diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 2cdfba92..bb4b2af5 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -5,6 +5,35 @@ Docker Community Collection Release Notes .. contents:: Topics +v1.4.0 +====== + +Release Summary +--------------- + +Security release to address another potential secret leak. Also includes regular bugfixes and features. + +Minor Changes +------------- + +- docker_swarm_service - change ``publish.published_port`` option from mandatory to optional. Docker will assign random high port if not specified (https://github.com/ansible-collections/community.docker/issues/99). + +Breaking Changes / Porting Guide +-------------------------------- + +- docker_swarm - if ``join_token`` is specified, a returned join token with the same value will be replaced by ``VALUE_SPECIFIED_IN_NO_LOG_PARAMETER``. Make sure that you do not blindly use the join tokens from the return value of this module when the module is invoked with ``join_token`` specified! This breaking change appears in a minor release since it is necessary to fix a security issue (https://github.com/ansible-collections/community.docker/pull/103). + +Security Fixes +-------------- + +- docker_swarm - the ``join_token`` option is now marked as ``no_log`` so it is no longer written into logs (https://github.com/ansible-collections/community.docker/pull/103). + +Bugfixes +-------- + +- ``docker_swarm_service`` - fix KeyError on caused by reference to deprecated option ``update_failure_action`` (https://github.com/ansible-collections/community.docker/pull/100). +- docker_swarm_service - mark ``secrets`` module option with ``no_log=False`` since it does not leak secrets (https://github.com/ansible-collections/community.general/pull/2001). + v1.3.0 ====== diff --git a/changelogs/changelog.yaml b/changelogs/changelog.yaml index 64ebf609..437d6523 100644 --- a/changelogs/changelog.yaml +++ b/changelogs/changelog.yaml @@ -233,3 +233,32 @@ releases: name: docker_plugin namespace: '' release_date: '2021-03-08' + 1.4.0: + changes: + breaking_changes: + - docker_swarm - if ``join_token`` is specified, a returned join token with + the same value will be replaced by ``VALUE_SPECIFIED_IN_NO_LOG_PARAMETER``. + Make sure that you do not blindly use the join tokens from the return value + of this module when the module is invoked with ``join_token`` specified! This + breaking change appears in a minor release since it is necessary to fix a + security issue (https://github.com/ansible-collections/community.docker/pull/103). + bugfixes: + - '``docker_swarm_service`` - fix KeyError on caused by reference to deprecated + option ``update_failure_action`` (https://github.com/ansible-collections/community.docker/pull/100).' + - docker_swarm_service - mark ``secrets`` module option with ``no_log=False`` + since it does not leak secrets (https://github.com/ansible-collections/community.general/pull/2001). + minor_changes: + - docker_swarm_service - change ``publish.published_port`` option from mandatory + to optional. Docker will assign random high port if not specified (https://github.com/ansible-collections/community.docker/issues/99). + release_summary: Security release to address another potential secret leak. + Also includes regular bugfixes and features. + security_fixes: + - docker_swarm - the ``join_token`` option is now marked as ``no_log`` so it + is no longer written into logs (https://github.com/ansible-collections/community.docker/pull/103). + fragments: + - 1.4.0.yml + - 100-fix-update_failture_action-keyerror-in-docker_swarm_service.yaml + - 101-make-service-published-port-optional.yaml + - 102-no_log-false.yml + - 103-docker_swarm-join_token.yml + release_date: '2021-03-14' diff --git a/changelogs/fragments/1.4.0.yml b/changelogs/fragments/1.4.0.yml deleted file mode 100644 index b6103559..00000000 --- a/changelogs/fragments/1.4.0.yml +++ /dev/null @@ -1 +0,0 @@ -release_summary: Security release to address another potential secret leak. Also includes regular bugfixes and features. diff --git a/changelogs/fragments/100-fix-update_failture_action-keyerror-in-docker_swarm_service.yaml b/changelogs/fragments/100-fix-update_failture_action-keyerror-in-docker_swarm_service.yaml deleted file mode 100644 index 34a0928e..00000000 --- a/changelogs/fragments/100-fix-update_failture_action-keyerror-in-docker_swarm_service.yaml +++ /dev/null @@ -1,3 +0,0 @@ -bugfixes: - - "``docker_swarm_service`` - fix KeyError on caused by reference to - deprecated option ``update_failure_action`` (https://github.com/ansible-collections/community.docker/pull/100)." diff --git a/changelogs/fragments/101-make-service-published-port-optional.yaml b/changelogs/fragments/101-make-service-published-port-optional.yaml deleted file mode 100644 index e3b586ed..00000000 --- a/changelogs/fragments/101-make-service-published-port-optional.yaml +++ /dev/null @@ -1,3 +0,0 @@ -minor_changes: - - docker_swarm_service - change ``publish.published_port`` option from mandatory - to optional. Docker will assign random high port if not specified (https://github.com/ansible-collections/community.docker/issues/99). diff --git a/changelogs/fragments/102-no_log-false.yml b/changelogs/fragments/102-no_log-false.yml deleted file mode 100644 index b279b3c8..00000000 --- a/changelogs/fragments/102-no_log-false.yml +++ /dev/null @@ -1,2 +0,0 @@ -bugfixes: -- "docker_swarm_service - mark ``secrets`` module option with ``no_log=False`` since it does not leak secrets (https://github.com/ansible-collections/community.general/pull/2001)." diff --git a/changelogs/fragments/103-docker_swarm-join_token.yml b/changelogs/fragments/103-docker_swarm-join_token.yml deleted file mode 100644 index a2e40747..00000000 --- a/changelogs/fragments/103-docker_swarm-join_token.yml +++ /dev/null @@ -1,4 +0,0 @@ -security_fixes: -- "docker_swarm - the ``join_token`` option is now marked as ``no_log`` so it is no longer written into logs (https://github.com/ansible-collections/community.docker/pull/103)." -breaking_changes: -- "docker_swarm - if ``join_token`` is specified, a returned join token with the same value will be replaced by ``VALUE_SPECIFIED_IN_NO_LOG_PARAMETER``. Make sure that you do not blindly use the join tokens from the return value of this module when the module is invoked with ``join_token`` specified! This breaking change appears in a minor release since it is necessary to fix a security issue (https://github.com/ansible-collections/community.docker/pull/103)."