No description
Find a file
Adrian Likins edcbef27ec Retain vault password as bytes in 2.2 (#22378)
* Retain vault password as bytes in 2.2

Prior to 2.2.1, the vault password was read in as byes and then remained
bytes all the way through the code.  A bug existed where bytes and text
were mixed, leading to a traceback with non-ascii passwords.  In devel,
this was fixed by changing the read in password to text type to match
with our overall strategy of converting at the borders.  This was
backported to stable-2.2 for the 2.2.1 release.

On reflection, this should not have been backported as it causes
passwords which were originally non-utf-8 to become utf-8.  People will
then have their working 2.2.x vault files become in-accessible.

this commit pipes bytes all the way through the system for vault
password.  That way if a password is read in as a non-utf-8 character
sequence, it will continue to work in 2.2.2+.  This change is only for
the 2.2 branch, not for 2.3 and beyond.

Why not everywhere?  The reason is that non-utf-8 passwords will cause
problems when vault files are shared between systems or users.  If the
password is read from the prompt and one user/machine has a latin1
encoded locale while a second one has utf-8, the non-ascii password
typed in won't match between machines.  Deal with this by making sure
that when we encrypt the data, we always use valid utf-8.

Fixes #20398

(cherry picked from commit 5dcce0666a)
2017-03-07 15:30:09 -05:00
.github Move summary to be next to where github places the commit message. (#22368) 2017-03-07 18:00:22 +01:00
bin adds more logging output to network_cli and ansible-connection (#21716) 2017-02-21 09:21:41 -05:00
contrib azure_rm inventory version comparison fix (#22341) 2017-03-06 15:44:42 -08:00
docs fixed ungrouped definition 2017-03-07 12:50:35 -05:00
examples Add 9p to list of special filesystems for selinux 2017-02-27 09:13:28 -05:00
hacking made module notes render nicer on docsite 2017-02-24 15:15:18 -05:00
lib/ansible Retain vault password as bytes in 2.2 (#22378) 2017-03-07 15:30:09 -05:00
packaging Use HTTPS instead of legacy HTTP for ansible.com (#16870) 2017-02-15 16:09:33 -08:00
test ec2_group: description is only required when group state is present (#19791) 2017-03-07 20:55:17 +01:00
ticket_stubs Remove obsolete ticket stubs. 2016-12-08 11:35:20 -05:00
.coveragerc Run unit tests in isolation w/ coverage support. 2017-02-27 17:16:45 -08:00
.gitattributes
.gitignore Enable more ios tests on Shippable. 2017-01-20 13:26:59 -08:00
.gitmodules Code cleanup. 2016-12-08 11:35:04 -05:00
.mailmap Add new mailmap entry for @willthames 2017-01-05 10:59:43 -05:00
.yamllint Lint YAML files under test/ 2016-11-11 14:50:57 -08:00
ansible-core-sitemap.xml Remove remnants of obsolete fireball mode. 2016-12-09 16:56:34 -07:00
CHANGELOG.md Add changelog entry for Lambda module updates (#22327) 2017-03-06 17:23:47 -05:00
CODING_GUIDELINES.md
CONTRIBUTING.md
COPYING
Makefile Update Makefile to use ansible-test for pep8. 2017-02-09 11:01:48 -08:00
MANIFEST.in Move to using a requirements.txt to install the python packages. (#21430) 2017-02-15 06:58:09 -08:00
MODULE_GUIDELINES.md Move GUIDELINES.md from modules repo (#19313) 2016-12-14 11:46:14 -05:00
README.md Remove obsolete files and instructions. (#19079) 2016-12-09 12:42:29 -05:00
RELEASES.txt brought releases up to date 2016-11-17 10:57:44 -05:00
requirements.txt Move to using a requirements.txt to install the python packages. (#21430) 2017-02-15 06:58:09 -08:00
ROADMAP.rst Update ROADMAP (#20002) 2017-01-16 11:36:53 +00:00
setup.py Use HTTPS instead of legacy HTTP for ansible.com (#16870) 2017-02-15 16:09:33 -08:00
shippable.yml Split up unit tests on Shippable. (#21931) 2017-02-24 16:58:56 -08:00
tox.ini Pass TEST_FLAGS environment variable to tests run with Tox (#21611) 2017-02-20 15:24:39 -08:00
VERSION Bumping devel version to 2.3.0 2016-10-03 11:46:31 -05:00

PyPI version Build Status

Ansible

Ansible is a radically simple IT automation system. It handles configuration-management, application deployment, cloud provisioning, ad-hoc task-execution, and multinode orchestration - including trivializing things like zero downtime rolling updates with load balancers.

Read the documentation and more at https://ansible.com/

Many users run straight from the development branch (it's generally fine to do so), but you might also wish to consume a release.

You can find instructions here for a variety of platforms.

If you want to download a tarball of a release, go to releases.ansible.com, though most users use yum (using the EPEL instructions linked above), apt (using the PPA instructions linked above), or pip install ansible.

Design Principles

  • Have a dead simple setup process and a minimal learning curve
  • Manage machines very quickly and in parallel
  • Avoid custom-agents and additional open ports, be agentless by leveraging the existing SSH daemon
  • Describe infrastructure in a language that is both machine and human friendly
  • Focus on security and easy auditability/review/rewriting of content
  • Manage new remote machines instantly, without bootstrapping any software
  • Allow module development in any dynamic language, not just Python
  • Be usable as non-root
  • Be the easiest IT automation system to use, ever.

Get Involved

  • Read Community Information for all kinds of ways to contribute to and interact with the project, including mailing list information and how to submit bug reports and code to Ansible.
  • All code submissions are done through pull requests. Take care to make sure no merge commits are in the submission, and use git rebase vs git merge for this reason. If submitting a large code change (other than modules), it's probably a good idea to join ansible-devel and talk about what you would like to do or add first and to avoid duplicate efforts. This not only helps everyone know what's going on, it also helps save time and effort if we decide some changes are needed.
  • Users list: ansible-project
  • Development list: ansible-devel
  • Announcement list: ansible-announce - read only
  • irc.freenode.net: #ansible

Branch Info

  • Releases are named after Led Zeppelin songs. (Releases prior to 2.0 were named after Van Halen songs.)
  • The devel branch corresponds to the release actively under development.
  • For releases 1.8 - 2.2, modules are kept in different repos, you'll want to follow core and extras
  • Various release-X.Y branches exist for previous releases.
  • We'd love to have your contributions, read Community Information for notes on how to get started.

Authors

Ansible was created by Michael DeHaan (michael.dehaan/gmail/com) and has contributions from over 1000 users (and growing). Thanks everyone!

Ansible is sponsored by Ansible, Inc

Licence

GNU Click on the Link to see the full text.