Release 3.8.1.

2025-12-16 20:08:41 +00:00 · 2024-03-16 20:16:57 +01:00 · 2024-03-16 20:16:57 +01:00 · 59a8220c7f
commit 59a8220c7f
parent 61c54874fd
8 changed files with 369 additions and 303 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@ -4,6 +4,27 @@ Docker Community Collection Release Notes

 .. contents:: Topics

+v3.8.1
+======
+
+Release Summary
+---------------
+
+Bugfix release
+
+Security Fixes
+--------------
+
+- docker_containers, docker_machine, and docker_swarm inventory plugins - make sure all data received from the Docker daemon / Docker machine is marked as unsafe, so remote code execution by obtaining texts that can be evaluated as templates is not possible (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/, https://github.com/ansible-collections/community.docker/pull/815).
+
+Bugfixes
+--------
+
+- docker_compose_v2 - do not fail when non-fatal errors occur. This can happen when pulling an image fails, but then the image can be built for another service. Docker Compose emits an error in that case, but ``docker compose up`` still completes successfully (https://github.com/ansible-collections/community.docker/issues/807, https://github.com/ansible-collections/community.docker/pull/810, https://github.com/ansible-collections/community.docker/pull/811).
+- docker_compose_v2* modules - correctly parse ``Warning`` events emitted by Docker Compose (https://github.com/ansible-collections/community.docker/issues/807, https://github.com/ansible-collections/community.docker/pull/811).
+- docker_compose_v2* modules - parse ``logfmt`` warnings emitted by Docker Compose (https://github.com/ansible-collections/community.docker/issues/787, https://github.com/ansible-collections/community.docker/pull/811).
+- docker_compose_v2_pull - fixing idempotence by checking actual pull progress events instead of service-level pull request when ``policy=always``. This stops the module from reporting ``changed=true`` if no actual change happened when pulling. In check mode, it has to assume that a change happens though (https://github.com/ansible-collections/community.docker/issues/813, https://github.com/ansible-collections/community.docker/pull/814).
+
 v3.8.0
 ======

--- a/changelogs/changelog.yaml
+++ b/changelogs/changelog.yaml
@ -1591,3 +1591,35 @@ releases:
    - 803-compose-v2-pull.yml
    - 804-compose-v2-waiting.yml
    release_date: '2024-02-25'
+  3.8.1:
+    changes:
+      bugfixes:
+      - docker_compose_v2 - do not fail when non-fatal errors occur. This can happen
+        when pulling an image fails, but then the image can be built for another service.
+        Docker Compose emits an error in that case, but ``docker compose up`` still
+        completes successfully (https://github.com/ansible-collections/community.docker/issues/807,
+        https://github.com/ansible-collections/community.docker/pull/810, https://github.com/ansible-collections/community.docker/pull/811).
+      - docker_compose_v2* modules - correctly parse ``Warning`` events emitted by
+        Docker Compose (https://github.com/ansible-collections/community.docker/issues/807,
+        https://github.com/ansible-collections/community.docker/pull/811).
+      - docker_compose_v2* modules - parse ``logfmt`` warnings emitted by Docker Compose
+        (https://github.com/ansible-collections/community.docker/issues/787, https://github.com/ansible-collections/community.docker/pull/811).
+      - docker_compose_v2_pull - fixing idempotence by checking actual pull progress
+        events instead of service-level pull request when ``policy=always``. This
+        stops the module from reporting ``changed=true`` if no actual change happened
+        when pulling. In check mode, it has to assume that a change happens though
+        (https://github.com/ansible-collections/community.docker/issues/813, https://github.com/ansible-collections/community.docker/pull/814).
+      release_summary: Bugfix release
+      security_fixes:
+      - docker_containers, docker_machine, and docker_swarm inventory plugins - make
+        sure all data received from the Docker daemon / Docker machine is marked as
+        unsafe, so remote code execution by obtaining texts that can be evaluated
+        as templates is not possible (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/,
+        https://github.com/ansible-collections/community.docker/pull/815).
+    fragments:
+    - 3.8.1.yml
+    - 810-compose-errors.yml
+    - 811-compose-v2-logfmt.yml
+    - 814-docker_compose_v2_pull-idem.yml
+    - inventory-rce.yml
+    release_date: '2024-03-16'
--- a/changelogs/fragments/3.8.1.yml
+++ b/changelogs/fragments/3.8.1.yml
@ -1 +0,0 @@
-release_summary: Bugfix release
--- a/changelogs/fragments/810-compose-errors.yml
+++ b/changelogs/fragments/810-compose-errors.yml
@ -1,5 +0,0 @@
-bugfixes:
-  - "docker_compose_v2 - do not fail when non-fatal errors occur. This can happen when pulling an image fails, but then the image can be built
-     for another service. Docker Compose emits an error in that case, but ``docker compose up`` still completes successfully
-     (https://github.com/ansible-collections/community.docker/issues/807, https://github.com/ansible-collections/community.docker/pull/810,
-      https://github.com/ansible-collections/community.docker/pull/811)."
--- a/changelogs/fragments/811-compose-v2-logfmt.yml
+++ b/changelogs/fragments/811-compose-v2-logfmt.yml
@ -1,3 +0,0 @@
-bugfixes:
-  - "docker_compose_v2* modules - parse ``logfmt`` warnings emitted by Docker Compose (https://github.com/ansible-collections/community.docker/issues/787, https://github.com/ansible-collections/community.docker/pull/811)."
-  - "docker_compose_v2* modules - correctly parse ``Warning`` events emitted by Docker Compose (https://github.com/ansible-collections/community.docker/issues/807, https://github.com/ansible-collections/community.docker/pull/811)."
--- a/changelogs/fragments/814-docker_compose_v2_pull-idem.yml
+++ b/changelogs/fragments/814-docker_compose_v2_pull-idem.yml
@ -1,2 +0,0 @@
-bugfixes:
-  - "docker_compose_v2_pull - fixing idempotence by checking actual pull progress events instead of service-level pull request when ``policy=always``. This stops the module from reporting ``changed=true`` if no actual change happened when pulling. In check mode, it has to assume that a change happens though (https://github.com/ansible-collections/community.docker/issues/813, https://github.com/ansible-collections/community.docker/pull/814)."
--- a/changelogs/fragments/inventory-rce.yml
+++ b/changelogs/fragments/inventory-rce.yml
@ -1,2 +0,0 @@
-security_fixes:
-  - "docker_containers, docker_machine, and docker_swarm inventory plugins - make sure all data received from the Docker daemon / Docker machine is marked as unsafe, so remote code execution by obtaining texts that can be evaluated as templates is not possible (https://www.die-welt.net/2024/03/remote-code-execution-in-ansible-dynamic-inventory-plugins/, https://github.com/ansible-collections/community.docker/pull/815)."