fix(k8s-node): lint errors

hiteshnayak305 · Dec 6, 2024 · 00d848c · 00d848c
1 parent bf84968
commit 00d848c
Show file tree

Hide file tree

Showing 17 changed files with 58 additions and 41 deletions.
diff --git a/.ansible-lint b/.ansible-lint
@@ -2,4 +2,4 @@
 exclude_paths:
   - .github
   - .vscode
-  - ci
+  - ci
diff --git a/.vscode/settings.json b/.vscode/settings.json
@@ -1,3 +1,3 @@
 {
-    "ansible.python.interpreterPath": "/usr/bin/python"
+    "ansible.python.interpreterPath": "/bin/python"
 }
diff --git a/.yamllint b/.yamllint
@@ -3,6 +3,14 @@ extends: default
 
 rules:
   line-length: disable
+  comments-indentation: false
+  comments:
+    min-spaces-from-content: 1
+  braces:
+    max-spaces-inside: 1
+  octal-values:
+    forbid-explicit-octal: true
+    forbid-implicit-octal: true
 
 ignore: |
   .github

diff --git a/meta/runtime.yml b/meta/runtime.yml
@@ -1,4 +1,4 @@
 ---
 # Collections must specify a minimum required ansible version to upload
 # to galaxy
-requires_ansible: '>=2.9.10'
+requires_ansible: ">=2.18.0"
diff --git a/roles/k8s_node/defaults/main.yml b/roles/k8s_node/defaults/main.yml
@@ -1,6 +1,3 @@
 ---
 # defaults file for k8s_node
-ssh_id_rsa_pubs: []
-allow_kube_upgrade: false
-# tmpdir
-tmpdir: /tmp
+k8s_node_ssh_id_rsa_pubs: []
diff --git a/roles/k8s_node/handlers/main.yml b/roles/k8s_node/handlers/main.yml
@@ -1,14 +1,14 @@
 ---
 # handlers file for k8s_node
-- name: restart containerd
+- name: Restart Containerd
   become: true
   become_user: root
   ansible.builtin.service:
     name: "containerd"
     state: "restarted"
     enabled: true
 
-- name: restart kubelet
+- name: Restart Kubelet
   become: true
   ansible.builtin.service:
     name: kubelet

diff --git a/roles/k8s_node/meta/main.yml b/roles/k8s_node/meta/main.yml
@@ -5,12 +5,11 @@ galaxy_info:
   company: "-"
   issue_tracker_url: https://github.com/hiteshnayak305/ansible-homelab/issues
   license: license (MIT)
-  min_ansible_version: "2.1"
+  min_ansible_version: "2.18.0"
   platforms:
     - name: Ubuntu
       versions:
         - all
   galaxy_tags:
-    - K8s
-    - Kubernetes Node
+    - kubernetes
 dependencies: []
diff --git a/roles/k8s_node/tasks/01_kube_sudoer.yml b/roles/k8s_node/tasks/01_kube_sudoer.yml
@@ -1,10 +1,10 @@
 ---
-- name: Ensure group {{ kubernetes_user  }} exists
+- name: Ensure group exists {{ kubernetes_user }}
   ansible.builtin.group:
     name: "{{ kubernetes_user }}"
     state: present
 
-- name: create the {{ kubernetes_user }} user account
+- name: Create the user account {{ kubernetes_user }}
   ansible.builtin.user:
     name: "{{ kubernetes_user }}"
     append: true
@@ -14,15 +14,15 @@
     groups:
       - "{{ kubernetes_user }}"
 
-- name: allow {{ kubernetes_user }} to use sudo without needing a password
+- name: Allow to use sudo without needing a password user {{ kubernetes_user }}
   ansible.builtin.lineinfile:
     dest: /etc/sudoers
     line: "{{ kubernetes_user }} ALL=(ALL) NOPASSWD: ALL"
     validate: "visudo -cf %s"
 
-- name: set up authorized keys for the {{ kubernetes_user }} user
-  ansible.builtin.authorized_key:
+- name: Set up authorized keys for the user {{ kubernetes_user }}
+  ansible.posix.authorized_key:
     user: "{{ kubernetes_user }}"
     state: present
     key: "{{ item }}"
-  with_file: "{{ ssh_id_rsa_pubs }}"
+  with_file: "{{ k8s_node_ssh_id_rsa_pubs }}"
diff --git a/roles/k8s_node/tasks/02_kube_nfs_mount.yml b/roles/k8s_node/tasks/02_kube_nfs_mount.yml
@@ -5,12 +5,13 @@
     state: directory
     owner: nobody
     group: nogroup
+    mode: "0777"
   with_items:
     - "/home/{{ kubernetes_user }}/nfs/ssd_0"
     - "/home/{{ kubernetes_user }}/nfs/hdd_0"
 
 - name: Mount NFS volume ssd_0
-  ansible.builtin.mount:
+  ansible.posix.mount:
     src: "{{ nfs_server }}:/mnt/nfs/ssd_0"
     path: "/home/{{ kubernetes_user }}/nfs/ssd_0"
     opts: rw,sync,hard
@@ -19,7 +20,7 @@
   when: nfs_server is defined
 
 - name: Mount NFS volume hdd_0
-  ansible.builtin.mount:
+  ansible.posix.mount:
     src: "{{ nfs_server }}:/mnt/nfs/hdd_0"
     path: "/home/{{ kubernetes_user }}/nfs/hdd_0"
     opts: rw,sync,hard

diff --git a/roles/k8s_node/tasks/03_kube_modprobe.yml b/roles/k8s_node/tasks/03_kube_modprobe.yml
@@ -1,6 +1,6 @@
 ---
 - name: Enable modprobe 'overlay'
-  ansible.builtin.modprobe:
+  community.general.modprobe:
     name: "{{ item }}"
     state: present
   with_items:

diff --git a/roles/k8s_node/tasks/04_kube_disable_swap.yml b/roles/k8s_node/tasks/04_kube_disable_swap.yml
@@ -1,6 +1,6 @@
 ---
 - name: Remove swapfile from /etc/fstab
-  ansible.builtin.mount:
+  ansible.posix.mount:
     name: "{{ item }}"
     fstype: swap
     state: absent
@@ -11,3 +11,4 @@
 - name: Disable swap
   ansible.builtin.command: swapoff -a
   when: ansible_swaptotal_mb > 0
+  changed_when: ansible_swaptotal_mb > 0
diff --git a/roles/k8s_node/tasks/05_kube_configure_sysctl.yml b/roles/k8s_node/tasks/05_kube_configure_sysctl.yml
@@ -3,23 +3,27 @@
   ansible.builtin.file:
     path: /etc/modules-load.d
     state: directory
+    mode: "0764"
 
 - name: Copy the kube modules
   ansible.builtin.copy:
     src: "files/etc/modules-load.d/k8s.conf"
     dest: "/etc/modules-load.d/k8s.conf"
+    mode: "0644"
 
 - name: Make sure the folder exists => /etc/sysctl.d
   ansible.builtin.file:
     path: /etc/sysctl.d
     state: directory
+    mode: "0764"
 
 - name: Copy the kube sysctl conf
   ansible.builtin.copy:
     src: "files/etc/sysctl.d/k8s.conf"
     dest: "/etc/sysctl.d/k8s.conf"
+    mode: "0644"
 
-- name: set ipv4 forward to 1
+- name: Set ipv4 forward to 1
   ansible.posix.sysctl:
     name: net.ipv4.ip_forward
     value: "1"

diff --git a/roles/k8s_node/tasks/06_kube_configure_containerd.yml b/roles/k8s_node/tasks/06_kube_configure_containerd.yml
@@ -3,6 +3,7 @@
   ansible.builtin.file:
     path: /etc/containerd
     state: directory
+    mode: "0764"
 
 - name: Get defaults from containerd.
   ansible.builtin.command: containerd config default
@@ -11,13 +12,14 @@
 
 - name: Prepare containerd/config.toml from default config
   ansible.builtin.copy:
-    dest: "{{ tmpdir }}/containerd_config.toml"
+    dest: "{{ k8s_node_tmpdir }}/containerd_config.toml"
     content: "{{ containerd_config_default.stdout }}"
+    mode: "0666"
   changed_when: false
 
 - name: Ensure Systemd Cgroup is used
   ansible.builtin.lineinfile:
-    path: "{{ tmpdir }}/containerd_config.toml"
+    path: "{{ k8s_node_tmpdir }}/containerd_config.toml"
     regexp: "^            SystemdCgroup ="
     line: "            SystemdCgroup = true"
     backrefs: true
@@ -26,7 +28,7 @@
 
 - name: Ensure sandbox image version
   ansible.builtin.lineinfile:
-    path: "{{ tmpdir }}/containerd_config.toml"
+    path: "{{ k8s_node_tmpdir }}/containerd_config.toml"
     regexp: "^    sandbox_image ="
     line: '    sandbox_image = "registry.k8s.io/pause:3.9"'
     backrefs: true
@@ -36,13 +38,14 @@
 - name: Copy config.toml to /etc/containerd
   ansible.builtin.copy:
     remote_src: true
-    src: "{{ tmpdir }}/containerd_config.toml"
+    src: "{{ k8s_node_tmpdir }}/containerd_config.toml"
     dest: /etc/containerd/config.toml
+    mode: "0644"
   notify:
-    - restart containerd
+    - Restart Containerd
 
 - name: Cleanup temporary file
   ansible.builtin.file:
-    path: "{{ tmpdir }}/containerd_config.toml"
+    path: "{{ k8s_node_tmpdir }}/containerd_config.toml"
     state: absent
   changed_when: false
diff --git a/roles/k8s_node/tasks/07_kube_configure_crictl.yml b/roles/k8s_node/tasks/07_kube_configure_crictl.yml
@@ -3,5 +3,6 @@
   ansible.builtin.copy:
     src: "files/etc/crictl.yaml"
     dest: "/etc/crictl.yaml"
+    mode: "0644"
   notify:
-    - restart containerd
+    - Restart Containerd
diff --git a/roles/k8s_node/tasks/08_kube_install_binaries.yml b/roles/k8s_node/tasks/08_kube_install_binaries.yml
@@ -1,6 +1,7 @@
 ---
 - name: Add an apt signing key for Kubernetes
-  ansible.builtin.shell: curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | gpg --dearmor --batch --yes -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
+  ansible.builtin.shell: set -o pipefail && curl -fsSL https://pkgs.k8s.io/core:/stable:/v1.30/deb/Release.key | gpg --dearmor --batch --yes -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
+  changed_when: true
 
 - name: Adding apt repository for Kubernetes
   ansible.builtin.apt_repository:
@@ -28,4 +29,4 @@
     - kubeadm
     - kubectl
   notify:
-    - restart kubelet
+    - Restart Kubelet
diff --git a/roles/k8s_node/tasks/main.yml b/roles/k8s_node/tasks/main.yml
@@ -1,29 +1,29 @@
 ---
 # tasks file for k8s_node
-- name: execute role k8s_node
+- name: Execute role k8s_node
   become: true
   become_user: root
   block:
     - name: Create User
-      include_tasks: 01_kube_sudoer.yml
+      ansible.builtin.include_tasks: 01_kube_sudoer.yml
 
     - name: Mount shared NFS
-      include_tasks: 02_kube_nfs_mount.yml
+      ansible.builtin.include_tasks: 02_kube_nfs_mount.yml
 
     - name: Enable modprobe Modules
-      include_tasks: 03_kube_modprobe.yml
+      ansible.builtin.include_tasks: 03_kube_modprobe.yml
 
     - name: Disable Swap
-      include_tasks: 04_kube_disable_swap.yml
+      ansible.builtin.include_tasks: 04_kube_disable_swap.yml
 
     - name: Configure Sysctl
-      include_tasks: 05_kube_configure_sysctl.yml
+      ansible.builtin.include_tasks: 05_kube_configure_sysctl.yml
 
     - name: Configure Containerd
-      include_tasks: 06_kube_configure_containerd.yml
+      ansible.builtin.include_tasks: 06_kube_configure_containerd.yml
 
     - name: Configure Crictl
-      include_tasks: 07_kube_configure_crictl.yml
+      ansible.builtin.include_tasks: 07_kube_configure_crictl.yml
 
     - name: Install Kubernetes
-      include_tasks: 08_kube_install_binaries.yml
+      ansible.builtin.include_tasks: 08_kube_install_binaries.yml
diff --git a/roles/k8s_node/vars/main.yml b/roles/k8s_node/vars/main.yml
@@ -1,2 +1,4 @@
 ---
 # vars file for k8s_node
+# k8s_node_tmpdir
+k8s_node_tmpdir: /tmp
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,4 +2,4 @@ @@
     exclude_paths:
       - .github
       - .vscode
-      - ci
+      - ci