New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ansible2: 2.2.0.0 -> 2.2.1.0 #22056
ansible2: 2.2.0.0 -> 2.2.1.0 #22056
Conversation
@peterhoeg, thanks for your PR! By analyzing the history of the files in this pull request, we identified @FRidh and @jgeerds to be potential reviewers. |
👍 for moving packages out of |
sha256 = "0gz9i30pdmkchi936ijy873k8di6fmf3v5rv551hxyf0hjkjx8b3"; | ||
}; | ||
|
||
ansible = ansible1; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When we do make to ansible2 the default ansible? Where did you find information regarding supported ansible versions?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Agreed, should we make ansible2 default?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you do so please add it to the 17.03 release notes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't know of anything official from RedHat, but they specifically mentioned only releasing fixes for the 2.1 and 2.2 versions hence I'm assuming those are the only properly supported versions.
As for changing the default - that would only be in unstable, correct?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@globin, I'll switch the default in a separate PR and include docs.
@Mic92 I didn't know about this! Is there a official announcement / changelog ? I like that idea because python-packages.nix was/is bloated... |
(replying is on my to-do list for this afternoon) |
Yikes! Thank you! Due to:
I think we should separately patch stable and merge this PR (which I think is a nice improvement.)
Agreed, looks great :) thank you.
I don't think so, not yet, let's hope they release an update soon? Can you provide a patch for 16.09? |
How does |
Exactly, so it is used as a library. I think that was also the reason why I put |
Fair enough. Maybe we should have a standard rule for this (further to @jgeerds comment) documented in the manual. My take on the current situation is: If a piece of python software is mainly invoked on its own, it should go into its own file and be referenced from from If instead it is primarily used as a dependency for another piece of python software, it should go into Everybody in agreement? |
@peterhoeg the problem is that as soon as you put it outside of
I don't know whether Anyway, |
@FRidh, can't most python packages be used as libraries? In any case, I'll change that part so it goes back to the |
Ansible upstream won't patch the 1.x versions because it's too complicated. These versions should be removed from master and 16.09 (or at least mark at broken for 16.09). |
Python applications should IMHO be referenced from python-packages.nix and then be aliased in all-packages.nix with e.g |
If they install their modules in |
That means everything using |
Indeed, everything using that function puts modules in |
@FRidh what is your call on this? Should we merge? Should we not merge? |
@FRidh and @grahamc, I will not have time to do it until tonight (UTC+7) when I'll make the following changes to this PR:
Everybody cool? The update to 2.2.1.0 has already been applied to stable. |
👍 thank you!
…On Tue, Jan 24, 2017 at 8:37 PM Peter Hoeg ***@***.***> wrote:
@FRidh <https://github.com/fridh> and @grahamc
<https://github.com/grahamc>, I will not have time to do it until tonight
but I'll make the following changes to this PR:
- move the definitions back to python-packages.nix
- drop ansible1
- make 2.2 the default
- update the documentation
Everybody cool?
The update to 2.2.1.0 has already been applied to stable.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#22056 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AAErrHTV48lnzdOz-ED65PNYpnY7SHIWks5rVqdEgaJpZM4LrB4g>
.
|
@peterhoeg yep, go ahead. Just remember that whenever you change from |
We do a few more things at the same time: a) version 2.1 is a supported version, so add that too b) create a generic builder for versions 2.1 and 2.2 c) change default ansible to ansible2 d) remove ansible1 and update the release notes
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@FRidh LGTY? If you don't leave feedback in ~24hrs I'll go ahead and merge.
Motivation for this change
2.2.1.0 (as well as 2.1.4) fix a fairly nasty CVE: https://lwn.net/Articles/711357/
We do a few more things at the same time:
a) ansible is an application, not a package, so move it out of python-packages.nix
b) version 2.1 is an upstream supported version, so add that too
c) create a generic builder for versions 1.9, 2.1 and 2.2
d) fix
kargo
that depends onpython2Packages.ansible2
now that it has been moved out ofpythonPackages
.This PR covers both security fixes, new branch of code (2.1.x) as well as refactoring of the builder (less code, yeay!!) which may be OK for unstable but not necessarily
16.09
.Should we mark ansible 1 as broken as no fix has been released?
@grahamc, how would like me to proceed?
Things done
(nix.useSandbox on NixOS,
or option
build-use-sandbox
innix.conf
on non-NixOS)
nix-shell -p nox --run "nox-review wip"
./result/bin/
)