1
0
mirror of https://github.com/ansible/awx.git synced 2024-10-31 15:21:13 +03:00
awx/docs/CHANGELOG.md

9.4 KiB

3.3.0

  • Allow relaunching jobs on a subset of hosts, by status.[#219]
  • Added ask_variables_on_launch to workflow JTs.[#497]
  • Added diff_mode and verbosity fields to WFJT nodes.[#555]
  • Block creation of schedules when variables not allowed are given. Block similar cases for WFJT nodes.[#478]
  • Changed WFJT node credential to many-to-many credentials.
  • Saved Launch-time configurations feature - added WFJT node promptable fields to schedules, added extra_data to WFJT nodes, added "schedule this job" endpoint. [#169]
  • Switch from credential, vault_credential, and extra_credentials fields to single credentials relationship, allow multiple vault credentials [#352].
  • Make inventory parsing errors fatal, and only enable the script inventory plugin for job runs and vendored inventory updates[#864]
  • Add related credentials endpoint for inventory updates to be more internally consistent with job templates, model changes for [#277]
  • Removed TOWER_HOST as a default environment variable in job running environment due to conflict with tower credential type. Playbook authors should replace their use with AWX_HOST. [#1727]
  • Boolean fields for custom credential types will now always default extra_vars and environment variables to False when a value is not provided. [#2038]
  • Add validation to prevent string "$encrypted$" from becoming a literal survey question default [#518].
  • Enable the --export option for ansible-inventory via the environment variable [#1253] so that group variables are imported to the group model.
  • Prevent unwanted entries in activity stream due to modified time changes.
  • API based deep copy feature via related /api/v2/resources/N/copy/ endpoint [#283].
  • Container Cluster-based dynamic scaling provisioning / deprovisioning instances, allow creating / modifying instance groups from the API, introduce instance group policies, consider both memory and CPU constraints, add the ability to disable nodes without removing them from the cluster [#196].
  • Add additional organization roles [#166].
  • Support fact caching for isolated instances [#198].
  • Graphical UI for network inventory [#611].
  • Restrict viewing and editing network UI canvas to users with inventory admin_role.
  • Implement per-template, project, organization custom_virtualenv, a field that allows users to select one of multiple virtual environments set up on the filesystem [#34].
  • Use events for running inventory updates, project updates, and other unified job types [#200].
  • Prevent deletion of jobs when event processing is still ongoing.
  • Prohibit job template callback when inventory is null [#644].
  • Impose stricter criteria to admin users - organization admin role now necessary for all organizations target user is member of.
  • Remove unused admin_role associated with users.
  • Enforce max value for SESSION_COOKIE_AGE [#1651].
  • Add stricter validation to order_by query params [#776].
  • Consistently log uncaught task exceptions [#1257].
  • Do not show value of variable of with_items iteration when no_log is set.
  • Change external logger to lazily create handler from settings on every log emission, replacing server restart. Allows use in OpenShift deployments.
  • Allow job templates using previously-synced git projects to run without network access to source control [#287].
  • Automatically run a project update if sensitive fields change like scm_url.
  • Disallow relaunching jobs with execute_role if another user provided prompts.
  • Show all teams to organization admins if setting ORG_ADMINS_CAN_SEE_ALL_USERS is enabled.
  • Allow creating schedules and workflow nodes from job templates that use credentials which prompt for passwords if ask_credential_on_launch is set.
  • Set execution_node in task manager and submit waiting jobs to only the queue for the specific instance job is targeted to run on [#1873].
  • Switched authentication to Django sessions.
  • Implemented OAuth2 support for token based authentication [#21].
  • Added the ability to forcibly expire sessions through awx-manage expire_sessions.
  • Disallowed using HTTP PUT/PATCH methods to modify existing jobs in Job Details API endpoint.
  • Changed the name of the session length setting from AUTH_TOKEN_EXPIRATION to SESSION_COOKIE_AGE.
  • Changed the name of the session length setting from AUTH_TOKEN_PER_USER to SESSIONS_PER_USER.
  • External logging now defaults to HTTPS (instead of HTTP) unless http:// is explicitly specified in the log aggregator hostname [#2048]

3.2.0

  • added a new API endpoint - /api/v1/settings/logging/test/ - for testing external log aggregrator connectivity [#5164]
  • allow passing -e create_preload_data=False to skip creating default organization/project/inventory/credential/job_template during Tower installation [#5746]
  • removed links from group to inventory_source including the field and related links, removed start and schedule capabilities from group serializer and added user_capabilities to inventory source serializer, allow user creation and naming of inventory sources [#5741]
  • support sourcing inventory from a file inside of a project's source tree [#2477]
  • added support for custom cloud and network credential types, which give the customer the ability to modify environment variables, extra vars, and generate file-based credentials (such as file-based certificates or .ini files) at ansible-playbook runtime [#5876]
  • added support for assigning multiple cloud and network credential types on JobTemplates. JobTemplates can prompt for "extra credentials" at launch time in the same manner as promptable machine credentials [#5807] [#2913]
  • custom inventory sources can now specify a Credential; you can store third-party credentials encrypted within Tower and use their values from within your custom inventory script (by - for example - reading an environment variable or a file's contents) [#5879]
  • Added support for configuring groups of instance nodes to run tower jobs [#5898]
  • Fixed an issue installing Tower on multiple nodes where cluster internal node references are used [#6231]
  • Tower now uses a modified version of Fernet. Our Fernet256 class uses AES-256-CBC instead of AES-128-CBC for all encrypted fields. [#826]
  • Added the ability to set custom environment variables set for playbook runs, inventory updates, project updates, and notification sending. [#3508]
  • Added --diff mode to Job Templates and Ad-Hoc Commands. The diff can be found in the standard out when diff mode is enabled. [#4525]
  • Support accessing some Tower resources via their name-related unique identifiers apart from primary keys. (named URL) [#3362]
  • Support TACACS+ authentication. [#3400]
  • Support sending system logs to external log aggregators via direct TCP/UDP connection. [#5783]
  • Remove Rackspace as a supported inventory source type and credential type. [#6117]
  • Changed names of tower-mange commands register_instance -> provision_instance, deprovision_node -> deprovision_instance, and instance_group_remove -> remove_from_queue, which backward compatibility support for 3.1 use pattern [#6915]