mirror of https://github.com/ansible/ansible.git
Compare commits
29 Commits
| Author | SHA1 | Date |
|---|---|---|
Matt Davis
|
c742fdc66c | 7 months ago |
|
pollenJP(@'ω'@)
|
7a932a93b0 | 7 months ago |
|
Matt Davis
|
8c8717a8e4 | 7 months ago |
|
Jordan Borean
|
6054b29cb7 | 7 months ago |
|
Brian Coca
|
131175a5a6 | 7 months ago |
|
Martin Krizek
|
0aab250fbc | 7 months ago |
|
Martin Krizek
|
dcec78b0f9 | 7 months ago |
|
Brian Coca
|
ea22e5d0dd | 7 months ago |
|
Brian Coca
|
867d9d3096 | 7 months ago |
|
Matt Clay
|
e0e286c009 | 7 months ago |
|
Matt Clay
|
1c1a271b88 | 7 months ago |
|
Matt Clay
|
4e861fa9c8 | 7 months ago |
|
Matt Davis
|
f898f9fec6 | 7 months ago |
|
Matt Davis
|
4714194672 | 7 months ago |
|
Abhijeet Kasurde
|
ffbf121182 | 8 months ago |
|
Brian Coca
|
89a4900b61 | 8 months ago |
|
Matt Clay
|
17d4fdd883 | 8 months ago |
|
Lee Garrett
|
7fc916361e | 8 months ago |
|
Matt Davis
|
82ea3addce | 8 months ago |
|
Matt Clay
|
98009c811b | 8 months ago |
|
Sloane Hertel
|
de7c454684 | 8 months ago |
|
Matt Clay
|
80d5f05642 | 8 months ago |
|
Matt Clay
|
ec0d8f3278 | 8 months ago |
|
Abhijeet Kasurde
|
c21a817c47 | 8 months ago |
|
Martin Krizek
|
85cb2baf1f | 8 months ago |
|
Felix Fontein
|
2fcfad54b0 | 8 months ago |
|
Matt Clay
|
6f95a618af | 8 months ago |
|
Matt Martz
|
19d9253ec9 | 8 months ago |
|
Matt Martz
|
8d775ddced | 8 months ago |
@ -0,0 +1,383 @@
|
||||
==================================================================
|
||||
ansible-core 2.19 "What Is and What Should Never Be" Release Notes
|
||||
==================================================================
|
||||
|
||||
.. contents:: Topics
|
||||
|
||||
v2.19.0b3
|
||||
=========
|
||||
|
||||
Release Summary
|
||||
---------------
|
||||
|
||||
| Release Date: 2025-05-06
|
||||
| `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
|
||||
|
||||
Minor Changes
|
||||
-------------
|
||||
|
||||
- ansible-config will now show internal, but not test configuration entries. This allows for debugging but still denoting the configurations as internal use only (_ prefix).
|
||||
- ansible-test - Improved ``pylint`` checks for Ansible-specific deprecation functions.
|
||||
- ansible-test - Use the ``-t`` option to set the stop timeout when stopping a container. This avoids use of the ``--time`` option which was deprecated in Docker v28.0.
|
||||
- collection metadata - The collection loader now parses scalar values from ``meta/runtime.yml`` as strings. This avoids issues caused by unquoted values such as versions or dates being parsed as types other than strings.
|
||||
- deprecation warnings - Deprecation warning APIs automatically capture the identity of the deprecating plugin. The ``collection_name`` argument is only required to correctly attribute deprecations that occur in module_utils or other non-plugin code.
|
||||
- deprecation warnings - Improved deprecation messages to more clearly indicate the affected content, including plugin name when available.
|
||||
- deprecations - Collection name strings not of the form ``ns.coll`` passed to deprecation API functions will result in an error.
|
||||
- deprecations - Removed support for specifying deprecation dates as a ``datetime.date``, which was included in an earlier 2.19 pre-release.
|
||||
- deprecations - Some argument names to ``deprecate_value`` for consistency with existing APIs. An earlier 2.19 pre-release included a ``removal_`` prefix on the ``date`` and ``version`` arguments.
|
||||
- modules - The ``AnsibleModule.deprecate`` function no longer sends deprecation messages to the target host's logging system.
|
||||
|
||||
Deprecated Features
|
||||
-------------------
|
||||
|
||||
- Passing a ``warnings` or ``deprecations`` key to ``exit_json`` or ``fail_json`` is deprecated. Use ``AnsibleModule.warn`` or ``AnsibleModule.deprecate`` instead.
|
||||
- plugins - Accessing plugins with ``_``-prefixed filenames without the ``_`` prefix is deprecated.
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
- Ansible will now ensure predictable permissions on remote artifacts, until now it only ensured executable and relied on system masks for the rest.
|
||||
- dnf5 - avoid generating excessive transaction entries in the dnf5 history (https://github.com/ansible/ansible/issues/85046)
|
||||
|
||||
v2.19.0b2
|
||||
=========
|
||||
|
||||
Release Summary
|
||||
---------------
|
||||
|
||||
| Release Date: 2025-04-24
|
||||
| `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
|
||||
|
||||
Minor Changes
|
||||
-------------
|
||||
|
||||
- comment filter - Improve the error message shown when an invalid ``style`` argument is provided.
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
- Remove use of `required` parameter in `get_bin_path` which has been deprecated.
|
||||
- ansible-doc - fix indentation for first line of descriptions of suboptions and sub-return values (https://github.com/ansible/ansible/pull/84690).
|
||||
- ansible-doc - fix line wrapping for first line of description of options and return values (https://github.com/ansible/ansible/pull/84690).
|
||||
|
||||
v2.19.0b1
|
||||
=========
|
||||
|
||||
Release Summary
|
||||
---------------
|
||||
|
||||
| Release Date: 2025-04-14
|
||||
| `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
|
||||
|
||||
Major Changes
|
||||
-------------
|
||||
|
||||
- Jinja plugins - Jinja builtin filter and test plugins are now accessible via their fully-qualified names ``ansible.builtin.{name}``.
|
||||
- Task Execution / Forks - Forks no longer inherit stdio from the parent ``ansible-playbook`` process. ``stdout``, ``stderr``, and ``stdin`` within a worker are detached from the terminal, and non-functional. All needs to access stdio from a fork for controller side plugins requires use of ``Display``.
|
||||
- ansible-test - Packages beneath ``module_utils`` can now contain ``__init__.py`` files.
|
||||
- variables - The type system underlying Ansible's variable storage has been significantly overhauled and formalized. Attempts to store unsupported Python object types in variables will now result in an error.
|
||||
- variables - To support new Ansible features, many variable objects are now represented by subclasses of their respective native Python types. In most cases, they behave indistinguishably from their original types, but some Python libraries do not handle builtin object subclasses properly. Custom plugins that interact with such libraries may require changes to convert and pass the native types.
|
||||
|
||||
Minor Changes
|
||||
-------------
|
||||
|
||||
- Added a -vvvvv log message indicating when a host fails to produce output within the timeout period.
|
||||
- AnsibleModule.uri - Add option ``multipart_encoding`` for ``form-multipart`` files in body to change default base64 encoding for files
|
||||
- INVENTORY_IGNORE_EXTS config, removed ``ini`` from the default list, inventory scripts using a corresponding .ini configuration are rare now and inventory.ini files are more common. Those that need to ignore the ini files for inventory scripts can still add it to configuration.
|
||||
- Jinja plugins - Plugins can declare support for undefined values.
|
||||
- Jinja2 version 3.1.0 or later is now required on the controller.
|
||||
- Move ``follow_redirects`` parameter to module_utils so external modules can reuse it.
|
||||
- PlayIterator - do not return tasks from already executed roles so specific strategy plugins do not have to do the filtering of such tasks themselves
|
||||
- SSH Escalation-related -vvv log messages now include the associated host information.
|
||||
- Windows - Add support for Windows Server 2025 to Ansible and as an ``ansible-test`` remote target - https://github.com/ansible/ansible/issues/84229
|
||||
- Windows - refactor the async implementation to better handle errors during bootstrapping and avoid WMI when possible.
|
||||
- ``ansible-galaxy collection install`` — the collection dependency resolver now prints out conflicts it hits during dependency resolution when it's taking too long and it ends up backtracking a lot. It also displays suggestions on how to help it compute the result more quickly.
|
||||
- ansible, ansible-console, ansible-pull - add --flush-cache option (https://github.com/ansible/ansible/issues/83749).
|
||||
- ansible-galaxy - Add support for Keycloak service accounts
|
||||
- ansible-galaxy - support ``resolvelib >= 0.5.3, < 2.0.0`` (https://github.com/ansible/ansible/issues/84217).
|
||||
- ansible-test - Added a macOS 15.3 remote VM, replacing 14.3.
|
||||
- ansible-test - Automatically retry HTTP GET/PUT/DELETE requests on exceptions.
|
||||
- ansible-test - Default to Python 3.13 in the ``base`` and ``default`` containers.
|
||||
- ansible-test - Disable the ``deprecated-`` prefixed ``pylint`` rules as their results vary by Python version.
|
||||
- ansible-test - Disable the ``pep8`` sanity test rules ``E701`` and ``E704`` to improve compatibility with ``black``.
|
||||
- ansible-test - Improve container runtime probe error handling. When unexpected probe output is encountered, an error with more useful debugging information is provided.
|
||||
- ansible-test - Replace container Alpine 3.20 with 3.21.
|
||||
- ansible-test - Replace container Fedora 40 with 41.
|
||||
- ansible-test - Replace remote Alpine 3.20 with 3.21.
|
||||
- ansible-test - Replace remote Fedora 40 with 41.
|
||||
- ansible-test - Replace remote FreeBSD 13.3 with 13.5.
|
||||
- ansible-test - Replace remote FreeBSD 14.1 with 14.2.
|
||||
- ansible-test - Replace remote RHEL 9.4 with 9.5.
|
||||
- ansible-test - Show a more user-friendly error message when a ``runme.sh`` script is not executable.
|
||||
- ansible-test - The ``yamllint`` sanity test now enforces string values for the ``!vault`` tag.
|
||||
- ansible-test - Update ``nios-test-container`` to version 7.0.0.
|
||||
- ansible-test - Update ``pylint`` sanity test to use version 3.3.1.
|
||||
- ansible-test - Update distro containers to remove unnecessary pakages (apache2, subversion, ruby).
|
||||
- ansible-test - Update sanity test requirements to latest available versions.
|
||||
- ansible-test - Update the HTTP test container.
|
||||
- ansible-test - Update the PyPI test container.
|
||||
- ansible-test - Update the ``base`` and ``default`` containers.
|
||||
- ansible-test - Update the utility container.
|
||||
- ansible-test - Use Python's ``urllib`` instead of ``curl`` for HTTP requests.
|
||||
- ansible-test - When detection of the current container network fails, a warning is now issued and execution continues. This simplifies usage in cases where the current container cannot be inspected, such as when running in GitHub Codespaces.
|
||||
- ansible-test acme test container - bump `version to 2.3.0 <https://github.com/ansible/acme-test-container/releases/tag/2.3.0>`__ to include newer versions of Pebble, dependencies, and runtimes. This adds support for ACME profiles, ``dns-account-01`` support, and some smaller improvements (https://github.com/ansible/ansible/pull/84547).
|
||||
- apt_key module - add notes to docs and errors to point at the CLI tool deprecation by Debian and alternatives
|
||||
- apt_repository module - add notes to errors to point at the CLI tool deprecation by Debian and alternatives
|
||||
- become plugins get new property 'pipelining' to show support or lack there of for the feature.
|
||||
- callback plugins - add has_option() to CallbackBase to match other functions overloaded from AnsiblePlugin
|
||||
- callback plugins - fix get_options() for CallbackBase
|
||||
- copy - fix sanity test failures (https://github.com/ansible/ansible/pull/83643).
|
||||
- copy - parameter ``local_follow`` was incorrectly documented as having default value ``True`` (https://github.com/ansible/ansible/pull/83643).
|
||||
- cron - Provide additional error information while writing cron file (https://github.com/ansible/ansible/issues/83223).
|
||||
- csvfile - let the config system do the typecasting (https://github.com/ansible/ansible/pull/82263).
|
||||
- display - Deduplication of warning and error messages considers the full content of the message (including source and traceback contexts, if enabled). This may result in fewer messages being omitted.
|
||||
- distribution - Added openSUSE MicroOS to Suse OS family (#84685).
|
||||
- dnf5, apt - add ``auto_install_module_deps`` option (https://github.com/ansible/ansible/issues/84206)
|
||||
- docs - add collection name in message from which the module is being deprecated (https://github.com/ansible/ansible/issues/84116).
|
||||
- env lookup - The error message generated for a missing environment variable when ``default`` is an undefined value (e.g. ``undef('something')``) will contain the hint from that undefined value, except when the undefined value is the default of ``undef()`` with no arguments. Previously, any existing undefined hint would be ignored.
|
||||
- file - enable file module to disable diff_mode (https://github.com/ansible/ansible/issues/80817).
|
||||
- file - make code more readable and simple.
|
||||
- filter - add support for URL-safe encoding and decoding in b64encode and b64decode (https://github.com/ansible/ansible/issues/84147).
|
||||
- find - add a checksum_algorithm parameter to specify which type of checksum the module will return
|
||||
- from_json filter - The filter accepts a ``profile`` argument, which defaults to ``tagless``.
|
||||
- handlers - Templated handler names with syntax errors, or that resolve to ``omit`` are now skipped like handlers with undefined variables in their name.
|
||||
- improved error message for yaml parsing errors in plugin documentation
|
||||
- local connection plugin - A new ``become_strip_preamble`` config option (default True) was added; disable to preserve diagnostic ``become`` output in task results.
|
||||
- local connection plugin - A new ``become_success_timeout`` operation-wide timeout config (default 10s) was added for ``become``.
|
||||
- local connection plugin - When a ``become`` plugin's ``prompt`` value is a non-string after the ``check_password_prompt`` callback has completed, no prompt stripping will occur on stderr.
|
||||
- lookup_template - add an option to trim blocks while templating (https://github.com/ansible/ansible/issues/75962).
|
||||
- module - set ipv4 and ipv6 rules simultaneously in iptables module (https://github.com/ansible/ansible/issues/84404).
|
||||
- module_utils - Add ``NoReturn`` type annotations to functions which never return.
|
||||
- modules - PowerShell modules can now receive ``datetime.date``, ``datetime.time`` and ``datetime.datetime`` values as ISO 8601 strings.
|
||||
- modules - PowerShell modules can now receive strings sourced from inline vault-encrypted strings.
|
||||
- modules - Unhandled exceptions during Python module execution are now returned as structured data from the target. This allows the new traceback handling to be applied to exceptions raised on targets.
|
||||
- pipelining logic has mostly moved to connection plugins so they can decide/override settings.
|
||||
- plugin error handling - When raising exceptions in an exception handler, be sure to use ``raise ... from`` as appropriate. This supersedes the use of the ``AnsibleError`` arg ``orig_exc`` to represent the cause. Specifying ``orig_exc`` as the cause is still permitted. Failure to use ``raise ... from`` when ``orig_exc`` is set will result in a warning. Additionally, if the two cause exceptions do not match, a warning will be issued.
|
||||
- removed harcoding of su plugin as it now works with pipelining.
|
||||
- runtime-metadata sanity test - improve validation of ``action_groups`` (https://github.com/ansible/ansible/pull/83965).
|
||||
- service_facts module got freebsd support added.
|
||||
- ssh connection plugin - Support ``SSH_ASKPASS`` mechanism to provide passwords, making it the default, but still offering an explicit choice to use ``sshpass`` (https://github.com/ansible/ansible/pull/83936)
|
||||
- ssh connection plugin now overrides pipelining when a tty is requested.
|
||||
- ssh-agent - ``ansible``, ``ansible-playbook`` and ``ansible-console`` are capable of spawning or reusing an ssh-agent, allowing plugins to interact with the ssh-agent. Additionally a pure python ssh-agent client has been added, enabling easy interaction with the agent. The ssh connection plugin contains new functionality via ``ansible_ssh_private_key`` and ``ansible_ssh_private_key_passphrase``, for loading an SSH private key into the agent from a variable.
|
||||
- templating - Access to an undefined variable from inside a lookup, filter, or test (which raises MarkerError) no longer ends processing of the current template. The triggering undefined value is returned as the result of the offending plugin invocation, and the template continues to execute.
|
||||
- templating - Embedding ``range()`` values in containers such as lists will result in an error on use. Previously the value would be converted to a string representing the range parameters, such as ``range(0, 3)``.
|
||||
- templating - Handling of omitted values is now a first-class feature of the template engine, and is usable in all Ansible Jinja template contexts. Any template that resolves to ``omit`` is automatically removed from its parent container during templating.
|
||||
- templating - Template evaluation is lazier than in previous versions. Template expressions which resolve only portions of a data structure no longer result in the entire structure being templated.
|
||||
- templating - Templating errors now provide more information about both the location and context of the error, especially for deeply-nested and/or indirected templating scenarios.
|
||||
- templating - Unified ``omit`` behavior now requires that plugins calling ``Templar.template()`` handle cases where the entire template result is omitted, by catching the ``AnsibleValueOmittedError`` that is raised. Previously, this condition caused a randomly-generated string marker to appear in the template result.
|
||||
- templating - Variables of type ``set`` and ``tuple`` are now converted to ``list`` when exiting the final pass of templating.
|
||||
- to_json / to_nice_json filters - The filters accept a ``profile`` argument, which defaults to ``tagless``.
|
||||
- troubleshooting - Tracebacks can be collected and displayed for most errors, warnings, and deprecation warnings (including those generated by modules). Tracebacks are no longer enabled with ``-vvv``; the behavior is directly configurable via the ``DISPLAY_TRACEBACK`` config option. Module tracebacks passed to ``fail_json`` via the ``exception`` kwarg will not be included in the task result unless error tracebacks are configured.
|
||||
- undef jinja function - The ``undef`` jinja function now raises an error if a non-string hint is given. Attempting to use an undefined hint also results in an error, ensuring incorrect use of the function can be distinguished from the function's normal behavior.
|
||||
- validate-modules sanity test - make sure that ``module`` and ``plugin`` ``seealso`` entries use FQCNs (https://github.com/ansible/ansible/pull/84325).
|
||||
- vault - improved vault filter documentation by adding missing example content for dump_template_data.j2, refining examples for clarity, and ensuring variable consistency (https://github.com/ansible/ansible/issues/83583).
|
||||
- warnings - All warnings (including deprecation warnings) issued during a task's execution are now accessible via the ``warnings`` and ``deprecations`` keys on the task result.
|
||||
- when the ``dict`` lookup is given a non-dict argument, show the value of the argument and its type in the error message.
|
||||
- windows - add hard minimum limit for PowerShell to 5.1. Ansible dropped support for older versions of PowerShell in the 2.16 release but this reqirement is now enforced at runtime.
|
||||
- windows - refactor windows exec runner to improve efficiency and add better error reporting on failures.
|
||||
- winrm - Remove need for pexpect on macOS hosts when using ``kinit`` to retrieve the Kerberos TGT. By default the code will now only use the builtin ``subprocess`` library which should handle issues with select and a high fd count and also simplify the code.
|
||||
|
||||
Breaking Changes / Porting Guide
|
||||
--------------------------------
|
||||
|
||||
- Support for the ``toml`` library has been removed from TOML inventory parsing and dumping. Use ``tomli`` for parsing on Python 3.10. Python 3.11 and later have built-in support for parsing. Use ``tomli-w`` to support outputting inventory in TOML format.
|
||||
- assert - The ``quiet`` argument must be a commonly-accepted boolean value. Previously, unrecognized values were silently treated as False.
|
||||
- callback plugins - The structure of the ``exception``, ``warnings`` and ``deprecations`` values visible to callbacks has changed. Callbacks that inspect or serialize these values may require special handling.
|
||||
- conditionals - Conditional expressions that result in non-boolean values are now an error by default. Such results often indicate unintentional use of templates where they are not supported, resulting in a conditional that is always true. When this option is enabled, conditional expressions which are a literal ``None`` or empty string will evaluate as true, for backwards compatibility. The error can be temporarily changed to a deprecation warning by enabling the ``ALLOW_BROKEN_CONDITIONALS`` config option.
|
||||
- first_found lookup - When specifying ``files`` or ``paths`` as a templated list containing undefined values, the undefined list elements will be discarded with a warning. Previously, the entire list would be discarded without any warning.
|
||||
- internals - The ``AnsibleLoader`` and ``AnsibleDumper`` classes for working with YAML are now factory functions and cannot be extended.
|
||||
- internals - The ``ansible.utils.native_jinja`` Python module has been removed.
|
||||
- inventory - Invalid variable names provided by inventories result in an inventory parse failure. This behavior is now consistent with other variable name usages throughout Ansible.
|
||||
- lookup plugins - Lookup plugins called as `with_(lookup)` will no longer have the `_subdir` attribute set.
|
||||
- lookup plugins - ``terms`` will always be passed to ``run`` as the first positional arg, where previously it was sometimes passed as a keyword arg when using ``with_`` syntax.
|
||||
- loops - Omit placeholders no longer leak between loop item templating and task templating. Previously, ``omit`` placeholders could remain embedded in loop items after templating and be used as an ``omit`` for task templating. Now, values resolving to ``omit`` are dropped immediately when loop items are templated. To turn missing values into an ``omit`` for task templating, use ``| default(omit)``. This solution is backwards compatible with previous versions of ansible-core.
|
||||
- modules - Ansible modules using ``sys.excepthook`` must use a standard ``try/except`` instead.
|
||||
- plugins - Any plugin that sources or creates templates must properly tag them as trusted.
|
||||
- plugins - Custom Jinja plugins that accept undefined top-level arguments must opt in to receiving them.
|
||||
- plugins - Custom Jinja plugins that use ``environment.getitem`` to retrieve undefined values will now trigger a ``MarkerError`` exception. This exception must be handled to allow the plugin to return a ``Marker``, or the plugin must opt-in to accepting ``Marker`` values.
|
||||
- public API - The ``ansible.vars.fact_cache.FactCache`` wrapper has been removed.
|
||||
- serialization of ``omit`` sentinel - Serialization of variables containing ``omit`` sentinels (e.g., by the ``to_json`` and ``to_yaml`` filters or ``ansible-inventory``) will fail if the variable has not completed templating. Previously, serialization succeeded with placeholder strings emitted in the serialized output.
|
||||
- set_fact - The string values "yes", "no", "true" and "false" were previously converted (ignoring case) to boolean values when not using Jinja2 native mode. Since Jinja2 native mode is always used, this conversion no longer occurs. When boolean values are required, native boolean syntax should be used where variables are defined, such as in YAML. When native boolean syntax is not an option, the ``bool`` filter can be used to parse string values into booleans.
|
||||
- template lookup - The ``convert_data`` option is deprecated and no longer has any effect. Use the ``from_json`` filter on the lookup result instead.
|
||||
- templating - Access to ``_`` prefixed attributes and methods, and methods with known side effects, is no longer permitted. In cases where a matching mapping key is present, the associated value will be returned instead of an error. This increases template environment isolation and ensures more consistent behavior between the ``.`` and ``[]`` operators.
|
||||
- templating - Conditionals and lookups which use embedded inline templates in Jinja string constants now display a warning. These templates should be converted to their expression equivalent.
|
||||
- templating - Many Jinja plugins (filters, lookups, tests) and methods previously silently ignored undefined inputs, which often masked subtle errors. Passing an undefined argument to a Jinja plugin or method that does not declare undefined support now results in an undefined value.
|
||||
- templating - Templates are always rendered in Jinja2 native mode. As a result, non-string values are no longer automatically converted to strings.
|
||||
- templating - Templates resulting in ``None`` are no longer automatically converted to an empty string.
|
||||
- templating - Templates with embedded inline templates that were not contained within a Jinja string constant now result in an error, as support for multi-pass templating was removed for security reasons. In most cases, such templates can be easily rewritten to avoid the use of embedded inline templates.
|
||||
- templating - The ``allow_unsafe_lookups`` option no longer has any effect. Lookup plugins are responsible for tagging strings containing templates to allow evaluation as a template.
|
||||
- templating - The result of the ``range()`` global function cannot be returned from a template- it should always be passed to a filter (e.g., ``random``). Previously, range objects returned from an intermediate template were always converted to a list, which is inconsistent with inline consumption of range objects.
|
||||
- templating - ``#jinja2:`` overrides in templates with invalid override names or types are now templating errors.
|
||||
|
||||
Deprecated Features
|
||||
-------------------
|
||||
|
||||
- CLI - The ``--inventory-file`` option alias is deprecated. Use the ``-i`` or ``--inventory`` option instead.
|
||||
- Stategy Plugins - Use of strategy plugins not provided in ``ansible.builtin`` are deprecated and do not carry any backwards compatibility guarantees going forward. A future release will remove the ability to use external strategy plugins. No alternative for third party strategy plugins is currently planned.
|
||||
- ``ansible.module_utils.compat.datetime`` - The datetime compatibility shims are now deprecated. They are scheduled to be removed in ``ansible-core`` v2.21. This includes ``UTC``, ``utcfromtimestamp()`` and ``utcnow`` importable from said module (https://github.com/ansible/ansible/pull/81874).
|
||||
- bool filter - Support for coercing unrecognized input values (including None) has been deprecated. Consult the filter documentation for acceptable values, or consider use of the ``truthy`` and ``falsy`` tests.
|
||||
- cache plugins - The `ansible.plugins.cache.base` Python module is deprecated. Use `ansible.plugins.cache` instead.
|
||||
- callback plugins - The `v2_on_any` callback method is deprecated. Use specific callback methods instead.
|
||||
- callback plugins - The v1 callback API (callback methods not prefixed with `v2_`) is deprecated. Use `v2_` prefixed methods instead.
|
||||
- conditionals - Conditionals using Jinja templating delimiters (e.g., ``{{``, ``{%``) should be rewritten as expressions without delimiters, unless the entire conditional value is a single template that resolves to a trusted string expression. This is useful for dynamic indirection of conditional expressions, but is limited to trusted literal string expressions.
|
||||
- config - The ``ACTION_WARNINGS`` config has no effect. It previously disabled command warnings, which have since been removed.
|
||||
- config - The ``DEFAULT_JINJA2_NATIVE`` option has no effect. Jinja2 native mode is now the default and only option.
|
||||
- config - The ``DEFAULT_NULL_REPRESENTATION`` option has no effect. Null values are no longer automatically converted to another value during templating of single variable references.
|
||||
- display - The ``Display.get_deprecation_message`` method has been deprecated. Call ``Display.deprecated`` to display a deprecation message, or call it with ``removed=True`` to raise an ``AnsibleError``.
|
||||
- file loading - Loading text files with ``DataLoader`` containing data that cannot be decoded under the expected encoding is deprecated. In most cases the encoding must be UTF-8, although some plugins allow choosing a different encoding. Previously, invalid data was silently wrapped in Unicode surrogate escape sequences, often resulting in later errors or other data corruption.
|
||||
- first_found lookup - Splitting of file paths on ``,;:`` is deprecated. Pass a list of paths instead. The ``split`` method on strings can be used to split variables into a list as needed.
|
||||
- interpreter discovery - The ``auto_legacy`` and ``auto_legacy_silent`` options for ``INTERPRETER_PYTHON`` are deprecated. Use ``auto`` or ``auto_silent`` options instead, as they have the same effect.
|
||||
- oneline callback - The ``oneline`` callback and its associated ad-hoc CLI args (``-o``, ``--one-line``) are deprecated.
|
||||
- paramiko - The paramiko connection plugin has been deprecated with planned removal in 2.21.
|
||||
- playbook variables - The ``play_hosts`` variable has been deprecated, use ``ansible_play_batch`` instead.
|
||||
- plugin error handling - The ``AnsibleError`` constructor arg ``suppress_extended_error`` is deprecated. Using ``suppress_extended_error=True`` has the same effect as ``show_content=False``.
|
||||
- plugins - The ``listify_lookup_plugin_terms`` function is obsolete and in most cases no longer needed.
|
||||
- template lookup - The jinja2_native option is no longer used in the Ansible Core code base. Jinja2 native mode is now the default and only option.
|
||||
- templating - Support for enabling Jinja2 extensions (not plugins) has been deprecated.
|
||||
- templating - The ``ansible_managed`` variable available for certain templating scenarios, such as the ``template`` action and ``template`` lookup has been deprecated. Define and use a custom variable instead of relying on ``ansible_managed``.
|
||||
- templating - The ``disable_lookups`` option has no effect, since plugins must be updated to apply trust before any templating can be performed.
|
||||
- to_yaml/to_nice_yaml filters - Implicit YAML dumping of vaulted value ciphertext is deprecated. Set `dump_vault_tags` to explicitly specify the desired behavior.
|
||||
- tree callback - The ``tree`` callback and its associated ad-hoc CLI args (``-t``, ``--tree``) are deprecated.
|
||||
|
||||
Removed Features (previously deprecated)
|
||||
----------------------------------------
|
||||
|
||||
- Remove deprecated plural form of collection path (https://github.com/ansible/ansible/pull/84156).
|
||||
- Removed deprecated STRING_CONVERSION_ACTION (https://github.com/ansible/ansible/issues/84220).
|
||||
- encrypt - passing unsupported passlib hashtype now raises AnsibleFilterError.
|
||||
- manager - remove deprecated include_delegate_to parameter from get_vars API.
|
||||
- modules - Modules returning non-UTF8 strings now result in an error. The ``MODULE_STRICT_UTF8_RESPONSE`` setting can be used to disable this check.
|
||||
- removed deprecated pycompat24 and compat.importlib.
|
||||
- selector - remove deprecated compat.selector related files (https://github.com/ansible/ansible/pull/84155).
|
||||
- windows - removed common module functions ``ConvertFrom-AnsibleJson``, ``Format-AnsibleException`` from Windows modules as they are not used and add uneeded complexity to the code.
|
||||
|
||||
Security Fixes
|
||||
--------------
|
||||
|
||||
- include_vars action - Ensure that result masking is correctly requested when vault-encrypted files are read. (CVE-2024-8775)
|
||||
- task result processing - Ensure that action-sourced result masking (``_ansible_no_log=True``) is preserved. (CVE-2024-8775)
|
||||
- templating - Ansible's template engine no longer processes Jinja templates in strings unless they are marked as coming from a trusted source. Untrusted strings containing Jinja template markers are ignored with a warning. Examples of trusted sources include playbooks, vars files, and many inventory sources. Examples of untrusted sources include module results and facts. Plugins which have not been updated to preserve trust while manipulating strings may inadvertently cause them to lose their trusted status.
|
||||
- templating - Changes to conditional expression handling removed numerous instances of insecure multi-pass templating (which could result in execution of untrusted template expressions).
|
||||
- user action won't allow ssh-keygen, chown and chmod to run on existing ssh public key file, avoiding traversal on existing symlinks (CVE-2024-9902).
|
||||
|
||||
Bugfixes
|
||||
--------
|
||||
|
||||
- Ansible will now also warn when reserved keywords are set via a module (set_fact, include_vars, etc).
|
||||
- Ansible.Basic - Fix ``required_if`` check when the option value to check is unset or set to null.
|
||||
- Correctly return ``False`` when using the ``filter`` and ``test`` Jinja tests on plugin names which are not filters or tests, respectively. (resolves issue https://github.com/ansible/ansible/issues/82084)
|
||||
- Do not run implicit ``flush_handlers`` meta tasks when the whole play is excluded from the run due to tags specified.
|
||||
- Errors now preserve stacked error messages even when YAML is involved.
|
||||
- Fix a display.debug statement with the wrong param in _get_diff_data() method
|
||||
- Fix disabling SSL verification when installing collections and roles from git repositories. If ``--ignore-certs`` isn't provided, the value for the ``GALAXY_IGNORE_CERTS`` configuration option will be used (https://github.com/ansible/ansible/issues/83326).
|
||||
- Fix ipv6 pattern bug in lib/ansible/parsing/utils/addresses.py (https://github.com/ansible/ansible/issues/84237)
|
||||
- Fix returning 'unreachable' for the overall task result. This prevents false positives when a looped task has unignored unreachable items (https://github.com/ansible/ansible/issues/84019).
|
||||
- Implicit ``meta: flush_handlers`` tasks now have a parent block to prevent potential tracebacks when calling methods like ``get_play()`` on them internally.
|
||||
- Improve performance on large inventories by reducing the number of implicit meta tasks.
|
||||
- Jinja plugins - Errors raised will always be derived from ``AnsibleTemplatePluginError``.
|
||||
- Optimize the way tasks from within ``include_tasks``/``include_role`` are inserted into the play.
|
||||
- Time out waiting on become is an unreachable error (https://github.com/ansible/ansible/issues/84468)
|
||||
- Use consistent multiprocessing context for action write locks
|
||||
- Use the requested error message in the ansible.module_utils.facts.timeout timeout function instead of hardcoding one.
|
||||
- Windows - add support for running on system where WDAC is in audit mode with ``Dynamic Code Security`` enabled.
|
||||
- YAML parsing - The `!unsafe` tag no longer coerces non-string scalars to strings.
|
||||
- ``ansible-galaxy`` — the collection dependency resolver now treats version specifiers starting with ``!=`` as unpinned.
|
||||
- ``package``/``dnf`` action plugins - provide the reason behind the failure to gather the ``ansible_pkg_mgr`` fact to identify the package backend
|
||||
- action plugins - Action plugins that raise unhandled exceptions no longer terminate playbook loops. Previously, exceptions raised by an action plugin caused abnormal loop termination and loss of loop iteration results.
|
||||
- ansible-config - format galaxy server configs while dumping in JSON format (https://github.com/ansible/ansible/issues/84840).
|
||||
- ansible-doc - If none of the files in files exists, path will be undefined and a direct reference will throw an UnboundLocalError (https://github.com/ansible/ansible/pull/84464).
|
||||
- ansible-galaxy - Small adjustments to URL building for ``download_url`` and relative redirects.
|
||||
- ansible-pull change detection will now work independently of callback or result format settings.
|
||||
- ansible-test - Enable the ``sys.unraisablehook`` work-around for the ``pylint`` sanity test on Python 3.11. Previously the work-around was only enabled for Python 3.12 and later. However, the same issue has been discovered on Python 3.11.
|
||||
- ansible-test - Ensure CA certificates are installed on managed FreeBSD instances.
|
||||
- ansible-test - Fix support for PowerShell module_util imports with the ``-Optional`` flag.
|
||||
- ansible-test - Fix support for detecting PowerShell modules importing module utils with the newer ``#AnsibleRequires`` format.
|
||||
- ansible-test - Fix traceback that occurs after an interactive command fails.
|
||||
- ansible-test - Fix up coverage reporting to properly translate the temporary path of integration test modules to the expected static test module path.
|
||||
- ansible-test - Fixed traceback when handling certain YAML errors in the ``yamllint`` sanity test.
|
||||
- ansible-test - Managed macOS instances now use the ``sudo_chdir`` option for the ``sudo`` become plugin to avoid permission errors when dropping privileges.
|
||||
- ansible-vault will now correctly handle `--prompt`, previously it would issue an error about stdin if no 2nd argument was passed
|
||||
- ansible_uptime_second - added ansible_uptime_seconds fact support for AIX (https://github.com/ansible/ansible/pull/84321).
|
||||
- apt_key module - prevent tests from running when apt-key was removed
|
||||
- base.yml - deprecated libvirt_lxc_noseclabel config.
|
||||
- build - Pin ``wheel`` in ``pyproject.toml`` to ensure compatibility with supported ``setuptools`` versions.
|
||||
- config - various fixes to config lookup plugin (https://github.com/ansible/ansible/pull/84398).
|
||||
- copy - refactor copy module for simplicity.
|
||||
- copy action now prevents user from setting internal options.
|
||||
- debconf - set empty password values (https://github.com/ansible/ansible/issues/83214).
|
||||
- debug - hide loop vars in debug var display (https://github.com/ansible/ansible/issues/65856).
|
||||
- default callback - Error context is now shown for failing tasks that use the ``debug`` action.
|
||||
- display - The ``Display.deprecated`` method once again properly handles the ``removed=True`` argument (https://github.com/ansible/ansible/issues/82358).
|
||||
- distro - add support for Linux Mint Debian Edition (LMDE) (https://github.com/ansible/ansible/issues/84934).
|
||||
- distro - detect Debian as os_family for LMDE 6 (https://github.com/ansible/ansible/issues/84934).
|
||||
- dnf5 - Handle forwarded exceptions from dnf5-5.2.13 where a generic ``RuntimeError`` was previously raised
|
||||
- dnf5 - fix ``is_installed`` check for packages that are not installed but listed as provided by an installed package (https://github.com/ansible/ansible/issues/84578)
|
||||
- dnf5 - fix installing a package using ``state=latest`` when a binary of the same name as the package is already installed (https://github.com/ansible/ansible/issues/84259)
|
||||
- dnf5 - fix traceback when ``enable_plugins``/``disable_plugins`` is used on ``python3-libdnf5`` versions that do not support this functionality
|
||||
- dnf5 - libdnf5 - use ``conf.pkg_gpgcheck`` instead of deprecated ``conf.gpgcheck`` which is used only as a fallback
|
||||
- dnf5 - matching on a binary can be achieved only by specifying a full path (https://github.com/ansible/ansible/issues/84334)
|
||||
- facts - gather pagesize and calculate respective values depending upon architecture (https://github.com/ansible/ansible/issues/84773).
|
||||
- facts - skip if distribution file path is directory, instead of raising error (https://github.com/ansible/ansible/issues/84006).
|
||||
- find - skip ENOENT error code while recursively enumerating files. find module will now be tolerant to race conditions that remove files or directories from the target it is currently inspecting. (https://github.com/ansible/ansible/issues/84873).
|
||||
- first_found lookup - Corrected return value documentation to reflect None (not empty string) for no files found.
|
||||
- gather_facts action now defaults to `ansible.legacy.setup` if `smart` was set, no network OS was found and no other alias for `setup` was present.
|
||||
- gather_facts action will now issues errors and warnings as appropriate if a network OS is detected but no facts modules are defined for it.
|
||||
- gather_facts action, will now add setup when 'smart' appears with other modules in the FACTS_MODULES setting (#84750).
|
||||
- get_url - add support for BSD-style checksum digest file (https://github.com/ansible/ansible/issues/84476).
|
||||
- get_url - fix honoring ``filename`` from the ``content-disposition`` header even when the type is ``inline`` (https://github.com/ansible/ansible/issues/83690)
|
||||
- host_group_vars - fixed defining the 'key' variable if the get_vars method is called with cache=False (https://github.com/ansible/ansible/issues/84384)
|
||||
- include_vars - fix including previously undefined hash variables with hash_behaviour merge (https://github.com/ansible/ansible/issues/84295).
|
||||
- iptables - Allows the wait paramater to be used with iptables chain creation (https://github.com/ansible/ansible/issues/84490)
|
||||
- linear strategy - fix executing ``end_role`` meta tasks for each host, instead of handling these as implicit run_once tasks (https://github.com/ansible/ansible/issues/84660).
|
||||
- local connection plugin - Become timeout errors now include all received data. Previously, the most recently-received data was discarded.
|
||||
- local connection plugin - Ensure ``become`` success validation always occurs, even when an active plugin does not set ``prompt``.
|
||||
- local connection plugin - Fixed cases where the internal ``BECOME-SUCCESS`` message appeared in task output.
|
||||
- local connection plugin - Fixed hang or spurious failure when data arrived concurrently on stdout and stderr during a successful ``become`` operation validation.
|
||||
- local connection plugin - Fixed hang when a become plugin expects a prompt but a password was not provided.
|
||||
- local connection plugin - Fixed hang when an active become plugin incorrectly signals lack of prompt.
|
||||
- local connection plugin - Fixed hang when an internal become read timeout expired before the password prompt was written.
|
||||
- local connection plugin - Fixed hang when only one of stdout or stderr was closed by the ``become_exe`` subprocess.
|
||||
- local connection plugin - Fixed long timeout/hang for ``become`` plugins that repeat their prompt on failure (e.g., ``sudo``, some ``su`` implementations).
|
||||
- local connection plugin - Fixed silent ignore of ``become`` failures and loss of task output when data arrived concurrently on stdout and stderr during ``become`` operation validation.
|
||||
- local connection plugin - Fixed task output header truncation when post-become data arrived before ``become`` operation validation had completed.
|
||||
- lookup plugins - The ``terms`` arg to the ``run`` method is now always a list. Previously, there were cases where a non-list could be received.
|
||||
- module arg templating - When using a templated raw task arg and a templated ``args`` keyword, args are now merged. Previously use of templated raw task args silently ignored all values from the templated ``args`` keyword.
|
||||
- module defaults - Module defaults are no longer templated unless they are used by a task that does not override them. Previously, all module defaults for all modules were templated for every task.
|
||||
- module respawn - limit to supported Python versions
|
||||
- omitting task args - Use of omit for task args now properly falls back to args of lower precedence, such as module defaults. Previously an omitted value would obliterate values of lower precedence.
|
||||
- package_facts module when using 'auto' will return the first package manager found that provides an output, instead of just the first one, as this can be foreign and not have any packages.
|
||||
- psrp - Improve stderr parsing when running raw commands that emit error records or stderr lines.
|
||||
- regex_search filter - Corrected return value documentation to reflect None (not empty string) for no match.
|
||||
- respawn - use copy of env variables to update existing PYTHONPATH value (https://github.com/ansible/ansible/issues/84954).
|
||||
- runas become - Fix up become logic to still get the SYSTEM token with the most privileges when running as SYSTEM.
|
||||
- sequence lookup - sequence query/lookups without positional arguments now return a valid list if their kwargs comprise a valid sequence expression (https://github.com/ansible/ansible/issues/82921).
|
||||
- service_facts - skip lines which does not contain service names in openrc output (https://github.com/ansible/ansible/issues/84512).
|
||||
- ssh - Improve the logic for parsing CLIXML data in stderr when working with Windows host. This fixes issues when the raw stderr contains invalid UTF-8 byte sequences and improves embedded CLIXML sequences.
|
||||
- ssh - Raise exception when sshpass returns error code (https://github.com/ansible/ansible/issues/58133).
|
||||
- ssh - connection options were incorrectly templated during ``reset_connection`` tasks (https://github.com/ansible/ansible/pull/84238).
|
||||
- stability - Fixed silent process failure on unhandled IOError/OSError under ``linear`` strategy.
|
||||
- su become plugin - Ensure generated regex from ``prompt_l10n`` config values is properly escaped.
|
||||
- su become plugin - Ensure that password prompts are correctly detected in the presence of leading output. Previously, this case resulted in a timeout or hang.
|
||||
- su become plugin - Ensure that trailing colon is expected on all ``prompt_l10n`` config values.
|
||||
- sudo become plugin - The `sudo_chdir` config option allows the current directory to be set to the specified value before executing sudo to avoid permission errors when dropping privileges.
|
||||
- sunos - remove hard coding of virtinfo command in facts gathering code (https://github.com/ansible/ansible/pull/84357).
|
||||
- to_yaml/to_nice_yaml filters - Eliminated possibility of keyword arg collisions with internally-set defaults.
|
||||
- unarchive - Clamp timestamps from beyond y2038 to representible values when unpacking zip files on platforms that use 32-bit time_t (e.g. Debian i386).
|
||||
- uri - Form location correctly when the server returns a relative redirect (https://github.com/ansible/ansible/issues/84540)
|
||||
- uri - Handle HTTP exceptions raised while reading the content (https://github.com/ansible/ansible/issues/83794).
|
||||
- uri - mark ``url`` as required (https://github.com/ansible/ansible/pull/83642).
|
||||
- user - Create Buildroot subclass as alias to Busybox (https://github.com/ansible/ansible/issues/83665).
|
||||
- user - Set timeout for passphrase interaction.
|
||||
- user - Update prompt for SSH key passphrase (https://github.com/ansible/ansible/issues/84484).
|
||||
- user - Use higher precedence HOME_MODE as UMASK for path provided (https://github.com/ansible/ansible/pull/84482).
|
||||
- user action will now require O(force) to overwrite the public part of an ssh key when generating ssh keys, as was already the case for the private part.
|
||||
- user module now avoids changing ownership of files symlinked in provided home dir skeleton
|
||||
- vars lookup - The ``default`` substitution only applies when trying to look up a variable which is not defined. If the variable is defined, but templates to an undefined value, the ``default`` substitution will not apply. Use the ``default`` filter to coerce those values instead.
|
||||
- wait_for_connection - a warning was displayed if any hosts used a local connection (https://github.com/ansible/ansible/issues/84419)
|
||||
|
||||
Known Issues
|
||||
------------
|
||||
|
||||
- templating - Any string value starting with ``#jinja2:`` which is templated will always be interpreted as Jinja2 configuration overrides. To include this literal value at the start of a string, a space or other character must precede it.
|
||||
- variables - Tagged values cannot be used for dictionary keys in many circumstances.
|
||||
- variables - The values ``None``, ``True`` and ``False`` cannot be tagged because they are singletons. Attempts to apply tags to these values will be silently ignored.
|
||||
@ -1,2 +1,855 @@
|
||||
ancestor: 2.18.0
|
||||
releases: {}
|
||||
releases:
|
||||
2.19.0b1:
|
||||
changes:
|
||||
breaking_changes:
|
||||
- Support for the ``toml`` library has been removed from TOML inventory parsing
|
||||
and dumping. Use ``tomli`` for parsing on Python 3.10. Python 3.11 and later
|
||||
have built-in support for parsing. Use ``tomli-w`` to support outputting inventory
|
||||
in TOML format.
|
||||
- assert - The ``quiet`` argument must be a commonly-accepted boolean value.
|
||||
Previously, unrecognized values were silently treated as False.
|
||||
- callback plugins - The structure of the ``exception``, ``warnings`` and ``deprecations``
|
||||
values visible to callbacks has changed. Callbacks that inspect or serialize
|
||||
these values may require special handling.
|
||||
- conditionals - Conditional expressions that result in non-boolean values are
|
||||
now an error by default. Such results often indicate unintentional use of
|
||||
templates where they are not supported, resulting in a conditional that is
|
||||
always true. When this option is enabled, conditional expressions which are
|
||||
a literal ``None`` or empty string will evaluate as true, for backwards compatibility.
|
||||
The error can be temporarily changed to a deprecation warning by enabling
|
||||
the ``ALLOW_BROKEN_CONDITIONALS`` config option.
|
||||
- first_found lookup - When specifying ``files`` or ``paths`` as a templated
|
||||
list containing undefined values, the undefined list elements will be discarded
|
||||
with a warning. Previously, the entire list would be discarded without any
|
||||
warning.
|
||||
- internals - The ``AnsibleLoader`` and ``AnsibleDumper`` classes for working
|
||||
with YAML are now factory functions and cannot be extended.
|
||||
- internals - The ``ansible.utils.native_jinja`` Python module has been removed.
|
||||
- inventory - Invalid variable names provided by inventories result in an inventory
|
||||
parse failure. This behavior is now consistent with other variable name usages
|
||||
throughout Ansible.
|
||||
- lookup plugins - Lookup plugins called as `with_(lookup)` will no longer have
|
||||
the `_subdir` attribute set.
|
||||
- lookup plugins - ``terms`` will always be passed to ``run`` as the first positional
|
||||
arg, where previously it was sometimes passed as a keyword arg when using
|
||||
``with_`` syntax.
|
||||
- loops - Omit placeholders no longer leak between loop item templating and
|
||||
task templating. Previously, ``omit`` placeholders could remain embedded in
|
||||
loop items after templating and be used as an ``omit`` for task templating.
|
||||
Now, values resolving to ``omit`` are dropped immediately when loop items
|
||||
are templated. To turn missing values into an ``omit`` for task templating,
|
||||
use ``| default(omit)``. This solution is backwards compatible with previous
|
||||
versions of ansible-core.
|
||||
- modules - Ansible modules using ``sys.excepthook`` must use a standard ``try/except``
|
||||
instead.
|
||||
- plugins - Any plugin that sources or creates templates must properly tag them
|
||||
as trusted.
|
||||
- plugins - Custom Jinja plugins that accept undefined top-level arguments must
|
||||
opt in to receiving them.
|
||||
- plugins - Custom Jinja plugins that use ``environment.getitem`` to retrieve
|
||||
undefined values will now trigger a ``MarkerError`` exception. This exception
|
||||
must be handled to allow the plugin to return a ``Marker``, or the plugin
|
||||
must opt-in to accepting ``Marker`` values.
|
||||
- public API - The ``ansible.vars.fact_cache.FactCache`` wrapper has been removed.
|
||||
- serialization of ``omit`` sentinel - Serialization of variables containing
|
||||
``omit`` sentinels (e.g., by the ``to_json`` and ``to_yaml`` filters or ``ansible-inventory``)
|
||||
will fail if the variable has not completed templating. Previously, serialization
|
||||
succeeded with placeholder strings emitted in the serialized output.
|
||||
- set_fact - The string values "yes", "no", "true" and "false" were previously
|
||||
converted (ignoring case) to boolean values when not using Jinja2 native mode.
|
||||
Since Jinja2 native mode is always used, this conversion no longer occurs.
|
||||
When boolean values are required, native boolean syntax should be used where
|
||||
variables are defined, such as in YAML. When native boolean syntax is not
|
||||
an option, the ``bool`` filter can be used to parse string values into booleans.
|
||||
- template lookup - The ``convert_data`` option is deprecated and no longer
|
||||
has any effect. Use the ``from_json`` filter on the lookup result instead.
|
||||
- templating - Access to ``_`` prefixed attributes and methods, and methods
|
||||
with known side effects, is no longer permitted. In cases where a matching
|
||||
mapping key is present, the associated value will be returned instead of an
|
||||
error. This increases template environment isolation and ensures more consistent
|
||||
behavior between the ``.`` and ``[]`` operators.
|
||||
- templating - Conditionals and lookups which use embedded inline templates
|
||||
in Jinja string constants now display a warning. These templates should be
|
||||
converted to their expression equivalent.
|
||||
- templating - Many Jinja plugins (filters, lookups, tests) and methods previously
|
||||
silently ignored undefined inputs, which often masked subtle errors. Passing
|
||||
an undefined argument to a Jinja plugin or method that does not declare undefined
|
||||
support now results in an undefined value.
|
||||
- templating - Templates are always rendered in Jinja2 native mode. As a result,
|
||||
non-string values are no longer automatically converted to strings.
|
||||
- templating - Templates resulting in ``None`` are no longer automatically converted
|
||||
to an empty string.
|
||||
- templating - Templates with embedded inline templates that were not contained
|
||||
within a Jinja string constant now result in an error, as support for multi-pass
|
||||
templating was removed for security reasons. In most cases, such templates
|
||||
can be easily rewritten to avoid the use of embedded inline templates.
|
||||
- templating - The ``allow_unsafe_lookups`` option no longer has any effect.
|
||||
Lookup plugins are responsible for tagging strings containing templates to
|
||||
allow evaluation as a template.
|
||||
- templating - The result of the ``range()`` global function cannot be returned
|
||||
from a template- it should always be passed to a filter (e.g., ``random``).
|
||||
Previously, range objects returned from an intermediate template were always
|
||||
converted to a list, which is inconsistent with inline consumption of range
|
||||
objects.
|
||||
- templating - ``#jinja2:`` overrides in templates with invalid override names
|
||||
or types are now templating errors.
|
||||
bugfixes:
|
||||
- Ansible will now also warn when reserved keywords are set via a module (set_fact,
|
||||
include_vars, etc).
|
||||
- Ansible.Basic - Fix ``required_if`` check when the option value to check is
|
||||
unset or set to null.
|
||||
- Correctly return ``False`` when using the ``filter`` and ``test`` Jinja tests
|
||||
on plugin names which are not filters or tests, respectively. (resolves issue
|
||||
https://github.com/ansible/ansible/issues/82084)
|
||||
- Do not run implicit ``flush_handlers`` meta tasks when the whole play is excluded
|
||||
from the run due to tags specified.
|
||||
- Errors now preserve stacked error messages even when YAML is involved.
|
||||
- Fix a display.debug statement with the wrong param in _get_diff_data() method
|
||||
- Fix disabling SSL verification when installing collections and roles from
|
||||
git repositories. If ``--ignore-certs`` isn't provided, the value for the
|
||||
``GALAXY_IGNORE_CERTS`` configuration option will be used (https://github.com/ansible/ansible/issues/83326).
|
||||
- Fix ipv6 pattern bug in lib/ansible/parsing/utils/addresses.py (https://github.com/ansible/ansible/issues/84237)
|
||||
- Fix returning 'unreachable' for the overall task result. This prevents false
|
||||
positives when a looped task has unignored unreachable items (https://github.com/ansible/ansible/issues/84019).
|
||||
- 'Implicit ``meta: flush_handlers`` tasks now have a parent block to prevent
|
||||
potential tracebacks when calling methods like ``get_play()`` on them internally.'
|
||||
- Improve performance on large inventories by reducing the number of implicit
|
||||
meta tasks.
|
||||
- Jinja plugins - Errors raised will always be derived from ``AnsibleTemplatePluginError``.
|
||||
- Optimize the way tasks from within ``include_tasks``/``include_role`` are
|
||||
inserted into the play.
|
||||
- Time out waiting on become is an unreachable error (https://github.com/ansible/ansible/issues/84468)
|
||||
- Use consistent multiprocessing context for action write locks
|
||||
- Use the requested error message in the ansible.module_utils.facts.timeout
|
||||
timeout function instead of hardcoding one.
|
||||
- Windows - add support for running on system where WDAC is in audit mode with
|
||||
``Dynamic Code Security`` enabled.
|
||||
- YAML parsing - The `!unsafe` tag no longer coerces non-string scalars to strings.
|
||||
- "``ansible-galaxy`` \u2014 the collection dependency resolver now treats version
|
||||
specifiers starting with ``!=`` as unpinned."
|
||||
- '``package``/``dnf`` action plugins - provide the reason behind the failure
|
||||
to gather the ``ansible_pkg_mgr`` fact to identify the package backend'
|
||||
- action plugins - Action plugins that raise unhandled exceptions no longer
|
||||
terminate playbook loops. Previously, exceptions raised by an action plugin
|
||||
caused abnormal loop termination and loss of loop iteration results.
|
||||
- ansible-config - format galaxy server configs while dumping in JSON format
|
||||
(https://github.com/ansible/ansible/issues/84840).
|
||||
- ansible-doc - If none of the files in files exists, path will be undefined
|
||||
and a direct reference will throw an UnboundLocalError (https://github.com/ansible/ansible/pull/84464).
|
||||
- ansible-galaxy - Small adjustments to URL building for ``download_url`` and
|
||||
relative redirects.
|
||||
- ansible-pull change detection will now work independently of callback or result
|
||||
format settings.
|
||||
- ansible-test - Enable the ``sys.unraisablehook`` work-around for the ``pylint``
|
||||
sanity test on Python 3.11. Previously the work-around was only enabled for
|
||||
Python 3.12 and later. However, the same issue has been discovered on Python
|
||||
3.11.
|
||||
- ansible-test - Ensure CA certificates are installed on managed FreeBSD instances.
|
||||
- ansible-test - Fix support for PowerShell module_util imports with the ``-Optional``
|
||||
flag.
|
||||
- ansible-test - Fix support for detecting PowerShell modules importing module
|
||||
utils with the newer ``#AnsibleRequires`` format.
|
||||
- ansible-test - Fix traceback that occurs after an interactive command fails.
|
||||
- ansible-test - Fix up coverage reporting to properly translate the temporary
|
||||
path of integration test modules to the expected static test module path.
|
||||
- ansible-test - Fixed traceback when handling certain YAML errors in the ``yamllint``
|
||||
sanity test.
|
||||
- ansible-test - Managed macOS instances now use the ``sudo_chdir`` option for
|
||||
the ``sudo`` become plugin to avoid permission errors when dropping privileges.
|
||||
- ansible-vault will now correctly handle `--prompt`, previously it would issue
|
||||
an error about stdin if no 2nd argument was passed
|
||||
- ansible_uptime_second - added ansible_uptime_seconds fact support for AIX
|
||||
(https://github.com/ansible/ansible/pull/84321).
|
||||
- apt_key module - prevent tests from running when apt-key was removed
|
||||
- base.yml - deprecated libvirt_lxc_noseclabel config.
|
||||
- build - Pin ``wheel`` in ``pyproject.toml`` to ensure compatibility with supported
|
||||
``setuptools`` versions.
|
||||
- config - various fixes to config lookup plugin (https://github.com/ansible/ansible/pull/84398).
|
||||
- copy - refactor copy module for simplicity.
|
||||
- copy action now prevents user from setting internal options.
|
||||
- debconf - set empty password values (https://github.com/ansible/ansible/issues/83214).
|
||||
- debug - hide loop vars in debug var display (https://github.com/ansible/ansible/issues/65856).
|
||||
- default callback - Error context is now shown for failing tasks that use the
|
||||
``debug`` action.
|
||||
- display - The ``Display.deprecated`` method once again properly handles the
|
||||
``removed=True`` argument (https://github.com/ansible/ansible/issues/82358).
|
||||
- distro - add support for Linux Mint Debian Edition (LMDE) (https://github.com/ansible/ansible/issues/84934).
|
||||
- distro - detect Debian as os_family for LMDE 6 (https://github.com/ansible/ansible/issues/84934).
|
||||
- dnf5 - Handle forwarded exceptions from dnf5-5.2.13 where a generic ``RuntimeError``
|
||||
was previously raised
|
||||
- dnf5 - fix ``is_installed`` check for packages that are not installed but
|
||||
listed as provided by an installed package (https://github.com/ansible/ansible/issues/84578)
|
||||
- dnf5 - fix installing a package using ``state=latest`` when a binary of the
|
||||
same name as the package is already installed (https://github.com/ansible/ansible/issues/84259)
|
||||
- dnf5 - fix traceback when ``enable_plugins``/``disable_plugins`` is used on
|
||||
``python3-libdnf5`` versions that do not support this functionality
|
||||
- dnf5 - libdnf5 - use ``conf.pkg_gpgcheck`` instead of deprecated ``conf.gpgcheck``
|
||||
which is used only as a fallback
|
||||
- dnf5 - matching on a binary can be achieved only by specifying a full path
|
||||
(https://github.com/ansible/ansible/issues/84334)
|
||||
- facts - gather pagesize and calculate respective values depending upon architecture
|
||||
(https://github.com/ansible/ansible/issues/84773).
|
||||
- facts - skip if distribution file path is directory, instead of raising error
|
||||
(https://github.com/ansible/ansible/issues/84006).
|
||||
- find - skip ENOENT error code while recursively enumerating files. find module
|
||||
will now be tolerant to race conditions that remove files or directories from
|
||||
the target it is currently inspecting. (https://github.com/ansible/ansible/issues/84873).
|
||||
- first_found lookup - Corrected return value documentation to reflect None
|
||||
(not empty string) for no files found.
|
||||
- gather_facts action now defaults to `ansible.legacy.setup` if `smart` was
|
||||
set, no network OS was found and no other alias for `setup` was present.
|
||||
- gather_facts action will now issues errors and warnings as appropriate if
|
||||
a network OS is detected but no facts modules are defined for it.
|
||||
- gather_facts action, will now add setup when 'smart' appears with other modules
|
||||
in the FACTS_MODULES setting (#84750).
|
||||
- get_url - add support for BSD-style checksum digest file (https://github.com/ansible/ansible/issues/84476).
|
||||
- get_url - fix honoring ``filename`` from the ``content-disposition`` header
|
||||
even when the type is ``inline`` (https://github.com/ansible/ansible/issues/83690)
|
||||
- host_group_vars - fixed defining the 'key' variable if the get_vars method
|
||||
is called with cache=False (https://github.com/ansible/ansible/issues/84384)
|
||||
- include_vars - fix including previously undefined hash variables with hash_behaviour
|
||||
merge (https://github.com/ansible/ansible/issues/84295).
|
||||
- iptables - Allows the wait paramater to be used with iptables chain creation
|
||||
(https://github.com/ansible/ansible/issues/84490)
|
||||
- linear strategy - fix executing ``end_role`` meta tasks for each host, instead
|
||||
of handling these as implicit run_once tasks (https://github.com/ansible/ansible/issues/84660).
|
||||
- local connection plugin - Become timeout errors now include all received data.
|
||||
Previously, the most recently-received data was discarded.
|
||||
- local connection plugin - Ensure ``become`` success validation always occurs,
|
||||
even when an active plugin does not set ``prompt``.
|
||||
- local connection plugin - Fixed cases where the internal ``BECOME-SUCCESS``
|
||||
message appeared in task output.
|
||||
- local connection plugin - Fixed hang or spurious failure when data arrived
|
||||
concurrently on stdout and stderr during a successful ``become`` operation
|
||||
validation.
|
||||
- local connection plugin - Fixed hang when a become plugin expects a prompt
|
||||
but a password was not provided.
|
||||
- local connection plugin - Fixed hang when an active become plugin incorrectly
|
||||
signals lack of prompt.
|
||||
- local connection plugin - Fixed hang when an internal become read timeout
|
||||
expired before the password prompt was written.
|
||||
- local connection plugin - Fixed hang when only one of stdout or stderr was
|
||||
closed by the ``become_exe`` subprocess.
|
||||
- local connection plugin - Fixed long timeout/hang for ``become`` plugins that
|
||||
repeat their prompt on failure (e.g., ``sudo``, some ``su`` implementations).
|
||||
- local connection plugin - Fixed silent ignore of ``become`` failures and loss
|
||||
of task output when data arrived concurrently on stdout and stderr during
|
||||
``become`` operation validation.
|
||||
- local connection plugin - Fixed task output header truncation when post-become
|
||||
data arrived before ``become`` operation validation had completed.
|
||||
- lookup plugins - The ``terms`` arg to the ``run`` method is now always a list.
|
||||
Previously, there were cases where a non-list could be received.
|
||||
- module arg templating - When using a templated raw task arg and a templated
|
||||
``args`` keyword, args are now merged. Previously use of templated raw task
|
||||
args silently ignored all values from the templated ``args`` keyword.
|
||||
- module defaults - Module defaults are no longer templated unless they are
|
||||
used by a task that does not override them. Previously, all module defaults
|
||||
for all modules were templated for every task.
|
||||
- module respawn - limit to supported Python versions
|
||||
- omitting task args - Use of omit for task args now properly falls back to
|
||||
args of lower precedence, such as module defaults. Previously an omitted value
|
||||
would obliterate values of lower precedence.
|
||||
- package_facts module when using 'auto' will return the first package manager
|
||||
found that provides an output, instead of just the first one, as this can
|
||||
be foreign and not have any packages.
|
||||
- psrp - Improve stderr parsing when running raw commands that emit error records
|
||||
or stderr lines.
|
||||
- regex_search filter - Corrected return value documentation to reflect None
|
||||
(not empty string) for no match.
|
||||
- respawn - use copy of env variables to update existing PYTHONPATH value (https://github.com/ansible/ansible/issues/84954).
|
||||
- runas become - Fix up become logic to still get the SYSTEM token with the
|
||||
most privileges when running as SYSTEM.
|
||||
- sequence lookup - sequence query/lookups without positional arguments now
|
||||
return a valid list if their kwargs comprise a valid sequence expression (https://github.com/ansible/ansible/issues/82921).
|
||||
- service_facts - skip lines which does not contain service names in openrc
|
||||
output (https://github.com/ansible/ansible/issues/84512).
|
||||
- ssh - Improve the logic for parsing CLIXML data in stderr when working with
|
||||
Windows host. This fixes issues when the raw stderr contains invalid UTF-8
|
||||
byte sequences and improves embedded CLIXML sequences.
|
||||
- ssh - Raise exception when sshpass returns error code (https://github.com/ansible/ansible/issues/58133).
|
||||
- ssh - connection options were incorrectly templated during ``reset_connection``
|
||||
tasks (https://github.com/ansible/ansible/pull/84238).
|
||||
- stability - Fixed silent process failure on unhandled IOError/OSError under
|
||||
``linear`` strategy.
|
||||
- su become plugin - Ensure generated regex from ``prompt_l10n`` config values
|
||||
is properly escaped.
|
||||
- su become plugin - Ensure that password prompts are correctly detected in
|
||||
the presence of leading output. Previously, this case resulted in a timeout
|
||||
or hang.
|
||||
- su become plugin - Ensure that trailing colon is expected on all ``prompt_l10n``
|
||||
config values.
|
||||
- sudo become plugin - The `sudo_chdir` config option allows the current directory
|
||||
to be set to the specified value before executing sudo to avoid permission
|
||||
errors when dropping privileges.
|
||||
- sunos - remove hard coding of virtinfo command in facts gathering code (https://github.com/ansible/ansible/pull/84357).
|
||||
- to_yaml/to_nice_yaml filters - Eliminated possibility of keyword arg collisions
|
||||
with internally-set defaults.
|
||||
- unarchive - Clamp timestamps from beyond y2038 to representible values when
|
||||
unpacking zip files on platforms that use 32-bit time_t (e.g. Debian i386).
|
||||
- uri - Form location correctly when the server returns a relative redirect
|
||||
(https://github.com/ansible/ansible/issues/84540)
|
||||
- uri - Handle HTTP exceptions raised while reading the content (https://github.com/ansible/ansible/issues/83794).
|
||||
- uri - mark ``url`` as required (https://github.com/ansible/ansible/pull/83642).
|
||||
- user - Create Buildroot subclass as alias to Busybox (https://github.com/ansible/ansible/issues/83665).
|
||||
- user - Set timeout for passphrase interaction.
|
||||
- user - Update prompt for SSH key passphrase (https://github.com/ansible/ansible/issues/84484).
|
||||
- user - Use higher precedence HOME_MODE as UMASK for path provided (https://github.com/ansible/ansible/pull/84482).
|
||||
- user action will now require O(force) to overwrite the public part of an ssh
|
||||
key when generating ssh keys, as was already the case for the private part.
|
||||
- user module now avoids changing ownership of files symlinked in provided home
|
||||
dir skeleton
|
||||
- vars lookup - The ``default`` substitution only applies when trying to look
|
||||
up a variable which is not defined. If the variable is defined, but templates
|
||||
to an undefined value, the ``default`` substitution will not apply. Use the
|
||||
``default`` filter to coerce those values instead.
|
||||
- wait_for_connection - a warning was displayed if any hosts used a local connection
|
||||
(https://github.com/ansible/ansible/issues/84419)
|
||||
deprecated_features:
|
||||
- CLI - The ``--inventory-file`` option alias is deprecated. Use the ``-i``
|
||||
or ``--inventory`` option instead.
|
||||
- Stategy Plugins - Use of strategy plugins not provided in ``ansible.builtin``
|
||||
are deprecated and do not carry any backwards compatibility guarantees going
|
||||
forward. A future release will remove the ability to use external strategy
|
||||
plugins. No alternative for third party strategy plugins is currently planned.
|
||||
- '``ansible.module_utils.compat.datetime`` - The datetime compatibility shims
|
||||
are now deprecated. They are scheduled to be removed in ``ansible-core`` v2.21.
|
||||
This includes ``UTC``, ``utcfromtimestamp()`` and ``utcnow`` importable from
|
||||
said module (https://github.com/ansible/ansible/pull/81874).'
|
||||
- bool filter - Support for coercing unrecognized input values (including None)
|
||||
has been deprecated. Consult the filter documentation for acceptable values,
|
||||
or consider use of the ``truthy`` and ``falsy`` tests.
|
||||
- cache plugins - The `ansible.plugins.cache.base` Python module is deprecated.
|
||||
Use `ansible.plugins.cache` instead.
|
||||
- callback plugins - The `v2_on_any` callback method is deprecated. Use specific
|
||||
callback methods instead.
|
||||
- callback plugins - The v1 callback API (callback methods not prefixed with
|
||||
`v2_`) is deprecated. Use `v2_` prefixed methods instead.
|
||||
- conditionals - Conditionals using Jinja templating delimiters (e.g., ``{{``,
|
||||
``{%``) should be rewritten as expressions without delimiters, unless the
|
||||
entire conditional value is a single template that resolves to a trusted string
|
||||
expression. This is useful for dynamic indirection of conditional expressions,
|
||||
but is limited to trusted literal string expressions.
|
||||
- config - The ``ACTION_WARNINGS`` config has no effect. It previously disabled
|
||||
command warnings, which have since been removed.
|
||||
- config - The ``DEFAULT_JINJA2_NATIVE`` option has no effect. Jinja2 native
|
||||
mode is now the default and only option.
|
||||
- config - The ``DEFAULT_NULL_REPRESENTATION`` option has no effect. Null values
|
||||
are no longer automatically converted to another value during templating of
|
||||
single variable references.
|
||||
- display - The ``Display.get_deprecation_message`` method has been deprecated.
|
||||
Call ``Display.deprecated`` to display a deprecation message, or call it with
|
||||
``removed=True`` to raise an ``AnsibleError``.
|
||||
- file loading - Loading text files with ``DataLoader`` containing data that
|
||||
cannot be decoded under the expected encoding is deprecated. In most cases
|
||||
the encoding must be UTF-8, although some plugins allow choosing a different
|
||||
encoding. Previously, invalid data was silently wrapped in Unicode surrogate
|
||||
escape sequences, often resulting in later errors or other data corruption.
|
||||
- first_found lookup - Splitting of file paths on ``,;:`` is deprecated. Pass
|
||||
a list of paths instead. The ``split`` method on strings can be used to split
|
||||
variables into a list as needed.
|
||||
- interpreter discovery - The ``auto_legacy`` and ``auto_legacy_silent`` options
|
||||
for ``INTERPRETER_PYTHON`` are deprecated. Use ``auto`` or ``auto_silent``
|
||||
options instead, as they have the same effect.
|
||||
- oneline callback - The ``oneline`` callback and its associated ad-hoc CLI
|
||||
args (``-o``, ``--one-line``) are deprecated.
|
||||
- paramiko - The paramiko connection plugin has been deprecated with planned
|
||||
removal in 2.21.
|
||||
- playbook variables - The ``play_hosts`` variable has been deprecated, use
|
||||
``ansible_play_batch`` instead.
|
||||
- plugin error handling - The ``AnsibleError`` constructor arg ``suppress_extended_error``
|
||||
is deprecated. Using ``suppress_extended_error=True`` has the same effect
|
||||
as ``show_content=False``.
|
||||
- plugins - The ``listify_lookup_plugin_terms`` function is obsolete and in
|
||||
most cases no longer needed.
|
||||
- template lookup - The jinja2_native option is no longer used in the Ansible
|
||||
Core code base. Jinja2 native mode is now the default and only option.
|
||||
- templating - Support for enabling Jinja2 extensions (not plugins) has been
|
||||
deprecated.
|
||||
- templating - The ``ansible_managed`` variable available for certain templating
|
||||
scenarios, such as the ``template`` action and ``template`` lookup has been
|
||||
deprecated. Define and use a custom variable instead of relying on ``ansible_managed``.
|
||||
- templating - The ``disable_lookups`` option has no effect, since plugins must
|
||||
be updated to apply trust before any templating can be performed.
|
||||
- to_yaml/to_nice_yaml filters - Implicit YAML dumping of vaulted value ciphertext
|
||||
is deprecated. Set `dump_vault_tags` to explicitly specify the desired behavior.
|
||||
- tree callback - The ``tree`` callback and its associated ad-hoc CLI args (``-t``,
|
||||
``--tree``) are deprecated.
|
||||
known_issues:
|
||||
- templating - Any string value starting with ``#jinja2:`` which is templated
|
||||
will always be interpreted as Jinja2 configuration overrides. To include this
|
||||
literal value at the start of a string, a space or other character must precede
|
||||
it.
|
||||
- variables - Tagged values cannot be used for dictionary keys in many circumstances.
|
||||
- variables - The values ``None``, ``True`` and ``False`` cannot be tagged because
|
||||
they are singletons. Attempts to apply tags to these values will be silently
|
||||
ignored.
|
||||
major_changes:
|
||||
- Jinja plugins - Jinja builtin filter and test plugins are now accessible via
|
||||
their fully-qualified names ``ansible.builtin.{name}``.
|
||||
- Task Execution / Forks - Forks no longer inherit stdio from the parent ``ansible-playbook``
|
||||
process. ``stdout``, ``stderr``, and ``stdin`` within a worker are detached
|
||||
from the terminal, and non-functional. All needs to access stdio from a fork
|
||||
for controller side plugins requires use of ``Display``.
|
||||
- ansible-test - Packages beneath ``module_utils`` can now contain ``__init__.py``
|
||||
files.
|
||||
- variables - The type system underlying Ansible's variable storage has been
|
||||
significantly overhauled and formalized. Attempts to store unsupported Python
|
||||
object types in variables will now result in an error.
|
||||
- variables - To support new Ansible features, many variable objects are now
|
||||
represented by subclasses of their respective native Python types. In most
|
||||
cases, they behave indistinguishably from their original types, but some Python
|
||||
libraries do not handle builtin object subclasses properly. Custom plugins
|
||||
that interact with such libraries may require changes to convert and pass
|
||||
the native types.
|
||||
minor_changes:
|
||||
- Added a -vvvvv log message indicating when a host fails to produce output
|
||||
within the timeout period.
|
||||
- AnsibleModule.uri - Add option ``multipart_encoding`` for ``form-multipart``
|
||||
files in body to change default base64 encoding for files
|
||||
- INVENTORY_IGNORE_EXTS config, removed ``ini`` from the default list, inventory
|
||||
scripts using a corresponding .ini configuration are rare now and inventory.ini
|
||||
files are more common. Those that need to ignore the ini files for inventory
|
||||
scripts can still add it to configuration.
|
||||
- Jinja plugins - Plugins can declare support for undefined values.
|
||||
- Jinja2 version 3.1.0 or later is now required on the controller.
|
||||
- Move ``follow_redirects`` parameter to module_utils so external modules can
|
||||
reuse it.
|
||||
- PlayIterator - do not return tasks from already executed roles so specific
|
||||
strategy plugins do not have to do the filtering of such tasks themselves
|
||||
- SSH Escalation-related -vvv log messages now include the associated host information.
|
||||
- Windows - Add support for Windows Server 2025 to Ansible and as an ``ansible-test``
|
||||
remote target - https://github.com/ansible/ansible/issues/84229
|
||||
- Windows - refactor the async implementation to better handle errors during
|
||||
bootstrapping and avoid WMI when possible.
|
||||
- "``ansible-galaxy collection install`` \u2014 the collection dependency resolver
|
||||
now prints out conflicts it hits during dependency resolution when it's taking
|
||||
too long and it ends up backtracking a lot. It also displays suggestions on
|
||||
how to help it compute the result more quickly."
|
||||
- 'ansible, ansible-console, ansible-pull - add --flush-cache option (https://github.com/ansible/ansible/issues/83749).
|
||||
|
||||
'
|
||||
- ansible-galaxy - Add support for Keycloak service accounts
|
||||
- ansible-galaxy - support ``resolvelib >= 0.5.3, < 2.0.0`` (https://github.com/ansible/ansible/issues/84217).
|
||||
- ansible-test - Added a macOS 15.3 remote VM, replacing 14.3.
|
||||
- ansible-test - Automatically retry HTTP GET/PUT/DELETE requests on exceptions.
|
||||
- ansible-test - Default to Python 3.13 in the ``base`` and ``default`` containers.
|
||||
- ansible-test - Disable the ``deprecated-`` prefixed ``pylint`` rules as their
|
||||
results vary by Python version.
|
||||
- ansible-test - Disable the ``pep8`` sanity test rules ``E701`` and ``E704``
|
||||
to improve compatibility with ``black``.
|
||||
- ansible-test - Improve container runtime probe error handling. When unexpected
|
||||
probe output is encountered, an error with more useful debugging information
|
||||
is provided.
|
||||
- ansible-test - Replace container Alpine 3.20 with 3.21.
|
||||
- ansible-test - Replace container Fedora 40 with 41.
|
||||
- ansible-test - Replace remote Alpine 3.20 with 3.21.
|
||||
- ansible-test - Replace remote Fedora 40 with 41.
|
||||
- ansible-test - Replace remote FreeBSD 13.3 with 13.5.
|
||||
- ansible-test - Replace remote FreeBSD 14.1 with 14.2.
|
||||
- ansible-test - Replace remote RHEL 9.4 with 9.5.
|
||||
- ansible-test - Show a more user-friendly error message when a ``runme.sh``
|
||||
script is not executable.
|
||||
- ansible-test - The ``yamllint`` sanity test now enforces string values for
|
||||
the ``!vault`` tag.
|
||||
- ansible-test - Update ``nios-test-container`` to version 7.0.0.
|
||||
- ansible-test - Update ``pylint`` sanity test to use version 3.3.1.
|
||||
- ansible-test - Update distro containers to remove unnecessary pakages (apache2,
|
||||
subversion, ruby).
|
||||
- ansible-test - Update sanity test requirements to latest available versions.
|
||||
- ansible-test - Update the HTTP test container.
|
||||
- ansible-test - Update the PyPI test container.
|
||||
- ansible-test - Update the ``base`` and ``default`` containers.
|
||||
- ansible-test - Update the utility container.
|
||||
- ansible-test - Use Python's ``urllib`` instead of ``curl`` for HTTP requests.
|
||||
- ansible-test - When detection of the current container network fails, a warning
|
||||
is now issued and execution continues. This simplifies usage in cases where
|
||||
the current container cannot be inspected, such as when running in GitHub
|
||||
Codespaces.
|
||||
- ansible-test acme test container - bump `version to 2.3.0 <https://github.com/ansible/acme-test-container/releases/tag/2.3.0>`__
|
||||
to include newer versions of Pebble, dependencies, and runtimes. This adds
|
||||
support for ACME profiles, ``dns-account-01`` support, and some smaller improvements
|
||||
(https://github.com/ansible/ansible/pull/84547).
|
||||
- apt_key module - add notes to docs and errors to point at the CLI tool deprecation
|
||||
by Debian and alternatives
|
||||
- apt_repository module - add notes to errors to point at the CLI tool deprecation
|
||||
by Debian and alternatives
|
||||
- become plugins get new property 'pipelining' to show support or lack there
|
||||
of for the feature.
|
||||
- callback plugins - add has_option() to CallbackBase to match other functions
|
||||
overloaded from AnsiblePlugin
|
||||
- callback plugins - fix get_options() for CallbackBase
|
||||
- copy - fix sanity test failures (https://github.com/ansible/ansible/pull/83643).
|
||||
- copy - parameter ``local_follow`` was incorrectly documented as having default
|
||||
value ``True`` (https://github.com/ansible/ansible/pull/83643).
|
||||
- cron - Provide additional error information while writing cron file (https://github.com/ansible/ansible/issues/83223).
|
||||
- csvfile - let the config system do the typecasting (https://github.com/ansible/ansible/pull/82263).
|
||||
- display - Deduplication of warning and error messages considers the full content
|
||||
of the message (including source and traceback contexts, if enabled). This
|
||||
may result in fewer messages being omitted.
|
||||
- distribution - Added openSUSE MicroOS to Suse OS family (#84685).
|
||||
- dnf5, apt - add ``auto_install_module_deps`` option (https://github.com/ansible/ansible/issues/84206)
|
||||
- docs - add collection name in message from which the module is being deprecated
|
||||
(https://github.com/ansible/ansible/issues/84116).
|
||||
- env lookup - The error message generated for a missing environment variable
|
||||
when ``default`` is an undefined value (e.g. ``undef('something')``) will
|
||||
contain the hint from that undefined value, except when the undefined value
|
||||
is the default of ``undef()`` with no arguments. Previously, any existing
|
||||
undefined hint would be ignored.
|
||||
- file - enable file module to disable diff_mode (https://github.com/ansible/ansible/issues/80817).
|
||||
- file - make code more readable and simple.
|
||||
- filter - add support for URL-safe encoding and decoding in b64encode and b64decode
|
||||
(https://github.com/ansible/ansible/issues/84147).
|
||||
- find - add a checksum_algorithm parameter to specify which type of checksum
|
||||
the module will return
|
||||
- from_json filter - The filter accepts a ``profile`` argument, which defaults
|
||||
to ``tagless``.
|
||||
- handlers - Templated handler names with syntax errors, or that resolve to
|
||||
``omit`` are now skipped like handlers with undefined variables in their name.
|
||||
- improved error message for yaml parsing errors in plugin documentation
|
||||
- local connection plugin - A new ``become_strip_preamble`` config option (default
|
||||
True) was added; disable to preserve diagnostic ``become`` output in task
|
||||
results.
|
||||
- local connection plugin - A new ``become_success_timeout`` operation-wide
|
||||
timeout config (default 10s) was added for ``become``.
|
||||
- local connection plugin - When a ``become`` plugin's ``prompt`` value is a
|
||||
non-string after the ``check_password_prompt`` callback has completed, no
|
||||
prompt stripping will occur on stderr.
|
||||
- lookup_template - add an option to trim blocks while templating (https://github.com/ansible/ansible/issues/75962).
|
||||
- module - set ipv4 and ipv6 rules simultaneously in iptables module (https://github.com/ansible/ansible/issues/84404).
|
||||
- module_utils - Add ``NoReturn`` type annotations to functions which never
|
||||
return.
|
||||
- modules - PowerShell modules can now receive ``datetime.date``, ``datetime.time``
|
||||
and ``datetime.datetime`` values as ISO 8601 strings.
|
||||
- modules - PowerShell modules can now receive strings sourced from inline vault-encrypted
|
||||
strings.
|
||||
- modules - Unhandled exceptions during Python module execution are now returned
|
||||
as structured data from the target. This allows the new traceback handling
|
||||
to be applied to exceptions raised on targets.
|
||||
- pipelining logic has mostly moved to connection plugins so they can decide/override
|
||||
settings.
|
||||
- plugin error handling - When raising exceptions in an exception handler, be
|
||||
sure to use ``raise ... from`` as appropriate. This supersedes the use of
|
||||
the ``AnsibleError`` arg ``orig_exc`` to represent the cause. Specifying ``orig_exc``
|
||||
as the cause is still permitted. Failure to use ``raise ... from`` when ``orig_exc``
|
||||
is set will result in a warning. Additionally, if the two cause exceptions
|
||||
do not match, a warning will be issued.
|
||||
- removed harcoding of su plugin as it now works with pipelining.
|
||||
- runtime-metadata sanity test - improve validation of ``action_groups`` (https://github.com/ansible/ansible/pull/83965).
|
||||
- service_facts module got freebsd support added.
|
||||
- ssh connection plugin - Support ``SSH_ASKPASS`` mechanism to provide passwords,
|
||||
making it the default, but still offering an explicit choice to use ``sshpass``
|
||||
(https://github.com/ansible/ansible/pull/83936)
|
||||
- ssh connection plugin now overrides pipelining when a tty is requested.
|
||||
- ssh-agent - ``ansible``, ``ansible-playbook`` and ``ansible-console`` are
|
||||
capable of spawning or reusing an ssh-agent, allowing plugins to interact
|
||||
with the ssh-agent. Additionally a pure python ssh-agent client has been added,
|
||||
enabling easy interaction with the agent. The ssh connection plugin contains
|
||||
new functionality via ``ansible_ssh_private_key`` and ``ansible_ssh_private_key_passphrase``,
|
||||
for loading an SSH private key into the agent from a variable.
|
||||
- templating - Access to an undefined variable from inside a lookup, filter,
|
||||
or test (which raises MarkerError) no longer ends processing of the current
|
||||
template. The triggering undefined value is returned as the result of the
|
||||
offending plugin invocation, and the template continues to execute.
|
||||
- templating - Embedding ``range()`` values in containers such as lists will
|
||||
result in an error on use. Previously the value would be converted to a string
|
||||
representing the range parameters, such as ``range(0, 3)``.
|
||||
- templating - Handling of omitted values is now a first-class feature of the
|
||||
template engine, and is usable in all Ansible Jinja template contexts. Any
|
||||
template that resolves to ``omit`` is automatically removed from its parent
|
||||
container during templating.
|
||||
- templating - Template evaluation is lazier than in previous versions. Template
|
||||
expressions which resolve only portions of a data structure no longer result
|
||||
in the entire structure being templated.
|
||||
- templating - Templating errors now provide more information about both the
|
||||
location and context of the error, especially for deeply-nested and/or indirected
|
||||
templating scenarios.
|
||||
- templating - Unified ``omit`` behavior now requires that plugins calling ``Templar.template()``
|
||||
handle cases where the entire template result is omitted, by catching the
|
||||
``AnsibleValueOmittedError`` that is raised. Previously, this condition caused
|
||||
a randomly-generated string marker to appear in the template result.
|
||||
- templating - Variables of type ``set`` and ``tuple`` are now converted to
|
||||
``list`` when exiting the final pass of templating.
|
||||
- to_json / to_nice_json filters - The filters accept a ``profile`` argument,
|
||||
which defaults to ``tagless``.
|
||||
- troubleshooting - Tracebacks can be collected and displayed for most errors,
|
||||
warnings, and deprecation warnings (including those generated by modules).
|
||||
Tracebacks are no longer enabled with ``-vvv``; the behavior is directly configurable
|
||||
via the ``DISPLAY_TRACEBACK`` config option. Module tracebacks passed to ``fail_json``
|
||||
via the ``exception`` kwarg will not be included in the task result unless
|
||||
error tracebacks are configured.
|
||||
- undef jinja function - The ``undef`` jinja function now raises an error if
|
||||
a non-string hint is given. Attempting to use an undefined hint also results
|
||||
in an error, ensuring incorrect use of the function can be distinguished from
|
||||
the function's normal behavior.
|
||||
- validate-modules sanity test - make sure that ``module`` and ``plugin`` ``seealso``
|
||||
entries use FQCNs (https://github.com/ansible/ansible/pull/84325).
|
||||
- vault - improved vault filter documentation by adding missing example content
|
||||
for dump_template_data.j2, refining examples for clarity, and ensuring variable
|
||||
consistency (https://github.com/ansible/ansible/issues/83583).
|
||||
- warnings - All warnings (including deprecation warnings) issued during a task's
|
||||
execution are now accessible via the ``warnings`` and ``deprecations`` keys
|
||||
on the task result.
|
||||
- when the ``dict`` lookup is given a non-dict argument, show the value of the
|
||||
argument and its type in the error message.
|
||||
- windows - add hard minimum limit for PowerShell to 5.1. Ansible dropped support
|
||||
for older versions of PowerShell in the 2.16 release but this reqirement is
|
||||
now enforced at runtime.
|
||||
- windows - refactor windows exec runner to improve efficiency and add better
|
||||
error reporting on failures.
|
||||
- winrm - Remove need for pexpect on macOS hosts when using ``kinit`` to retrieve
|
||||
the Kerberos TGT. By default the code will now only use the builtin ``subprocess``
|
||||
library which should handle issues with select and a high fd count and also
|
||||
simplify the code.
|
||||
release_summary: '| Release Date: 2025-04-14
|
||||
|
||||
| `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
|
||||
|
||||
'
|
||||
removed_features:
|
||||
- Remove deprecated plural form of collection path (https://github.com/ansible/ansible/pull/84156).
|
||||
- Removed deprecated STRING_CONVERSION_ACTION (https://github.com/ansible/ansible/issues/84220).
|
||||
- encrypt - passing unsupported passlib hashtype now raises AnsibleFilterError.
|
||||
- manager - remove deprecated include_delegate_to parameter from get_vars API.
|
||||
- modules - Modules returning non-UTF8 strings now result in an error. The ``MODULE_STRICT_UTF8_RESPONSE``
|
||||
setting can be used to disable this check.
|
||||
- removed deprecated pycompat24 and compat.importlib.
|
||||
- selector - remove deprecated compat.selector related files (https://github.com/ansible/ansible/pull/84155).
|
||||
- windows - removed common module functions ``ConvertFrom-AnsibleJson``, ``Format-AnsibleException``
|
||||
from Windows modules as they are not used and add uneeded complexity to the
|
||||
code.
|
||||
security_fixes:
|
||||
- include_vars action - Ensure that result masking is correctly requested when
|
||||
vault-encrypted files are read. (CVE-2024-8775)
|
||||
- task result processing - Ensure that action-sourced result masking (``_ansible_no_log=True``)
|
||||
is preserved. (CVE-2024-8775)
|
||||
- templating - Ansible's template engine no longer processes Jinja templates
|
||||
in strings unless they are marked as coming from a trusted source. Untrusted
|
||||
strings containing Jinja template markers are ignored with a warning. Examples
|
||||
of trusted sources include playbooks, vars files, and many inventory sources.
|
||||
Examples of untrusted sources include module results and facts. Plugins which
|
||||
have not been updated to preserve trust while manipulating strings may inadvertently
|
||||
cause them to lose their trusted status.
|
||||
- templating - Changes to conditional expression handling removed numerous instances
|
||||
of insecure multi-pass templating (which could result in execution of untrusted
|
||||
template expressions).
|
||||
- user action won't allow ssh-keygen, chown and chmod to run on existing ssh
|
||||
public key file, avoiding traversal on existing symlinks (CVE-2024-9902).
|
||||
codename: What Is and What Should Never Be
|
||||
fragments:
|
||||
- 2.19.0b1_summary.yaml
|
||||
- 81709-ansible-galaxy-slow-resolution-hints.yml
|
||||
- 81812-ansible-galaxy-negative-spec-is-pinned.yml
|
||||
- 81874-deprecate-datetime-compat.yml
|
||||
- 83642-fix-sanity-ignore-for-uri.yml
|
||||
- 83643-fix-sanity-ignore-for-copy.yml
|
||||
- 83690-get_url-content-disposition-filename.yml
|
||||
- 83700-enable-file-disable-diff.yml
|
||||
- 83757-deprecate-paramiko.yml
|
||||
- 83936-ssh-askpass.yml
|
||||
- 83965-action-groups-schema.yml
|
||||
- 84008-additional-logging.yml
|
||||
- 84019-ignore_unreachable-loop.yml
|
||||
- 84149-add-flush-cache-for-adhoc-commands.yml
|
||||
- 84206-dnf5-apt-auto-install-module-deps.yml
|
||||
- 84213-ansible-galaxy-url-building.yml
|
||||
- 84229-windows-server-2025.yml
|
||||
- 84238-fix-reset_connection-ssh_executable-templated.yml
|
||||
- 84259-dnf5-latest-fix.yml
|
||||
- 84321-added-ansible_uptime_seconds_aix.yml
|
||||
- 84325-validate-modules-seealso-fqcn.yml
|
||||
- 84334-dnf5-consolidate-settings.yml
|
||||
- 84384-fix-undefined-key-host-group-vars.yml
|
||||
- 84419-fix-wait_for_connection-warning.yml
|
||||
- 84468-timeout_become_unreachable.yml
|
||||
- 84473-dict-lookup-type-error-message.yml
|
||||
- 84490-allow-iptables-chain-creation-with-wait.yml
|
||||
- 84496-CallbackBase-get_options.yml
|
||||
- 84540-uri-relative-redirect.yml
|
||||
- 84547-acme-test-container.yml
|
||||
- 84578-dnf5-is_installed-provides.yml
|
||||
- 84660-fix-meta-end_role-linear-strategy.yml
|
||||
- 84685-add-opensuse-microos.yml
|
||||
- 84705-error-message-malformed-plugin-documentation.yml
|
||||
- 84725-deprecate-strategy-plugins.yml
|
||||
- Ansible.Basic-required_if-null.yml
|
||||
- ansible-galaxy-keycloak-service-accounts.yml
|
||||
- ansible-test-added-macos-15.3.yml
|
||||
- ansible-test-containers.yml
|
||||
- ansible-test-coverage-test-files.yml
|
||||
- ansible-test-curl.yml
|
||||
- ansible-test-fix-command-traceback.yml
|
||||
- ansible-test-freebsd-nss.yml
|
||||
- ansible-test-network-detection.yml
|
||||
- ansible-test-nios-container.yml
|
||||
- ansible-test-no-exec-script.yml
|
||||
- ansible-test-probe-error-handling.yml
|
||||
- ansible-test-pylint-fix.yml
|
||||
- ansible-test-remotes.yml
|
||||
- ansible-test-update.yml
|
||||
- apt_key_bye.yml
|
||||
- become-runas-system-deux.yml
|
||||
- buildroot.yml
|
||||
- compat_removal.yml
|
||||
- config.yml
|
||||
- config_dump.yml
|
||||
- copy_validate_input.yml
|
||||
- cron_err.yml
|
||||
- csvfile-col.yml
|
||||
- cve-2024-8775.yml
|
||||
- darwin_pagesize.yml
|
||||
- debconf_empty_password.yml
|
||||
- deprecated.yml
|
||||
- distro_LMDE_6.yml
|
||||
- dnf5-exception-forwarding.yml
|
||||
- dnf5-plugins-compat.yml
|
||||
- dnf5-remove-usage-deprecated-option.yml
|
||||
- feature-uri-add-option-multipart-encoding.yml
|
||||
- file_simplify.yml
|
||||
- find-checksum.yml
|
||||
- find_enoent.yml
|
||||
- fix-ansible-galaxy-ignore-certs.yml
|
||||
- fix-cli-doc-path_undefined.yaml
|
||||
- fix-display-bug-in-action-plugin.yml
|
||||
- fix-include_vars-merge-hash.yml
|
||||
- fix-ipv6-pattern.yml
|
||||
- fix-is-filter-is-test.yml
|
||||
- fix-lookup-sequence-keyword-args-only.yml
|
||||
- fix-module-utils-facts-timeout.yml
|
||||
- fix_errors.yml
|
||||
- follow_redirects_url.yml
|
||||
- gather_facts_netos_fixes.yml
|
||||
- gather_facts_smart_fix.yml
|
||||
- get_url_bsd_style_digest.yml
|
||||
- hide-loop-vars-debug-vars.yml
|
||||
- implicit_flush_handlers_parents.yml
|
||||
- include_delegate_to.yml
|
||||
- interpreter-discovery-auto-legacy.yml
|
||||
- jinja-version.yml
|
||||
- libvirt_lxc.yml
|
||||
- local-become-fixes.yml
|
||||
- lookup_config.yml
|
||||
- macos-correct-lock.yml
|
||||
- no-inherit-stdio.yml
|
||||
- no-return.yml
|
||||
- openrc-status.yml
|
||||
- os_family.yml
|
||||
- package-dnf-action-plugins-facts-fail-msg.yml
|
||||
- package_facts_fix.yml
|
||||
- passlib.yml
|
||||
- pin-wheel.yml
|
||||
- pipelining_refactor.yml
|
||||
- playiterator-add_tasks-optimize.yml
|
||||
- ps-import-sanity.yml
|
||||
- pull_changed_fix.yml
|
||||
- remove_ini_ignored_dir.yml
|
||||
- reserved_module_chekc.yml
|
||||
- respawn-min-python.yml
|
||||
- respawn_os_env.yml
|
||||
- selector_removal.yml
|
||||
- service_facts_fbsd.yml
|
||||
- set_ipv4_and_ipv6_simultaneously.yml
|
||||
- simplify-copy-module.yml
|
||||
- skip-handlers-tagged-play.yml
|
||||
- skip-implicit-flush_handlers-no-notify.yml
|
||||
- skip-role-task-iterator.yml
|
||||
- ssh-agent.yml
|
||||
- ssh-clixml.yml
|
||||
- ssh_raise_exception.yml
|
||||
- string_conversion.yml
|
||||
- sunos_virtinfo.yml
|
||||
- templates_types_datatagging.yml
|
||||
- toml-library-support-dropped.yml
|
||||
- trim_blocks.yml
|
||||
- unarchive_timestamp_t32.yaml
|
||||
- update-resolvelib-lt-2_0_0.yml
|
||||
- uri_httpexception.yml
|
||||
- url_safe_b64_encode_decode.yml
|
||||
- user_action_fix.yml
|
||||
- user_module.yml
|
||||
- user_passphrase.yml
|
||||
- user_ssh_fix.yml
|
||||
- v2.19.0-initial-commit.yaml
|
||||
- vault_cli_fix.yml
|
||||
- vault_docs_fix.yaml
|
||||
- win-async-refactor.yml
|
||||
- win-wdac-audit.yml
|
||||
- windows-exec.yml
|
||||
- winrm-kinit-pexpect.yml
|
||||
release_date: '2025-04-14'
|
||||
2.19.0b2:
|
||||
changes:
|
||||
bugfixes:
|
||||
- Remove use of `required` parameter in `get_bin_path` which has been deprecated.
|
||||
- ansible-doc - fix indentation for first line of descriptions of suboptions
|
||||
and sub-return values (https://github.com/ansible/ansible/pull/84690).
|
||||
- ansible-doc - fix line wrapping for first line of description of options and
|
||||
return values (https://github.com/ansible/ansible/pull/84690).
|
||||
minor_changes:
|
||||
- comment filter - Improve the error message shown when an invalid ``style``
|
||||
argument is provided.
|
||||
release_summary: '| Release Date: 2025-04-24
|
||||
|
||||
| `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
|
||||
|
||||
'
|
||||
codename: What Is and What Should Never Be
|
||||
fragments:
|
||||
- 2.19.0b2_summary.yaml
|
||||
- 84690-ansible-doc-indent-wrapping.yml
|
||||
- comment_fail.yml
|
||||
- get_bin_path-remove-use-of-deprecated-param.yml
|
||||
release_date: '2025-04-23'
|
||||
2.19.0b3:
|
||||
changes:
|
||||
bugfixes:
|
||||
- Ansible will now ensure predictable permissions on remote artifacts, until
|
||||
now it only ensured executable and relied on system masks for the rest.
|
||||
- dnf5 - avoid generating excessive transaction entries in the dnf5 history
|
||||
(https://github.com/ansible/ansible/issues/85046)
|
||||
deprecated_features:
|
||||
- Passing a ``warnings` or ``deprecations`` key to ``exit_json`` or ``fail_json``
|
||||
is deprecated. Use ``AnsibleModule.warn`` or ``AnsibleModule.deprecate`` instead.
|
||||
- plugins - Accessing plugins with ``_``-prefixed filenames without the ``_``
|
||||
prefix is deprecated.
|
||||
minor_changes:
|
||||
- ansible-config will now show internal, but not test configuration entries.
|
||||
This allows for debugging but still denoting the configurations as internal
|
||||
use only (_ prefix).
|
||||
- ansible-test - Improved ``pylint`` checks for Ansible-specific deprecation
|
||||
functions.
|
||||
- ansible-test - Use the ``-t`` option to set the stop timeout when stopping
|
||||
a container. This avoids use of the ``--time`` option which was deprecated
|
||||
in Docker v28.0.
|
||||
- collection metadata - The collection loader now parses scalar values from
|
||||
``meta/runtime.yml`` as strings. This avoids issues caused by unquoted values
|
||||
such as versions or dates being parsed as types other than strings.
|
||||
- deprecation warnings - Deprecation warning APIs automatically capture the
|
||||
identity of the deprecating plugin. The ``collection_name`` argument is only
|
||||
required to correctly attribute deprecations that occur in module_utils or
|
||||
other non-plugin code.
|
||||
- deprecation warnings - Improved deprecation messages to more clearly indicate
|
||||
the affected content, including plugin name when available.
|
||||
- deprecations - Collection name strings not of the form ``ns.coll`` passed
|
||||
to deprecation API functions will result in an error.
|
||||
- deprecations - Removed support for specifying deprecation dates as a ``datetime.date``,
|
||||
which was included in an earlier 2.19 pre-release.
|
||||
- deprecations - Some argument names to ``deprecate_value`` for consistency
|
||||
with existing APIs. An earlier 2.19 pre-release included a ``removal_`` prefix
|
||||
on the ``date`` and ``version`` arguments.
|
||||
- modules - The ``AnsibleModule.deprecate`` function no longer sends deprecation
|
||||
messages to the target host's logging system.
|
||||
release_summary: '| Release Date: 2025-05-06
|
||||
|
||||
| `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
|
||||
|
||||
'
|
||||
codename: What Is and What Should Never Be
|
||||
fragments:
|
||||
- 2.19.0b3_summary.yaml
|
||||
- 85046-dnf5-history-entries.yml
|
||||
- ansible-test-container-stop.yml
|
||||
- config_priv.yml
|
||||
- deprecator.yml
|
||||
- ensure_remote_perms.yml
|
||||
release_date: '2025-05-06'
|
||||
|
||||
@ -0,0 +1,3 @@
|
||||
release_summary: |
|
||||
| Release Date: 2025-04-14
|
||||
| `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
|
||||
@ -0,0 +1,3 @@
|
||||
release_summary: |
|
||||
| Release Date: 2025-04-24
|
||||
| `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
|
||||
@ -0,0 +1,3 @@
|
||||
release_summary: |
|
||||
| Release Date: 2025-05-06
|
||||
| `Porting Guide <https://docs.ansible.com/ansible-core/2.19/porting_guides/porting_guide_core_2.19.html>`__
|
||||
@ -0,0 +1,3 @@
|
||||
bugfixes:
|
||||
- "ansible-doc - fix indentation for first line of descriptions of suboptions and sub-return values (https://github.com/ansible/ansible/pull/84690)."
|
||||
- "ansible-doc - fix line wrapping for first line of description of options and return values (https://github.com/ansible/ansible/pull/84690)."
|
||||
@ -0,0 +1,2 @@
|
||||
bugfixes:
|
||||
- dnf5 - avoid generating excessive transaction entries in the dnf5 history (https://github.com/ansible/ansible/issues/85046)
|
||||
@ -0,0 +1,3 @@
|
||||
minor_changes:
|
||||
- ansible-test - Use the ``-t`` option to set the stop timeout when stopping a container.
|
||||
This avoids use of the ``--time`` option which was deprecated in Docker v28.0.
|
||||
@ -0,0 +1,3 @@
|
||||
---
|
||||
minor_changes:
|
||||
- comment filter - Improve the error message shown when an invalid ``style`` argument is provided.
|
||||
@ -0,0 +1,2 @@
|
||||
minor_changes:
|
||||
- ansible-config will now show internal, but not test configuration entries. This allows for debugging but still denoting the configurations as internal use only (_ prefix).
|
||||
@ -0,0 +1,17 @@
|
||||
minor_changes:
|
||||
- modules - The ``AnsibleModule.deprecate`` function no longer sends deprecation messages to the target host's logging system.
|
||||
- ansible-test - Improved ``pylint`` checks for Ansible-specific deprecation functions.
|
||||
- deprecations - Removed support for specifying deprecation dates as a ``datetime.date``, which was included in an earlier 2.19 pre-release.
|
||||
- deprecations - Some argument names to ``deprecate_value`` for consistency with existing APIs.
|
||||
An earlier 2.19 pre-release included a ``removal_`` prefix on the ``date`` and ``version`` arguments.
|
||||
- deprecations - Collection name strings not of the form ``ns.coll`` passed to deprecation API functions will result in an error.
|
||||
- collection metadata - The collection loader now parses scalar values from ``meta/runtime.yml`` as strings.
|
||||
This avoids issues caused by unquoted values such as versions or dates being parsed as types other than strings.
|
||||
- deprecation warnings - Deprecation warning APIs automatically capture the identity of the deprecating plugin.
|
||||
The ``collection_name`` argument is only required to correctly attribute deprecations that occur in module_utils or other non-plugin code.
|
||||
- deprecation warnings - Improved deprecation messages to more clearly indicate the affected content, including plugin name when available.
|
||||
|
||||
deprecated_features:
|
||||
- plugins - Accessing plugins with ``_``-prefixed filenames without the ``_`` prefix is deprecated.
|
||||
- Passing a ``warnings` or ``deprecations`` key to ``exit_json`` or ``fail_json`` is deprecated.
|
||||
Use ``AnsibleModule.warn`` or ``AnsibleModule.deprecate`` instead.
|
||||
@ -0,0 +1,2 @@
|
||||
bugfixes:
|
||||
- Ansible will now ensure predictable permissions on remote artifacts, until now it only ensured executable and relied on system masks for the rest.
|
||||
@ -0,0 +1,2 @@
|
||||
bugfixes:
|
||||
- "Remove use of `required` parameter in `get_bin_path` which has been deprecated."
|
||||
@ -0,0 +1,47 @@
|
||||
from __future__ import annotations as _annotations
|
||||
|
||||
import collections.abc as _c
|
||||
import typing as _t
|
||||
|
||||
_T_co = _t.TypeVar('_T_co', covariant=True)
|
||||
|
||||
|
||||
class SequenceProxy(_c.Sequence[_T_co]):
|
||||
"""A read-only sequence proxy."""
|
||||
|
||||
# DTFIX-RELEASE: needs unit test coverage
|
||||
|
||||
__slots__ = ('__value',)
|
||||
|
||||
def __init__(self, value: _c.Sequence[_T_co]) -> None:
|
||||
self.__value = value
|
||||
|
||||
@_t.overload
|
||||
def __getitem__(self, index: int) -> _T_co: ...
|
||||
|
||||
@_t.overload
|
||||
def __getitem__(self, index: slice) -> _c.Sequence[_T_co]: ...
|
||||
|
||||
def __getitem__(self, index: int | slice) -> _T_co | _c.Sequence[_T_co]:
|
||||
if isinstance(index, slice):
|
||||
return self.__class__(self.__value[index])
|
||||
|
||||
return self.__value[index]
|
||||
|
||||
def __len__(self) -> int:
|
||||
return len(self.__value)
|
||||
|
||||
def __contains__(self, item: object) -> bool:
|
||||
return item in self.__value
|
||||
|
||||
def __iter__(self) -> _t.Iterator[_T_co]:
|
||||
yield from self.__value
|
||||
|
||||
def __reversed__(self) -> _c.Iterator[_T_co]:
|
||||
return reversed(self.__value)
|
||||
|
||||
def index(self, *args) -> int:
|
||||
return self.__value.index(*args)
|
||||
|
||||
def count(self, value: object) -> int:
|
||||
return self.__value.count(value)
|
||||
@ -1,64 +0,0 @@
|
||||
"""Patch broken ClassVar support in dataclasses when ClassVar is accessed via a module other than `typing`."""
|
||||
|
||||
# deprecated: description='verify ClassVar support in dataclasses has been fixed in Python before removing this patching code', python_version='3.12'
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
import dataclasses
|
||||
import sys
|
||||
import typing as t
|
||||
|
||||
# trigger the bug by exposing typing.ClassVar via a module reference that is not `typing`
|
||||
_ts = sys.modules[__name__]
|
||||
ClassVar = t.ClassVar
|
||||
|
||||
|
||||
def patch_dataclasses_is_type() -> None:
|
||||
if not _is_patch_needed():
|
||||
return # pragma: nocover
|
||||
|
||||
try:
|
||||
real_is_type = dataclasses._is_type # type: ignore[attr-defined]
|
||||
except AttributeError: # pragma: nocover
|
||||
raise RuntimeError("unable to patch broken dataclasses ClassVar support") from None
|
||||
|
||||
# patch dataclasses._is_type - impl from https://github.com/python/cpython/blob/4c6d4f5cb33e48519922d635894eef356faddba2/Lib/dataclasses.py#L709-L765
|
||||
def _is_type(annotation, cls, a_module, a_type, is_type_predicate):
|
||||
match = dataclasses._MODULE_IDENTIFIER_RE.match(annotation) # type: ignore[attr-defined]
|
||||
if match:
|
||||
ns = None
|
||||
module_name = match.group(1)
|
||||
if not module_name:
|
||||
# No module name, assume the class's module did
|
||||
# "from dataclasses import InitVar".
|
||||
ns = sys.modules.get(cls.__module__).__dict__
|
||||
else:
|
||||
# Look up module_name in the class's module.
|
||||
module = sys.modules.get(cls.__module__)
|
||||
if module and module.__dict__.get(module_name): # this is the patched line; removed `is a_module`
|
||||
ns = sys.modules.get(a_type.__module__).__dict__
|
||||
if ns and is_type_predicate(ns.get(match.group(2)), a_module):
|
||||
return True
|
||||
return False
|
||||
|
||||
_is_type._orig_impl = real_is_type # type: ignore[attr-defined] # stash this away to allow unit tests to undo the patch
|
||||
|
||||
dataclasses._is_type = _is_type # type: ignore[attr-defined]
|
||||
|
||||
try:
|
||||
if _is_patch_needed():
|
||||
raise RuntimeError("patching had no effect") # pragma: nocover
|
||||
except Exception as ex: # pragma: nocover
|
||||
dataclasses._is_type = real_is_type # type: ignore[attr-defined]
|
||||
raise RuntimeError("dataclasses ClassVar support is still broken after patching") from ex
|
||||
|
||||
|
||||
def _is_patch_needed() -> bool:
|
||||
@dataclasses.dataclass
|
||||
class CheckClassVar:
|
||||
# this is the broken case requiring patching: ClassVar dot-referenced from a module that is not `typing` is treated as an instance field
|
||||
# DTFIX-RELEASE: add link to CPython bug report to-be-filed (or update associated deprecation comments if we don't)
|
||||
a_classvar: _ts.ClassVar[int] # type: ignore[name-defined]
|
||||
a_field: int
|
||||
|
||||
return len(dataclasses.fields(CheckClassVar)) != 1
|
||||
@ -0,0 +1,134 @@
|
||||
from __future__ import annotations
|
||||
|
||||
import inspect
|
||||
import re
|
||||
import pathlib
|
||||
import sys
|
||||
import typing as t
|
||||
|
||||
from ansible.module_utils.common.messages import PluginInfo
|
||||
|
||||
_ansible_module_base_path: t.Final = pathlib.Path(sys.modules['ansible'].__file__).parent
|
||||
"""Runtime-detected base path of the `ansible` Python package to distinguish between Ansible-owned and external code."""
|
||||
|
||||
ANSIBLE_CORE_DEPRECATOR: t.Final = PluginInfo._from_collection_name('ansible.builtin')
|
||||
"""Singleton `PluginInfo` instance for ansible-core callers where the plugin can/should not be identified in messages."""
|
||||
|
||||
INDETERMINATE_DEPRECATOR: t.Final = PluginInfo(resolved_name='indeterminate', type='indeterminate')
|
||||
"""Singleton `PluginInfo` instance for indeterminate deprecator."""
|
||||
|
||||
_DEPRECATOR_PLUGIN_TYPES = frozenset(
|
||||
{
|
||||
'action',
|
||||
'become',
|
||||
'cache',
|
||||
'callback',
|
||||
'cliconf',
|
||||
'connection',
|
||||
# doc_fragments - no code execution
|
||||
# filter - basename inadequate to identify plugin
|
||||
'httpapi',
|
||||
'inventory',
|
||||
'lookup',
|
||||
'module', # only for collections
|
||||
'netconf',
|
||||
'shell',
|
||||
'strategy',
|
||||
'terminal',
|
||||
# test - basename inadequate to identify plugin
|
||||
'vars',
|
||||
}
|
||||
)
|
||||
"""Plugin types which are valid for identifying a deprecator for deprecation purposes."""
|
||||
|
||||
_AMBIGUOUS_DEPRECATOR_PLUGIN_TYPES = frozenset(
|
||||
{
|
||||
'filter',
|
||||
'test',
|
||||
}
|
||||
)
|
||||
"""Plugin types for which basename cannot be used to identify the plugin name."""
|
||||
|
||||
|
||||
def get_best_deprecator(*, deprecator: PluginInfo | None = None, collection_name: str | None = None) -> PluginInfo:
|
||||
"""Return the best-available `PluginInfo` for the caller of this method."""
|
||||
_skip_stackwalk = True
|
||||
|
||||
if deprecator and collection_name:
|
||||
raise ValueError('Specify only one of `deprecator` or `collection_name`.')
|
||||
|
||||
return deprecator or PluginInfo._from_collection_name(collection_name) or get_caller_plugin_info() or INDETERMINATE_DEPRECATOR
|
||||
|
||||
|
||||
def get_caller_plugin_info() -> PluginInfo | None:
|
||||
"""Try to get `PluginInfo` for the caller of this method, ignoring marked infrastructure stack frames."""
|
||||
_skip_stackwalk = True
|
||||
|
||||
if frame_info := next((frame_info for frame_info in inspect.stack() if '_skip_stackwalk' not in frame_info.frame.f_locals), None):
|
||||
return _path_as_core_plugininfo(frame_info.filename) or _path_as_collection_plugininfo(frame_info.filename)
|
||||
|
||||
return None # pragma: nocover
|
||||
|
||||
|
||||
def _path_as_core_plugininfo(path: str) -> PluginInfo | None:
|
||||
"""Return a `PluginInfo` instance if the provided `path` refers to a core plugin."""
|
||||
try:
|
||||
relpath = str(pathlib.Path(path).relative_to(_ansible_module_base_path))
|
||||
except ValueError:
|
||||
return None # not ansible-core
|
||||
|
||||
namespace = 'ansible.builtin'
|
||||
|
||||
if match := re.match(r'plugins/(?P<plugin_type>\w+)/(?P<plugin_name>\w+)', relpath):
|
||||
plugin_name = match.group("plugin_name")
|
||||
plugin_type = match.group("plugin_type")
|
||||
|
||||
if plugin_type not in _DEPRECATOR_PLUGIN_TYPES:
|
||||
# The plugin type isn't a known deprecator type, so we have to assume the caller is intermediate code.
|
||||
# We have no way of knowing if the intermediate code is deprecating its own feature, or acting on behalf of another plugin.
|
||||
# Callers in this case need to identify the deprecating plugin name, otherwise only ansible-core will be reported.
|
||||
# Reporting ansible-core is never wrong, it just may be missing an additional detail (plugin name) in the "on behalf of" case.
|
||||
return ANSIBLE_CORE_DEPRECATOR
|
||||
elif match := re.match(r'modules/(?P<module_name>\w+)', relpath):
|
||||
# AnsiballZ Python package for core modules
|
||||
plugin_name = match.group("module_name")
|
||||
plugin_type = "module"
|
||||
elif match := re.match(r'legacy/(?P<module_name>\w+)', relpath):
|
||||
# AnsiballZ Python package for non-core library/role modules
|
||||
namespace = 'ansible.legacy'
|
||||
|
||||
plugin_name = match.group("module_name")
|
||||
plugin_type = "module"
|
||||
else:
|
||||
return ANSIBLE_CORE_DEPRECATOR # non-plugin core path, safe to use ansible-core for the same reason as the non-deprecator plugin type case above
|
||||
|
||||
name = f'{namespace}.{plugin_name}'
|
||||
|
||||
return PluginInfo(resolved_name=name, type=plugin_type)
|
||||
|
||||
|
||||
def _path_as_collection_plugininfo(path: str) -> PluginInfo | None:
|
||||
"""Return a `PluginInfo` instance if the provided `path` refers to a collection plugin."""
|
||||
if not (match := re.search(r'/ansible_collections/(?P<ns>\w+)/(?P<coll>\w+)/plugins/(?P<plugin_type>\w+)/(?P<plugin_name>\w+)', path)):
|
||||
return None
|
||||
|
||||
plugin_type = match.group('plugin_type')
|
||||
|
||||
if plugin_type in _AMBIGUOUS_DEPRECATOR_PLUGIN_TYPES:
|
||||
# We're able to detect the namespace, collection and plugin type -- but we have no way to identify the plugin name currently.
|
||||
# To keep things simple we'll fall back to just identifying the namespace and collection.
|
||||
# In the future we could improve the detection and/or make it easier for a caller to identify the plugin name.
|
||||
return PluginInfo._from_collection_name('.'.join((match.group('ns'), match.group('coll'))))
|
||||
|
||||
if plugin_type == 'modules':
|
||||
plugin_type = 'module'
|
||||
|
||||
if plugin_type not in _DEPRECATOR_PLUGIN_TYPES:
|
||||
# The plugin type isn't a known deprecator type, so we have to assume the caller is intermediate code.
|
||||
# We have no way of knowing if the intermediate code is deprecating its own feature, or acting on behalf of another plugin.
|
||||
# Callers in this case need to identify the deprecator to avoid ambiguity, since it could be the same collection or another collection.
|
||||
return INDETERMINATE_DEPRECATOR
|
||||
|
||||
name = '.'.join((match.group('ns'), match.group('coll'), match.group('plugin_name')))
|
||||
|
||||
return PluginInfo(resolved_name=name, type=plugin_type)
|
||||
@ -1,49 +0,0 @@
|
||||
from __future__ import annotations
|
||||
|
||||
import typing as t
|
||||
|
||||
from ._ambient_context import AmbientContextBase
|
||||
from ..common.messages import PluginInfo
|
||||
|
||||
|
||||
class HasPluginInfo(t.Protocol):
|
||||
"""Protocol to type-annotate and expose PluginLoader-set values."""
|
||||
|
||||
@property
|
||||
def _load_name(self) -> str:
|
||||
"""The requested name used to load the plugin."""
|
||||
|
||||
@property
|
||||
def ansible_name(self) -> str:
|
||||
"""Fully resolved plugin name."""
|
||||
|
||||
@property
|
||||
def plugin_type(self) -> str:
|
||||
"""Plugin type name."""
|
||||
|
||||
|
||||
class PluginExecContext(AmbientContextBase):
|
||||
"""Execution context that wraps all plugin invocations to allow infrastructure introspection of the currently-executing plugin instance."""
|
||||
|
||||
def __init__(self, executing_plugin: HasPluginInfo) -> None:
|
||||
self._executing_plugin = executing_plugin
|
||||
|
||||
@property
|
||||
def executing_plugin(self) -> HasPluginInfo:
|
||||
return self._executing_plugin
|
||||
|
||||
@property
|
||||
def plugin_info(self) -> PluginInfo:
|
||||
return PluginInfo(
|
||||
requested_name=self._executing_plugin._load_name,
|
||||
resolved_name=self._executing_plugin.ansible_name,
|
||||
type=self._executing_plugin.plugin_type,
|
||||
)
|
||||
|
||||
@classmethod
|
||||
def get_current_plugin_info(cls) -> PluginInfo | None:
|
||||
"""Utility method to extract a PluginInfo for the currently executing plugin (or None if no plugin is executing)."""
|
||||
if ctx := cls.current(optional=True):
|
||||
return ctx.plugin_info
|
||||
|
||||
return None
|
||||
@ -0,0 +1,25 @@
|
||||
from __future__ import annotations
|
||||
|
||||
import typing as t
|
||||
|
||||
from ..common import messages as _messages
|
||||
|
||||
|
||||
class HasPluginInfo(t.Protocol):
|
||||
"""Protocol to type-annotate and expose PluginLoader-set values."""
|
||||
|
||||
@property
|
||||
def ansible_name(self) -> str | None:
|
||||
"""Fully resolved plugin name."""
|
||||
|
||||
@property
|
||||
def plugin_type(self) -> str:
|
||||
"""Plugin type name."""
|
||||
|
||||
|
||||
def get_plugin_info(value: HasPluginInfo) -> _messages.PluginInfo:
|
||||
"""Utility method that returns a `PluginInfo` from an object implementing the `HasPluginInfo` protocol."""
|
||||
return _messages.PluginInfo(
|
||||
resolved_name=value.ansible_name,
|
||||
type=value.plugin_type,
|
||||
)
|
||||
@ -0,0 +1,14 @@
|
||||
from __future__ import annotations
|
||||
|
||||
import keyword
|
||||
|
||||
|
||||
def validate_collection_name(collection_name: object, name: str = 'collection_name') -> None:
|
||||
"""Validate a collection name."""
|
||||
if not isinstance(collection_name, str):
|
||||
raise TypeError(f"{name} must be {str} instead of {type(collection_name)}")
|
||||
|
||||
parts = collection_name.split('.')
|
||||
|
||||
if len(parts) != 2 or not all(part.isidentifier() and not keyword.iskeyword(part) for part in parts):
|
||||
raise ValueError(f"{name} must consist of two non-keyword identifiers separated by '.'")
|
||||
@ -0,0 +1,40 @@
|
||||
# (c) 2012-2014, Michael DeHaan <michael.dehaan@gmail.com>
|
||||
#
|
||||
# This file is part of Ansible
|
||||
#
|
||||
# Ansible is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# (at your option) any later version.
|
||||
#
|
||||
# Ansible is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU General Public License
|
||||
# along with Ansible. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
from __future__ import annotations
|
||||
|
||||
import json
|
||||
|
||||
from ansible.utils.display import Display
|
||||
|
||||
Display().deprecated(f'{__name__!r} is deprecated.', version='2.23', help_text='Call `json.dumps` directly instead.')
|
||||
|
||||
|
||||
def jsonify(result, format=False):
|
||||
"""Format JSON output."""
|
||||
|
||||
if result is None:
|
||||
return "{}"
|
||||
|
||||
indent = None
|
||||
if format:
|
||||
indent = 4
|
||||
|
||||
try:
|
||||
return json.dumps(result, sort_keys=True, indent=indent, ensure_ascii=False)
|
||||
except UnicodeDecodeError:
|
||||
return json.dumps(result, sort_keys=True, indent=indent)
|
||||
@ -0,0 +1,36 @@
|
||||
from __future__ import annotations
|
||||
|
||||
from ansible.plugins.action import ActionBase
|
||||
from ansible.utils.display import _display
|
||||
from ansible.module_utils.common.messages import PluginInfo
|
||||
|
||||
# extra lines below to allow for adding more imports without shifting the line numbers of the code that follows
|
||||
#
|
||||
#
|
||||
#
|
||||
#
|
||||
#
|
||||
|
||||
|
||||
class ActionModule(ActionBase):
|
||||
def run(self, tmp=None, task_vars=None):
|
||||
result = super(ActionModule, self).run(tmp, task_vars)
|
||||
deprecator = PluginInfo._from_collection_name('ns.col')
|
||||
|
||||
# ansible-deprecated-version - only ansible-core can encounter this
|
||||
_display.deprecated(msg='ansible-deprecated-no-version')
|
||||
# ansible-invalid-deprecated-version - only ansible-core can encounter this
|
||||
_display.deprecated(msg='collection-deprecated-version', version='1.0.0')
|
||||
_display.deprecated(msg='collection-invalid-deprecated-version', version='not-a-version')
|
||||
# ansible-deprecated-no-collection-name - only a module_utils can encounter this
|
||||
_display.deprecated(msg='wrong-collection-deprecated', collection_name='ns.wrong', version='3.0.0')
|
||||
_display.deprecated(msg='ansible-expired-deprecated-date', date='2000-01-01')
|
||||
_display.deprecated(msg='ansible-invalid-deprecated-date', date='not-a-date')
|
||||
_display.deprecated(msg='ansible-deprecated-both-version-and-date', version='3.0.0', date='2099-01-01')
|
||||
_display.deprecated(msg='removal-version-must-be-major', version='3.1.0')
|
||||
# ansible-deprecated-date-not-permitted - only ansible-core can encounter this
|
||||
_display.deprecated(msg='ansible-deprecated-unnecessary-collection-name', deprecator=deprecator, version='3.0.0')
|
||||
# ansible-deprecated-collection-name-not-permitted - only ansible-core can encounter this
|
||||
_display.deprecated(msg='ansible-deprecated-both-collection-name-and-deprecator', collection_name='ns.col', deprecator=deprecator, version='3.0.0')
|
||||
|
||||
return result
|
||||
@ -0,0 +1,34 @@
|
||||
from __future__ import annotations
|
||||
|
||||
from ansible.module_utils.common.messages import PluginInfo
|
||||
from ansible.module_utils.common.warnings import deprecate
|
||||
|
||||
# extra lines below to allow for adding more imports without shifting the line numbers of the code that follows
|
||||
#
|
||||
#
|
||||
#
|
||||
#
|
||||
#
|
||||
#
|
||||
#
|
||||
#
|
||||
|
||||
|
||||
def do_stuff() -> None:
|
||||
deprecator = PluginInfo._from_collection_name('ns.col')
|
||||
|
||||
# ansible-deprecated-version - only ansible-core can encounter this
|
||||
deprecate(msg='ansible-deprecated-no-version', collection_name='ns.col')
|
||||
# ansible-invalid-deprecated-version - only ansible-core can encounter this
|
||||
deprecate(msg='collection-deprecated-version', collection_name='ns.col', version='1.0.0')
|
||||
deprecate(msg='collection-invalid-deprecated-version', collection_name='ns.col', version='not-a-version')
|
||||
# ansible-deprecated-no-collection-name - module_utils cannot encounter this
|
||||
deprecate(msg='wrong-collection-deprecated', collection_name='ns.wrong', version='3.0.0')
|
||||
deprecate(msg='ansible-expired-deprecated-date', collection_name='ns.col', date='2000-01-01')
|
||||
deprecate(msg='ansible-invalid-deprecated-date', collection_name='ns.col', date='not-a-date')
|
||||
deprecate(msg='ansible-deprecated-both-version-and-date', collection_name='ns.col', version='3.0.0', date='2099-01-01')
|
||||
deprecate(msg='removal-version-must-be-major', collection_name='ns.col', version='3.1.0')
|
||||
# ansible-deprecated-date-not-permitted - only ansible-core can encounter this
|
||||
# ansible-deprecated-unnecessary-collection-name - module_utils cannot encounter this
|
||||
# ansible-deprecated-collection-name-not-permitted - only ansible-core can encounter this
|
||||
deprecate(msg='ansible-deprecated-both-collection-name-and-deprecator', collection_name='ns.col', deprecator=deprecator, version='3.0.0')
|
||||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue