mirror of https://github.com/ansible/ansible.git
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
625 lines
38 KiB
YAML
625 lines
38 KiB
YAML
ancestor: 2.16.0
|
|
releases:
|
|
2.17.0b1:
|
|
changes:
|
|
breaking_changes:
|
|
- assert - Nested templating may result in an inability for the conditional
|
|
to be evaluated. See the porting guide for more information.
|
|
bugfixes:
|
|
- All core lookups now use set_option(s) even when doing their own custom parsing.
|
|
This ensures that the options are always the proper type.
|
|
- Allow for searching handler subdir for included task via include_role (https://github.com/ansible/ansible/issues/81722)
|
|
- AnsibleModule.atomic_move - fix preserving extended ACLs of the destination
|
|
when it exists (https://github.com/ansible/ansible/issues/72929).
|
|
- Cache host_group_vars after instantiating it once and limit the amount of
|
|
repetitive work it needs to do every time it runs.
|
|
- Call PluginLoader.all() once for vars plugins, and load vars plugins that
|
|
run automatically or are enabled specifically by name subsequently.
|
|
- Consolidate systemd detection logic into one place (https://github.com/ansible/ansible/issues/80975).
|
|
- Consolidated the list of internal static vars, centralized them as constant
|
|
and completed from some missing entries.
|
|
- Do not print undefined error message twice (https://github.com/ansible/ansible/issues/78703).
|
|
- Enable file cache for vaulted files during vars lookup to fix a strong performance
|
|
penalty in huge and complex playbboks.
|
|
- Fix NEVRA parsing of package names that include digit(s) in them (https://github.com/ansible/ansible/issues/76463,
|
|
https://github.com/ansible/ansible/issues/81018)
|
|
- Fix ``force_handlers`` not working with ``any_errors_fatal`` (https://github.com/ansible/ansible/issues/36308)
|
|
- Fix ``run_once`` being incorrectly interpreted on handlers (https://github.com/ansible/ansible/issues/81666)
|
|
- 'Fix an issue when setting a plugin name from an unsafe source resulted in
|
|
``ValueError: unmarshallable object`` (https://github.com/ansible/ansible/issues/82708)'
|
|
- Fix check for missing _sub_plugin attribute in older connection plugins (https://github.com/ansible/ansible/pull/82954)
|
|
- Fix condition for unquoting configuration strings from ini files (https://github.com/ansible/ansible/issues/82387).
|
|
- Fix for when ``any_errors_fatal`` was ignored if error occurred in a block
|
|
with always (https://github.com/ansible/ansible/issues/31543)
|
|
- Fix handling missing urls in ansible.module_utils.urls.fetch_file for Python
|
|
3.
|
|
- Fix issue where an ``include_tasks`` handler in a role was not able to locate
|
|
a file in ``tasks/`` when ``tasks_from`` was used as a role entry point and
|
|
``main.yml`` was not present (https://github.com/ansible/ansible/issues/82241)
|
|
- Fix issues when tasks withing nested blocks wouldn't run when ``force_handlers``
|
|
is set (https://github.com/ansible/ansible/issues/81533)
|
|
- Fix loading vars_plugins in roles (https://github.com/ansible/ansible/issues/82239).
|
|
- 'Fix notifying role handlers by listen keyword topics with the "role_name
|
|
: " prefix (https://github.com/ansible/ansible/issues/82849).'
|
|
- Fix setting proper locale for git executable when running on non english systems,
|
|
ensuring git output can always be parsed.
|
|
- Fix tasks in always section not being executed for nested blocks with ``any_errors_fatal``
|
|
(https://github.com/ansible/ansible/issues/73246)
|
|
- Fixes permission for cache json file from 600 to 644 (https://github.com/ansible/ansible/issues/82683).
|
|
- Give the tombstone error for ``include`` pre-fork like other tombstoned action/module
|
|
plugins.
|
|
- Harden python templates for respawn and ansiballz around str literal quoting
|
|
- Include the task location when a module or action plugin is deprecated (https://github.com/ansible/ansible/issues/82450).
|
|
- Interpreter discovery - Add ``Amzn`` to ``OS_FAMILY_MAP`` for correct family
|
|
fallback for interpreter discovery (https://github.com/ansible/ansible/issues/80882).
|
|
- Mirror the behavior of dnf on the command line when handling NEVRAs with omitted
|
|
epoch (https://github.com/ansible/ansible/issues/71808)
|
|
- Plugin loader does not dedupe nor cache filter/test plugins by file basename,
|
|
but full path name.
|
|
- Properly template tags in parent blocks (https://github.com/ansible/ansible/issues/81053)
|
|
- Provide additional information about the alternative plugin in the deprecation
|
|
message (https://github.com/ansible/ansible/issues/80561).
|
|
- Remove the galaxy_info field ``platforms`` from the role templates (https://github.com/ansible/ansible/issues/82453).
|
|
- Restoring the ability of filters/tests can have same file base name but different
|
|
tests/filters defined inside.
|
|
- Reword the error message when the module fails to parse parameters in JSON
|
|
format (https://github.com/ansible/ansible/issues/81188).
|
|
- Reword warning if the reserved keyword _ansible_ used as a module parameter
|
|
(https://github.com/ansible/ansible/issues/82514).
|
|
- Run all handlers with the same ``listen`` topic, even when notified from another
|
|
handler (https://github.com/ansible/ansible/issues/82363).
|
|
- Slight optimization to hostvars (instantiate template only once per host,
|
|
vs per call to var).
|
|
- Stopped misleadingly advertising ``async`` mode support in the ``reboot``
|
|
module (https://github.com/ansible/ansible/issues/71517).
|
|
- '``ansible-galaxy role import`` - fix using the ``role_name`` in a standalone
|
|
role''s ``galaxy_info`` metadata by disabling automatic removal of the ``ansible-role-``
|
|
prefix. This matches the behavior of the Galaxy UI which also no longer implicitly
|
|
removes the ``ansible-role-`` prefix. Use the ``--role-name`` option or add
|
|
a ``role_name`` to the ``galaxy_info`` dictionary in the role''s ``meta/main.yml``
|
|
to use an alternate role name.'
|
|
- '``ansible-test sanity --test runtime-metadata`` - add ``action_plugin`` as
|
|
a valid field for modules in the schema (https://github.com/ansible/ansible/pull/82562).'
|
|
- '``ansible.module_utils.service`` - ensure binary data transmission in ``daemonize()``'
|
|
- '``any_errors_fatal`` should fail all hosts and rescue all of them when a
|
|
``rescue`` section is specified (https://github.com/ansible/ansible/issues/80981)'
|
|
- '``include_role`` - properly execute ``v2_playbook_on_include`` and ``v2_runner_on_failed``
|
|
callbacks as well as increase ``ok`` and ``failed`` stats in the play recap,
|
|
when appropriate (https://github.com/ansible/ansible/issues/77336)'
|
|
- allow_duplicates - fix evaluating if the current role allows duplicates instead
|
|
of using the initial value from the duplicate's cached role.
|
|
- ansible-config init will now dedupe ini entries from plugins.
|
|
- ansible-galaxy - Deprecate use of the Galaxy v2 API (https://github.com/ansible/ansible/issues/81781)
|
|
- ansible-galaxy - Provide a better error message when using a requirements
|
|
file with an invalid format - https://github.com/ansible/ansible/issues/81901
|
|
- ansible-galaxy - Resolve issue with the dataclass used for galaxy.yml manifest
|
|
caused by using future annotations
|
|
- ansible-galaxy - ensure path to ansible collection when installing or downloading
|
|
doesn't have a backslash (https://github.com/ansible/ansible/pull/79705).
|
|
- ansible-galaxy - started allowing the use of pre-releases for collections
|
|
that do not have any stable versions published. (https://github.com/ansible/ansible/pull/81606)
|
|
- ansible-galaxy - started allowing the use of pre-releases for dependencies
|
|
on any level of the dependency tree that specifically demand exact pre-release
|
|
versions of collections and not version ranges. (https://github.com/ansible/ansible/pull/81606)
|
|
- ansible-galaxy error on dependency resolution will not error itself due to
|
|
'virtual' collections not having a name/namespace.
|
|
- ansible-galaxy info - fix reporting no role found when lookup_role_by_name
|
|
returns None.
|
|
- ansible-galaxy role import - exit with 1 when the import fails (https://github.com/ansible/ansible/issues/82175).
|
|
- ansible-galaxy role install - fix installing roles from Galaxy that have version
|
|
``None`` (https://github.com/ansible/ansible/issues/81832).
|
|
- ansible-galaxy role install - normalize tarfile paths and symlinks using ``ansible.utils.path.unfrackpath``
|
|
and consider them valid as long as the realpath is in the tarfile's role directory
|
|
(https://github.com/ansible/ansible/issues/81965).
|
|
- ansible-inventory - index available_hosts for major performance boost when
|
|
dumping large inventories
|
|
- ansible-pull now will expand relative paths for the ``-d|--directory`` option
|
|
is now expanded before use.
|
|
- ansible-pull will now correctly handle become and connection password file
|
|
options for ansible-playbook.
|
|
- ansible-test - Add a ``pylint`` plugin to work around a known issue on Python
|
|
3.12.
|
|
- ansible-test - Explicitly supply ``ControlPath=none`` when setting up port
|
|
forwarding over SSH to address the scenario where the local ssh configuration
|
|
uses ``ControlPath`` for all hosts, and would prevent ports to be forwarded
|
|
after the initial connection to the host.
|
|
- ansible-test - Fix parsing of cgroup entries which contain a ``:`` in the
|
|
path (https://github.com/ansible/ansible/issues/81977).
|
|
- ansible-test - Include missing ``pylint`` requirements for Python 3.10.
|
|
- ansible-test - Properly detect docker host when using ``ssh://`` protocol
|
|
for connecting to the docker daemon.
|
|
- ansible-test - The ``libexpat`` package is automatically upgraded during remote
|
|
bootstrapping to maintain compatibility with newer Python packages.
|
|
- ansible-test - The ``validate-modules`` sanity test no longer attempts to
|
|
process files with unrecognized extensions as Python (resolves https://github.com/ansible/ansible/issues/82604).
|
|
- ansible-test - Update ``pylint`` to version 3.0.1.
|
|
- ansible-test ansible-doc sanity test - do not remove underscores from plugin
|
|
names in collections before calling ``ansible-doc`` (https://github.com/ansible/ansible/pull/82574).
|
|
- ansible-test validate-modules sanity test - do not treat leading underscores
|
|
for plugin names in collections as an attempted deprecation (https://github.com/ansible/ansible/pull/82575).
|
|
- "ansible-test \u2014 Python 3.8\u20133.12 will use ``coverage`` v7.3.2."
|
|
- ansible.builtin.apt - calling clean = true does not properly clean certain
|
|
cache files such as /var/cache/apt/pkgcache.bin and /var/cache/apt/pkgcache.bin
|
|
(https://github.com/ansible/ansible/issues/82611)
|
|
- ansible.builtin.uri - the module was ignoring the ``force`` parameter and
|
|
always requesting a cached copy (via the ``If-Modified-Since`` header) when
|
|
downloading to an existing local file. Disable caching when ``force`` is ``true``,
|
|
as documented (https://github.com/ansible/ansible/issues/82166).
|
|
- apt - honor install_recommends and dpkg_options while installing python3-apt
|
|
library (https://github.com/ansible/ansible/issues/40608).
|
|
- apt - install recommended packages when installing package via deb file (https://github.com/ansible/ansible/issues/29726).
|
|
- apt_repository - do not modify repo files if the file is a symlink (https://github.com/ansible/ansible/issues/49809).
|
|
- apt_repository - update PPA URL to point to https URL (https://github.com/ansible/ansible/issues/82463).
|
|
- assemble - fixed missing parameter 'content' in _get_diff_data API (https://github.com/ansible/ansible/issues/82359).
|
|
- 'async - Fix bug that stopped running async task in ``--check`` when ``check_mode:
|
|
False`` was set as a task attribute - https://github.com/ansible/ansible/issues/82811'
|
|
- blockinfile - when ``create=true`` is used with a filename without path, the
|
|
module crashed (https://github.com/ansible/ansible/pull/81638).
|
|
- check if there are attributes to set before attempting to set them (https://github.com/ansible/ansible/issues/76727)
|
|
- copy action now also generates temprary files as hidden ('.' prefixed) to
|
|
avoid accidental pickup by running services that glob by extension.
|
|
- copy action now ensures that tempfiles use the same suffix as destination,
|
|
to allow for ``validate`` to work with utilities that check extensions.
|
|
- deb822_repository - handle idempotency if the order of parameters is changed
|
|
(https://github.com/ansible/ansible/issues/82454).
|
|
- debconf - allow user to specify a list for value when vtype is multiselect
|
|
(https://github.com/ansible/ansible/issues/81345).
|
|
- delegate_to when set to an empty or undefined variable will now give a proper
|
|
error.
|
|
- distribution.py - Recognize ALP-Dolomite as part of the SUSE OS family in
|
|
Ansible, fixing its previous misidentification (https://github.com/ansible/ansible/pull/82496).
|
|
- distro - bump bundled distro version from 1.6.0 to 1.8.0 (https://github.com/ansible/ansible/issues/81713).
|
|
- dnf - fix an issue when cached RPMs were left in the cache directory even
|
|
when the keepcache setting was unset (https://github.com/ansible/ansible/issues/81954)
|
|
- dnf - fix an issue when installing a package by specifying a file it provides
|
|
could result in installing a different package providing the same file than
|
|
the package already installed resulting in resolution failure (https://github.com/ansible/ansible/issues/82461)
|
|
- dnf - properly set gpg check options on enabled repositories according to
|
|
the ``disable_gpg_check`` option (https://github.com/ansible/ansible/issues/80110)
|
|
- dnf - properly skip unavailable packages when ``skip_broken`` is enabled (https://github.com/ansible/ansible/issues/80590)
|
|
- dnf - the ``nobest`` option only overrides the distribution default when explicitly
|
|
used, and is used for all supported operations (https://github.com/ansible/ansible/issues/82616)
|
|
- dnf5 - respect ``allow_downgrade`` when installing packages directly from
|
|
rpm files
|
|
- dnf5 - the ``nobest`` option only overrides the distribution default when
|
|
used
|
|
- dwim functions for lookups should be better at detectging role context even
|
|
in abscense of tasks/main.
|
|
- expect - fix argument spec error using timeout=null (https://github.com/ansible/ansible/issues/80982).
|
|
- fact gathering on linux now handles thread count by using rounding vs dropping
|
|
decimals, it should give slightly more accurate numbers.
|
|
- facts - detect VMware ESXi 8.0 virtualization by product name VMware20,1
|
|
- fetch - Do not calculate the file size for Windows fetch targets to improve
|
|
performance.
|
|
- fetch - add error message when using ``dest`` with a trailing slash that becomes
|
|
a local directory - https://github.com/ansible/ansible/issues/82878
|
|
- find - do not fail on Permission errors (https://github.com/ansible/ansible/issues/82027).
|
|
- first_found lookup now always returns a full (absolute) and normalized path
|
|
- first_found lookup now always takes into account k=v options
|
|
- flush_handlers - properly handle a handler failure in a nested block when
|
|
``force_handlers`` is set (http://github.com/ansible/ansible/issues/81532)
|
|
- galaxy - skip verification for unwanted Python compiled bytecode files (https://github.com/ansible/ansible/issues/81628).
|
|
- handle exception raised while validating with elements='int' and value is
|
|
not within choices (https://github.com/ansible/ansible/issues/82776).
|
|
- include_tasks - include `ansible_loop_var` and `ansible_index_var` in a loop
|
|
(https://github.com/ansible/ansible/issues/82655).
|
|
- include_vars - fix calculating ``depth`` relative to the root and ensure all
|
|
files are included (https://github.com/ansible/ansible/issues/80987).
|
|
- interpreter_discovery - handle AnsibleError exception raised while interpreter
|
|
discovery (https://github.com/ansible/ansible/issues/78264).
|
|
- iptables - add option choices 'src,src' and 'dst,dst' in match_set_flags (https://github.com/ansible/ansible/issues/81281).
|
|
- iptables - set jump to DSCP when set_dscp_mark or set_dscp_mark_class is set
|
|
(https://github.com/ansible/ansible/issues/77077).
|
|
- known_hosts - Fix issue with `@cert-authority` entries in known_hosts incorrectly
|
|
being removed.
|
|
- module no_log will no longer affect top level booleans, for example ``no_log_module_parameter='a'``
|
|
will no longer hide ``changed=False`` as a 'no log value' (matches 'a').
|
|
- moved assemble, raw, copy, fetch, reboot, script and wait_for_connection to
|
|
query task instead of play_context ensuring they get the lastest and most
|
|
correct data.
|
|
- reboot action now handles connections with 'timeout' vs only 'connection_timeout'
|
|
settings.
|
|
- role params now have higher precedence than host facts again, matching documentation,
|
|
this had unintentionally changed in 2.15.
|
|
- roles, code cleanup and performance optimization of dependencies, now cached, and
|
|
``public`` setting is now determined once, at role instantiation.
|
|
- roles, the ``static`` property is now correctly set, this will fix issues
|
|
with ``public`` and ``DEFAULT_PRIVATE_ROLE_VARS`` controls on exporting vars.
|
|
- set_option method for plugins to update config now properly passes through
|
|
type casting and validation.
|
|
- ssh - add tests for the SSH connection plugin.
|
|
- support url-encoded credentials in URLs like http://x%40:%40@example.com (https://github.com/ansible/ansible/pull/82552)
|
|
- syslog - Handle ValueError exception raised when sending Null Characters to
|
|
syslog with Python 3.12.
|
|
- systemd_services - update documentation regarding required_one_of and required_by
|
|
parameters (https://github.com/ansible/ansible/issues/82914).
|
|
- template - Fix error when templating an unsafe string which corresponds to
|
|
an invalid type in Python (https://github.com/ansible/ansible/issues/82600).
|
|
- template action will also inherit the behavior from copy (as it uses it internally).
|
|
- templating - ensure syntax errors originating from a template being compiled
|
|
into Python code object result in a failure (https://github.com/ansible/ansible/issues/82606)
|
|
- unarchive - add support for 8 character permission strings for zip archives
|
|
(https://github.com/ansible/ansible/pull/81705).
|
|
- unarchive - force unarchive if symlink target changes (https://github.com/ansible/ansible/issues/30420).
|
|
- unarchive modules now uses zipinfo options without relying on implementation
|
|
defaults, making it more compatible with all OS/distributions.
|
|
- unsafe data - Address an incompatibility when iterating or getting a single
|
|
index from ``AnsibleUnsafeBytes``
|
|
- unsafe data - Address an incompatibility with ``AnsibleUnsafeText`` and ``AnsibleUnsafeBytes``
|
|
when pickling with ``protocol=0``
|
|
- unsafe data - Enable directly using ``AnsibleUnsafeText`` with Python ``pathlib``
|
|
(https://github.com/ansible/ansible/issues/82414)
|
|
- uri action plugin now skipped during check mode (not supported) instead of
|
|
even trying to execute the module, which already skipped, this does not really
|
|
change the result, but returns much faster.
|
|
- vars - handle exception while combining VarsWithSources and dict (https://github.com/ansible/ansible/issues/81659).
|
|
- wait_for should not handle 'non mmapable files' again.
|
|
- winrm - Better handle send input failures when communicating with hosts under
|
|
load
|
|
- winrm - Do not raise another exception during cleanup when a task is timed
|
|
out - https://github.com/ansible/ansible/issues/81095
|
|
- winrm - does not hang when attempting to get process output when stdin write
|
|
failed
|
|
deprecated_features:
|
|
- Old style vars plugins which use the entrypoints `get_host_vars` or `get_group_vars`
|
|
are deprecated. The plugin should be updated to inherit from `BaseVarsPlugin`
|
|
and define a `get_vars` method as the entrypoint.
|
|
- The 'required' parameter in 'ansible.module_utils.common.process.get_bin_path'
|
|
API is deprecated (https://github.com/ansible/ansible/issues/82464).
|
|
- '``module_utils`` - importing the following convenience helpers from ``ansible.module_utils.basic``
|
|
has been deprecated: ``get_exception``, ``literal_eval``, ``_literal_eval``,
|
|
``datetime``, ``signal``, ``types``, ``chain``, ``repeat``, ``PY2``, ``PY3``,
|
|
``b``, ``binary_type``, ``integer_types``, ``iteritems``, ``string_types``,
|
|
``test_type``, ``map`` and ``shlex_quote``.'
|
|
- ansible-doc - role entrypoint attributes are deprecated and eventually will
|
|
no longer be shown in ansible-doc from ansible-core 2.20 on (https://github.com/ansible/ansible/issues/82639,
|
|
https://github.com/ansible/ansible/pull/82678).
|
|
- paramiko connection plugin, configuration items in the global scope are being
|
|
deprecated and will be removed in favor or the existing same options in the
|
|
plugin itself. Users should not need to change anything (how to configure
|
|
them are the same) but plugin authors using the global constants should move
|
|
to using the plugin's get_option().
|
|
major_changes:
|
|
- urls.py - Removed support for Python 2
|
|
minor_changes:
|
|
- Add ``dump`` and ``passno`` mount information to facts component (https://github.com/ansible/ansible/issues/80478)
|
|
- Added MIRACLE LINUX 9.2 in RedHat OS Family.
|
|
- Interpreter Discovery - Remove hardcoded references to specific python interpreters
|
|
to use for certain distro versions, and modify logic for python3 to become
|
|
the default.
|
|
- Use Python's built-in ``functools.update_wrapper`` instead an inline copy
|
|
from Python 3.7.
|
|
- User can now set ansible.log to record higher verbosity than what is specified
|
|
for display via new configuration item LOG_VERBOSITY.
|
|
- '``DEFAULT_PRIVATE_ROLE_VARS`` is now overridden by explicit setting of ``public``
|
|
for ``include_roles`` and ``import_roles``.'
|
|
- '``ansible-galaxy role|collection init`` - accept ``--extra-vars`` to supplement/override
|
|
the variables ``ansible-galaxy`` injects for templating ``.j2`` files in the
|
|
skeleton.'
|
|
- '``import_role`` action now also gets a ``public`` option that controls variable
|
|
exports, default depending on ``DEFAULT_PRIVATE_ROLE_VARS`` (if using defaults
|
|
equates to ``public=True``).'
|
|
- added configuration item ``TARGET_LOG_INFO`` that allows the user/author to
|
|
add an information string to the log output on targets.
|
|
- ansible-doc - treat double newlines in documentation strings as paragraph
|
|
breaks. This is useful to create multi-paragraph notes in module/plugin documentation
|
|
(https://github.com/ansible/ansible/pull/82465).
|
|
- ansible-doc output has been revamped to make it more visually pleasing when
|
|
going to a terminal, also more concise, use -v to show extra information.
|
|
- ansible-galaxy - Started normalizing build directory with a trailing separator
|
|
when building collections, internally. (https://github.com/ansible/ansible/pull/81619).
|
|
- ansible-galaxy dependency resolution messages have changed the unexplained
|
|
'virtual' collection for the specific type ('scm', 'dir', etc) that is more
|
|
user friendly
|
|
- ansible-test - Add Alpine 3.19 container.
|
|
- ansible-test - Add Alpine 3.19 to remotes.
|
|
- ansible-test - Add Fedora 39 container.
|
|
- ansible-test - Add Fedora 39 remote.
|
|
- ansible-test - Add a work-around for permission denied errors when using ``pytest
|
|
>= 8`` on multi-user systems with an installed version of ``ansible-test``.
|
|
- ansible-test - Add support for RHEL 9.3 remotes.
|
|
- ansible-test - Added a macOS 14.3 remote VM.
|
|
- ansible-test - Bump the ``nios-test-container`` from version 2.0.0 to version
|
|
3.0.0.
|
|
- ansible-test - Containers and remotes managed by ansible-test will have their
|
|
Python ``EXTERNALLY-MANAGED`` marker (PEP668) removed. This provides backwards
|
|
compatibility for existing tests running in newer environments which mark
|
|
their Python as externally managed. A future version of ansible-test may change
|
|
this behavior, requiring tests to be adapted to such environments.
|
|
- ansible-test - Make Python 3.12 the default version used in the ``base`` and
|
|
``default`` containers.
|
|
- ansible-test - Remove Alpine 3(.18) container.
|
|
- ansible-test - Remove Alpine 3.18 from remotes.
|
|
- ansible-test - Remove Fedora 38 remote support.
|
|
- ansible-test - Remove Fedora 38 test container.
|
|
- ansible-test - Remove rhel/9.2 test remote
|
|
- ansible-test - Remove the FreeBSD 13.2 remote.
|
|
- ansible-test - Removed fallback to ``virtualenv`` when ``-m venv`` is non-functional.
|
|
- 'ansible-test - Removed test remotes: macos/13.2'
|
|
- ansible-test - Removed the ``no-basestring`` sanity test. The test is no longer
|
|
necessary now that Python 3 is required.
|
|
- ansible-test - Removed the ``no-dict-iteritems``, ``no-dict-iterkeys`` and
|
|
``no-dict-itervalues`` sanity tests. The tests are no longer necessary since
|
|
Python 3 is required.
|
|
- ansible-test - Removed the ``no-main-display`` sanity test. The unwanted pattern
|
|
is unlikely to occur, since the test has existed since Ansible 2.8.
|
|
- ansible-test - Removed the ``no-unicode-literals`` sanity test. The test is
|
|
unnecessary now that Python 3 is required and the ``unicode_literals`` feature
|
|
has no effect.
|
|
- ansible-test - Special handling for installation of ``cryptography`` has been
|
|
removed, as it is no longer necessary.
|
|
- ansible-test - The ``shellcheck`` sanity test no longer disables the ``SC2164``
|
|
check. In most cases, seeing this error means the script is missing ``set
|
|
-e``.
|
|
- ansible-test - The ``unidiomatic-typecheck`` rule has been enabled in the
|
|
``pylint`` sanity test.
|
|
- ansible-test - The ``unidiomatic-typecheck`` rule has been removed from the
|
|
``validate-modules`` sanity test.
|
|
- ansible-test - Update the base and default containers to use Ubuntu 22.04
|
|
for the base image. This also updates PowerShell to version 7.4.0 with .NET
|
|
8.0.0 and ShellCheck to version 0.8.0.
|
|
- ansible-test - Updated the CloudStack test container to version 1.7.0.
|
|
- ansible-test - Updated the distro test containers to version 6.3.0 to include
|
|
coverage 7.3.2 for Python 3.8+. The alpine3 container is now based on 3.18
|
|
instead of 3.17 and includes Python 3.11 instead of Python 3.10.
|
|
- ansible-test - Updated the distro test containers to version 7.1.0.
|
|
- ansible-test - When ansible-test installs requirements, it now instructs pip
|
|
to allow installs on externally managed environments as defined by PEP 668.
|
|
This only occurs in ephemeral environments managed by ansible-test, such as
|
|
containers, or when the `--requirements` option is used.
|
|
- ansible-test - When invoking ``sleep`` in containers during container setup,
|
|
the ``env`` command is used to avoid invoking the shell builtin, if present.
|
|
- ansible-test - document block name now included in error message for YAML
|
|
parsing errors (https://github.com/ansible/ansible/issues/82353).
|
|
- ansible-test - sanity test allows ``EXAMPLES`` to be multi-document YAML (https://github.com/ansible/ansible/issues/82353).
|
|
- ansible-test now has FreeBSD 13.3 and 14.0 support
|
|
- ansible.builtin.user - Remove user not found warning (https://github.com/ansible/ansible/issues/80267)
|
|
- apt_repository.py - use api.launchpad.net endpoint instead of launchpad.net/api
|
|
- async tasks can now also support check mode at the same time.
|
|
- async_status now supports check mode.
|
|
- constructed inventory plugin - Adding a note that only group_vars of explicit
|
|
groups are loaded (https://github.com/ansible/ansible/pull/82580).
|
|
- csvfile - add a keycol parameter to specify in which column to search.
|
|
- dnf - add the ``best`` option
|
|
- dnf5 - add the ``best`` option
|
|
- filter plugin - Add the count and mandatory_count parameters in the regex_replace
|
|
filter
|
|
- find - add a encoding parameter to specify which encoding of the files to
|
|
be searched.
|
|
- git module - gpg_allowlist name was added in 2.17 and we will eventually deprecate
|
|
the gpg_whitelist alias.
|
|
- import_role - allow subdirectories with ``_from`` options for parity with
|
|
``include_role`` (https://github.com/ansible/ansible/issues/82584).
|
|
- module argument spec - Allow module authors to include arbitrary additional
|
|
context in the argument spec, by making use of a new top level key called
|
|
``context``. This key should be a dict type. This allows for users to customize
|
|
what they place in the argument spec, without having to ignore sanity tests
|
|
that validate the schema.
|
|
- modules - Add the ability for an action plugin to call ``self._execute_module(*,
|
|
ignore_unknown_opts=True)`` to execute a module with options that may not
|
|
be supported for the version being called. This tells the module basic wrapper
|
|
to ignore validating the options provided match the arg spec.
|
|
- package action now has a configuration that overrides the detected package
|
|
manager, it is still overridden itself by the use option.
|
|
- py3compat - Remove ``ansible.utils.py3compat`` as it is no longer necessary
|
|
- removed the unused argument ``create_new_password`` from ``CLI.build_vault_ids``
|
|
(https://github.com/ansible/ansible/pull/82066).
|
|
- urls - Add support for TLS 1.3 post handshake certificate authentication -
|
|
https://github.com/ansible/ansible/issues/81782
|
|
- urls - reduce complexity of ``Request.open``
|
|
- user - accept yescrypt hash as user password
|
|
- validate-modules tests now correctly handles ``choices`` in dictionary format.
|
|
release_summary: '| Release Date: 2024-04-08
|
|
|
|
| `Porting Guide <https://docs.ansible.com/ansible-core/2.17/porting_guides/porting_guide_core_2.17.html>`__
|
|
|
|
'
|
|
removed_features:
|
|
- Remove deprecated APIs from ansible-docs (https://github.com/ansible/ansible/issues/81716).
|
|
- Remove deprecated JINJA2_NATIVE_WARNING environment variable (https://github.com/ansible/ansible/issues/81714)
|
|
- Remove deprecated ``scp_if_ssh`` from ssh connection plugin (https://github.com/ansible/ansible/issues/81715).
|
|
- Remove deprecated crypt support from ansible.utils.encrypt (https://github.com/ansible/ansible/issues/81717)
|
|
- With the removal of Python 2 support, the yum module and yum action plugin
|
|
are removed and redirected to ``dnf``.
|
|
security_fixes:
|
|
- ANSIBLE_NO_LOG - Address issue where ANSIBLE_NO_LOG was ignored (CVE-2024-0690)
|
|
- ansible-galaxy - Prevent roles from using symlinks to overwrite files outside
|
|
of the installation directory (CVE-2023-5115)
|
|
- templating - Address issues where internal templating can cause unsafe variables
|
|
to lose their unsafe designation (CVE-2023-5764)
|
|
codename: Gallows Pole
|
|
fragments:
|
|
- 2.17.0b1_summary.yaml
|
|
- 49809_apt_repository.yml
|
|
- 76727-chattr-fix-for-backups-of-symlinks.yml
|
|
- 77077_iptables.yml
|
|
- 77336-include_role-callbacks-stats.yml
|
|
- 78703_undefined.yml
|
|
- 79705-fix-ensure-path-to-collection-argument-doesnt-have-backslash.yml
|
|
- 79945-host_group_vars-improvements.yml
|
|
- 80110-repos-gpgcheck.yml
|
|
- 80267-ansible_builtin_user-remove-user-not-found-warning.yml
|
|
- 80478-extend-mount-info.yml
|
|
- 80561.yml
|
|
- 80590-dnf-skip_broken-unavailable-pkgs.yml
|
|
- 80882-Amazon-os-family-compat.yaml
|
|
- 80975-systemd-detect.yml
|
|
- 80995-include-all-var-files.yml
|
|
- 81053-templated-tags-inheritance.yml
|
|
- 81188_better_error.yml
|
|
- 81532-fix-nested-flush_handlers.yml
|
|
- 81584-daemonize-follow-up-fixes.yml
|
|
- 81606-ansible-galaxy-collection-pre-releases.yml
|
|
- 81628_galaxy_verify.yml
|
|
- 81638-blockinfile.yml
|
|
- 81659_varswithsources.yml
|
|
- 81666-handlers-run_once.yml
|
|
- 81699-zip-permission.yml
|
|
- 81713-distro.yml
|
|
- 81714-remove-deprecated-jinja2_native_warning.yml
|
|
- 81716-ansible-doc.yml
|
|
- 81717-remove-deprecated-crypt-support.yml
|
|
- 81722-handler-subdir-include_tasks.yml
|
|
- 81732-cloudstack-test-container-1.7.0.yml
|
|
- 81775-add-regex_replace-parameters.yml
|
|
- 81901-galaxy-requirements-format.yml
|
|
- 81931-locale-related-parsing-error-git.yml
|
|
- 81954-dnf-keepcache.yml
|
|
- 81978-launchpad-api-endpoint.yml
|
|
- 81995-enable_file_cache.yml
|
|
- 82027_find.yml
|
|
- 82066.yml
|
|
- 82175-fix-ansible-galaxy-role-import-rc.yml
|
|
- 82187-uri-handle-force.yml
|
|
- 82241-handler-include-tasks-from.yml
|
|
- 82353-ansible-sanity-examples.yml
|
|
- 82359_assemble_diff.yml
|
|
- 82363-multiple-handlers-with-recursive-notification.yml
|
|
- 82377-git-gpg-whitelist-allowlist.yml
|
|
- 82387-unquote-strings-from-ini-files.yml
|
|
- 82455-new-vmware-productname.yml
|
|
- 82461-dnf-provides.yml
|
|
- 82465-ansible-doc-paragraphs.yml
|
|
- 82496-add-alp-dolomite-suse-family.yaml
|
|
- 82574-ansible-test-ansible-doc-underscore.yml
|
|
- 82575-ansible-test-validate-modules-underscore.yml
|
|
- 82580_constructed.yml
|
|
- 82606-template-python-syntax-error.yml
|
|
- 82611_fix_alignment_apt_clean_with_ansible_apt_clean.yml
|
|
- 82616-dnf-best-nobest.yml
|
|
- 82655-fix-ansible-loop-index-var-in-includedtasks.yml
|
|
- 82675-fix-unsafe-templating-leading-to-type-error.yml
|
|
- 82678-role-entrypoint-attributes.yml
|
|
- 82683-ansible-fact_cache-permissions-changed-after-ansible-coreupdate.yml
|
|
- 82708-unsafe-plugin-name-error.yml
|
|
- 82878-fetch-dest-is-dir.yml
|
|
- 82954-fix-older-connection-plugins.yml
|
|
- a-g-install-version-None.yml
|
|
- ansible-galaxy-init-extra-vars.yml
|
|
- ansible-galaxy-role-install-symlink.yml
|
|
- ansible-test-added-fedora-39.yml
|
|
- ansible-test-added-macos-14.3.yml
|
|
- ansible-test-alpine-libexpat.yml
|
|
- ansible-test-cgroup-split.yml
|
|
- ansible-test-container-sleep.yml
|
|
- ansible-test-coverage-update.yml
|
|
- ansible-test-cryptography.yml
|
|
- ansible-test-default-containers.yml
|
|
- ansible-test-distro-containers.yml
|
|
- ansible-test-docker-forwards.yml
|
|
- ansible-test-externally-managed-python.yml
|
|
- ansible-test-nios-container.yml
|
|
- ansible-test-pep-668.yml
|
|
- ansible-test-pylint-update.yml
|
|
- ansible-test-pytest-8.yml
|
|
- ansible-test-python-3.12-compat.yml
|
|
- ansible-test-python-default.yml
|
|
- ansible-test-remove-freebsd-13.2.yml
|
|
- ansible-test-remove-rhel-9_2-remote.yml
|
|
- ansible-test-rhel-9.3.yml
|
|
- ansible-test-rmv-fedora-38.yml
|
|
- ansible-test-sanity-no-basestring.yml
|
|
- ansible-test-sanity-no-dict.yml
|
|
- ansible-test-sanity-no-main-display.yml
|
|
- ansible-test-sanity-unicode-literals.yml
|
|
- ansible-test-shellcheck-exclude.yml
|
|
- ansible-test-unidiomatic-type-check.yml
|
|
- ansible-test-validate-modules-non-python.yml
|
|
- ansible-test-venv.yml
|
|
- ansible_test_alpine_3.19.yml
|
|
- ansible_test_fbsd_add.yml
|
|
- ansible_test_rmv_alpine_318.yml
|
|
- ansible_test_rmv_macos_132.yml
|
|
- any_errors_fatal-fixes.yml
|
|
- apt_install.yml
|
|
- apt_recommends.yml
|
|
- argument-spec-context.yml
|
|
- async-task-check-mode.yml
|
|
- async_status_check_mode.yml
|
|
- atomic-move-fix-extended-attrs.yml
|
|
- check_arguments.yml
|
|
- clear-distro-interp-map.yml
|
|
- config_set_option_fix.yml
|
|
- config_validate_updates.yml
|
|
- copy_keep_suffix_temp.yml
|
|
- csvfile-keycol.yml
|
|
- cve-2023-5115.yml
|
|
- cve-2023-5764.yml
|
|
- cve-2024-0690.yml
|
|
- deb822_repo_idem.yml
|
|
- debconf_multiselect.yml
|
|
- dedupe_config_init.yml
|
|
- delegate_to_invalid.yml
|
|
- deprecate-v2-galaxy-api.yml
|
|
- distlib-dataclass-annotation.yml
|
|
- dnf-installed-checks-api.yml
|
|
- dnf5-from-rpm-allow_downgrade.yml
|
|
- dwim_is_role_fix.yml
|
|
- find-encoding.yml
|
|
- first_found_fixes.yml
|
|
- fix-allow-duplicates.yml
|
|
- fix-ansible-galaxy-info-no-role-found.yml
|
|
- fix-build-files-manifest-walk.yml
|
|
- fix-default-ansible-galaxy-role-import-name.yml
|
|
- fix-dnf-install-missing-url.yml
|
|
- fix-expect-indefinite-timeout.yml
|
|
- fix-import_role-_from-options.yml
|
|
- fix-reboot-plugin.yml
|
|
- fix-role-name-handler-prefix-listen.yml
|
|
- fix-runtime-metadata-modules-action_plugin.yml
|
|
- fix-vars-plugins-in-roles.yml
|
|
- functools-update-wrapper.yml
|
|
- galaxy_dep_res_msgs.yml
|
|
- get_bin_path_required_parameter.yml
|
|
- import_role_goes_public.yml
|
|
- improve-tombstone-error.yml
|
|
- internal_static_vars.yml
|
|
- interpreter_discovery.yml
|
|
- inv_available_hosts_to_frozenset.yml
|
|
- iptables_match_set_flag.yml
|
|
- j2_load_fix.yml
|
|
- known_hosts_cert-authority_keys.yml
|
|
- log_id.yml
|
|
- log_verbosity.yml
|
|
- lookups_updated.yml
|
|
- miracle_linux_distribution_support.yml
|
|
- mod_args.yml
|
|
- module-ignore-unknown-options.yml
|
|
- module_utils-basic-deprecations.yml
|
|
- no_log_booly.yml
|
|
- paramiko_globals.yml
|
|
- pc_fixes.yml
|
|
- pkg_mgr_peek.yml
|
|
- ppa_https.yml
|
|
- prettydoc.yml
|
|
- pull_file_secrets.yml
|
|
- pull_unfrack_dest.yml
|
|
- py-tmpl-hardening.yml
|
|
- reboot_timeout_fix.yml
|
|
- request-open-reduce-complexity.yml
|
|
- restore_role_param_precedence.yml
|
|
- rm-compat-environ.yml
|
|
- rm-obsolete-url-role-template.yml
|
|
- role_fixes.yml
|
|
- scp_if_ssh.yml
|
|
- ssh_connection_test.yml
|
|
- syslog_exception.yml
|
|
- systemd_service_note.yml
|
|
- thread_counts.yml
|
|
- unarchive.yml
|
|
- unarchive_fix.yml
|
|
- unsafe-fixes-2.yml
|
|
- unsafe-intern.yml
|
|
- uri_action_cmode.yml
|
|
- url_credentials_decode.yml
|
|
- urls-no-py2.yml
|
|
- urls-tls13-post-handshake-auth.yml
|
|
- user-accept-yescrypt-hash.yml
|
|
- v2.17.0-initial-commit.yaml
|
|
- wait_for_mmap.yml
|
|
- winrm-send-input.yml
|
|
- winrm-task-timeout.yml
|
|
- winrm-timeout.yml
|
|
- yum-removal.yml
|
|
release_date: '2024-04-08'
|