Update ansible to 2.4.2.0

[pyup-bot]

There's a new version of ansible available.
You are currently using 2.2.1.0. I have updated it to 2.4.2.0

These links might come in handy: PyPI | Changelog | Repo | Homepage

Changelog

2.4

Major Changes

• Support for Python-2.4 and Python-2.5 on the managed system's side was dropped. If you need to manage a system that ships with Python-2.4 or Python-2.5, you'll need to install Python-2.6 or better on the managed system or run Ansible-2.3 until you can upgrade the system.
• New import/include keywords to replace the old bare include directives. The use of static: {yes|no} on such includes is now deprecated.
  • Using import_* (import_playbook, import_tasks, import_role) directives are static.
  • Using include_* (include_tasks, include_role) directives are dynamic.
    This is done to avoid collisions and possible security issues as facts come from the remote targets and they might be compromised.
• New order play level keyword that allows the user to change the order in which Ansible processes hosts when dispatching tasks.
• Users can now set group merge priority for groups of the same depth (parent child relationship), using the new ansible_group_priority variable, when values are the same or don't exist it will fallback to the previous sorting by name'.
• Inventory has been revamped:

• Inventory classes have been split to allow for better management and deduplication
• Logic that each inventory source duplicated is now common and pushed up to reconciliation
• VariableManager has been updated for better interaction with inventory
• Updated CLI with helper method to initialize base objects for plays
• New inventory plugins for creating inventory
• Old inventory formats are still supported via plugins
• Inline host_list is also an inventory plugin, an example alternative advanced_host_list is also provided (it supports ranges)
• New configuration option to list enabled plugins and precedence order [inventory]enable_plugins in ansible.cfg
• vars_plugins have been reworked, they are now run from Vars manager and API has changed (need docs)
• Loading group_vars/host_vars is now a vars plugin and can be overridden
• It is now possible to specify mulitple inventory sources in the command line (-i /etc/hosts1 -i /opt/hosts2)
• Inventory plugins can use the cache plugin (i.e. virtualbox) and is affected by meta: refresh_inventory
• Group variable precedence is now configurable via new 'precedence' option in ansible.cfg (needs docs)
• Improved warnings and error messages across the board

• Configuration has been changed from a hardcoded listing in the constants module to dynamically loaded from yaml definitions

• Also added an ansible-config CLI to allow for listing config options and dumping current config (including origin)
• TODO: build upon this to add many features detailed in ansible-config proposal ansible-config ansible/proposals#35

• Windows modules now support the use of multiple shared module_utils files in the form of Powershell modules (.psm1), via Requires -Module Ansible.ModuleUtils.Whatever.psm1
• Python module argument_spec now supports custom validation logic by accepting a callable as the type argument.
• Windows become_method: runas is no longer marked experimental
• Windows become_method: runas now works across all authtypes and will auto-elevate under UAC if WinRM user has "Act as part of the operating system" privilege

Deprecations

• The behaviour when specifying --tags (or --skip-tags) multiple times on the command line
  has changed so that the tags are merged together by default. See the
  documentation for how to temporarily use the old behaviour if needed:
  https://docs.ansible.com/ansible/intro_configuration.htmlmerge-multiple-cli-tags
• The fetch module's validate_md5 parameter has been deprecated and will be
  removed in 2.8. If you wish to disable post-validation of the downloaded
  file, use validate_checksum instead.
• Those using ansible as a library should note that the ansible.vars.unsafe_proxy
  module is deprecated and slated to go away in 2.8. The functionality has been
  moved to ansible.utils.unsafe_proxy to avoid a circular import.
• The win_get_url module has the dictionary 'win_get_url' in its results deprecated,
  its content is now also available directly in the resulting output, like other modules.
• Previously deprecated 'hostfile' config settings have been 're-deprecated' as before the code did not warn about deprecated configuration settings, but it does now.

2.4.0

2.3.3

Bugfixes

• Fix alternatives module handlling of non existing options
• Fix synchronize traceback with the docker connection plugin
• Do not escape backslashes in the template lookup plugin to mirror what the template module does
• Fix the expires option of the postgresq_user module
• Fix for win_acl when settings permissions on registry objects that use ALL APPLICATION PACKAGES and ALL RESTRICTED APPLICATION PACKAGES
• Python3 fixes
• asorted azure modules
• pause module
• hacking/env-setup script
• Fix traceback when checking for passwords in logged strings when logging executed commands.
• docker_login module
• Workaround python-libselinux API change in the seboolean module
• digital_ocean_tag module
• Fix the zip filter
• Fix user module combining bytes and text
• Fix for security groups in the amazon efs module
• Fix for the jail connection plugin not finding the named jail
• Fix for blockinfile's parameters insertbefore and insertafter
• ios_config: Fix traceback when the efaults parameter is not set
• iosxr_config: Fixed unicode error when UTF-8 characters are in configs
• Fix check mode in archive module
• Fix UnboundLocalError in check mode in cs_role module
• Fix to always use lowercase hostnames for host keys in known_hosts module
• Added missing return results for win_stat
• Fix rabbitmq modules to give a helpful error if requests is not installed
• Fix yum module not deleting rpms that it downloaded
• Fix yum module failing with a URL to an rpm
• Fix file module inappropriately expanding literal dollar signs in a path read
  from the filesystem as an environment variable.
• Fix the ssh "smart" transport setting which automatically selects the best means of
  transferring files over ssh (sftp, ssh, piped).
• Fix authentication by api_key parameter in exoscale modules.
• vmware module_utils shared code ssl/validate_certs fixes in connection logic
• allow 'bridge' facts to work for certain containers that create conflicting ones with connection plugins
• Fix for win_get_url to use TLS 1.2/1.1 if it is available on the host
• Fix for the filetree lookup with non-ascii group names
• Better message for invalid keywords/options in task due to undefined expressions
• Fixed check mode for enable on Solaris for service module
• Fix cloudtrail module to allow AWS profiles other than the default
• Fix an encoding issue with secret (password) vars_prompts

<a id="2.3.2"></a>

2.3.2

Bugfixes

• Fix partend i18n issues
• fixed handling of extra vars for tower_job_template (25272)
• Python3 bugfixes
• Fix sorting of ec2 policies
• Fix digital_ocean dynamic inventory script
• Fix for the docker connection plugin
• Fix pip module when using python3's pyvenv and python3 -m venv to create virtualenvs
• Fix for the AnsiBallZ wrapper so that it gives a better error message when
  there's not enough disk space to create its tempdir.
• Fix so ansilbe-galaxy install --force with unversioned roles will once again
  overwrite old versions.
• Fix for RabbitMQ 3.6.7 endpoint return code changing.
• Fix for Foreman organization creation
• fixed incorrect fail_json ref in rpm_key
• Corrected requried on hash_name for dynamodb_table
• Fix for fetch action plugin not validating correctly
• Avoid vault view writing display to logs
• htpasswd: fix passlib module version comparison
• Fix for flowdock error message when external_user_name is missing
• fixed corner case for delegate_to, loops and delegate_facts
• fixed wait_for python2.4/2.5 compatibility (this is last version this is needed)
• fix for adhoc not obeying callback options
• fix for win_find where it fails to recursively scan empty nested directories
• fix non-pipelined code paths for Windows (eg, ANSIBLE_KEEP_REMOTE_FILES, non-pipelined connection plugins)
• fix for win_updates where args and check mode were ignored due to common code change
• fix for unprivileged users to Windows runas become method
• fix starttls code path for mail module
• fix missing LC_TYPE in parted module
• fix CN parsing with OpenSSL 1.1 in letsencrypt module
• fix params assignment in jabber module
• fix TXT record type handling in exo_dns_record module
• fix message queue message ttl can't be 0 in rabbitmq_queue module
• CloudStack bugfixes:
• fix template upload for users in cs_template module, change default to is_routing=None
• several fixes in cs_host module fixes hypervisor handling
• fix network param ignored due typo in cs_nic module
• fix missing type bool in module cs_zone
• fix KeyError: 'sshkeypair' in cs_instance module for CloudStack v4.5 and before
• fix for win_chocolatey where trying to upgrade all the packages as per the example docs fails
• fix for win_chocolatey where it did not fail if the version set did not exist
• fix for win_regedit always changing a reg key if the dword values set is a hex
• fix for wait_for on non-Linux systems with newer versions of psutil
• fix eos_banner code and test issues
• run tearup and teardown of EAPI service only on EAPI tests
• fix eos_config tests so only Eth1 and Eth2 are used
• Fix for potential bug when using legacy inventory vars for configuring the su password.
• Fix crash in file module when directories contain non-utf8 filenames
• Fix for dnf groupinstall with dnf-2.x
• Fix seboolean module for incompatibility in newer Python3 selinux bindings
• Optimization for inventory, no need to dedup at every stage, its redundant and slow
• Fix fact gathering for package and service action plugins
• make random_choice more error resilient (27380)
• ensure prefix in plugin loading to avoid conflicts
• fix for a small number of modules (tempfile, possibly copy) which could fail
  if the tempdir on the remote box was a symlink

• fix non-pipelined code paths for Windows (eg, ANSIBLE_KEEP_REMOTE_FILES, non-pipelined connection plugins)

• fix for win_updates where args and check mode were ignored due to common code change

<a id="2.3.1"></a>

2.3.1

Bugfixes

• Security fix for CVE-2017-7481 - data for lookup plugins used as variables was not being correctly marked as "unsafe".
• Fix default value of fetch module's validate_checksum to be True
• Added fix for "meta: refresh_connection" not working with default 'smart' connection.
• Fix template so that the --diff command line option works when the destination is a directory
• Fix python3 bugs in pam_limits
• Fix unbound error when using module deprecation as a single string
• Several places in which error handling was broken due to bad conversions or just typos
• Fix to user module for appending/setting groups on OpenBSD (flags were reversed)
• assemble fix to use safer os.join.path, avoids charset issues
• fixed issue with solaris facts and i18n
• added python2.4 compatiblity fix to sysctl module
• Fix comparison of exisiting container security opts in the docker_container module
• fixed service module invocation of insserv on certain platforms
• Fix traceback in os_user in an error case.
• Fix docker container to restart a container when changing to fewer exposed ports
• Fix tracebacks in docker_network
• Fixes to detection of updated docker images
• Handle detection of docker image changes when published ports is changed
• Fix for docker_container restarting images when links list is empty.

<a id="2.3"></a>

2.3

Moving to Ansible 2.3 guide http://docs.ansible.com/ansible/porting_guide_2.3.html

Major Changes

• Documented and renamed the previously released 'single var vaulting' feature, allowing user to use vault encryption for single variables in a normal YAML vars file.
• Allow module_utils for custom modules to be placed in site-specific directories and shipped in roles
• On platforms that support it, use more modern system polling API instead of select in the ssh connection plugin.
  This removes one limitation on how many parallel forks are feasible on these systems.
• Windows/WinRM supports (experimental) become method "runas" to run modules and scripts as a different user, and to transparently access network resources.
• The WinRM connection plugin now uses pipelining when executing modules, resulting in significantly faster execution for small tasks.
• The WinRM connection plugin can now manage Kerberos tickets automatically when ansible_winrm_transport=kerberos and ansible_user/ansible_password are specified.
• Refactored/standardized most Windows modules, adding check-mode and diff support where possible.
• Extended Windows module API with parameter-type support, helper functions. (i.e. Expand-Environment, Add-Warning, Add-DeprecatationWarning)
• restructured how async works to allow it to apply to action plugins that choose to support it.

Minor Changes

• The version and release facts for OpenBSD hosts were reversed.
  This has been changed so that version has the numeric portion and release has the name of the release.
• removed 'package' from default squash actions as not all package managers support it and it creates errors when using loops,
  any user can add back via config options if they don't use those package managers or otherwise avoid the errors.
• Blocks can now have a name field, to aid in playbook readability.
• default strategy is now configurable via ansible.cfg or environment variable.
• Added 'ansible_playbook_python' which contains 'current python executable', it can be blank in some cases in which Ansible is not invoked via the standard CLI (sys.executable limitation).
• Added 'metadata' to modules to enable classification
• ansible-doc now displays path to module and existing 'metadata'
• added optional 'piped' transfer method to ssh plugin for when scp and sftp are missing, ssh plugin is also now 'smarter' when using these options
• default controlpersist path is now a custom hash of host-port-user to avoid the socket path length errors for long hostnames
• Various fixes for Python3 compatibility
• Fixed issues with inventory formats not handling 'all' and 'ungrouped' in an uniform way.
• 'service' tasks can now use async again, we had lost this capability when changed into an action plugin.
• made any_errors_fatal inheritable from play to task and all other objects in between.
• many small performance improvements in inventory and variable handling and in task execution.
• Added a retry class to the ec2_asg module since customers were running into throttling errors (AWSRetry is a solution for modules using boto3 which isn't applicable here).

Deprecations

• Specifying --tags (or --skip-tags) multiple times on the command line
  currently leads to the last one overriding all the previous ones. This behaviour is deprecated.
  In the future, if you specify --tags multiple times the tags will be merged together.
  From now on, using --tags multiple times on one command line will emit a deprecation warning.
  Setting the merge_multiple_cli_tags option to True in the ansible.cfg file will enable the new behaviour.
  In 2.4, the default will be to merge and you can enable the old overwriting behaviour via the config option.
  In 2.5, multiple --tags options will be merged with no way to go back to the old behaviour.

• Modules (scheduled for removal in 2.5)
• ec2_vpc
• cl_bond
• cl_bridge
• cl_img_install
• cl_interface
• cl_interface_policy
• cl_license
• cl_ports
• nxos_mtu, use nxos_system instead

New: Callbacks

• dense: minimal stdout output with fallback to default when verbose

New: lookups

• keyring: allows getting password from the 'controller' system's keyrings
• chef_databag: allows querying Chef Databags via pychef library

New: cache

• pickle (uses python's own serializer)
• yaml

New: inventory scripts

• oVirt/RHV

New: filters

• combinations
• permutations
• zip
• zip_longest

Module Notes

• AWS lambda: previously ignored changes that only affected one parameter. Existing deployments may have outstanding changes that this bugfix will apply.
• oVirt/RHV: Added support for 4.1 features and the following:

• data centers, clusters, hosts, storage domains and networks management.
• hosts and virtual machines affinity groups and labels.
• users, groups and permissions management.
• Improved virtual machines and disks management.

• Mount: Some fixes so bind mounts are not mounted each time the playbook runs.

New Modules

• a10_server_axapi3
• amazon:

• aws_kms
• cloudfront_facts
• ec2_group_facts
• ec2_lc_facts
• ec2_vpc_igw_facts
• ec2_vpc_nat_gateway_facts
• ec2_vpc_vgw_facts
• ecs_ecr
• elasticache_parameter_group
• elasticache_snapshot
• iam_role
• s3_sync

• archive
• beadm
• bigswitch:

• bigmon_chain
• bigmon_policy

• cisco

• cisco_spark

• cloudengine:

• ce_command

• cloudscale_server
• cloudstack:

• cs_host
• cs_nic
• cs_region
• cs_role
• cs_vpc

• dimensiondata_network
• eos:

• eos_banner
• eos_system
• eos_user

• f5:

• bigip_gtm_facts
• bigip_hostname
• bigip_snat_pool
• bigip_sys_global

• foreman:

• foreman
• katello

• fortios

• fortios_config

• gconftool2
• google:

• gce_eip
• gce_snapshot
• gcpubsub
• gcpubsub_facts

• hpilo:

• hpilo_boot
• hpilo_facts
• hponcfg

• icinga2_feature
• illumos:

• dladm_iptun
• dladm_linkprop
• dladm_vlan
• ipadm_addr
• ipadm_addrprop
• ipadm_ifprop

• infinidat:

• infini_export
• infini_export_client
• infini_fs
• infini_host
• infini_pool
• infini_vol

• ipa:

• ipa_group
• ipa_hbacrule
• ipa_host
• ipa_hostgroup
• ipa_role
• ipa_sudocmd
• ipa_sudocmdgroup
• ipa_sudorule
• ipa_user

• ipinfoio_facts
• ios:

• ios_banner
• ios_system
• ios_vrf

• iosxr_system
• iso_extract
• java_cert
• jenkins_script
• ldap:

• ldap_attr
• ldap_entry

• logstash_plugin
• mattermost
• net_command
• netapp:

• sf_account_manager
• sf_snapshot_schedule_manager
• sf_volume_manager
• sf_volume_access_group_manager

• nginx_status_facts
• nsupdate
• omapi_host
• openssl:

• openssl_privatekey
• openssl_publickey

• openstack:

• os_nova_host_aggregate
• os_quota

• openwrt_init
• ordnance:

• ordnance_config
• ordnance_facts

• ovirt:

• ovirt_affinity_groups
• ovirt_affinity_labels
• ovirt_affinity_labels_facts
• ovirt_clusters
• ovirt_clusters_facts
• ovirt_datacenters
• ovirt_datacenters_facts
• ovirt_external_providers
• ovirt_external_providers_facts
• ovirt_groups
• ovirt_groups_facts
• ovirt_host_networks
• ovirt_host_pm
• ovirt_hosts
• ovirt_hosts_facts
• ovirt_mac_pools
• ovirt_networks
• ovirt_networks_facts
• ovirt_nics
• ovirt_nics_facts
• ovirt_permissions
• ovirt_permissions_facts
• ovirt_quotas
• ovirt_quotas_facts
• ovirt_snapshots
• ovirt_snapshots_facts
• ovirt_storage_domains
• ovirt_storage_domains_facts
• ovirt_tags
• ovirt_tags_facts
• ovirt_templates
• ovirt_templates_facts
• ovirt_users
• ovirt_users_facts
• ovirt_vmpools
• ovirt_vmpools_facts
• ovirt_vms_facts

• pacemaker_cluster
• packet:

• packet_device
• packet_sshkey

• pamd
• panos:

• panos_address
• panos_admin
• panos_admpwd
• panos_cert_gen_ssh
• panos_check
• panos_commit
• panos_dag
• panos_import
• panos_interface
• panos_lic
• panos_loadcfg
• panos_mgtconfig
• panos_nat_policy
• panos_pg
• panos_restart
• panos_security_policy
• panos_service

• postgresql_schema
• proxmox_kvm
• proxysql:

• proxysql_backend_servers
• proxysql_global_variables
• proxysql_manage_config
• proxysql_mysql_users
• proxysql_query_rules
• proxysql_replication_hostgroups
• proxysql_scheduler

• pubnub_blocks
• pulp_repo
• runit
• serverless
• set_stats
• panos:

• panos_security_policy

• smartos:

• imgadm
• vmadm

• sorcery
• stacki_host
• swupd
• tempfile
• tower:

• tower_credential
• tower_group
• tower_host
• tower_inventory
• tower_job_template
• tower_label
• tower_organization
• tower_project
• tower_role
• tower_team
• tower_user

• vmware:

• vmware_guest_facts
• vmware_guest_snapshot

• web_infrastructure:

• jenkins_script

• system

• parted

• windows:

• win_disk_image
• win_dns_client
• win_domain
• win_domain_controller
• win_domain_membership
• win_find
• win_msg
• win_path
• win_psexec
• win_reg_stat
• win_region
• win_say
• win_shortcut
• win_tempfile

• xbps
• zfs:

• zfs_facts
• zpool_facts

<a id="2.2.1"></a>

2.3.0

2.2.3

2.2.2

Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.

Happy merging! 🤖

[pyup-bot]

Closing this in favor of #23