1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
|
ancestor: null
releases:
0.1.0:
changes:
release_summary: 'First release of the `community.sops` collection!
This release includes multiple plugins: an `action` plugin, a `lookup` plugin
and a `vars` plugin.'
fragments:
- 0.1.0.yml
modules:
- description: Load sops-encrypted variables from files, dynamically within a
task
name: load_vars
namespace: ''
- description: Encrypt data with sops
name: sops_encrypt
namespace: ''
plugins:
lookup:
- description: Read sops encrypted file contents
name: sops
namespace: null
vars:
- description: Loading sops-encrypted vars files
name: sops
namespace: null
release_date: '2020-10-23'
0.2.0:
changes:
minor_changes:
- community.sops.sops lookup plugin - add ``empty_on_not_exist`` option which
allows to return an empty string instead of an error when the file does not
exist (https://github.com/ansible-collections/community.sops/pull/33).
- community.sops.sops vars plugin - add option to control caching (https://github.com/ansible-collections/community.sops/pull/32).
- community.sops.sops vars plugin - add option to determine when vars are loaded
(https://github.com/ansible-collections/community.sops/pull/32).
release_summary: This release adds features for the lookup and vars plugins.
fragments:
- 0.2.0.yml
- 32-vars-stage.yml
- 33-lookup-empty_on_not_exist.yml
release_date: '2020-12-16'
1.0.0:
changes:
minor_changes:
- 'All plugins and modules: allow to pass generic sops options with new options
``config_path``, ``enable_local_keyservice``, ``keyservice``. Also allow to
pass AWS parameters with options ``aws_profile``, ``aws_access_key_id``, ``aws_secret_access_key``,
and ``aws_session_token`` (https://github.com/ansible-collections/community.sops/pull/47).'
- community.sops.sops_encrypt - allow to pass encryption-specific options ``kms``,
``gcp_kms``, ``azure_kv``, ``hc_vault_transit``, ``pgp``, ``unencrypted_suffix``,
``encrypted_suffix``, ``unencrypted_regex``, ``encrypted_regex``, ``encryption_context``,
and ``shamir_secret_sharing_threshold`` to sops (https://github.com/ansible-collections/community.sops/pull/47).
release_summary: First stable release. This release is expected to be included
in Ansible 3.0.0.
fragments:
- 1.0.0.yml
- 47-sops-options.yml
release_date: '2021-01-14'
1.0.1:
changes:
release_summary: Re-release of 1.0.0 to counteract error during release.
release_date: '2021-01-14'
1.0.2:
changes:
release_summary: Fix of 1.0.1 release which had no changelog entry.
fragments:
- 1.0.2.yml
release_date: '2021-01-14'
1.0.3:
changes:
bugfixes:
- community.sops.sops lookup plugins - fix wrong format of Ansible variables
so that these are actually used (https://github.com/ansible-collections/community.sops/pull/51).
- community.sops.sops vars plugins - remove non-working Ansible variables (https://github.com/ansible-collections/community.sops/pull/51).
release_summary: This release include some fixes to Ansible docs and required
changes for inclusion in Ansible.
fragments:
- 1.0.3.yml
- 51-fix-vars-arguments.yml
release_date: '2021-01-22'
1.0.4:
changes:
release_summary: This is a security release, fixing a potential information
leak in the ``community.sops.sops_encrypt`` module.
security_fixes:
- community.sops.sops_encrypt - mark the ``aws_secret_access_key`` and ``aws_session_token``
parameters as ``no_log`` to avoid leakage of secrets (https://github.com/ansible-collections/community.sops/pull/54).
fragments:
- 1.0.4.yml
- 54-no_log-fixes.yml
release_date: '2021-02-06'
1.0.5:
changes:
bugfixes:
- community.sops.sops_encrypt - use output type ``yaml`` when path ends with
``.yaml`` (https://github.com/ansible-collections/community.sops/pull/56).
release_summary: This release fixes a bug that prevented correct YAML file to
be created when the output was ending in `.yaml`.
fragments:
- 1.0.5.yml
- 56-sops_encrypt-yaml-output.yaml
release_date: '2021-03-05'
1.0.6:
changes:
bugfixes:
- action_module plugin helper - make compatible with latest changes in ansible-core
2.11.0b3 (https://github.com/ansible-collections/community.sops/pull/58).
- community.sops.load_vars - make compatible with latest changes in ansible-core
2.11.0b3 (https://github.com/ansible-collections/community.sops/pull/58).
release_summary: This release makes the collection compatible to the latest
beta release of ansible-core 2.11.
fragments:
- 1.0.6.yml
- 58-actionmodule-plugin-utils-ansible-core-2.11.yml
release_date: '2021-03-21'
1.1.0:
changes:
minor_changes:
- Avoid internal ansible-core module_utils in favor of equivalent public API
available since at least Ansible 2.9 (https://github.com/ansible-collections/community.sops/pull/73).
release_summary: A minor release for inclusion in Ansible 4.2.0.
fragments:
- 1.1.0.yml
- 71-decrypt-filter.yml
- ansible-core-_text.yml
plugins:
filter:
- description: Decrypt sops-encrypted data
name: decrypt
namespace: null
release_date: '2021-06-29'
1.2.0:
changes:
bugfixes:
- Fix error handling in calls of the ``sops`` binary when negative errors are
returned (https://github.com/ansible-collections/community.sops/issues/82,
https://github.com/ansible-collections/community.sops/pull/83).
minor_changes:
- sops lookup and vars plugin - allow to configure almost all generic options
by ansible.cfg entries and environment variables (https://github.com/ansible-collections/community.sops/pull/81).
release_summary: 'Collection release for inclusion in Ansible 4.9.0 and 5.1.0.
This release contains a change allowing to configure generic plugin options
with ansible.cfg keys and env variables.'
fragments:
- 1.2.0.yml
- 81-plugin-options.yml
- 83-fix-error-handling.yml
release_date: '2021-11-16'
1.2.1:
changes:
release_summary: Maintenance release with updated documentation.
fragments:
- 1.2.1.yml
release_date: '2022-03-22'
1.2.2:
changes:
bugfixes:
- Include ``simplified_bsd.txt`` license file for the ``sops`` module utils.
release_summary: Maintenance release.
fragments:
- 1.2.2.yml
- simplified-bsd-license.yml
release_date: '2022-06-02'
1.2.3:
changes:
release_summary: Fix formatting bug in documentation. No code changes.
fragments:
- 1.2.3.yml
release_date: '2022-06-29'
1.3.0:
changes:
minor_changes:
- All software licenses are now in the ``LICENSES/`` directory of the collection
root, and the collection repository conforms to the `REUSE specification <https://reuse.software/spec/>`__
except for the changelog fragments (https://github.com/ansible-collections/community.crypto/sops/108,
https://github.com/ansible-collections/community.sops/pull/113).
- sops vars plugin - added a configuration option to temporarily disable the
vars plugin (https://github.com/ansible-collections/community.sops/pull/114).
release_summary: Feature release.
fragments:
- 1.3.0.yml
- 108-licenses.yml
- 114-disable-vars-plugin.yml
release_date: '2022-08-23'
1.4.0:
changes:
minor_changes:
- Allow to specify age keys as ``age_key``, or age keyfiles as ``age_keyfile``
(https://github.com/ansible-collections/community.sops/issues/116, https://github.com/ansible-collections/community.sops/pull/117).
- sops_encrypt - allow to specify age recipients (https://github.com/ansible-collections/community.sops/issues/116,
https://github.com/ansible-collections/community.sops/pull/117).
release_summary: Feature release.
fragments:
- 1.4.0.yml
- 117-age.yml
release_date: '2022-09-11'
1.4.1:
changes:
bugfixes:
- load_vars - ensure compatibility with newer versions of ansible-core (https://github.com/ansible-collections/community.sops/pull/121).
release_summary: Maintenance release to improve compatibility with future ansible-core
releases.
fragments:
- 1.4.1.yml
- 121-action-module-compat.yml
release_date: '2022-09-23'
1.5.0:
changes:
minor_changes:
- Automatically install GNU Privacy Guard (GPG) in execution environments. To
install Mozilla sops a manual step needs to be added to the EE definition,
see the collection's documentation for details (https://github.com/ansible-collections/community.sops/pull/98).
release_summary: Feature release.
fragments:
- 1.5.0.yml
- 98-playbooks.yml
objects:
playbook:
- description: Installs sops and GNU Privacy Guard on all remote hosts
name: install
namespace: null
- description: Installs sops and GNU Privacy Guard on localhost
name: install_localhost
namespace: null
role:
- description: Install Mozilla sops
name: install
namespace: null
release_date: '2022-12-02'
1.6.0:
changes:
minor_changes:
- install role - add ``sops_github_latest_detection`` option that allows to
configure which method to use for detecting the latest release on GitHub.
By default (``auto``) first tries to retrieve a list of recent releases using
the API, and if that fails due to rate limiting, tries to obtain the latest
GitHub release from a semi-documented URL (https://github.com/ansible-collections/community.sops/pull/133).
- install role - add ``sops_github_token`` option to allow passing a GitHub
token. This can for example be used to avoid rate limits when using the role
in GitHub Actions (https://github.com/ansible-collections/community.sops/pull/132).
- install role - implement another method to determine the latest release on
GitHub than using the GitHub API, which can make installation fail due to
rate-limiting (https://github.com/ansible-collections/community.sops/pull/131).
release_summary: Feature release improving the installation role.
fragments:
- 1.6.0.yml
- 131.yml
- 132.yml
- 133.yml
release_date: '2023-01-01'
1.6.1:
changes:
bugfixes:
- action plugin helper - fix handling of deprecations for ansible-core 2.14.2
(https://github.com/ansible-collections/community.sops/pull/136).
- various plugins - remove unnecessary imports (https://github.com/ansible-collections/community.sops/pull/133).
release_summary: Maintenance release.
fragments:
- 1.6.1.yml
- 136-action-module.yml
- remove-unneeded-imports.yml
release_date: '2023-02-20'
1.6.2:
changes:
bugfixes:
- install role - make sure that the ``pkg_mgr`` fact is definitely available
when installing on ``localhost``. This can improve error messages in some
cases (https://github.com/ansible-collections/community.sops/issues/145, https://github.com/ansible-collections/community.sops/pull/146).
release_summary: Maintenance release.
fragments:
- 1.6.2.yml
- 146-install-facts.yml
release_date: '2023-06-15'
1.6.3:
changes:
known_issues:
- Ansible markup will show up in raw form on ansible-doc text output for ansible-core
before 2.15. If you have trouble deciphering the documentation markup, please
upgrade to ansible-core 2.15 (or newer), or read the HTML documentation on
https://docs.ansible.com/ansible/devel/collections/community/sops/.
release_summary: 'Maintenance release with updated documentation.
From this version on, community.sops is using the new `Ansible semantic markup
<https://docs.ansible.com/ansible/devel/dev_guide/developing_modules_documenting.html#semantic-markup-within-module-documentation>`__
in its documentation. If you look at documentation with the ansible-doc CLI
tool
from ansible-core before 2.15, please note that it does not render the markup
correctly. You should be still able to read it in most cases, but you need
ansible-core 2.15 or later to see it as it is intended. Alternatively you
can
look at `the devel docsite <https://docs.ansible.com/ansible/devel/collections/community/sops/>`__
for the rendered HTML version of the documentation of the latest release.
'
fragments:
- 1.6.3.yml
- semantic-markup.yml
release_date: '2023-06-27'
1.6.4:
changes:
bugfixes:
- install role - fix ``sops_github_latest_detection=latest-release``, which
broke due to sops moving to another GitHub organization (https://github.com/ansible-collections/community.sops/pull/151).
release_summary: Maintenance/bugfix release for the move of sops to the new
`getsops GitHub organization <https://github.com/getsops>`__.
fragments:
- 1.6.4.yml
- 151-github.yml
release_date: '2023-06-30'
1.6.5:
changes:
bugfixes:
- Avoid pre-releases when picking the latest version when using the GitHub API
method (https://github.com/ansible-collections/community.sops/pull/159).
- Fix changed DEB and RPM URLs for 3.8.0 and its prerelease(s) (https://github.com/ansible-collections/community.sops/pull/159).
release_summary: Make compatible with and test against sops 3.8.0-rc.1.
fragments:
- 1.6.5.yml
- 159-new-releases.yml
release_date: '2023-08-25'
1.6.6:
changes:
bugfixes:
- Fix RPM URL for the 3.8.0 release (https://github.com/ansible-collections/community.sops/pull/161).
release_summary: Make fully compatible with and test against sops 3.8.0.
fragments:
- 1.6.6.yml
- 161-rhel-3.8.0.yml
release_date: '2023-09-15'
1.6.7:
changes:
bugfixes:
- sops_encrypt - ensure that output-type is set to ``yaml`` when the file extension
``.yml`` is used. Now both ``.yaml`` and ``.yml`` files use the SOPS ``--output-type=yaml``
formatting (https://github.com/ansible-collections/community.sops/issues/164).
release_summary: Bugfix release.
fragments:
- 1.6.7.yml
- 165-yaml-output-for-yml-extension.yaml
release_date: '2023-10-29'
|
