fix sorting of groups for host vars

[larsla]

found this issue because we're using the hierarchy of groups to specify values on different levels.

how to validate fix:

cat >inventory <<EOF
[top:children]
lower

[lower]
host01
EOF

mkdir group_vars
cat >group_vars/top <<EOF

---
my_var: "shouldn't be used"
EOF

cat >group_vars/lower <<EOF

---
my_var: "this one should be used"
EOF

cat >playbook.yml <<EOF
- hosts: all
  connection: local
  sudo: no
  tasks:
    - debug: msg="{{ my_var }}"
EOF

ansible-playbook -i inventory playbook.yml

compare result from ansible 2.0 devel and my fork to see difference

log:

(venv)$ pip install git+https://github.com/ansible/ansible.git
Collecting git+https://github.com/ansible/ansible.git
  Cloning https://github.com/ansible/ansible.git to /var/folders/y_/l6hg282s1636jt3ggm75dlrr0000gn/T/pip-72FUSu-build
Collecting paramiko (from ansible==2.0.0)
/Users/lars/tmp/ver/venv/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#in
secureplatformwarning.
  InsecurePlatformWarning
  Using cached paramiko-1.16.0-py2.py3-none-any.whl
Collecting jinja2 (from ansible==2.0.0)
  Using cached Jinja2-2.8-py2.py3-none-any.whl
Collecting PyYAML (from ansible==2.0.0)
Requirement already satisfied (use --upgrade to upgrade): setuptools in ./venv/lib/python2.7/site-packages (from ansible==2.0.0)
Collecting pycrypto>=2.6 (from ansible==2.0.0)
Collecting ecdsa>=0.11 (from paramiko->ansible==2.0.0)
  Using cached ecdsa-0.13-py2.py3-none-any.whl
Collecting MarkupSafe (from jinja2->ansible==2.0.0)
Installing collected packages: ecdsa, pycrypto, paramiko, MarkupSafe, jinja2, PyYAML, ansible
  Running setup.py install for ansible
Successfully installed MarkupSafe-0.23 PyYAML-3.11 ansible-2.0.0 ecdsa-0.13 jinja2-2.8 paramiko-1.16.0 pycrypto-2.6.1
/Users/lars/tmp/ver/venv/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#in
secureplatformwarning.
  InsecurePlatformWarning
(venv)$ ansible-playbook -i inventory playbook.yml
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and make sure become_method is 'sudo' (default). This feature will be removed in a future release. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

PLAY ***************************************************************************

TASK [setup] *******************************************************************
ok: [host01]

TASK [debug msg={{ my_var }}] **************************************************
ok: [host01] => {
    "changed": false,
    "msg": "shouldn't be used"
}

PLAY RECAP *********************************************************************
host01                     : ok=2    changed=0    unreachable=0    failed=0

(venv)$ pip install -U git+https://github.com/larsla/ansible.git
Collecting git+https://github.com/larsla/ansible.git
  Cloning https://github.com/larsla/ansible.git to /var/folders/y_/l6hg282s1636jt3ggm75dlrr0000gn/T/pip-Zn8Aay-build
Requirement already up-to-date: paramiko in ./venv/lib/python2.7/site-packages (from ansible==2.0.0)
Requirement already up-to-date: jinja2 in ./venv/lib/python2.7/site-packages (from ansible==2.0.0)
Requirement already up-to-date: PyYAML in ./venv/lib/python2.7/site-packages (from ansible==2.0.0)
/Users/lars/tmp/ver/venv/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
Collecting setuptools (from ansible==2.0.0)
  Using cached setuptools-18.7-py2.py3-none-any.whl
Requirement already up-to-date: pycrypto>=2.6 in ./venv/lib/python2.7/site-packages (from ansible==2.0.0)
Requirement already up-to-date: ecdsa>=0.11 in ./venv/lib/python2.7/site-packages (from paramiko->ansible==2.0.0)
Requirement already up-to-date: MarkupSafe in ./venv/lib/python2.7/site-packages (from jinja2->ansible==2.0.0)
Installing collected packages: setuptools, ansible
  Found existing installation: setuptools 18.2
    Uninstalling setuptools-18.2:
      Successfully uninstalled setuptools-18.2
  Found existing installation: ansible 2.0.0
    Uninstalling ansible-2.0.0:
      Successfully uninstalled ansible-2.0.0
  Running setup.py install for ansible
Successfully installed ansible-2.0.0 setuptools-18.7

(venv)$ ansible-playbook -i inventory playbook.yml
[DEPRECATION WARNING]: Instead of sudo/sudo_user, use become/become_user and make sure become_method is 'sudo' (default). This feature will be removed in a future release. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

PLAY ***************************************************************************

TASK [setup] *******************************************************************
ok: [host01]

TASK [debug msg={{ my_var }}] **************************************************
ok: [host01] => {
    "changed": false,
    "msg": "this one should be used"
}

PLAY RECAP *********************************************************************
host01                     : ok=2    changed=0    unreachable=0    failed=0

[amenonsen]

Why is your version more "fixed" than the other, and where's the documentation to explain this behaviour? How did 1.9.x behave, and what are the compatibility considerations for this change? (Also, the patch shouldn't include unrelated whitespace changes.)

[larsla]

This was the behaviour of 1.9.x. We got the problem when switching to 2.0.
If you want to verify it you can try the same commands on 1.9.x.

The whitespace stuff was my editor automatically fixing things it thinks isn't following pep8. I can revert it if it's important.

[larsla]

log output of behaviour of 1.9.x:

(venv)$ pip install ansible
Collecting ansible
/Users/lars/tmp/ver/venv/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
  Downloading ansible-1.9.4.tar.gz (937kB)
    100% |████████████████████████████████| 937kB 475kB/s
Collecting paramiko (from ansible)
  Using cached paramiko-1.16.0-py2.py3-none-any.whl
Collecting jinja2 (from ansible)
  Using cached Jinja2-2.8-py2.py3-none-any.whl
Collecting PyYAML (from ansible)
Requirement already satisfied (use --upgrade to upgrade): setuptools in ./venv/lib/python2.7/site-packages (from ansible)
Collecting pycrypto>=2.6 (from ansible)
Collecting ecdsa>=0.11 (from paramiko->ansible)
  Using cached ecdsa-0.13-py2.py3-none-any.whl
Collecting MarkupSafe (from jinja2->ansible)
Building wheels for collected packages: ansible
  Running setup.py bdist_wheel for ansible
  Stored in directory: /Users/lars/Library/Caches/pip/wheels/39/6e/f7/ba6918eccdf93741547986c441ee7761b9a2daa63d3e8b8d37
Successfully built ansible
Installing collected packages: ecdsa, pycrypto, paramiko, MarkupSafe, jinja2, PyYAML, ansible
Successfully installed MarkupSafe-0.23 PyYAML-3.11 ansible-1.9.4 ecdsa-0.13 jinja2-2.8 paramiko-1.16.0 pycrypto-2.6.1
/Users/lars/tmp/ver/venv/lib/python2.7/site-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
  InsecurePlatformWarning
(venv)$
(venv)$
(venv)$ ansible-playbook -i inventory playbook.yml

PLAY [all] ********************************************************************

GATHERING FACTS ***************************************************************
ok: [host01]

TASK: [debug msg="{{ my_var }}"] **********************************************
ok: [host01] => {
    "msg": "this one should be used"
}

PLAY RECAP ********************************************************************
host01                     : ok=2    changed=0    unreachable=0    failed=0

[jimi-c]

Hi @larsla, I've merged this into both devel and stable-2.0 via a squashed commit.

Thanks!