I am -1 to obsoleting from the experience of what happened in the past with other deployment or configuration management systems do that. It will break large systems and it will break small systems and it won't 'fix' any systems that anyone will tell you about. So after an update all anyone will see if they google ansible will be "Ansible broke my system" just like they did when someone did the same thing with cfengine, puppet or chef. Yes these sites aren't going to get any support if they say they are are on ansible 1.9 but they inevitably feel they got less support when they say "My system got updated to ansible 2.2 and nothing works..." For splits like this, I would just push out a final ansible package which has in its description and a README.EOL "This package is EOL and no longer supported. It will be removed from the EPEL repositories around 2017-02-28. Please plan on upgrading your systems to the latest ansible." On 14 January 2017 at 16:20, James Hogarth <james.hogarth@xxxxxxxxx> wrote: > > > On 13 Jan 2017 11:59 pm, "Kevin Fenzi" <kevin@xxxxxxxxx> wrote: > > On Fri, 13 Jan 2017 00:18:09 +0000 > Peter Robinson <pbrobinson@xxxxxxxxx> wrote: > >> On Thu, Jan 12, 2017 at 8:44 PM, Kevin Fenzi <kevin@xxxxxxxxx> wrote: >> > Greetings. >> > >> > When ansible 2.0 was released there were some changes in playbook >> > handling made. For this reason, we created a backwards compatible >> > package with ansible 1.9 to ease the transition for those that >> > needed more time to adjust their playbooks. >> > >> > Late last year it looked like there would be a final release in the >> > 1.9 series addressing some security issues. However, the most >> > recent round of security issues found in 2.x are difficult to >> > impossible to backport to 1.9 so there will not be a final 1.9 >> > release. >> > >> > Since it has now been 1 year since ansible 2.0 was released, and >> > since ansible 1.9 has known security vulnerabilities, backporting >> > fixes is impossible, we will be retiring the ansible1.9 package >> > from EPEL. >> > >> > All ansible 1.9 users are urged to update to 2.x as soon as >> > possible. >> >> Will the mainline 2 package obsolete the old package to ensure it >> doesn''t hang around? > > Well, I am a bit leary of doing that. There may be people using the 1.9 > packages that are aware of the security issues and still wish to keep > using it longer for whatever reasons. > > > > It's been a year already... If they really want to do that they they can > just not install the update or configure their system to exclude ansible. > > When you retire it'll vanish from the EPEL mirrors anyway due to the east we > handle that so they'd have to get ansible19 from koji anyway for future > installs, or make an internal repo with it... In which case they'll be > configuring their systems for it. > > It's not like they'll get any support for 1.9 in any way from Fedora, EPEL > or upstream after all. > > Obsoleting does make a lot of sense to me. > > > > _______________________________________________ > epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx > -- Stephen J Smoogen. _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
