://github.com/ansible/ansible/issues/77085)
- ansible-test - Relocate constants to eliminate symlink.
- ansible-test - Replace the directory portion of out-of-tree paths in JUnit files from integration tests with the ``out-of-tree:`` prefix.
- ansible-test - Sanity tests run with the ``--requirements` option for Python 2.x now install ``virtualenv`` when it is missing or too old. Previously it was only installed if missing. Version 16.7.12 is now installed instead of the latest version.
- ansible-test - Set the ``pytest`` option ``--rootdir`` instead of letting it be auto-detected.
- ansible-test - Show an error message instead of a traceback when running outside of a supported directory.
- ansible-test - Target integration test requirements are now correctly installed for target environments running on the controller.
- ansible-test - The ``import`` sanity test no longer reports errors about ``packaging`` being missing when testing collections.
- ansible-test - Update distribution test containers to version 3.1.0.
- ansible-test - Update help links to reference ``ansible-core`` instead of ``ansible``.
- ansible-test - Update unit tests to use the ``--forked`` option instead of the deprecated ``--boxed`` option.
- ansible-test - Use https://ci-files.testing.ansible.com/ for instance bootstrapping instead of an S3 endpoint.
- ansible-test - Use relative paths in JUnit files generated during integration test runs.
- ansible-test - Use the correct variable to reference the client's SSH key when generating inventory.
- ansible-test - Use the legacy collection loader for ``import`` sanity tests on target-only Python versions.
- ansible-test - Virtual environments managed by ansible-test now use consistent versions of ``pip``, ``setuptools`` and ``wheel``. This avoids issues with virtual environments containing outdated or dysfunctional versions of these tools. The initial bootstrapping of ``pip`` is done by ansible-test from an HTTPS endpoint instead of creating the virtual environment with it already present.
- ansible-test - fix a typo in validate-modules.
- ansible-test - fixed support container failures (eg http-test-container) under podman
- ansible-test compile sanity test - do not crash if a column could not be determined for an error (https://github.com/ansible/ansible/pull/77465).
- ansible-test pslint - Fix error when encountering validation results that are highly nested - https://github.com/ansible/ansible/issues/74151
- ansible-vault encrypt_string - fix ``--output`` option to correctly write encrypted string into given file (https://github.com/ansible/ansible/issues/75101)
- ansible.builtin.file modification_time supports check_mode
- ansible_facts.devices - Fix parsing of device serial number detected via sg_inq for rhel8 (https://github.com/ansible/ansible/issues/75420)
- apt - fails to deploy deb file to old debian systems using python-apt < 0.8.9 (https://github.com/ansible/ansible/issues/47277)
- async - Improve performance of sending async callback events by never sending the full task through the queue (https://github.com/ansible/ansible/issues/76729)
- catch the case that cowsay is broken which would lead to missing output
- cleaning facts will now only warn about the variable name and not post the content, which can be undesireable to disclose
- collection_loader - Implement 'find_spec' and 'exec_module' to override deprecated importlib methods 'find_module' and 'load_module' when applicable (https://github.com/ansible/ansible/issues/74660).
- correctly inherit vars from parent in block (https://github.com/ansible/ansible/issues/75286).
- default callback - Ensure we compare FQCN also in lockstep logic, to ensure using the FQCN of a strategy plugin triggers the correct behavior in the default callback plugin. (https://github.com/ansible/ansible/issues/76782)
- distribution - add EuroLinux to fact gathering (https://github.com/ansible/ansible/pull/76624).
- distribution - detect tencentos and gather correct facts on the distro.
- dnf - ensure releasever is passed into libdnf as string (https://github.com/ansible/ansible/issues/77010)
- extend timeout for ansible-galaxy when communicating with the galaxy server api, and apply it to all interactions with the api
- facts - add support for deepin distro information detection (https://github.com/ansible/ansible/issues/77286).
- first_found - fix to allow for spaces in file names (https://github.com/ansible/ansible/issues/77136)
- gather_facts - Fact gathering now continues even if it fails to read a file
- gather_facts action now handles the move of base connection plugin types into collections to add/prevent subset argument correctly
- gather_facts/setup will not fail anymore if capsh is present but not executable
- git module is more consistent and clearer about which ssh options are added to git calls.
- git module no longer uses wrapper script for ssh options.
- hacking - fix incorrect usage of deprecated fish-shell redirection operators that failed to honor ``--quiet`` flag when sourced (https://github.com/ansible/ansible/pull/77180).
- hostname - Do not require SystemdStrategy subclasses for every distro (https://github.com/ansible/ansible/issues/76792)
- hostname - Fix Debian strategy KeyError, use `SystemdStrategy` (https://github.com/ansible/ansible/issues/76124)
- hostname - Update the systemd strategy in the ``hostname`` module to not interfere with NetworkManager (https://github.com/ansible/ansible/issues/76958)
- hostname - add hostname support for openEuler distro (https://github.com/ansible/ansible/pull/76619).
- hostname - use ``file_get_content()`` to read the file containing the host name in the ``FileStrategy.get_permanent_hostname()`` method. This prevents a ``TypeError`` from being raised when the strategy is used (https://github.com/ansible/ansible/issues/77025).
- include_vars, properly initialize variable as there is corner case in which it can end up referenced and not defined
- inventory - parameterize ``disable_lookups`` in ``Constructable`` (https://github.com/ansible/ansible/issues/76769).
- inventory manager now respects --flush-cache
- junit callback - Fix traceback during automatic fact gathering when using relative paths.
- junit callback - Fix unicode error when handling non-ASCII task paths.
- module_utils.common.yaml - The ``SafeLoader``, ``SafeDumper`` and ``Parser`` classes now fallback to ``object`` when ``yaml`` is not available. This fixes tracebacks when inheriting from these classes without requiring a ``HAS_YAML`` guard around class definitions.
- parameters - handle blank values when argument is a list (https://github.com/ansible/ansible/issues/77108).
- play_context now compensates for when a conneciton sets the default to inventory_hostname but skips adding it to the vars.
- playbook/strategy have more informative 'attribute' based errors for playbook objects and handlers.
- python modules (new type) will now again prefer the specific python stated in the module's shebang instead of hardcoding to /usr/bin/python.
- replace - Always return ``rc`` to ensure return values are consistent - https://github.com/ansible/ansible/pull/71963
- script - skip in check mode if the plugin cannot determine if a change will occur (i.e. neither `creates` or `removes` are provided).
- service - Fixed handling of sleep arguments during service restarts on AIX. (https://github.com/ansible/ansible/issues/76877)
- service - Fixed service restarts with arguments on AIX. (https://github.com/ansible/ansible/issues/76840)
- service_facts module will now give more meaningful warnings when it fails to gather data.
- set_fact/include_vars correctly handle delegation assignments within loops
- setup - detect docker container with check for ./dockerenv or ./dockinit (https://github.com/ansible/ansible/pull/74349).
- shell/command - only return changed as True if the task has not been skipped.
- shell/command - only skip in check mode if the options `creates` and `removes` are both None.
- ssh connection - properly quote controlpersist path given by user to avoid issues with spaces and other characters
- ssh connection avoid parsing ssh cli debug lines as they can match expected output at high verbosities.
- ssh connection now uses more correct host source as play_context can ignore loop/delegation variations.
- sudo become plugin, fix handling of non interactive flags, previous substitution was too naive
- systemd - check if service is alias so it gets enabled (https://github.com/ansible/ansible/issues/75538).
- systemd - check if service is indirect so it gets enabled (https://github.com/ansible/ansible/issues/76453).
- task_executor reverts the change to push facts into delegated vars on loop finalization as result managing code already handles this and was duplicating effort to wrong result.
- template lookup - restore inadvertently deleted default for ``convert_data`` (https://github.com/ansible/ansible/issues/77004)
- to_json/to_nice_json filters defaults back to unvaulting/no unsafe packing.
- unarchive - Fix zip archive file listing that caused issues with content postprocessing (https://github.com/ansible/ansible/issues/76067).
- unarchive - Make extraction work when the LANGUAGE environment variable is set to a non-English locale.
- unarchive - apply ``owner`` and ``group`` permissions to top folder (https://github.com/ansible/ansible/issues/35426)
- unarchive - include the original error when a handler cannot manage the archive (https://github.com/ansible/ansible/issues/28977).
- unarchive - the ``io_buffer_size`` option added in 2.12 was not accepted by the module (https://github.com/ansible/ansible/pull/77271).
- urls - Allow ``ca_path`` to point to a bundle containing multiple PEM certs (https://github.com/ansible/ansible/issues/75015)
- urls/uri - Address case where ``HTTPError`` isn't fully initialized due to the error, and is missing certain methods and attributes (https://github.com/ansible/ansible/issues/76386)
- user - allow ``password_expiry_min`` and ``password_expiry_min`` to be set to ``0`` (https://github.com/ansible/ansible/issues/75017)
- user - allow password min and max to be set at the same time (https://github.com/ansible/ansible/issues/75017)
- user - update logic to check if user exists or not in MacOS.
- validate_argument_spec - Skip suboption validation if the top level option is an invalid type (https://github.com/ansible/ansible/issues/75612).
- vault - Warn instead of fail for missing vault IDs if at least one valid vault secret is found.
- winrm - Ensure ``kinit`` is run with the same ``PATH`` env var as the Ansible process
- yum - prevent storing unnecessary cache data by running `yum makecache fast` (https://github.com/ansible/ansible/issues/76336)
Known Issues
------------
- get_url - document ``check_mode`` correctly with unreliable changed status (https://github.com/ansible/ansible/issues/65687).

@ -1,2 +1,722 @@
ancestor: 2.12.0 ancestor: 2.12.0
releases: {} releases:
2.13.0b0:
changes:
breaking_changes:
- Module Python Dependency - Drop support for Python 2.6 in module execution.
- Templating - it is no longer allowed to perform arithmetic and concatenation
operations outside of the jinja template (https://github.com/ansible/ansible/pull/75587)
- The ``finalize`` method is no longer exposed in the globals for use in templating.
bugfixes:
- Add a YAML representer for ``NativeJinjaText``
- Add a YAML representer for ``NativeJinjaUnsafeText``
- AnsiballZ - Ensure we use the full python package in the module cache filename
to avoid a case where ``collections:`` is used to execute a module via short
name, where the short name duplicates another module from ``ansible.builtin``
or another collection that was executed previously.
- Ansible.ModuleUtils.LinkUtil - Ignore the ``LIB`` environment variable when
loading the ``LinkUtil`` code
- Ansible.ModuleUtils.SID - Use user principal name as is for lookup in the
``Convert-ToSID`` function - https://github.com/ansible/ansible/issues/77316
- Detect package manager for Amazon Linux 2022 (AL2022) as dnf
- Ensure the correct ``environment_class`` is set on ``AnsibleJ2Template``
- Fix ``AttributeError`` when providing password file via ``--connection-password-file``
(https://github.com/ansible/ansible/issues/76530)
- Fix ``end_play`` to end the current play only (https://github.com/ansible/ansible/issues/76672)
- Fix collection filter/test plugin redirects (https://github.com/ansible/ansible/issues/77192).
- Fix executing includes in the always section in the free strategy (https://github.com/ansible/ansible/issues/75642)
- Fix for when templating empty template file resulted in file with string 'None'
(https://github.com/ansible/ansible/issues/76610)
- Fix help message for the 'ansible-galaxy collection verify' positional argument.
The positional argument must be a collection name (https://github.com/ansible/ansible/issues/76087).
- Fix module logging issue when using custom module on WSL2 (https://github.com/ansible/ansible/issues/76320)
- Fix task debugger to work with ``run_once`` using ``linear`` strategy (https://github.com/ansible/ansible/issues/76049)
- Fix traceback when installing a collection from a git repository and git is
not installed (https://github.com/ansible/ansible/issues/77479).
- Interpreter Discovery - Fallback to OS family if the distro is not found in
``INTERPRETER_PYTHON_DISTRO_MAP`` (https://github.com/ansible/ansible/issues/75560)
- Interpreter discovery - Add ``RHEL`` to ``OS_FAMILY_MAP`` for correct family
fallback for interpreter discovery (https://github.com/ansible/ansible/issues/77368)
- Make include_role/include_tasks work with any_errors_fatal (https://github.com/ansible/ansible/issues/50897)
- Parser errors from within includes should not be rescueable (https://github.com/ansible/ansible/issues/73657)
- Templating - Ensure we catch exceptions when getting ``.filters`` and ``.tests``
attributes on their respective plugins and properly error, instead of aborting
which results in no filters being added to the jinja2 environment
- Trigger an undefined error when an undefined variable is detected within a
dictionary and/or list (https://github.com/ansible/ansible/pull/75587)
- _run_loop - Add the task name to the warning (https://github.com/ansible/ansible/issues/76011)
- '``Templar.copy_with_new_env`` - set the ``finalize`` method of the new ``Templar``
object for the new environment (https://github.com/ansible/ansible/issues/76379)'
- 'add_host/group_by: fix using changed_when in a loop (https://github.com/ansible/ansible/issues/71627)'
- ansible-config avoid showing _terms and _input when --only-changed.
- ansible-doc - Fix ansible-doc -l ansible.builtin / ansible.legacy not returning
anything
- ansible-doc - ignore plugin deprecation warnings (https://github.com/ansible/ansible/issues/75671)
- ansible-galaxy - Add galaxy_collection_skeleton/galaxy_collection_skeleton_ignore
configuration options
- ansible-galaxy - Fix using the '--ignore-certs' option when there is no server-specific
configuration for the Galaxy server.
- ansible-galaxy - installing/downloading collections with invalid versions
in git repositories and directories now gives a formatted error message (https://github.com/ansible/ansible/issues/76425,
https://github.com/ansible/ansible/issues/75404).
- ansible-galaxy - when installing a role properly raise an error when inaccessible
path is specified multiple times in roles_path (e.g. via environment variable
and command line option) (https://github.com/ansible/ansible/issues/76316)
- ansible-galaxy collection build - Ignore any existing ``MANIFEST.json`` and
``FILES.json`` in the root directory when building a collection.
- ansible-galaxy collection verify - display files/directories not included
in the FILES.json as modified content.
- ansible-galaxy publish - Fix warning and error detection in import messages
to properly display them in Ansible
- ansible-pull handle case where hostname and nodename are empty
- ansible-test - Add default entry for Windows remotes to be used with unknown
versions.
- ansible-test - All virtual environments managed by ansible-test are marked
as usable after being bootstrapped, to avoid errors caused by use of incomplete
environments. Previously this was only done for sanity tests. Existing environments
from previous versions of ansible-test will be recreated on demand due to
lacking the new marker.
- ansible-test - Automatic target requirements installation is now based on
the target environment instead of the controller environment.
- ansible-test - Correctly detect when running as the ``root`` user (UID 0)
on the origin host. The result of the detection was incorrectly being inverted.
- ansible-test - Don't fail if network cannot be disconnected (https://github.com/ansible/ansible/pull/77472)
- ansible-test - Fix Python real prefix detection when running in a ``venv``
virtual environment.
- ansible-test - Fix ``windows-integration`` and ``network-integration`` when
used with the ``--docker`` option and user-provided inventory.
- ansible-test - Fix installation and usage of ``pyyaml`` requirement for the
``import`` sanity test for collections.
- ansible-test - Fix path to inventory file for ``windows-integration`` and
``network-integration`` commands for collections.
- ansible-test - Fix plugin loading.
- ansible-test - Fix skipping of tests marked ``needs/python`` on the origin
host.
- ansible-test - Fix skipping of tests marked ``needs/root`` on the origin host.
- ansible-test - Fix the ``import`` sanity test to work properly when Ansible's
built-in vendoring support is in use.
- ansible-test - Fix the ``validate-modules`` sanity test to avoid double-loading
the collection loader and possibly failing on import of the ``packaging``
module.
- ansible-test - Fix traceback in ``import`` sanity test on Python 2.7 when
``pip`` is not available.
- ansible-test - Fix traceback in the ``validate-modules`` sanity test when
testing an Ansible module without any callables.
- ansible-test - Fix traceback when running from an install and delegating execution
to a different Python interpreter.
- ansible-test - Fix traceback when using the ``--all`` option with PowerShell
code coverage.
- ansible-test - Fix type hints.
- ansible-test - Import ``yaml.cyaml.CParser`` instead of ``_yaml.CParser``
in the ``yamllint`` sanity test.
- ansible-test - Limit ``paramiko`` installation to versions before 2.9.0. This
is required to maintain support for systems which do not support RSA SHA-2
algorithms.
- ansible-test - Pylint Deprecated Plugin - Use correct message symbols when
date or version is not a float or str (https://github.com/ansible/ansible/issues/77085)
- ansible-test - Relocate constants to eliminate symlink.
- ansible-test - Replace the directory portion of out-of-tree paths in JUnit
files from integration tests with the ``out-of-tree:`` prefix.
- ansible-test - Sanity tests run with the ``--requirements` option for Python
2.x now install ``virtualenv`` when it is missing or too old. Previously it
was only installed if missing. Version 16.7.12 is now installed instead of
the latest version.
- ansible-test - Set the ``pytest`` option ``--rootdir`` instead of letting
it be auto-detected.
- ansible-test - Show an error message instead of a traceback when running outside
of a supported directory.
- ansible-test - Target integration test requirements are now correctly installed
for target environments running on the controller.
- ansible-test - The ``import`` sanity test no longer reports errors about ``packaging``
being missing when testing collections.
- ansible-test - Update distribution test containers to version 3.1.0.
- ansible-test - Update help links to reference ``ansible-core`` instead of
``ansible``.
- ansible-test - Update unit tests to use the ``--forked`` option instead of
the deprecated ``--boxed`` option.
- ansible-test - Use https://ci-files.testing.ansible.com/ for instance bootstrapping
instead of an S3 endpoint.
- ansible-test - Use relative paths in JUnit files generated during integration
test runs.
- ansible-test - Use the correct variable to reference the client's SSH key
when generating inventory.
- ansible-test - Use the legacy collection loader for ``import`` sanity tests
on target-only Python versions.
- ansible-test - Virtual environments managed by ansible-test now use consistent
versions of ``pip``, ``setuptools`` and ``wheel``. This avoids issues with
virtual environments containing outdated or dysfunctional versions of these
tools. The initial bootstrapping of ``pip`` is done by ansible-test from an
HTTPS endpoint instead of creating the virtual environment with it already
present.
- ansible-test - fix a typo in validate-modules.
- ansible-test - fixed support container failures (eg http-test-container) under
podman
- ansible-test compile sanity test - do not crash if a column could not be determined
for an error (https://github.com/ansible/ansible/pull/77465).
- ansible-test pslint - Fix error when encountering validation results that
are highly nested - https://github.com/ansible/ansible/issues/74151
- ansible-vault encrypt_string - fix ``--output`` option to correctly write
encrypted string into given file (https://github.com/ansible/ansible/issues/75101)
- ansible.builtin.file modification_time supports check_mode
- ansible_facts.devices - Fix parsing of device serial number detected via sg_inq
for rhel8 (https://github.com/ansible/ansible/issues/75420)
- apt - fails to deploy deb file to old debian systems using python-apt < 0.8.9
(https://github.com/ansible/ansible/issues/47277)
- async - Improve performance of sending async callback events by never sending
the full task through the queue (https://github.com/ansible/ansible/issues/76729)
- catch the case that cowsay is broken which would lead to missing output
- cleaning facts will now only warn about the variable name and not post the
content, which can be undesireable to disclose
- collection_loader - Implement 'find_spec' and 'exec_module' to override deprecated
importlib methods 'find_module' and 'load_module' when applicable (https://github.com/ansible/ansible/issues/74660).
- correctly inherit vars from parent in block (https://github.com/ansible/ansible/issues/75286).
- default callback - Ensure we compare FQCN also in lockstep logic, to ensure
using the FQCN of a strategy plugin triggers the correct behavior in the default
callback plugin. (https://github.com/ansible/ansible/issues/76782)
- distribution - add EuroLinux to fact gathering (https://github.com/ansible/ansible/pull/76624).
- distribution - detect tencentos and gather correct facts on the distro.
- dnf - ensure releasever is passed into libdnf as string (https://github.com/ansible/ansible/issues/77010)
- extend timeout for ansible-galaxy when communicating with the galaxy server
api, and apply it to all interactions with the api
- facts - add support for deepin distro information detection (https://github.com/ansible/ansible/issues/77286).
- first_found - fix to allow for spaces in file names (https://github.com/ansible/ansible/issues/77136)
- gather_facts - Fact gathering now continues even if it fails to read a file
- gather_facts action now handles the move of base connection plugin types into
collections to add/prevent subset argument correctly
- gather_facts/setup will not fail anymore if capsh is present but not executable
- git module is more consistent and clearer about which ssh options are added
to git calls.
- git module no longer uses wrapper script for ssh options.
- hacking - fix incorrect usage of deprecated fish-shell redirection operators
that failed to honor ``--quiet`` flag when sourced (https://github.com/ansible/ansible/pull/77180).
- hostname - Do not require SystemdStrategy subclasses for every distro (https://github.com/ansible/ansible/issues/76792)
- hostname - Fix Debian strategy KeyError, use `SystemdStrategy` (https://github.com/ansible/ansible/issues/76124)
- hostname - Update the systemd strategy in the ``hostname`` module to not interfere
with NetworkManager (https://github.com/ansible/ansible/issues/76958)
- hostname - add hostname support for openEuler distro (https://github.com/ansible/ansible/pull/76619).
- hostname - use ``file_get_content()`` to read the file containing the host
name in the ``FileStrategy.get_permanent_hostname()`` method. This prevents
a ``TypeError`` from being raised when the strategy is used (https://github.com/ansible/ansible/issues/77025).
- include_vars, properly initialize variable as there is corner case in which
it can end up referenced and not defined
- inventory - parameterize ``disable_lookups`` in ``Constructable`` (https://github.com/ansible/ansible/issues/76769).
- inventory manager now respects --flush-cache
- junit callback - Fix traceback during automatic fact gathering when using
relative paths.
- junit callback - Fix unicode error when handling non-ASCII task paths.
- module_utils.common.yaml - The ``SafeLoader``, ``SafeDumper`` and ``Parser``
classes now fallback to ``object`` when ``yaml`` is not available. This fixes
tracebacks when inheriting from these classes without requiring a ``HAS_YAML``
guard around class definitions.
- parameters - handle blank values when argument is a list (https://github.com/ansible/ansible/issues/77108).
- play_context now compensates for when a conneciton sets the default to inventory_hostname
but skips adding it to the vars.
- playbook/strategy have more informative 'attribute' based errors for playbook
objects and handlers.
- python modules (new type) will now again prefer the specific python stated
in the module's shebang instead of hardcoding to /usr/bin/python.
- replace - Always return ``rc`` to ensure return values are consistent - https://github.com/ansible/ansible/pull/71963
- script - skip in check mode if the plugin cannot determine if a change will
occur (i.e. neither `creates` or `removes` are provided).
- service - Fixed handling of sleep arguments during service restarts on AIX.
(https://github.com/ansible/ansible/issues/76877)
- service - Fixed service restarts with arguments on AIX. (https://github.com/ansible/ansible/issues/76840)
- service_facts module will now give more meaningful warnings when it fails
to gather data.
- set_fact/include_vars correctly handle delegation assignments within loops
- setup - detect docker container with check for ./dockerenv or ./dockinit (https://github.com/ansible/ansible/pull/74349).
- shell/command - only return changed as True if the task has not been skipped.
- shell/command - only skip in check mode if the options `creates` and `removes`
are both None.
- ssh connection - properly quote controlpersist path given by user to avoid
issues with spaces and other characters
- ssh connection avoid parsing ssh cli debug lines as they can match expected
output at high verbosities.
- ssh connection now uses more correct host source as play_context can ignore
loop/delegation variations.
- sudo become plugin, fix handling of non interactive flags, previous substitution
was too naive
- systemd - check if service is alias so it gets enabled (https://github.com/ansible/ansible/issues/75538).
- systemd - check if service is indirect so it gets enabled (https://github.com/ansible/ansible/issues/76453).
- task_executor reverts the change to push facts into delegated vars on loop
finalization as result managing code already handles this and was duplicating
effort to wrong result.
- template lookup - restore inadvertently deleted default for ``convert_data``
(https://github.com/ansible/ansible/issues/77004)
- to_json/to_nice_json filters defaults back to unvaulting/no unsafe packing.
- unarchive - Fix zip archive file listing that caused issues with content postprocessing
(https://github.com/ansible/ansible/issues/76067).
- unarchive - Make extraction work when the LANGUAGE environment variable is
set to a non-English locale.
- unarchive - apply ``owner`` and ``group`` permissions to top folder (https://github.com/ansible/ansible/issues/35426)
- unarchive - include the original error when a handler cannot manage the archive
(https://github.com/ansible/ansible/issues/28977).
- unarchive - the ``io_buffer_size`` option added in 2.12 was not accepted by
the module (https://github.com/ansible/ansible/pull/77271).
- urls - Allow ``ca_path`` to point to a bundle containing multiple PEM certs
(https://github.com/ansible/ansible/issues/75015)
- urls/uri - Address case where ``HTTPError`` isn't fully initialized due to
the error, and is missing certain methods and attributes (https://github.com/ansible/ansible/issues/76386)
- user - allow ``password_expiry_min`` and ``password_expiry_min`` to be set
to ``0`` (https://github.com/ansible/ansible/issues/75017)
- user - allow password min and max to be set at the same time (https://github.com/ansible/ansible/issues/75017)
- user - update logic to check if user exists or not in MacOS.
- validate_argument_spec - Skip suboption validation if the top level option
is an invalid type (https://github.com/ansible/ansible/issues/75612).
- vault - Warn instead of fail for missing vault IDs if at least one valid vault
secret is found.
- winrm - Ensure ``kinit`` is run with the same ``PATH`` env var as the Ansible
process
- yum - prevent storing unnecessary cache data by running `yum makecache fast`
(https://github.com/ansible/ansible/issues/76336)
deprecated_features:
- ansible-core - Remove support for Python 2.6.
- ansible-test - Remove support for Python 2.6.
- ssh connection plugin option scp_if_ssh in favor of ssh_transfer_method.
known_issues:
- get_url - document ``check_mode`` correctly with unreliable changed status
(https://github.com/ansible/ansible/issues/65687).
major_changes:
- Jinja2 Controller Requirement - Jinja2 3.0.0 or newer is required for the
control node (the machine that runs Ansible) (https://github.com/ansible/ansible/pull/75881)
- Templating - remove ``safe_eval`` in favor of using ``NativeEnvironment``
but utilizing ``literal_eval`` only in cases when ``safe_eval`` was used (https://github.com/ansible/ansible/pull/75587)
minor_changes:
- Action Plugins - Add helper method for argument spec validation, and extend
to pause and async_wrapper
- Added AIX root CA certs folders - enhance the TLS support in ``uri`` task
on AIX
- Added ``module_utils.compat.typing`` to facilitate type-hinting on all supported
Python versions.
- Ansible.Basic - small changes to allow use in PowerShell modules running on
non-Windows platforms (https://github.com/ansible/ansible/pull/76924).
- AnsibleModule.run_command() now has a toggle to allow caller to decide to
handle exceptions from executing the command itself
- Attach concat function to an environment class (https://github.com/ansible/ansible/pull/76282)
- Clarify in a comment that unrolling an iterator in ``Templar._finalize`` is
actually necessary. Also switch to using the ``_unroll_iterator`` decorator
directly to deduplicate code in ``Templar._finalize``. (https://github.com/ansible/ansible/pull/76436)
- Installation - modernize our python installation, to reduce dynamic code in
setup.py, and migrate what is feasible to setup.cfg. This will enable shipping
wheels in the future.
- PlayIterator - introduce public methods to access ``PlayIterator._host_states``
(https://github.com/ansible/ansible/pull/74416)
- PlayIterator - use enums for Iterating and Failed states (https://github.com/ansible/ansible/pull/74511)
- Reduce number of iterations through PlayIterator (https://github.com/ansible/ansible/pull/74175)
- Remove more Python 2.x compatibility code from controller (https://github.com/ansible/ansible/pull/77320).
- Start of moving away from using Six, Python 2 and 3 compatibility library
(https://github.com/ansible/ansible/pull/75863)
- The collection loader now reports a Python warning if an attempt is made to
install the Ansible collection loader a second time. Previously this condition
was reported using an Ansible warning.
- '``ansible-galaxy collection [install|verify]`` - allow user-provided signature
sources in addition to those from the Galaxy server. Each collection entry
in a requirements file can specify a ``signatures`` key followed by a list
of sources. Collection name(s) provided on the CLI can specify additional
signature sources by using the ``--signatures`` CLI option. Signature sources
should be URIs that can be opened with ``urllib.request.urlopen()``, such
as "https://example.com/path/to/detached_signature.asc" or "file:///path/to/detached_signature.asc".
The ``--keyring`` option must be specified if signature sources are provided.'
- '``ansible-galaxy collection [install|verify]`` - use gpg to verify the authenticity
of the signed ``MANIFEST.json`` with ASCII armored detached signatures provided
by the Galaxy server. The keyring (which is not managed by ``ansible-galaxy``)
must be provided with the ``--keyring`` option to use signature verification.
If no ``--keyring`` is specified and the collection to ``install|verify``
has associated detached signatures on the Galaxy server, a warning is provided.'
- '``ansible-galaxy collection install`` - Add a global configuration to modify
the required number of signatures that must verify the authenticity of the
collection. By default, the number of required successful signatures is 1.
Set this option to ``all`` to require all signatures verify the collection.
To ensure signature verification fails if there are no valid signatures, prepend
the value with ''+'', such as ``+all`` or ``+1``.'
- '``ansible-galaxy collection install`` - Add a global ignore list for gpg
signature errors. This can be used to ignore certain signatures when the number
of required successful signatures is all. When the required number of successful
signatures is a positive integer, the only effect this has is to display fewer
errors to the user on failure (success is determined by having the minimum
number of successful signatures, in which case all errors are disregarded).'
- '``ansible-galaxy collection install`` - Add a global toggle to turn off GPG
signature verification.'
- '``ansible-galaxy collection install`` - Store Galaxy server metadata alongside
installed collections for provenance. Signatures obtained from the Galaxy
server can be used for offline verification with ``ansible-galaxy collection
verify --offline``.'
- ansible-console - Provide a way to customize the stdout callback
- ansible-core modules - Remove unused Python shebangs from built-in modules.
- ansible-doc metadata dump - add option ``--no-fail-on-errors`` which allows
to not fail the ansible-doc invocation when errors happen during docs parsing
or processing. Instead they are reported in the JSON result in an ``error``
key for the affected plugins (https://github.com/ansible/ansible/pull/77035).
- ansible-galaxy - the option to skip certificate verification now also applies
when cloning via SCM (git/hg) (https://github.com/ansible/ansible/issues/41077)
- ansible-test - Accept new-style Python modules without a shebang.
- ansible-test - Add ``--version`` support to show the ansible-core version.
- ansible-test - Add support for ``rhel/8.5`` remote instances.
- ansible-test - Add support for remote testing of FreeBSD 12.3.
- ansible-test - Add support for running container tests with ``podman remote``
(https://github.com/ansible/ansible/pull/75753)
- ansible-test - Added the ``fedora35`` test container.
- ansible-test - Change the maximum number of open files in a test container
from the default to ``10240``.
- ansible-test - Declare public dependencies of ansible-core and use to limit
unguarded imports in plugins.
- ansible-test - Importing ``distutils`` now results in an error.
- ansible-test - Installation of ``cryptography`` is no longer version constrained
when ``openssl`` 1.1.0 or later is installed.
- ansible-test - Miscellaneous code cleanup and type hint fixes.
- ansible-test - PowerShell in the ``base`` and ``default`` containers has been
upgraded to version 7.1.4.
- ansible-test - Remove RHEL 8.4 remote (``rhel/8.4``) support.
- ansible-test - Remove ``idna`` constraint.
- ansible-test - Remove obsolete ``MAXFD`` display.
- ansible-test - Remove obsolete constraints for Python 2.6.
- ansible-test - Remove support for FreeBSD 12.2 remote provisioning.
- ansible-test - Remove support for macOS 11.1 remote provisioning.
- ansible-test - Remove support for provisioning remote AIX instances.
- ansible-test - Remove the ``centos8`` test container since CentOS 8 will reach
end-of-life soon.
- ansible-test - Remove the ``fedora33`` test container since Fedora 33 will
reach end-of-life soon.
- ansible-test - Remove unused Python 2.x compatibility code.
- ansible-test - Removed support for Sherlock from the Azure provisioning plugin.
- ansible-test - Removed used ``MarkupSafe`` constraint for Python 3.5 and earlier.
- ansible-test - Requirements for the plugin import test are now frozen.
- ansible-test - Shellcheck in the ``base`` and ``default`` containers has been
upgraded to version 0.7.0.
- ansible-test - Stop early with an error if the current working directory contains
an invalid collection namespace or name.
- ansible-test - The ``--help`` option is now available when an unsupported
cwd is in use.
- ansible-test - The ``--help`` output now shows the same instructions about
cwd as would be shown in error messages if the cwd is unsupported.
- ansible-test - The ``pip`` and ``wheel`` packages are removed from all sanity
test virtual environments after installation completes to reduce their size.
Previously they were only removed from the environments used for the ``import``
sanity test.
- ansible-test - The explanation about cwd usage has been improved to explain
more clearly what is required.
- ansible-test - The hash for all managed sanity test virtual environments has
changed. Containers that include ``ansible-test sanity --prime-venvs`` will
need to be rebuilt to continue using primed virtual environments.
- ansible-test - Update ``base`` container to version 2.1.0.
- ansible-test - Update ``base`` container to version 2.2.0.
- ansible-test - Update ``default`` containers to version 5.2.0.
- ansible-test - Update ``default`` containers to version 5.4.0.
- ansible-test - Update ``default`` containers to version 5.5.0.
- ansible-test - Update ``default`` containers to version 5.6.2.
- ansible-test - Update ``default`` containers to version 5.7.0.
- ansible-test - Update ``default`` containers to version 5.8.0.
- ansible-test - Update ``pip`` used to bootstrap remote FreeBSD instances from
version 20.3.4 to 21.3.1.
- ansible-test - Update sanity test requirements.
- ansible-test - Update the NIOS test plugin container to version 1.4.0.
- ansible-test - Update the ``alpine`` container to version 3.3.0. This updates
the base image from 3.14.2 to 3.15.0, which includes support for installing
binary wheels using pip.
- ansible-test - Update the ``base`` and ``default`` containers from Python
3.10.0rc2 to 3.10.0.
- ansible-test - Update the ``base`` and ``default`` containers from a Ubuntu
18.04 to Ubuntu 20.04 base image.
- ansible-test - Update the ``default`` containers to version 5.1.0.
- ansible-test - Update the ``galaxy`` test plugin to get its container from
a copy on quay.io.
- ansible-test - Update the ``openshift`` test plugin to get its container from
a copy on quay.io.
- ansible-test - Use Python 3.10 as the default Python version for the ``base``
and ``default`` containers.
- ansible-test - add macOS 12.0 as a remote target (https://github.com/ansible/ansible/pull/76328)
- ansible-test - handle JSON decode error gracefully in podman environment.
- ansible-test pslint - Added the `AvoidLongLines <https://github.com/PowerShell/PSScriptAnalyzer/blob/master/docs/Rules/AvoidLongLines.md>`_
rule set to a length of 160.
- ansible-test pslint - Added the `PlaceCloseBrace <https://github.com/PowerShell/PSScriptAnalyzer/blob/master/docs/Rules/PlaceCloseBrace.md>`_
rule set to enforce close braces on a newline.
- ansible-test pslint - Added the `PlaceOpenBrace <https://github.com/PowerShell/PSScriptAnalyzer/blob/master/docs/Rules/PlaceOpenBrace.md>`_
rule set to enforce open braces on the same line and a subsequent newline.
- ansible-test pslint - Added the `UseConsistentIndentation <https://github.com/PowerShell/PSScriptAnalyzer/blob/master/docs/Rules/UseConsistentIndentation.md>`_
rule to enforce indentation is done with 4 spaces.
- ansible-test pslint - Added the `UseConsistentWhitespace <https://github.com/PowerShell/PSScriptAnalyzer/blob/master/docs/Rules/UseConsistentWhitespace.md>`_
rule to enforce whitespace consistency in PowerShell.
- ansible-test pslint - Updated ``PowerShellScriptAnalyzer`` to 1.20.0
- ansible-test sanity validate-modules - the validate-modules sanity test now
also checks the documentation of documentable plugin types (https://github.com/ansible/ansible/pull/71734).
- ansible-test validate-modules sanity test - add more schema checks to improve
quality of plugin documentation (https://github.com/ansible/ansible/pull/77268).
- ansible-test validate_modules - allow ``choices`` for return values (https://github.com/ansible/ansible/pull/76009).
- apt - Add support for using ">=" in package version number matching.
- apt - Adds APT option ``--allow-change-held-packages`` as module parameter
``allow_change_held_packages`` to allow APT up- or downgrading a package which
is on APTs hold list (https://github.com/ansible/ansible/issues/65325)
- auto inventory plugin will now give plugin loading information on verbose
output
- callbacks - Add result serialization format options to ``_dump_results`` allowing
plugins such as the ``default`` callback to emit ``YAML`` serialized task
results in addition to ``JSON``
- dnf - add more specific error message for GPG validation (https://github.com/ansible/ansible/issues/76192)
- env lookup, add default option
- facts - report prefix length for IPv4 addresses in Linux network facts.
- get_parsable_locale now logs result when in debug mode.
- git - display the destination directory path in error msg when local_mods
detects local modifications conflict so that users see the exact location
- iptables - add the ``chain_management`` parameter that controls iptables chain
creation and deletion
- jinja2_native - keep same behavior on Python 3.10.
- junit callback - Add support for replacing the directory portion of out-of-tree
relative task paths with a placeholder.
- k8s - scenario guides for kubernetes migrated to ``kubernetes.core`` collection.
- module_utils.distro - Add missing ``typing`` import from original code.
- package_facts - add pkg_info support for OpenBSD and NetBSD (https://github.com/ansible/ansible/pull/76580)
- services_facts - Add support for openrc (https://github.com/ansible/ansible/pull/76373).
- setting DEFAULT_FACT_PATH is being deprecated in favor of the generic module_defaults
keyword
- uri - Avoid reading the response body when not needed
- uri - Eliminate multiple requests to determine the final URL for file naming
with ``dest``
- validate-modules - do some basic validation on the ``M(...)``, ``U(...)``,
``L(..., ...)`` and ``R(..., ...)`` documentation markups (https://github.com/ansible/ansible/pull/76262).
- vmware - migrated vmware scenario guides to `community.vmware` repo.
- yum, dnf - add sslverify option to temporarily disable certificate validation
for a repository
release_summary: '| Release Date: 2022-04-11
| `Porting Guide <https://docs.ansible.com/ansible/devel/porting_guides.html>`__
'
removed_features:
- Remove deprecated ``Templar.set_available_variables()`` method (https://github.com/ansible/ansible/issues/75828)
- cli - remove deprecated ability to set verbosity before the sub-command (https://github.com/ansible/ansible/issues/75823)
- copy - remove deprecated ``thirsty`` alias (https://github.com/ansible/ansible/issues/75824)
- psrp - Removed fallback on ``put_file`` with older ``pypsrp`` versions. Users
must have at least ``pypsrp>=0.4.0``.
- url_argument_spec - remove deprecated ``thirsty`` alias for ``get_url`` and
``uri`` modules (https://github.com/ansible/ansible/issues/75825, https://github.com/ansible/ansible/issues/75826)
security_fixes:
- Do not include params in exception when a call to ``set_options`` fails. Additionally,
block the exception that is returned from being displayed to stdout. (CVE-2021-3620)
codename: Nobody's Fault but Mine
fragments:
- ' 75876-fix-parsing-of-device-serial-number-for-rhel-8.yaml'
- 47277-fails-to-deploy-deb-when-has-no-architecture-attribute.yml
- 50771-uri-improvements.yml
- 50897-include_role-any_errors_fatal.yaml
- 67616-galaxy-scm-cloning-ignore-certs.yml
- 69776-add-aix-root-ca-certs-paths.yml
- 71627-add_host-group_by-fix-changed_when-in-loop.yml
- 71734-validate-plugins.yml
- 72405-git-module-local_mods-show-conflict-destination-directory.yml
- 72592-catch-broken-cowsay.yaml
- 73024-unarchive-apply-permissions-top-folder.yml
- 73629_allow-change-held-packages.yml
- 73657-include-parser-error-fail.yml
- 74127-bad-filter-2.yml
- 74349-improve-docker-detection.yml
- 74416-PlayIterator-_host_states-setters.yml
- 74511-PlayIterator-states-enums.yml
- 75002-apt_min_version.yml
- 75015-ca-path-bundle.yml
- 75017-user-password-expiry.yml
- 75101-ansible-vault-encrypt_string-output-file.yml
- 75538-systemd-alias-check.yml
- 75540-warn-invalid-configured-vault-secret-files.yaml
- 75560-interp-discovery-family-fallback.yml
- 75635-fix-role-argspec-suboption-validation.yml
- 75642-free-strat-fix-executing-includes.yml
- 75671-ansible-doc-ignore-deprecations.yml
- 75823-cli-remove-deprecated-verbosity-before-sub-cmd.yml
- 75824-copy-remove-deprecated-thirsty-alias.yml
- 75825-75826-get_url-uri-remove-deprecated-thirsty-alias.yml
- 75828-remove-deprecated-set_available_variables.yml
- 75845-ansible-galaxy-support-collection-skeleton.yml
- 75863-start-move-away-six.yml
- 75881-jinja2-3-min.yml
- 76009-validate-modules-choices-return-value.yml
- 76011-loop-variable-in-use-warning.yml
- 76049-task-debugger-run_once.yml
- 76069-fix-unarchive-file-listing-in-zip.yaml
- 76108-fix-ansible-galaxy-collection-verify-help.yaml
- 76124-hostname-debianstrategy.yml
- 76192-dnf-specific-gpg-error.yml
- 76225-update-collection-loader-for-python3.yaml
- 76235-fix-ansible-doc-builtin-legacy.yml
- 76262-validate-modules-validate-markup.yml
- 76316-galaxy-install-role-inaccessible-dir-fix.yml
- 76336-yum-makecache-fast.yml
- 76343-tencentos-dnf.yml
- 76353-fix-check-mode-skipping.yaml
- 76356-yumdnf-sslverify.yml
- 76365-unarchive-include-stderr-in-error-message.yml
- 76373-add-openrc-support-to-service_facts.yaml
- 76375-fix-module-logging-WSL2.yml
- 76378-iptables-chain-management.yml
- 76379-set-finalize-on-new-env.yml
- 76386-httperror-no-fp.yml
- 76433-get_url-document-check_mode.yml
- 76453-indirect-systemd-status.yml
- 76530-connection-password-file-tb-fix.yml
- 76542-fix-unarchive-on-nenglish-locales.yml
- 76579-fix-ansible-galaxy-collection-version-error.yml
- 76580-add-pkg_info-support-to-package_facts.yml
- 76610-empty-template-none.yml
- 76672-fix-end_play-multiple_plays.yml
- 76681-ansible-galaxy-add-gpg-signature-verification.yaml
- 76690-fix-ansible-galaxy-collection-verify-modified-content.yaml
- 76729-async-callback-perf.yml
- 76735-ansible-galaxy-fix-ignore-certs.yaml
- 76751-facts-check-datafile-before-close.yml
- 76769-inventory-constructable-disable-lookups.yml
- 76782-fqcn-compare-lockstep-strategies.yml
- 76792-hostname-all-systemd.yml
- 76840-added-restart-to-the-argument-condition-for-AIX.yml
- 76877-added-sleep-to-the-service-restart-for-AIX.yml
- 76924-powershell-ansible.basic-support-non-windows.yml
- 76958-hostname-systemd-nm.yaml
- 77004-restore-missing-default.yml
- 77010-dnf-ensure-releasever-string.yml
- 77035-ansible-doc-metadata-dump-errors.yml
- 77050-add-pkg-mgr-support-for-al2022.yaml
- 77074-hostname-fix-typeerror-in-filestrategy.yml
- 77086-correct-pylint-symbols.yml
- 77108_params_blank.yml
- 77136-first_found-spaces-in-names.yml
- 77180-fix-fish-env-setup-script.yml
- 77193-linux-networking-facts-Provide-IPv4-prefix.yml
- 77210-fix-collection-filter-test-redirects.yml
- 77268-validate-plugins.yml
- 77271-unarchive.yml
- 77275-add-support-for-deepin-distro-info-detection.yaml
- 77320-python-2.yml
- 77368-rhel-os-family-compat.yaml
- 77465-ansible-test-compile-crash.yml
- 77472-ansible-test-network-disconnect-warning.yml
- 77493-ansible-galaxy-find-git-executable-before-using.yaml
- ModuleUtils.SID-long-username.yml
- action-plugin-arg-spec.yml
- ansible-console-callback.yaml
- ansible-core-python-2.6.yaml
- ansible-module-shebangs.yml
- ansible-test-alpine3-update.yaml
- ansible-test-azure-sherlock.yml
- ansible-test-bootstrap-pip.yml
- ansible-test-ci-files.yaml
- ansible-test-code-cleanup.yml
- ansible-test-collection-identifier.yml
- ansible-test-constraints-cleanup.yaml
- ansible-test-constraints.yaml
- ansible-test-container-images.yml
- ansible-test-container-removal.yml
- ansible-test-default-base-containers-base-update.yaml
- ansible-test-default-base-containers-python-3.10.yaml
- ansible-test-default-container-update-5.2.0.yaml
- ansible-test-default-container-update-5.4.0.yaml
- ansible-test-default-container-update-5.5.0.yaml
- ansible-test-default-container-update-5.6.2.yaml
- ansible-test-default-container-update-5.7.0.yaml
- ansible-test-default-container-update-5.8.0.yaml
- ansible-test-default-container-update.yaml
- ansible-test-delegation-inventory.yaml
- ansible-test-delegation-pythonpath.yml
- ansible-test-distro-containers-3.1.0.yaml
- ansible-test-docker-ulimit.yml
- ansible-test-fedora35.yml
- ansible-test-fix-type-hints.yml
- ansible-test-fix-typo-validate-modules.yaml
- ansible-test-freebsd-12.3.yaml
- ansible-test-help-cwd.yml
- ansible-test-import-collections.yml
- ansible-test-import-distutils.yaml
- ansible-test-inventory-path.yaml
- ansible-test-inventory-ssh-key.yml
- ansible-test-junit-relative-paths.yml
- ansible-test-links.yml
- ansible-test-managed-venv.yml
- ansible-test-maxfd.yaml
- ansible-test-nios-container.yml
- ansible-test-paramiko-constraint.yaml
- ansible-test-plugin-loading.yml
- ansible-test-podman-remote.yaml
- ansible-test-podman-support-containers.yaml
- ansible-test-powershell-coverage-all.yaml
- ansible-test-pyopenssl.yaml
- ansible-test-pytest-forked.yml
- ansible-test-pytest-rootdir.yml
- ansible-test-python-2.6.yaml
- ansible-test-relocate-constants.yaml
- ansible-test-remote-cleanup.yaml
- ansible-test-remove-aix-provisioning.yaml
- ansible-test-requirements-target.yaml
- ansible-test-rhel-8.4.yml
- ansible-test-rhel85.yaml
- ansible-test-sanity-import-loader.yml
- ansible-test-sanity-import-no-pip.yml
- ansible-test-sanity-import.yml
- ansible-test-sanity-requirements-update.yaml
- ansible-test-sanity-vendoring.yml
- ansible-test-target-filter.yml
- ansible-test-unsupported-directory-traceback.yaml
- ansible-test-validate-modules-collection-loader.yml
- ansible-test-validate-modules-no-callable.yml
- ansible-test-venv-real-prefix.yaml
- ansible-test-windows-default.yaml
- ansible-test-yaml-import.yaml
- ansible_galaxy_timeout.yml
- ansible_test.yml
- auto_squeal.yml
- avoid-set_options-leak.yaml
- clarify-unroll.yml
- clean_facts_values.yml
- compat-typing.yml
- config_fix_terms.yml
- default-callback-result-format.yml
- deprecate_default_fact_path_setting.yml
- deprecate_scp_if_ssh.yml
- distro-module_utils-typing.yml
- drop-target-2.6-support.yml
- environment-concat.yml
- evn_default.yml
- file_modification_times_support_check_mode.yml
- finalize-not-in-globals.yml
- fix_block_var_inh.yml
- fix_fax_delegation_loops.yml
- fix_sudo_flag_mangling.yml
- fqn-module-cache.yml
- galaxy-build-files-ignore.yml
- galaxy-import-level-fix.yml
- gather_facts_collections.yml
- git_fixes.yml
- handle_connection_cornercase.yml
- include_vars_failed.yml
- inventory_manager_flush_cache.yml
- jinja2_native-literal_eval-py310.yml
- json_filter_fix.yml
- junit-callback-task-path-unicode.yml
- log_locale_selection_results.yml
- macos12-ci-image.yml
- migrated_k8s_scenario_guides.yml
- modernize-install.yaml
- module_utils-yaml-fix.yml
- more_targeted_attribute_errors.yml
- nativejinjatext-yaml-representer.yml
- nativejinjaunsafetext-yaml-representer.yml
- openEuler_hostname.yml
- pslint-sanity-warning.yml
- psrp-put_file-dep.yaml
- pull_fix_limit.yml
- pwsh-pssa-update.yml
- reduce-playiterator-iterations.yml
- replace-rc-return-values.yml
- restore_python_shebang_adherence.yml
- runc_command_exception_toggle.yml
- service_facts_warnings.yml
- set_fact_delegation.yml
- ssh_debug_noparse.yml
- ssh_quote_cp.yml
- ssh_use_right_host.yml
- support_eurolinux.yml
- templar-correct-environment_class-template.yml
- templating-safe-eval-replaced-native_environment.yml
- user_mac.yaml
- v2.13.0-initial-commit.yaml
- v2.13.0b0_summary.yaml
- vmware_sceanrio.yml
- win_LinkUtil-ignore-LIB.yml
- winrm-kinit-path.yml
release_date: '2022-04-11'

@ -0,0 +1,3 @@
release_summary: |
| Release Date: 2022-04-11
| `Porting Guide <https://docs.ansible.com/ansible/devel/porting_guides.html>`__

@ -19,6 +19,6 @@
from __future__ import (absolute_import, division, print_function) from __future__ import (absolute_import, division, print_function)
__metaclass__ = type __metaclass__ = type
__version__ = '2.13.0.dev0' __version__ = '2.13.0b0'
__author__ = 'Ansible, Inc.' __author__ = 'Ansible, Inc.'
__codename__ = "Nobody's Fault but Mine" __codename__ = "Nobody's Fault but Mine"

Loading…
Cancel
Save