From 672aeb7735db1269528e2d8b68ce57b6da09b8bc Mon Sep 17 00:00:00 2001 From: William Bradford Clark Date: Wed, 24 Aug 2022 14:24:52 -0400 Subject: [PATCH 01/11] Use fully qualified collection names in playbooks/ --- playbooks/collect_debug.yml | 12 +++--- playbooks/kubevirt.yml | 74 ++++++++++++++++++------------------ playbooks/resize_disk.yml | 16 ++++---- playbooks/rpm_packaging.yml | 8 ++-- playbooks/setup_forklift.yml | 16 ++++---- 5 files changed, 63 insertions(+), 63 deletions(-) diff --git a/playbooks/collect_debug.yml b/playbooks/collect_debug.yml index 66daec273..019be7bba 100644 --- a/playbooks/collect_debug.yml +++ b/playbooks/collect_debug.yml @@ -11,19 +11,19 @@ - role: sos_report tasks: - name: "Find bats files" - find: + ansible.builtin.find: paths: "{{ bats_output_dir }}" patterns: "*.tap" register: bats_results - name: "Copy bats results" - fetch: + ansible.builtin.fetch: src: "{{ item.path }}" dest: "{{ remote_dir }}" with_items: "{{ bats_results.files }}" - name: "Find smoker files" - find: + ansible.builtin.find: paths: "{{ smoker_output_dir }}" patterns: - "junit.xml" @@ -34,20 +34,20 @@ register: smoker_results - name: "Copy smoker results" - fetch: + ansible.builtin.fetch: src: "{{ item.path }}" dest: "{{ remote_dir }}" with_items: "{{ smoker_results.files }}" - name: "Find backup files" - find: + ansible.builtin.find: paths: "{{ backup_output_dir }}" recurse: True hidden: True register: backup_results - name: "Copy backup results" - fetch: + ansible.builtin.fetch: src: "{{ item.path }}" dest: "{{ remote_dir }}" with_items: "{{ backup_results.files }}" diff --git a/playbooks/kubevirt.yml b/playbooks/kubevirt.yml index 42b14921e..a7ec6d7db 100644 --- a/playbooks/kubevirt.yml +++ b/playbooks/kubevirt.yml @@ -14,21 +14,21 @@ - epel_repositories tasks: - name: disable swap - command: swapoff -a + ansible.builtin.command: swapoff -a - name: deconfigure swap - mount: + ansible.posix.mount: src: /swapfile fstype: swap path: none state: absent - name: modprobe br_netfilter - modprobe: + community.general.modprobe: name: br_netfilter - name: configure bridge iptables - sysctl: + ansible.posix.sysctl: name: "{{ item }}" value: 1 sysctl_file: /etc/sysctl.d/k8s.conf @@ -37,29 +37,29 @@ - net.bridge.bridge-nf-call-iptables - name: install needed network manager libs - yum: + ansible.builtin.yum: name: - NetworkManager-glib - NetworkManager - name: Configure bridge - nmcli: + community.general.nmcli: state: present type: bridge conn_name: foreman - name: install docker - yum: + ansible.builtin.yum: name: docker - name: enable docker - service: + ansible.builtin.service: name: docker enabled: true state: started - name: k8s repo - yum_repository: + ansible.builtin.yum_repository: name: kubernetes description: Kubernetes baseurl: https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64 @@ -70,7 +70,7 @@ exclude: kube* - name: install kubelet kubeadm kubectl - yum: + ansible.builtin.yum: name: - kubelet-{{ kubernetes_version }} - kubeadm-{{ kubernetes_version }} @@ -78,12 +78,12 @@ disable_excludes: kubernetes - name: create /etc/systemd/system/kubelet.service.d/ - file: + ansible.builtin.file: path: /etc/systemd/system/kubelet.service.d/ state: directory - name: enable kubelet accounting - copy: + ansible.builtin.copy: dest: /etc/systemd/system/kubelet.service.d/11-cgroups.conf content: | [Service] @@ -91,22 +91,22 @@ MemoryAccounting=true - name: reload systemd - systemd: + ansible.builtin.systemd: daemon_reload: yes - name: enable kubelet - service: + ansible.builtin.service: name: kubelet enabled: true state: started - name: init cluster - command: kubeadm init --pod-network-cidr={{ pod_network }} --apiserver-advertise-address={{ ansible_eth0['ipv4']['address'] }} + ansible.builtin.command: kubeadm init --pod-network-cidr={{ pod_network }} --apiserver-advertise-address={{ ansible_eth0['ipv4']['address'] }} args: creates: /etc/kubernetes/admin.conf - name: untaint master - command: kubectl taint nodes --all node-role.kubernetes.io/master- + ansible.builtin.command: kubectl taint nodes --all node-role.kubernetes.io/master- register: untaint_master failed_when: false changed_when: untaint_master.rc == 0 @@ -114,49 +114,49 @@ KUBECONFIG: /etc/kubernetes/admin.conf - name: deploy flannel - command: kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/{{ flannel_version }}/Documentation/kube-flannel.yml + ansible.builtin.command: kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/{{ flannel_version }}/Documentation/kube-flannel.yml args: creates: /etc/cni/net.d/10-flannel.conflist environment: KUBECONFIG: /etc/kubernetes/admin.conf - name: deploy network namespace - command: kubectl apply -f https://github.com/kubevirt/cluster-network-addons-operator/releases/download/{{ network_operator }}/namespace.yaml + ansible.builtin.command: kubectl apply -f https://github.com/kubevirt/cluster-network-addons-operator/releases/download/{{ network_operator }}/namespace.yaml args: creates: /etc/cni/net.d/multus.d/multus.kubeconfig environment: KUBECONFIG: /etc/kubernetes/admin.conf - name: deploy network crd - command: kubectl apply -f https://github.com/kubevirt/cluster-network-addons-operator/releases/download/{{ network_operator }}/network-addons-config.crd.yaml + ansible.builtin.command: kubectl apply -f https://github.com/kubevirt/cluster-network-addons-operator/releases/download/{{ network_operator }}/network-addons-config.crd.yaml args: creates: /etc/cni/net.d/multus.d/multus.kubeconfig environment: KUBECONFIG: /etc/kubernetes/admin.conf - name: deploy network operator - command: kubectl apply -f https://github.com/kubevirt/cluster-network-addons-operator/releases/download/{{ network_operator }}/operator.yaml + ansible.builtin.command: kubectl apply -f https://github.com/kubevirt/cluster-network-addons-operator/releases/download/{{ network_operator }}/operator.yaml args: creates: /etc/cni/net.d/multus.d/multus.kubeconfig environment: KUBECONFIG: /etc/kubernetes/admin.conf - name: deploy kubevirt operator - command: kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/{{ kubevirt_version }}/kubevirt-operator.yaml + ansible.builtin.command: kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/{{ kubevirt_version }}/kubevirt-operator.yaml args: creates: /var/lib/kubelet/device-plugins/kubevirt-tun.sock environment: KUBECONFIG: /etc/kubernetes/admin.conf - name: deploy kubevirt cr - command: kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/{{ kubevirt_version }}/kubevirt-cr.yaml + ansible.builtin.command: kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/{{ kubevirt_version }}/kubevirt-cr.yaml args: creates: /var/lib/kubelet/device-plugins/kubevirt-tun.sock environment: KUBECONFIG: /etc/kubernetes/admin.conf - name: check for NetworkAddonsConfig - command: kubectl get networkaddonsconfigs cluster + ansible.builtin.command: kubectl get networkaddonsconfigs cluster environment: KUBECONFIG: /etc/kubernetes/admin.conf failed_when: false @@ -164,7 +164,7 @@ register: netaddonsconfig - name: prepare NetworkAddonsConfig file - copy: + ansible.builtin.copy: dest: /tmp/netaddonsconfig content: | apiVersion: networkaddonsoperator.network.kubevirt.io/v1alpha1 @@ -179,24 +179,24 @@ when: netaddonsconfig.rc != 0 - name: create NetworkAddonsConfig - command: kubectl create -f /tmp/netaddonsconfig + ansible.builtin.command: kubectl create -f /tmp/netaddonsconfig environment: KUBECONFIG: /etc/kubernetes/admin.conf when: netaddonsconfig.rc != 0 - name: install virtctl - get_url: + ansible.builtin.get_url: url: https://github.com/kubevirt/kubevirt/releases/download/{{ kubevirt_version }}/virtctl-{{ kubevirt_version }}-linux-amd64 dest: /usr/bin/virtctl mode: u=rwx,g=rx,o=rx - name: wait for the network to be ready - command: kubectl wait networkaddonsconfig cluster --for condition=Ready --timeout=300s + ansible.builtin.command: kubectl wait networkaddonsconfig cluster --for condition=Ready --timeout=300s environment: KUBECONFIG: /etc/kubernetes/admin.conf - name: check for bridge-foreman NetworkAttachmentDefinition - command: kubectl get net-attach-def bridge-foreman + ansible.builtin.command: kubectl get net-attach-def bridge-foreman environment: KUBECONFIG: /etc/kubernetes/admin.conf failed_when: false @@ -204,7 +204,7 @@ register: bridge_foreman_net_attach - name: prepare bridge-foreman NetworkAttachmentDefinition file - copy: + ansible.builtin.copy: dest: /tmp/bridge-foreman-net-attach-def content: | apiVersion: "k8s.cni.cncf.io/v1" @@ -221,13 +221,13 @@ when: bridge_foreman_net_attach.rc != 0 - name: create bridge-foreman NetworkAttachmentDefinition - command: kubectl create -f /tmp/bridge-foreman-net-attach-def + ansible.builtin.command: kubectl create -f /tmp/bridge-foreman-net-attach-def environment: KUBECONFIG: /etc/kubernetes/admin.conf when: bridge_foreman_net_attach.rc != 0 - name: check for foreman-account ServiceAccount - command: kubectl get sa foreman-account + ansible.builtin.command: kubectl get sa foreman-account environment: KUBECONFIG: /etc/kubernetes/admin.conf failed_when: false @@ -235,7 +235,7 @@ register: foreman_service_sa - name: prepare foreman-account ServiceAccount file - copy: + ansible.builtin.copy: dest: /tmp/foreman-account-sa content: | apiVersion: v1 @@ -259,20 +259,20 @@ when: foreman_service_sa.rc != 0 - name: create foreman-account ServiceAccount - command: kubectl create -f /tmp/foreman-account-sa + ansible.builtin.command: kubectl create -f /tmp/foreman-account-sa environment: KUBECONFIG: /etc/kubernetes/admin.conf when: foreman_service_sa.rc != 0 - name: create /home/vagrant/.kube - file: + ansible.builtin.file: path: /home/vagrant/.kube state: directory owner: vagrant group: vagrant - name: deploy kube config - copy: + ansible.builtin.copy: src: /etc/kubernetes/admin.conf dest: /home/vagrant/.kube/config remote_src: yes @@ -280,12 +280,12 @@ group: vagrant - name: get foreman-account secret - shell: "set -o pipefail && kubectl get secrets $(kubectl get sa foreman-account -o jsonpath='{.secrets[0].name}') -o jsonpath='{.data.token}' | base64 -d | xargs" + ansible.builtin.shell: "set -o pipefail && kubectl get secrets $(kubectl get sa foreman-account -o jsonpath='{.secrets[0].name}') -o jsonpath='{.data.token}' | base64 -d | xargs" environment: KUBECONFIG: /etc/kubernetes/admin.conf changed_when: false register: foreman_account_secret - name: show foreman-account secret - debug: + ansible.builtin.debug: msg: "{{ foreman_account_secret.stdout }}" diff --git a/playbooks/resize_disk.yml b/playbooks/resize_disk.yml index 16bc7f35f..755bb4d07 100644 --- a/playbooks/resize_disk.yml +++ b/playbooks/resize_disk.yml @@ -3,39 +3,39 @@ become: true tasks: - name: Find root partition - shell: set -o pipefail && df --output=source,fstype / | tail -n 1 + ansible.builtin.shell: set -o pipefail && df --output=source,fstype / | tail -n 1 register: root_partition - name: Install cloud-utils-growpart package - package: + ansible.builtin.package: name: cloud-utils-growpart when: ansible_os_family == 'RedHat' - name: Install cloud-guest-utils package - package: + ansible.builtin.package: name: cloud-guest-utils when: ansible_os_family == 'Debian' - name: Install e2fsprogs package - package: + ansible.builtin.package: name: e2fsprogs when: '"ext4" in root_partition.stdout' - name: Extend partition - command: growpart /dev/vda {{ root_partition.stdout.split(' ')[0].replace('/dev/vda', '') }} + ansible.builtin.command: growpart /dev/vda {{ root_partition.stdout.split(' ')[0].replace('/dev/vda', '') }} register: growpart_output failed_when: - growpart_output.rc != 0 - '"NOCHANGE" not in growpart_output.stdout' - name: Grow XFS filesystem - command: xfs_growfs -d / + ansible.builtin.command: xfs_growfs -d / when: '"xfs" in root_partition.stdout' - name: Grow ext4 filesystem - command: resize2fs {{ root_partition.stdout.split(' ')[0] }} + ansible.builtin.command: resize2fs {{ root_partition.stdout.split(' ')[0] }} when: '"ext4" in root_partition.stdout' - name: Grow btrfs filesystem - command: btrfs filesystem resize max / + ansible.builtin.command: btrfs filesystem resize max / when: '"btrfs" in root_partition.stdout' diff --git a/playbooks/rpm_packaging.yml b/playbooks/rpm_packaging.yml index c85976b4e..ed4258e7d 100644 --- a/playbooks/rpm_packaging.yml +++ b/playbooks/rpm_packaging.yml @@ -2,7 +2,7 @@ - hosts: all tasks: - name: Install dependencies for packaging tooling - yum: + ansible.builtin.yum: name: "{{ package_list }}" state: present vars: @@ -26,19 +26,19 @@ become: true - name: Install obal - pip: + ansible.builtin.pip: name: obal state: present become: true - name: Clone foreman-packaging - git: + ansible.builtin.git: repo: https://github.com/theforeman/foreman-packaging.git dest: /home/vagrant/foreman-packaging version: rpm/develop - name: Add vagrant user to mock group - user: + ansible.builtin.user: name: vagrant groups: mock append: true diff --git a/playbooks/setup_forklift.yml b/playbooks/setup_forklift.yml index 4de73e47b..886fb166b 100644 --- a/playbooks/setup_forklift.yml +++ b/playbooks/setup_forklift.yml @@ -25,7 +25,7 @@ - '^[^p]' tasks: - name: 'Install Forklift dependencies' - package: + ansible.builtin.package: name: - ansible - git-core @@ -33,7 +33,7 @@ state: 'present' - name: 'install telemetry dependencies' - pip: + ansible.builtin.pip: name: - protobuf<3.21 - opentelemetry-api @@ -45,24 +45,24 @@ - ansible_distribution_major_version != '7' - name: 'Clone Forklift' - git: + ansible.builtin.git: repo: "{{ forklift_url }}" version: "{{ forklift_version }}" dest: "{{ forklift_dest }}" - name: 'Configure Forklift' - copy: + ansible.builtin.copy: content: "{{ forklift_config | to_nice_yaml }}" dest: "{{ forklift_dest }}/vagrant/settings.yaml" - name: 'Install Forklift collection dependencies' - command: + ansible.builtin.command: cmd: ansible-galaxy collection install -r requirements.yml chdir: "{{ forklift_dest }}" when: forklift_install_from_galaxy - name: 'Install Forklift Pulp collection dependencies for <3.17' - command: + ansible.builtin.command: cmd: ansible-galaxy collection install -r requirements-pulp.yml chdir: "{{ forklift_dest }}" when: @@ -74,7 +74,7 @@ until: result is succeeded - name: 'Install Forklift Pulp collection dependencies for >3.18' - command: + ansible.builtin.command: cmd: ansible-galaxy collection install -r requirements-pulp-318.yml chdir: "{{ forklift_dest }}" when: @@ -86,7 +86,7 @@ until: result is succeeded - name: 'Install Forklift pulp_installer role dependencies' - command: + ansible.builtin.command: cmd: ansible-galaxy role install -r playbooks/galaxy_collections/ansible_collections/pulp/pulp_installer/requirements.yml chdir: "{{ forklift_dest }}" when: forklift_install_pulp_from_galaxy From 4da2826e59371dbd0daeb79ad6df9a4237de2bbf Mon Sep 17 00:00:00 2001 From: William Bradford Clark Date: Sun, 28 Aug 2022 20:05:02 -0400 Subject: [PATCH 02/11] Use fully qualified collection names in roles/ --- roles/bats/tasks/bats_fetch_results.yml | 4 +- roles/bats/tasks/main.yml | 26 +++--- roles/cleanup_rh_ruby25/tasks/main.yml | 2 +- roles/custom_certificates/tasks/issue.yml | 4 +- roles/custom_certificates/tasks/main.yml | 24 ++--- .../customize_home/tasks/boostrap_script.yml | 4 +- .../tasks/clone_specified_repo.yml | 12 +-- roles/customize_home/tasks/main.yml | 12 +-- roles/debian_backports/tasks/main.yml | 4 +- roles/disable_firewall/tasks/main.yml | 4 +- roles/disable_ipv6/tasks/main.yml | 4 +- roles/dynflow_devel/tasks/dynflow_install.yml | 12 +-- roles/dynflow_devel/tasks/main.yml | 2 +- roles/enable_ipv6/tasks/main.yml | 2 +- roles/epel_repositories/tasks/main.yml | 4 +- roles/etc_hosts/tasks/main.yml | 2 +- roles/fips/tasks/el7.yml | 10 +-- roles/fips/tasks/el8.yml | 4 +- roles/fips/tasks/main.yml | 6 +- .../tasks/main.yml | 4 +- .../tasks/qpid.yml | 2 +- .../tasks/release_repo.yml | 2 +- .../tasks/staging_repo.yml | 6 +- .../tasks/check_forks_of_repos.yml | 4 +- roles/foreman_devel/tasks/github_push_ssh.yml | 4 +- roles/foreman_devel/tasks/main.yml | 8 +- roles/foreman_devel/tasks/rhel.yml | 8 +- .../foreman_installer/tasks/custom_hiera.yml | 2 +- roles/foreman_installer/tasks/install.yml | 10 +-- .../tasks/installer_version.yml | 6 +- roles/foreman_installer/tasks/locales.yml | 8 +- roles/foreman_installer/tasks/main.yml | 12 +-- roles/foreman_installer/tasks/module_pr.yml | 18 ++-- roles/foreman_installer/tasks/module_prs.yml | 10 +-- roles/foreman_installer/tasks/modules.yml | 2 +- roles/foreman_installer/tasks/packages.yml | 6 +- roles/foreman_installer/tasks/upgrade.yml | 12 +-- .../tasks/main.yml | 22 ++--- .../foreman_maintain_packages/tasks/main.yml | 6 +- .../tasks/configure_centos_7.yml | 16 ++-- .../tasks/configure_debian_9_3.yml | 14 +-- .../tasks/configure_fedora_27.yml | 14 +-- .../tasks/configure_ubuntu_17_10.yml | 14 +-- roles/foreman_provisioning/tasks/main.yml | 22 ++--- .../tasks/compute_profiles.yml | 6 +- .../tasks/main.yml | 38 ++++---- .../tasks/certs_generate.yml | 10 +-- .../tasks/devel_install.yml | 6 +- roles/foreman_proxy_content/tasks/install.yml | 14 +-- roles/foreman_proxy_content/tasks/main.yml | 6 +- roles/foreman_proxy_content/tasks/upgrade.yml | 4 +- .../tasks/debian_release_repos.yml | 2 +- .../tasks/debian_staging_repos.yml | 6 +- roles/foreman_repositories/tasks/main.yml | 6 +- .../tasks/redhat_release_repos.yml | 2 +- .../tasks/redhat_staging_repos.yml | 10 +-- .../foreman_seeder/hostgroups/tasks/main.yml | 22 ++--- roles/foreman_seeder/hosts/tasks/main.yml | 2 +- .../puppet_modules/tasks/main.yml | 4 +- roles/foreman_seeder/users/tasks/main.yml | 20 ++--- .../tasks/main.yml | 10 +-- roles/foreman_testing/tasks/main.yml | 6 +- roles/forklift/tasks/destroy.yml | 4 +- roles/forklift/tasks/halt.yml | 2 +- roles/forklift/tasks/main.yml | 10 +-- roles/forklift/tasks/rebuild.yml | 2 +- roles/forklift/tasks/up.yml | 4 +- .../molecule/default/verify.yml | 20 ++--- roles/forklift_versions/tasks/main.yml | 4 +- roles/forklift_versions/tasks/upgrade.yml | 2 +- roles/forklift_versions/tasks/versions.yml | 2 +- .../tasks/install_freeipa_client.yml | 20 ++--- .../tasks/install_freeipa_server.yml | 10 +-- roles/freeipa_server/tasks/main.yml | 4 +- roles/git/tasks/main.yml | 2 +- roles/hammer_credentials/tasks/main.yml | 6 +- roles/hammer_devel/tasks/hammer_config.yml | 32 +++---- roles/hammer_devel/tasks/hammer_install.yml | 14 +-- roles/hammer_devel/tasks/main.yml | 4 +- roles/hammer_tests/tasks/main.yml | 8 +- roles/haproxy/handlers/main.yml | 2 +- roles/haproxy/tasks/main.yml | 10 +-- roles/haveged/tasks/main.yml | 4 +- roles/katello_client/tasks/cleanup.yml | 10 +-- roles/katello_client/tasks/main.yml | 16 ++-- roles/katello_provisioning/tasks/main.yml | 88 +++++++++---------- roles/katello_repositories/tasks/main.yml | 6 +- .../tasks/release_repos.yml | 2 +- .../tasks/staging_repos.yml | 12 +-- roles/keycloak/tasks/main.yml | 12 +-- roles/koji/tasks/download.yml | 14 +-- roles/koji/tasks/main.yml | 2 +- roles/libvirt/tasks/main.yml | 16 ++-- roles/libvirt/tasks/nested.yml | 8 +- roles/libvirt/tasks/tftp.yml | 24 ++--- roles/myhostname/tasks/main.yml | 2 +- roles/nodejs_scl/tasks/main.yml | 6 +- .../foreman_ansible/install/tasks/main.yml | 4 +- .../foreman_ansible/seed/tasks/main.yml | 6 +- roles/plugins/foreman_bootdisk/tasks/main.yml | 2 +- .../plugins/foreman_discovery/tasks/main.yml | 2 +- .../foreman_openscap/install/tasks/main.yml | 4 +- .../foreman_openscap/seed/tasks/main.yml | 6 +- .../foreman_remote_execution/tasks/main.yml | 2 +- .../foreman_templates/install/tasks/main.yml | 2 +- .../foreman_templates/seed/tasks/main.yml | 2 +- roles/plugins/plugin_installer/tasks/main.yml | 4 +- roles/podman/tasks/main.yml | 10 +-- roles/postgresql_scl/tasks/main.yml | 6 +- roles/powerdns/tasks/main.yml | 14 +-- roles/powerdns/tasks/schema.mysql.yml | 4 +- roles/powerdns/tasks/zones.yml | 4 +- roles/pulp_repositories/tasks/main.yml | 6 +- roles/pulpcore_repositories/tasks/main.yml | 4 +- roles/puppet_agent/tasks/main.yml | 12 +-- roles/pytest_project/tasks/install.yml | 6 +- roles/pytest_project/tasks/local_env.yml | 6 +- roles/pytest_project/tasks/run.yml | 8 +- roles/realm_join/tasks/install_pexpect.yml | 6 +- roles/realm_join/tasks/main.yml | 8 +- .../tasks/prepare_httpd_mod_auth.yml | 18 ++-- roles/realm_join/tasks/realm_join_ad.yml | 6 +- roles/remove_pulp2/tasks/main.yml | 2 +- roles/reviewer/tasks/main.yml | 8 +- roles/robottelo/tasks/main.yml | 16 ++-- roles/robottelo/tasks/ssh.yml | 6 +- roles/ruby_libvirt_gem/handlers/main.yml | 2 +- roles/ruby_libvirt_gem/tasks/main.yml | 2 +- roles/ruby_scl/tasks/main.yml | 6 +- roles/selinux/tasks/main.yml | 6 +- roles/smoker/tasks/main.yml | 10 +-- roles/sos_report/tasks/main.yml | 8 +- .../tasks/sosreport_fetch_results.yml | 4 +- roles/squid/tasks/main.yml | 4 +- roles/swapfile/tasks/main.yml | 16 ++-- roles/umask/tasks/debian.yml | 4 +- roles/umask/tasks/main.yml | 2 +- roles/umask/tasks/redhat.yml | 2 +- roles/unprivileged_user/tasks/main.yml | 14 +-- roles/update_os_packages/tasks/main.yml | 4 +- roles/vagrant/tasks/main.yml | 8 +- roles/vagrant/tasks/vagrant_libvirt.yml | 6 +- roles/vagrant/tasks/vagrant_libvirt_el8.yml | 20 ++--- roles/vagrant/tasks/vagrant_scp.yml | 2 +- roles/vagrant_workarounds/tasks/main.yml | 2 +- 145 files changed, 619 insertions(+), 619 deletions(-) diff --git a/roles/bats/tasks/bats_fetch_results.yml b/roles/bats/tasks/bats_fetch_results.yml index f0c2cee5e..43c34992f 100644 --- a/roles/bats/tasks/bats_fetch_results.yml +++ b/roles/bats/tasks/bats_fetch_results.yml @@ -1,12 +1,12 @@ --- - name: "Find bats files" - find: + ansible.builtin.find: paths: "{{ bats_output_dir }}" patterns: "*.tap" register: bats_results - name: "Copy bats results" - fetch: + ansible.builtin.fetch: src: "{{ item.path }}" dest: "{{ bats_remote_dir }}" with_items: "{{ bats_results.files }}" diff --git a/roles/bats/tasks/main.yml b/roles/bats/tasks/main.yml index 6836cc20d..95360902f 100644 --- a/roles/bats/tasks/main.yml +++ b/roles/bats/tasks/main.yml @@ -1,49 +1,49 @@ --- - name: "Load OS variables" - include_vars: "{{ ansible_os_family }}.yml" + ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" - name: "install required packages" - package: + ansible.builtin.package: name: "{{ bats_packages }}" state: present - name: "Install bats from package" - package: + ansible.builtin.package: name: "bats" state: present ignore_errors: yes - name: "Get /usr/bin/bats stat" - stat: + ansible.builtin.stat: path: "/usr/bin/bats" register: bats_bin - name: "Clone bats" - git: + ansible.builtin.git: repo: "https://github.com/sstephenson/bats.git" dest: "{{ bats_git_dir }}" when: not bats_bin.stat.exists - name: "Install bats" - shell: "{{ bats_git_dir }}/install.sh /usr" + ansible.builtin.shell: "{{ bats_git_dir }}/install.sh /usr" args: creates: "/usr/bin/bats" - name: "Clone forklift" - git: + ansible.builtin.git: repo: "{{ bats_forklift_repo }}" dest: "{{ bats_forklift_dir }}" update: "{{ bats_update_forklift }}" version: "{{ bats_forklift_version }}" - name: "Bats output directory" - file: + ansible.builtin.file: state: "directory" path: "{{ bats_output_dir }}" - block: - name: "Run bats" - shell: "bats --tap {{ item }} > {{ bats_output_dir }}/{{ item }}.tap" + ansible.builtin.shell: "bats --tap {{ item }} > {{ bats_output_dir }}/{{ item }}.tap" args: chdir: "{{ bats_forklift_dir }}/bats" with_items: @@ -56,7 +56,7 @@ environment: "{{ bats_environment }}" - name: "Read results" - shell: "cat {{ bats_output_dir }}/{{ item }}.tap" + ansible.builtin.shell: "cat {{ bats_output_dir }}/{{ item }}.tap" register: "test_results" with_items: - "{{ bats_setup | select() | list }}" @@ -65,14 +65,14 @@ - "{{ bats_teardown | select() | list }}" - name: "Output test results" - debug: + ansible.builtin.debug: msg: "{{ test_results.results | join('\n', attribute='stdout') }}" - - include_tasks: 'bats_fetch_results.yml' + - ansible.builtin.include_tasks: 'bats_fetch_results.yml' when: bats_fetch_results - name: "Fail if tests didn't pass" - fail: + ansible.builtin.fail: msg: "Test failed, please see {{ bats_output_dir }}/ for more information" when: item.rc != 0 with_items: "{{ test_output.results }}" diff --git a/roles/cleanup_rh_ruby25/tasks/main.yml b/roles/cleanup_rh_ruby25/tasks/main.yml index f387df4b5..508329963 100644 --- a/roles/cleanup_rh_ruby25/tasks/main.yml +++ b/roles/cleanup_rh_ruby25/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Remove rh-ruby25 packages - package: + ansible.builtin.package: state: absent name: rh-ruby25* when: diff --git a/roles/custom_certificates/tasks/issue.yml b/roles/custom_certificates/tasks/issue.yml index cb9f2516b..0f767c185 100644 --- a/roles/custom_certificates/tasks/issue.yml +++ b/roles/custom_certificates/tasks/issue.yml @@ -1,6 +1,6 @@ --- - name: 'Creating signing request' - command: > + ansible.builtin.command: > openssl req -new -newkey rsa:2048 -nodes @@ -11,7 +11,7 @@ creates: "{{ custom_certificates_ca_directory_requests }}/{{ custom_certificates_hostname }}.csr" - name: 'Sign signing request' - command: > + ansible.builtin.command: > openssl ca -config "{{ custom_certificates_ca_directory }}/openssl.cnf" -batch diff --git a/roles/custom_certificates/tasks/main.yml b/roles/custom_certificates/tasks/main.yml index bbf1ffdb4..8d1eadb9b 100644 --- a/roles/custom_certificates/tasks/main.yml +++ b/roles/custom_certificates/tasks/main.yml @@ -1,29 +1,29 @@ --- - name: 'Install openssl' - yum: + ansible.builtin.yum: name: openssl state: present - name: 'Create certs directory' - file: + ansible.builtin.file: path: "{{ custom_certificates_ca_directory_certs }}" state: directory mode: 0755 - name: 'Create keys directory' - file: + ansible.builtin.file: path: "{{ custom_certificates_ca_directory_keys }}" state: directory mode: 0755 - name: 'Create requests directory' - file: + ansible.builtin.file: path: "{{ custom_certificates_ca_directory_requests }}" state: directory mode: 0755 - name: 'Deploy configuration file' - template: + ansible.builtin.template: src: openssl.cnf.j2 dest: "{{ custom_certificates_ca_directory }}/openssl.cnf" owner: root @@ -31,7 +31,7 @@ mode: 0644 - name: 'Create index file' - file: + ansible.builtin.file: path: "{{ custom_certificates_ca_directory }}/index.txt" state: touch owner: root @@ -39,7 +39,7 @@ mode: 0644 - name: 'Ensure serial starting number' - template: + ansible.builtin.template: src: serial.j2 dest: "{{ custom_certificates_ca_directory }}/serial" force: no @@ -48,7 +48,7 @@ mode: 0644 - name: 'Creating CA certificate and key' - command: > + ansible.builtin.command: > openssl req -new -x509 -nodes @@ -60,14 +60,14 @@ creates: "{{ custom_certificates_ca_directory_certs }}/custom_ca.crt" - name: 'Create server key' - command: > + ansible.builtin.command: > openssl genrsa -out "{{ custom_certificates_ca_directory_keys }}/{{ custom_certificates_server }}.key" args: creates: "{{ custom_certificates_ca_directory_keys }}/{{ custom_certificates_server }}.key" - name: 'Create server signing request' - command: > + ansible.builtin.command: > openssl req -new -config "{{ custom_certificates_ca_directory }}/openssl.cnf" @@ -77,7 +77,7 @@ creates: "{{ custom_certificates_ca_directory_requests }}/{{ custom_certificates_server }}.csr" - name: 'Create server certificate' - command: > + ansible.builtin.command: > openssl ca -create_serial -batch @@ -88,7 +88,7 @@ args: creates: "{{ custom_certificates_ca_directory_certs }}/{{ custom_certificates_server }}.crt" -- include: issue.yml +- ansible.builtin.include: issue.yml when: custom_certificates_hostnames is defined with_items: "{{ custom_certificates_hostnames }}" loop_control: diff --git a/roles/customize_home/tasks/boostrap_script.yml b/roles/customize_home/tasks/boostrap_script.yml index a0b29fc93..436e8448a 100644 --- a/roles/customize_home/tasks/boostrap_script.yml +++ b/roles/customize_home/tasks/boostrap_script.yml @@ -1,5 +1,5 @@ - name: Make boostrap file executable - file: + ansible.builtin.file: dest: "{{ ansible_env.HOME }}/{{ customize_home_bootstrap_script }}" state: touch follow: false @@ -8,5 +8,5 @@ # The script is already on the machine, so using 'command' instead of 'script'. 'script' copies the script from the Ansible controller - name: Run custom bootstrap script - command: "{{ ansible_env.HOME }}/{{ customize_home_bootstrap_script }}" + ansible.builtin.command: "{{ ansible_env.HOME }}/{{ customize_home_bootstrap_script }}" when: bootstrap_script_path.stat.exists diff --git a/roles/customize_home/tasks/clone_specified_repo.yml b/roles/customize_home/tasks/clone_specified_repo.yml index 6645458a2..a706d941f 100644 --- a/roles/customize_home/tasks/clone_specified_repo.yml +++ b/roles/customize_home/tasks/clone_specified_repo.yml @@ -1,29 +1,29 @@ - name: Ensure temporary home directory does not exist - file: + ansible.builtin.file: path: "{{ ansible_env.HOME }}/tmp_custom_home/" state: absent - name: Clone specified repo into temporary custom home directory - git: + ansible.builtin.git: repo: "{{ customize_home_git_repo }}" dest: "{{ ansible_env.HOME }}/tmp_custom_home/" - name: Remove .git directory from temporary home directory after cloning - file: + ansible.builtin.file: path: "{{ ansible_env.HOME }}/tmp_custom_home/.git" state: absent - name: Remove .gitignore from temporary home directory after cloning - file: + ansible.builtin.file: path: "{{ ansible_env.HOME }}/tmp_custom_home/.gitignore" state: absent # Using command module because the copy module won't match hidden (dot) files and using copy with_fileglob isn't working as expected # see https://github.com/ansible/ansible/issues/17136 for more info on with_fileglob - name: Copy temporary home directory to actual home directory - command: "cp -r {{ ansible_env.HOME }}/tmp_custom_home/. {{ ansible_env.HOME }}/" + ansible.builtin.command: "cp -r {{ ansible_env.HOME }}/tmp_custom_home/. {{ ansible_env.HOME }}/" - name: Remove temporary home directory - file: + ansible.builtin.file: path: "{{ ansible_env.HOME }}/tmp_custom_home/" state: absent diff --git a/roles/customize_home/tasks/main.yml b/roles/customize_home/tasks/main.yml index 7016b3c26..8353b4676 100644 --- a/roles/customize_home/tasks/main.yml +++ b/roles/customize_home/tasks/main.yml @@ -1,28 +1,28 @@ - name: Check for specified files to copy to home directory become: false - stat: + ansible.builtin.stat: path: "{{ playbook_dir | dirname }}/user_devel_env_files/" delegate_to: localhost register: custom_home - name: Copy files to home directory - copy: + ansible.builtin.copy: src: "{{ playbook_dir | dirname }}/user_devel_env_files/" dest: "{{ ansible_env.HOME }}" when: custom_home.stat.isdir is defined and custom_home.stat.isdir - name: Remove .gitkeep file copied over from custom directory - file: + ansible.builtin.file: path: "{{ ansible_env.HOME }}/.gitkeep/" state: absent -- include_tasks: clone_specified_repo.yml +- ansible.builtin.include_tasks: clone_specified_repo.yml when: customize_home_git_repo is defined - name: Check custom bootstrap script exists - stat: + ansible.builtin.stat: path: "{{ ansible_env.HOME }}/{{ customize_home_bootstrap_script }}" register: bootstrap_script_path -- include_tasks: boostrap_script.yml +- ansible.builtin.include_tasks: boostrap_script.yml when: bootstrap_script_path.stat.exists diff --git a/roles/debian_backports/tasks/main.yml b/roles/debian_backports/tasks/main.yml index 20b08487c..11809e880 100644 --- a/roles/debian_backports/tasks/main.yml +++ b/roles/debian_backports/tasks/main.yml @@ -1,9 +1,9 @@ --- - name: add distribution-specific variables - include_vars: "{{ ansible_distribution }}.yml" + ansible.builtin.include_vars: "{{ ansible_distribution }}.yml" - name: add backports repository - apt_repository: + ansible.builtin.apt_repository: repo: 'deb {{ debian_backports_uri }} {{ debian_backports_components }}' state: present update_cache: yes diff --git a/roles/disable_firewall/tasks/main.yml b/roles/disable_firewall/tasks/main.yml index cf1738ffb..640bab163 100644 --- a/roles/disable_firewall/tasks/main.yml +++ b/roles/disable_firewall/tasks/main.yml @@ -1,13 +1,13 @@ --- - name: disable firewalld - service: + ansible.builtin.service: name: firewalld enabled: false state: stopped ignore_errors: true - name: disable iptables - service: + ansible.builtin.service: name: iptables enabled: false state: stopped diff --git a/roles/disable_ipv6/tasks/main.yml b/roles/disable_ipv6/tasks/main.yml index c72ccb56f..31830d7f0 100644 --- a/roles/disable_ipv6/tasks/main.yml +++ b/roles/disable_ipv6/tasks/main.yml @@ -3,7 +3,7 @@ # also, do this before running katello installer so we don't interfere with # pulp (see https://pulp.plan.io/issues/2586) - name: "Disable ipv6" - sysctl: + ansible.posix.sysctl: name: "{{ item }}" value: "1" with_items: @@ -11,4 +11,4 @@ - net.ipv6.conf.all.disable_ipv6 - name: "Update hosts file" - shell: "sed -i 's/^[[:space:]]*::/#::/' /etc/hosts" + ansible.builtin.shell: "sed -i 's/^[[:space:]]*::/#::/' /etc/hosts" diff --git a/roles/dynflow_devel/tasks/dynflow_install.yml b/roles/dynflow_devel/tasks/dynflow_install.yml index 706971605..0d76d43ff 100644 --- a/roles/dynflow_devel/tasks/dynflow_install.yml +++ b/roles/dynflow_devel/tasks/dynflow_install.yml @@ -1,27 +1,27 @@ --- - name: 'Clone the dynflow repository' - git: + ansible.builtin.git: repo: https://github.com/Dynflow/dynflow.git dest: ~/dynflow update: no remote: upstream - name: 'Check if the fork remote exists' - shell: "git remote | grep ^{{ dynflow_devel_github_fork_remote_name }}$" + ansible.builtin.shell: "git remote | grep ^{{ dynflow_devel_github_fork_remote_name }}$" args: chdir: ~/dynflow ignore_errors: yes register: fork_remote_exists - name: 'Add fork remote to cloned repository' - command: "git remote add {{ dynflow_devel_github_fork_remote_name }} git@github.com:{{ dynflow_devel_github_username }}/dynflow.git" + ansible.builtin.command: "git remote add {{ dynflow_devel_github_fork_remote_name }} git@github.com:{{ dynflow_devel_github_username }}/dynflow.git" when: fork_remote_exists.rc != 0 args: chdir: ~/dynflow - name: 'Install gem native dependencies' become: true - yum: + ansible.builtin.yum: name: - gcc-c++ - postgresql-devel @@ -29,7 +29,7 @@ state: present - name: 'Install bundler' - gem: name=bundler state=present + community.general.gem: name=bundler state=present - name: 'Install gems' - bundler: chdir=~/dynflow state=present executable=~/bin/bundle + community.general.bundler: chdir=~/dynflow state=present executable=~/bin/bundle diff --git a/roles/dynflow_devel/tasks/main.yml b/roles/dynflow_devel/tasks/main.yml index 4fab824e0..e39dee95a 100644 --- a/roles/dynflow_devel/tasks/main.yml +++ b/roles/dynflow_devel/tasks/main.yml @@ -1,2 +1,2 @@ --- -- include_tasks: dynflow_install.yml +- ansible.builtin.include_tasks: dynflow_install.yml diff --git a/roles/enable_ipv6/tasks/main.yml b/roles/enable_ipv6/tasks/main.yml index d9bb76317..1b6ccbb3d 100644 --- a/roles/enable_ipv6/tasks/main.yml +++ b/roles/enable_ipv6/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Enable ipv6" - sysctl: + ansible.posix.sysctl: name: "{{ item }}" value: "0" with_items: diff --git a/roles/epel_repositories/tasks/main.yml b/roles/epel_repositories/tasks/main.yml index 5738d4b93..2b4cebd7f 100644 --- a/roles/epel_repositories/tasks/main.yml +++ b/roles/epel_repositories/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: 'Setup Extra Common if Stream' - yum: + ansible.builtin.yum: name: "centos-stream-repos" state: latest tags: @@ -10,7 +10,7 @@ - ansible_distribution == 'CentOS' - name: 'Setup Epel Repository' - yum: + ansible.builtin.yum: name: "{{ epel_repositories_name }}" disable_gpg_check: True state: "{{ epel_repositories_state }}" diff --git a/roles/etc_hosts/tasks/main.yml b/roles/etc_hosts/tasks/main.yml index e0f3f8c68..102882cb0 100644 --- a/roles/etc_hosts/tasks/main.yml +++ b/roles/etc_hosts/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Build hosts file" - lineinfile: + ansible.builtin.lineinfile: dest: /etc/hosts regexp: ".*{{ item.replace('.', '-') }}$" line: "{{ hostvars[item].ansible_host }} {{ item.replace('.', '-') }}.{{ etc_hosts_domain }} {{ item.replace('.', '-') }}" diff --git a/roles/fips/tasks/el7.yml b/roles/fips/tasks/el7.yml index fc9cd1ca8..e2c4ab028 100644 --- a/roles/fips/tasks/el7.yml +++ b/roles/fips/tasks/el7.yml @@ -1,20 +1,20 @@ --- - name: 'Install dracut-fips' - package: + ansible.builtin.package: name: dracut-fips state: present - name: 'Run dracut to rebuild initramfs' - command: dracut --force + ansible.builtin.command: dracut --force - name: 'Find /boot mount' - set_fact: + ansible.builtin.set_fact: boot_mount: "{{ ansible_facts.mounts | selectattr('mount', '==', '/boot') | list }}" - name: 'Generate boot=UUID=XXXX kernel command' - set_fact: + ansible.builtin.set_fact: boot_cmd: "boot=UUID={{ boot_mount[0]['uuid'] }}" when: boot_mount|length > 0 - name: 'Edit kernel command-line to include the fips=1 and boot=UUID=XXXX argument' - shell: 'grubby --update-kernel=DEFAULT --args="fips=1 {{ boot_cmd | default() }}"' + ansible.builtin.shell: 'grubby --update-kernel=DEFAULT --args="fips=1 {{ boot_cmd | default() }}"' diff --git a/roles/fips/tasks/el8.yml b/roles/fips/tasks/el8.yml index 1debbafa5..c5440d8fb 100644 --- a/roles/fips/tasks/el8.yml +++ b/roles/fips/tasks/el8.yml @@ -1,8 +1,8 @@ --- - name: Install FIPS package - package: + ansible.builtin.package: name: crypto-policies-scripts state: present - name: enable fips mode - command: /usr/bin/fips-mode-setup --enable + ansible.builtin.command: /usr/bin/fips-mode-setup --enable diff --git a/roles/fips/tasks/main.yml b/roles/fips/tasks/main.yml index 8bbad6d8f..521967175 100644 --- a/roles/fips/tasks/main.yml +++ b/roles/fips/tasks/main.yml @@ -1,12 +1,12 @@ --- -- include_tasks: 'el{{ ansible_distribution_major_version }}.yml' +- ansible.builtin.include_tasks: 'el{{ ansible_distribution_major_version }}.yml' when: not ansible_fips - name: reboot vm - reboot: + ansible.builtin.reboot: when: not ansible_fips - name: 'Verify FIPS enabled - If failed means the machine is not FIPS enabled' # not using `ansible_fips` here, as that has not been refreshed yet - command: grep -q 1 /proc/sys/crypto/fips_enabled + ansible.builtin.command: grep -q 1 /proc/sys/crypto/fips_enabled changed_when: false diff --git a/roles/foreman_client_repositories/tasks/main.yml b/roles/foreman_client_repositories/tasks/main.yml index 8100d0ccc..46e06f31a 100644 --- a/roles/foreman_client_repositories/tasks/main.yml +++ b/roles/foreman_client_repositories/tasks/main.yml @@ -1,10 +1,10 @@ --- -- include_tasks: "{{ foreman_client_repositories_environment }}_repo.yml" +- ansible.builtin.include_tasks: "{{ foreman_client_repositories_environment }}_repo.yml" when: - ansible_os_family == 'RedHat' - name: 'Clean yum' - command: 'yum clean all' + ansible.builtin.command: 'yum clean all' args: warn: false tags: diff --git a/roles/foreman_client_repositories/tasks/qpid.yml b/roles/foreman_client_repositories/tasks/qpid.yml index d8a1736ce..d0c90f773 100644 --- a/roles/foreman_client_repositories/tasks/qpid.yml +++ b/roles/foreman_client_repositories/tasks/qpid.yml @@ -1,6 +1,6 @@ --- - name: 'Set up qpid Copr repository' - yum_repository: + ansible.builtin.yum_repository: name: qpid description: Copr repo for qpid owned by @qpid baseurl: https://download.copr.fedorainfracloud.org/results/@qpid/qpid/epel-{{ ansible_distribution_major_version }}-$basearch/ diff --git a/roles/foreman_client_repositories/tasks/release_repo.yml b/roles/foreman_client_repositories/tasks/release_repo.yml index 97c711f54..d5aba5c2a 100644 --- a/roles/foreman_client_repositories/tasks/release_repo.yml +++ b/roles/foreman_client_repositories/tasks/release_repo.yml @@ -1,6 +1,6 @@ --- - name: 'Setup Foreman {{ foreman_client_repositories_version }} Client Release Repository' - yum: + ansible.builtin.yum: name: https://yum.theforeman.org/client/{{ foreman_client_repositories_version }}/{{ foreman_client_repositories_dists[ansible_os_family] }}{{ ansible_distribution_major_version }}/x86_64/foreman-client-release.rpm disable_gpg_check: True state: present diff --git a/roles/foreman_client_repositories/tasks/staging_repo.yml b/roles/foreman_client_repositories/tasks/staging_repo.yml index b5308dc6b..f838fb4c0 100644 --- a/roles/foreman_client_repositories/tasks/staging_repo.yml +++ b/roles/foreman_client_repositories/tasks/staging_repo.yml @@ -1,19 +1,19 @@ --- - name: 'Remove foreman-client-release' - yum: + ansible.builtin.yum: name: foreman-client-release state: absent tags: - packages - name: 'Foreman {{ foreman_client_repositories_version }} Client Staging Repository' - yum_repository: + ansible.builtin.yum_repository: name: foreman-client-koji description: "Foreman {{ foreman_client_repositories_version }} Client Koji Repository" baseurl: "http://koji.katello.org/releases/yum/foreman-client-{{ foreman_client_repositories_version }}/{{ foreman_client_repositories_dists[ansible_os_family] }}{{ ansible_distribution_major_version }}/x86_64/" priority: '1' gpgcheck: no -- include_tasks: qpid.yml +- ansible.builtin.include_tasks: qpid.yml when: - ansible_distribution_major_version == "7" diff --git a/roles/foreman_devel/tasks/check_forks_of_repos.yml b/roles/foreman_devel/tasks/check_forks_of_repos.yml index aaf8f5e9b..bea52f6a0 100644 --- a/roles/foreman_devel/tasks/check_forks_of_repos.yml +++ b/roles/foreman_devel/tasks/check_forks_of_repos.yml @@ -1,13 +1,13 @@ --- - name: "Check forks of user's repository" - uri: + ansible.builtin.uri: url: "https://github.com/{{ katello_devel_github_username }}/{{ item.split('/') | last }}" with_items: "{{ foreman_installer_options_internal_use_only }}" when: item | search("katello-devel-extra-plugins") - name: "Check forks of user's katello & foreman repository" - uri: + ansible.builtin.uri: url: "https://github.com/{{ katello_devel_github_username }}/{{ item }}" with_items: - katello diff --git a/roles/foreman_devel/tasks/github_push_ssh.yml b/roles/foreman_devel/tasks/github_push_ssh.yml index 5688e2530..29a304e79 100644 --- a/roles/foreman_devel/tasks/github_push_ssh.yml +++ b/roles/foreman_devel/tasks/github_push_ssh.yml @@ -1,11 +1,11 @@ --- - name: "install git" - package: + ansible.builtin.package: name: 'git' state: 'present' - name: 'Always push to github over ssh' - git_config: + community.general.git_config: name: 'url."git@github.com:".pushInsteadOf' value: 'https://github.com/' scope: system diff --git a/roles/foreman_devel/tasks/main.yml b/roles/foreman_devel/tasks/main.yml index c50008072..b99d885a8 100644 --- a/roles/foreman_devel/tasks/main.yml +++ b/roles/foreman_devel/tasks/main.yml @@ -1,13 +1,13 @@ --- -- include_tasks: check_forks_of_repos.yml +- ansible.builtin.include_tasks: check_forks_of_repos.yml when: katello_devel_github_username is defined and foreman_installer_options_internal_use_only is defined -- include_tasks: rhel.yml +- ansible.builtin.include_tasks: rhel.yml when: ansible_distribution == "RedHat" -- include_tasks: github_push_ssh.yml +- ansible.builtin.include_tasks: github_push_ssh.yml when: foreman_devel_github_push_ssh - name: setup reviewing script - include_role: + ansible.builtin.include_role: name: reviewer diff --git a/roles/foreman_devel/tasks/rhel.yml b/roles/foreman_devel/tasks/rhel.yml index 3aa1785b5..ead5bc1c3 100644 --- a/roles/foreman_devel/tasks/rhel.yml +++ b/roles/foreman_devel/tasks/rhel.yml @@ -1,22 +1,22 @@ --- - name: "Check the registration" - shell: "subscription-manager identity > /dev/null" + ansible.builtin.shell: "subscription-manager identity > /dev/null" register: sresult become: true ignore_errors: True - name: "Stop installation; the system is not registered" - fail: + ansible.builtin.fail: msg: "Please register the system via subscription-manager before continuing" when: "sresult.rc != 0" - name: "Disable all repos" - rhsm_repository: + community.general.rhsm_repository: name: "*" state: "disabled" - name: "Enable only RHEL7 base + optional + extras repos" - rhsm_repository: + community.general.rhsm_repository: name: "{{ item }}" state: "present" become: true diff --git a/roles/foreman_installer/tasks/custom_hiera.yml b/roles/foreman_installer/tasks/custom_hiera.yml index 563bf83c0..55d73778d 100644 --- a/roles/foreman_installer/tasks/custom_hiera.yml +++ b/roles/foreman_installer/tasks/custom_hiera.yml @@ -1,6 +1,6 @@ --- - name: deploy custom-hiera.yaml - blockinfile: + ansible.builtin.blockinfile: dest: /etc/foreman-installer/custom-hiera.yaml block: "{{ foreman_installer_custom_hiera }}" create: yes diff --git a/roles/foreman_installer/tasks/install.yml b/roles/foreman_installer/tasks/install.yml index 196775b50..6633fc3d9 100644 --- a/roles/foreman_installer/tasks/install.yml +++ b/roles/foreman_installer/tasks/install.yml @@ -1,17 +1,17 @@ --- -- include_tasks: installer_version.yml +- ansible.builtin.include_tasks: installer_version.yml - name: 'Check if foreman_installer_options is a string' - fail: + ansible.builtin.fail: msg: 'foreman_installer_options must be an array' when: foreman_installer_options is string - name: 'Join options' - set_fact: + ansible.builtin.set_fact: foreman_installer_options_joined: "{{ foreman_installer_options | difference([] if foreman_installer_version is version('3.1', '>=') else ['--foreman-proxy-content-enable-ostree true']) | join(' ') }} {{ foreman_installer_options_internal_use_only | join(' ') }}" - name: 'Replace REX Script with REX SSH options for pre-3.3' - set_fact: + ansible.builtin.set_fact: foreman_installer_options_joined: "{{ foreman_installer_options_joined | replace(item.new, item.old) }}" when: foreman_installer_version is version('3.3', '<') with_items: @@ -21,7 +21,7 @@ old: '--foreman-proxy-plugin-remote-execution-ssh-install-key' - name: 'Run installer' - shell: > + ansible.builtin.shell: > {{ foreman_installer_command }} {{ (foreman_installer_verbose|bool) | ternary("-v", "") }} {{ (foreman_installer_no_colors|bool) | ternary("--no-colors", "") }} {{ (foreman_installer_version is version('3.4', '<') and foreman_installer_disable_system_checks|bool) | ternary("--disable-system-checks", "") }} diff --git a/roles/foreman_installer/tasks/installer_version.yml b/roles/foreman_installer/tasks/installer_version.yml index f00fa1e3d..4b3be242a 100644 --- a/roles/foreman_installer/tasks/installer_version.yml +++ b/roles/foreman_installer/tasks/installer_version.yml @@ -1,12 +1,12 @@ - name: 'Read installer version' - slurp: + ansible.builtin.slurp: src: /usr/share/foreman-installer/VERSION register: foreman_installer_version_file - name: 'Decode installer version' - set_fact: + ansible.builtin.set_fact: foreman_installer_version: "{{ foreman_installer_version_file['content'] | b64decode }}" - name: 'Print installer version' - debug: + ansible.builtin.debug: msg: "Foreman installer version {{ foreman_installer_version }}" diff --git a/roles/foreman_installer/tasks/locales.yml b/roles/foreman_installer/tasks/locales.yml index 4e0dc3a6f..7d2ece77d 100644 --- a/roles/foreman_installer/tasks/locales.yml +++ b/roles/foreman_installer/tasks/locales.yml @@ -1,20 +1,20 @@ --- - name: 'Install locales' - package: + ansible.builtin.package: name: locales state: latest - name: 'Ensure en_US.UTF-8 locale is available' - locale_gen: + community.general.locale_gen: name: en_US.UTF-8 - name: 'Ensure ENV locales are available' - locale_gen: + community.general.locale_gen: name: "{{ item }}" loop: "{{ query('env', 'LANG', 'LC_ADDRESS', 'LC_ALL', 'LC_COLLATE', 'LC_CTYPE', 'LC_IDENTIFICATION', 'LC_MEASUREMENT', 'LC_MESSAGES', 'LC_MONETARY', 'LC_NAME', 'LC_NUMERIC', 'LC_PAPER', 'LC_TELEPHONE', 'LC_TIME') | unique | select() | list }}" - name: configure /etc/default/locale - copy: + ansible.builtin.copy: dest: /etc/default/locale content: | LC_ALL="en_US.UTF-8" diff --git a/roles/foreman_installer/tasks/main.yml b/roles/foreman_installer/tasks/main.yml index 767b4f23c..265889078 100644 --- a/roles/foreman_installer/tasks/main.yml +++ b/roles/foreman_installer/tasks/main.yml @@ -1,17 +1,17 @@ --- -- include_tasks: packages.yml +- ansible.builtin.include_tasks: packages.yml -- include_tasks: locales.yml +- ansible.builtin.include_tasks: locales.yml when: ansible_os_family == 'Debian' -- include_tasks: module_prs.yml +- ansible.builtin.include_tasks: module_prs.yml when: (foreman_installer_module_prs|length > 0) or (foreman_installer_module_branches|length > 0) -- include_tasks: custom_hiera.yml +- ansible.builtin.include_tasks: custom_hiera.yml when: foreman_installer_custom_hiera -- include_tasks: install.yml +- ansible.builtin.include_tasks: install.yml when: foreman_installer_upgrade == False -- include_tasks: upgrade.yml +- ansible.builtin.include_tasks: upgrade.yml when: foreman_installer_upgrade == True diff --git a/roles/foreman_installer/tasks/module_pr.yml b/roles/foreman_installer/tasks/module_pr.yml index 08e096409..119a7c06a 100644 --- a/roles/foreman_installer/tasks/module_pr.yml +++ b/roles/foreman_installer/tasks/module_pr.yml @@ -1,46 +1,46 @@ --- - name: set namespace, module_name and ref facts - set_fact: + ansible.builtin.set_fact: namespace: "{{ module.split('/')[0] }}" module_name: "{{ module.split('/')[1] | replace('puppet-', '') | replace('puppetlabs-', '') }}" ref: "{{ module.split('/')[2] }}" - name: find puppet module - find: + ansible.builtin.find: paths: /usr/share/foreman-installer/modules patterns: "{{ module_name }}" file_type: directory register: foreman_module - name: find puppet module - find: + ansible.builtin.find: paths: /usr/share/katello-installer-base/modules patterns: "{{ module_name }}" file_type: directory register: katello_module - name: define module_dir for foreman - set_fact: + ansible.builtin.set_fact: module_dir: /usr/share/foreman-installer/modules when: foreman_module.matched > 0 - name: define module_dir for katello - set_fact: + ansible.builtin.set_fact: module_dir: /usr/share/katello-installer-base/modules when: katello_module.matched > 0 - name: Delete old module - file: + ansible.builtin.file: state: absent path: "{{ module_dir }}/{{ module_name }}" - name: Clone puppet module - git: + ansible.builtin.git: repo: https://github.com/{{ namespace }}/puppet-{{ module_name }}.git dest: "{{ module_dir }}/{{ module_name }}" - name: "fetch git PR" - shell: > + ansible.builtin.shell: > git fetch origin pull/{{ ref }}/head:pr && git {{ foreman_installer_module_prs_strategy }} pr args: @@ -48,7 +48,7 @@ when: pr is defined and pr - name: "install module branches into installer directory" - shell: git checkout {{ ref }} + ansible.builtin.shell: git checkout {{ ref }} args: chdir: "{{ module_dir }}/{{ module_name }}" when: branch is defined and branch diff --git a/roles/foreman_installer/tasks/module_prs.yml b/roles/foreman_installer/tasks/module_prs.yml index 2149f85cb..1853e3f54 100644 --- a/roles/foreman_installer/tasks/module_prs.yml +++ b/roles/foreman_installer/tasks/module_prs.yml @@ -1,11 +1,11 @@ --- - name: "Determine if AIO Puppet is used" - stat: + ansible.builtin.stat: path: /opt/puppetlabs/puppet/bin/gem register: puppetlabs_gem - name: "Install gems to rebuild the kafo module cache" - gem: + community.general.gem: name: "{{ item }}" executable: /opt/puppetlabs/puppet/bin/gem with_items: @@ -15,13 +15,13 @@ - packages - name: "install git" - package: + ansible.builtin.package: name: 'git' state: 'present' tags: - packages -- include_tasks: module_pr.yml +- ansible.builtin.include_tasks: module_pr.yml vars: pr: true loop: "{{ foreman_installer_module_prs }}" @@ -30,7 +30,7 @@ tags: - packages -- include_tasks: module_pr.yml +- ansible.builtin.include_tasks: module_pr.yml vars: branch: true loop: "{{ foreman_installer_module_branches }}" diff --git a/roles/foreman_installer/tasks/modules.yml b/roles/foreman_installer/tasks/modules.yml index e4e3e8850..1bc2d1394 100644 --- a/roles/foreman_installer/tasks/modules.yml +++ b/roles/foreman_installer/tasks/modules.yml @@ -1,6 +1,6 @@ --- - name: Enable ruby:2.7 module - dnf: + ansible.builtin.dnf: name: '@ruby:2.7' state: present when: diff --git a/roles/foreman_installer/tasks/packages.yml b/roles/foreman_installer/tasks/packages.yml index e1ac0fbd6..3f5654d33 100644 --- a/roles/foreman_installer/tasks/packages.yml +++ b/roles/foreman_installer/tasks/packages.yml @@ -1,19 +1,19 @@ --- - name: 'Enable required DNF modules' - include_tasks: modules.yml + ansible.builtin.include_tasks: modules.yml when: - ansible_os_family == 'RedHat' - ansible_distribution_major_version == '8' - name: 'Install foreman-installer' - package: + ansible.builtin.package: name: foreman-installer state: latest tags: - packages - name: 'Install additional packages' - package: + ansible.builtin.package: name: "{{ foreman_installer_additional_packages }}" state: latest tags: diff --git a/roles/foreman_installer/tasks/upgrade.yml b/roles/foreman_installer/tasks/upgrade.yml index ab9db63b6..bfaa9893a 100644 --- a/roles/foreman_installer/tasks/upgrade.yml +++ b/roles/foreman_installer/tasks/upgrade.yml @@ -1,29 +1,29 @@ --- - name: 'Stop services' - command: foreman-maintain service stop + ansible.builtin.command: foreman-maintain service stop when: foreman_installer_scenario != 'foreman' - name: 'Update packages' - import_role: + ansible.builtin.import_role: name: update_os_packages - name: 'Upgrade postgresql' - import_role: + ansible.builtin.import_role: name: theforeman.operations.postgresql_upgrade when: - ansible_os_family == "RedHat" - ansible_distribution_major_version == '8' -- include_tasks: installer_version.yml +- ansible.builtin.include_tasks: installer_version.yml - name: 'Set internal installer options' - set_fact: + ansible.builtin.set_fact: foreman_installer_options_internal_use_only: "{{ [ '--upgrade', '--certs-update-all' ] + foreman_installer_options_internal_use_only }}" when: - foreman_installer_version is version('2.1', '<') - foreman_installer_scenario != 'foreman' - name: 'Run installer upgrade' - import_tasks: "install.yml" + ansible.builtin.import_tasks: "install.yml" vars: foreman_installer_disable_system_checks: "{{ foreman_installer_scenario != 'foreman' }}" diff --git a/roles/foreman_installer_devel_scenario/tasks/main.yml b/roles/foreman_installer_devel_scenario/tasks/main.yml index 81de9be06..0697522c1 100644 --- a/roles/foreman_installer_devel_scenario/tasks/main.yml +++ b/roles/foreman_installer_devel_scenario/tasks/main.yml @@ -1,59 +1,59 @@ --- - name: 'Install git' - package: + ansible.builtin.package: name: git state: present - name: 'Ensure /etc/foreman-installer' - file: + ansible.builtin.file: state: directory path: /etc/foreman-installer/scenarios.d - name: 'Copy scenario file' - copy: + ansible.builtin.copy: src: "{{ role_path }}/files/{{ item }}" dest: /etc/foreman-installer/scenarios.d with_items: - katello-devel.yaml - name: 'Copy answers file' - template: + ansible.builtin.template: src: "{{ role_path }}/templates/{{ item }}" dest: /etc/foreman-installer/scenarios.d/{{ item }} with_items: - katello-devel-answers.yaml - name: 'Remove current puppet-katello_devel' - file: + ansible.builtin.file: state: absent path: "{{ foreman_installer_devel_scenario_modules }}/katello_devel" - name: 'Set katello_devel_branch' - set_fact: + ansible.builtin.set_fact: katello_devel_branch: "KATELLO-{{ katello_repositories_version }}" when: katello_repositories_version != 'nightly' - name: 'Set katello_devel_branch to master' - set_fact: + ansible.builtin.set_fact: katello_devel_branch: "master" when: katello_repositories_version == 'nightly' - name: 'Clone latest puppet-katello_devel' - git: + ansible.builtin.git: repo: https://github.com/theforeman/puppet-katello_devel dest: "{{ foreman_installer_devel_scenario_modules }}/katello_devel" update: yes version: "{{ katello_devel_branch }}" - name: 'Install puppet-agent' - package: + ansible.builtin.package: name: puppet-agent state: present - name: 'Install puppetlabs-vcsrepo' - shell: "/opt/puppetlabs/puppet/bin/puppet module install --ignore-dependencies --target-dir {{ foreman_installer_devel_scenario_modules }} puppetlabs-vcsrepo" + ansible.builtin.shell: "/opt/puppetlabs/puppet/bin/puppet module install --ignore-dependencies --target-dir {{ foreman_installer_devel_scenario_modules }} puppetlabs-vcsrepo" - name: "Install gems to rebuild the kafo module cache" - gem: + community.general.gem: name: puppet-strings executable: /opt/puppetlabs/puppet/bin/gem diff --git a/roles/foreman_maintain_packages/tasks/main.yml b/roles/foreman_maintain_packages/tasks/main.yml index 5ec172151..ee41b7ae2 100644 --- a/roles/foreman_maintain_packages/tasks/main.yml +++ b/roles/foreman_maintain_packages/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Gather the package facts - package_facts: + ansible.builtin.package_facts: manager: auto - name: 'Allow Packages to be Installed' - command: "foreman-maintain packages unlock -y" - when: "'rubygem-foreman_maintain' in ansible_facts.packages" \ No newline at end of file + ansible.builtin.command: "foreman-maintain packages unlock -y" + when: "'rubygem-foreman_maintain' in ansible_facts.packages" diff --git a/roles/foreman_provisioning/tasks/configure_centos_7.yml b/roles/foreman_provisioning/tasks/configure_centos_7.yml index 4d4bd485f..eda23aff5 100644 --- a/roles/foreman_provisioning/tasks/configure_centos_7.yml +++ b/roles/foreman_provisioning/tasks/configure_centos_7.yml @@ -1,40 +1,40 @@ - name: 'set CentOS medium name' - set_fact: + ansible.builtin.set_fact: centos_medium_name: "{{ 'CentOS 7 mirror' if foreman_provisioning_foreman_version == 'nightly' or (foreman_provisioning_foreman_version is version_compare('2.1', '>=')) else 'CentOS mirror' }}" - name: 'create CentOS 7' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os info --title "CentOS 7" || {{ foreman_provisioning_hammer }} os create --name CentOS --major 7 --architectures x86_64 --family 'Redhat' --media '{{ centos_medium_name }}' --partition-tables 'Kickstart default' - name: 'find CentOS 7' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output json os info --name "CentOS 7" || {{ foreman_provisioning_hammer }} --output json os info --title "CentOS 7" register: foreman_provisioning_centos73_json ignore_errors: True - name: 'get CentOS 7 info' - set_fact: + ansible.builtin.set_fact: foreman_provisioning_centos73: "{{ foreman_provisioning_centos73_json.stdout|from_json }}" - name: 'find kickstart templates' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output=json template list --search 'name ~ "Kickstart default"' register: kickstart_templates_json - name: 'set kickstart templates' - set_fact: + ansible.builtin.set_fact: kickstart_templates: "{{ kickstart_templates_json.stdout|from_json }}" - name: 'associate kickstart templates to CentOS 7' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} template add-operatingsystem --id {{ item.Id }} --operatingsystem 'CentOS 7' with_items: "{{ kickstart_templates }}" - name: 'set default templates for CentOS 7' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os set-default-template --id {{ foreman_provisioning_centos73.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ kickstart_templates }}" diff --git a/roles/foreman_provisioning/tasks/configure_debian_9_3.yml b/roles/foreman_provisioning/tasks/configure_debian_9_3.yml index 9469944fd..f7975cd50 100644 --- a/roles/foreman_provisioning/tasks/configure_debian_9_3.yml +++ b/roles/foreman_provisioning/tasks/configure_debian_9_3.yml @@ -1,36 +1,36 @@ - name: 'create Debian 9.3' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os info --title "Debian 9.3" || {{ foreman_provisioning_hammer }} os create --name Debian --major 9 --minor 3 --release-name 'stretch' --architectures x86_64 --family 'Debian' --media 'Debian mirror' --partition-tables 'Preseed default' - name: 'find Debian 9.3' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output json os info --name "Debian 9.3" || {{ foreman_provisioning_hammer }} --output json os info --title "Debian 9.3" register: foreman_provisioning_debian93_json ignore_errors: True - name: 'get CentOS 9.3 info' - set_fact: + ansible.builtin.set_fact: foreman_provisioning_debian93: "{{ foreman_provisioning_debian93_json.stdout|from_json }}" - name: 'find preseed templates' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output=json template list --search 'name ~ "Preseed default"' register: preseed_templates_json - name: 'set preseed templates' - set_fact: + ansible.builtin.set_fact: preseed_templates: "{{ preseed_templates_json.stdout|from_json }}" - name: 'associate preseed templates to Debian 9.3' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} template add-operatingsystem --id {{ item.Id }} --operatingsystem 'Debian 9.3' with_items: "{{ preseed_templates }}" - name: 'set default templates for Debian 9.3' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os set-default-template --id {{ foreman_provisioning_debian93.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ preseed_templates }}" diff --git a/roles/foreman_provisioning/tasks/configure_fedora_27.yml b/roles/foreman_provisioning/tasks/configure_fedora_27.yml index 8895ab81a..4c70f32f3 100644 --- a/roles/foreman_provisioning/tasks/configure_fedora_27.yml +++ b/roles/foreman_provisioning/tasks/configure_fedora_27.yml @@ -1,36 +1,36 @@ - name: 'create Fedora 27' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os info --title "Fedora 27" || {{ foreman_provisioning_hammer }} os create --name Fedora --major 27 --architectures x86_64 --family 'Redhat' --media 'Fedora mirror' --partition-tables 'Kickstart default' - name: 'find Fedora 27' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output json os info --name "Fedora 27" || {{ foreman_provisioning_hammer }} --output json os info --title "Fedora 27" register: foreman_provisioning_fedora27_json ignore_errors: True - name: 'get Fedora 27 info' - set_fact: + ansible.builtin.set_fact: foreman_provisioning_fedora27: "{{ foreman_provisioning_fedora27_json.stdout|from_json }}" - name: 'find kickstart templates' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output=json template list --search 'name ~ "Kickstart default"' register: kickstart_templates_json - name: 'set kickstart templates' - set_fact: + ansible.builtin.set_fact: kickstart_templates: "{{ kickstart_templates_json.stdout|from_json }}" - name: 'associate kickstart templates to Fedora 27' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} template add-operatingsystem --id {{ item.Id }} --operatingsystem 'Fedora 27' with_items: "{{ kickstart_templates }}" - name: 'set default templates for Fedora 27' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os set-default-template --id {{ foreman_provisioning_fedora27.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ kickstart_templates }}" diff --git a/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml b/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml index 7e8caf7a8..d5d6f97e5 100644 --- a/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml +++ b/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml @@ -1,36 +1,36 @@ - name: 'create Ubuntu 17.10' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os info --title "Ubuntu 17.10" || {{ foreman_provisioning_hammer }} os create --name Ubuntu --major 17 --minor 10 --release-name 'artful' --architectures x86_64 --family 'Debian' --media 'Ubuntu mirror' --partition-tables 'Preseed default' - name: 'find Ubuntu 17.10' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output json os info --name "Ubuntu 17.10" || {{ foreman_provisioning_hammer }} --output json os info --title "Ubuntu 17.10" register: foreman_provisioning_ubuntu1710_json ignore_errors: True - name: 'get Ubuntu 17.10 info' - set_fact: + ansible.builtin.set_fact: foreman_provisioning_ubuntu1710: "{{ foreman_provisioning_ubuntu1710_json.stdout|from_json }}" - name: 'find preseed templates' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output=json template list --search 'name ~ "Preseed default"' register: preseed_templates_json - name: 'set preseed templates' - set_fact: + ansible.builtin.set_fact: preseed_templates: "{{ preseed_templates_json.stdout|from_json }}" - name: 'associate preseed templates to Ubuntu 17.10' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} template add-operatingsystem --id {{ item.Id }} --operatingsystem 'Ubuntu 17.10' with_items: "{{ preseed_templates }}" - name: 'set default templates for Ubuntu 17.10' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os set-default-template --id {{ foreman_provisioning_ubuntu1710.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ preseed_templates }}" diff --git a/roles/foreman_provisioning/tasks/main.yml b/roles/foreman_provisioning/tasks/main.yml index 3079ffa36..22eac1485 100644 --- a/roles/foreman_provisioning/tasks/main.yml +++ b/roles/foreman_provisioning/tasks/main.yml @@ -1,38 +1,38 @@ --- - name: 'Setup CentOS 7 provisioning' - import_tasks: configure_centos_7.yml + ansible.builtin.import_tasks: configure_centos_7.yml - name: 'Setup Fedora 27 provisioning' - import_tasks: configure_fedora_27.yml + ansible.builtin.import_tasks: configure_fedora_27.yml - name: 'Setup Debian 9.3 provisioning' - import_tasks: configure_debian_9_3.yml + ansible.builtin.import_tasks: configure_debian_9_3.yml - name: 'Setup Ubuntu 17.10 provisioning' - import_tasks: configure_ubuntu_17_10.yml + ansible.builtin.import_tasks: configure_ubuntu_17_10.yml # TODO verify - should not be needed, DNS should work just fine - name: 'set unattended_url' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} settings set --name unattended_url --value 'http://{{ foreman_provisioning_ip_address }}' - name: 'find hostgroup Base' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} hostgroup info --name 'Base' register: foreman_provisioning_hostgroup_base ignore_errors: True - name: 'prepare compute resource option' - set_fact: + ansible.builtin.set_fact: foreman_provisioning_compute_resource_option: "{{ '--compute-resource libvirt' if foreman_provisioning_foreman_version == 'nightly' else '' }}" - name: 'prepare compute profile option' - set_fact: + ansible.builtin.set_fact: foreman_provisioning_compute_profile_option: "{{ '--compute-profile libvirt-profile' if 'Error' not in foreman_provisioning_compute_profile_cmd.stderr else '' }}" # TODO compute-profile can't be specified by name until http://projects.theforeman.org/issues/21580/ so we hardcode 1 - name: 'create hostgroup Base' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} hostgroup create --name 'Base' --architecture x86_64 @@ -50,13 +50,13 @@ when: foreman_provisioning_hostgroup_base.stderr.find('not found') != -1 - name: 'find hostgroup CentOS 7' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} hostgroup info --name 'CentOS 7 Mirror' register: foreman_provisioning_hostgroup_centos_mirror ignore_errors: True - name: 'create hostgroup CentOS 7 Mirror' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} hostgroup create --name 'CentOS 7 Mirror' --operatingsystem 'CentOS 7' diff --git a/roles/foreman_provisioning_infrastructure/tasks/compute_profiles.yml b/roles/foreman_provisioning_infrastructure/tasks/compute_profiles.yml index 1ac18eb07..1157c1ade 100644 --- a/roles/foreman_provisioning_infrastructure/tasks/compute_profiles.yml +++ b/roles/foreman_provisioning_infrastructure/tasks/compute_profiles.yml @@ -1,18 +1,18 @@ --- - name: 'find compute profile' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} compute-profile info --name "libvirt-profile" register: foreman_provisioning_compute_profile ignore_errors: True - name: 'create compute profile' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} compute-profile create --name "libvirt-profile" when: "'Error' in foreman_provisioning_compute_profile.stderr" - name: 'create compute attributes' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} compute-profile values create --compute-profile libvirt-profile --compute-resource libvirt diff --git a/roles/foreman_provisioning_infrastructure/tasks/main.yml b/roles/foreman_provisioning_infrastructure/tasks/main.yml index bbf2d33e1..112f36dbb 100644 --- a/roles/foreman_provisioning_infrastructure/tasks/main.yml +++ b/roles/foreman_provisioning_infrastructure/tasks/main.yml @@ -1,40 +1,40 @@ --- # Make sure admin does not default to any taxonomy - name: 'disable default context for admin' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} user update --login admin --default-organization-id 0 --default-location-id 0 # Get the smart proxy ID of the local katello: - name: 'get smart proxy id' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output json proxy info --name {{ foreman_provisioning_proxy_name }} register: foreman_provisioning_smart_proxy_json - name: 'set smart proxy id' - set_fact: + ansible.builtin.set_fact: foreman_provisioning_smart_proxy: "{{ foreman_provisioning_smart_proxy_json.stdout|from_json }}" - name: 'refresh features' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} proxy refresh-features --id {{ foreman_provisioning_smart_proxy.Id }} - name: 'prepare hammer taxonomy options' - set_fact: + ansible.builtin.set_fact: foreman_provisioning_hammer_taxonomy_params: "--organizations '{{ foreman_provisioning_organization }}' --locations '{{ foreman_provisioning_location }}'" - name: 'Set taxonomies for proxy' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} proxy update --id {{ foreman_provisioning_smart_proxy.Id }} {{ foreman_provisioning_hammer_taxonomy_params }} # Compute Resource - name: 'find compute resource' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} compute-resource info --name "libvirt" register: foreman_provisioning_compute_resource ignore_errors: True - name: 'create compute resource' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} compute-resource create --name "libvirt" --url "qemu:///system" @@ -44,23 +44,23 @@ when: foreman_provisioning_compute_resource.stderr.find('not found') != -1 - name: 'Find out if compute profile command is available' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} compute-profile register: foreman_provisioning_compute_profile_cmd ignore_errors: True -- include: compute_profiles.yml +- ansible.builtin.include: compute_profiles.yml when: "'Error' not in foreman_provisioning_compute_profile_cmd.stderr" # Domain - name: 'find domain' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} domain info --name "{{ foreman_provisioning_domain }}" register: foreman_provisioning_domain_task ignore_errors: True - name: 'create domain' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} domain create --name {{ foreman_provisioning_domain }} --dns-id {{ foreman_provisioning_smart_proxy.Id }} @@ -68,7 +68,7 @@ when: foreman_provisioning_domain_task.stderr.find('not found') != -1 - name: 'update domain' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} domain update --name {{ foreman_provisioning_domain }} --dns-id {{ foreman_provisioning_smart_proxy.Id }} @@ -77,13 +77,13 @@ # Subnet - name: 'find subnet' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} subnet info --name "{{ foreman_provisioning_network }}/24" register: foreman_provisioning_subnet ignore_errors: True - name: 'create subnet' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} subnet create --name "{{ foreman_provisioning_network }}/24" --dhcp-id {{ foreman_provisioning_smart_proxy.Id }} @@ -102,25 +102,25 @@ # Puppet - name: 'find environment' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} environment info --name "production" register: foreman_provisioning_environment ignore_errors: True - name: 'create environment' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} environment create --name production {{ foreman_provisioning_hammer_taxonomy_params }} when: foreman_provisioning_environment.stderr.find('not found') != -1 - name: 'update environment' # it may have been automatically created by puppet if katello reports first - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} environment update --name production {{ foreman_provisioning_hammer_taxonomy_params }} # query local nameservers http://projects.theforeman.org/issues/13419 - name: 'query local nameservers' - shell: > + ansible.builtin.shell: > {{ foreman_provisioning_hammer }} settings set --name query_local_nameservers --value true diff --git a/roles/foreman_proxy_content/tasks/certs_generate.yml b/roles/foreman_proxy_content/tasks/certs_generate.yml index 2c8b9666a..84c875b8f 100644 --- a/roles/foreman_proxy_content/tasks/certs_generate.yml +++ b/roles/foreman_proxy_content/tasks/certs_generate.yml @@ -1,27 +1,27 @@ --- - name: 'Detect certs generate' - command: "which foreman-proxy-certs-generate" + ansible.builtin.command: "which foreman-proxy-certs-generate" ignore_errors: true register: foreman_proxy_certs_generate_exists delegate_to: "{{ foreman_proxy_content_server }}" - name: 'Generate Certs' - command: foreman-proxy-certs-generate --foreman-proxy-fqdn {{ ansible_nodename }} --certs-tar {{ foreman_proxy_content_certs_tar }} {{ foreman_proxy_content_certs_args }} + ansible.builtin.command: foreman-proxy-certs-generate --foreman-proxy-fqdn {{ ansible_nodename }} --certs-tar {{ foreman_proxy_content_certs_tar }} {{ foreman_proxy_content_certs_args }} delegate_to: "{{ foreman_proxy_content_server }}" when: foreman_proxy_certs_generate_exists.rc == 0 - name: 'Generate Certs' - command: capsule-certs-generate --capsule-fqdn {{ ansible_nodename }} --certs-tar {{ foreman_proxy_content_certs_tar }} + ansible.builtin.command: capsule-certs-generate --capsule-fqdn {{ ansible_nodename }} --certs-tar {{ foreman_proxy_content_certs_tar }} delegate_to: "{{ foreman_proxy_content_server }}" when: foreman_proxy_certs_generate_exists.rc != 0 - name: 'Fetch Certs' delegate_to: "{{ foreman_proxy_content_server }}" - fetch: + ansible.builtin.fetch: src: "{{ foreman_proxy_content_certs_tar }}" dest: /tmp - name: 'Copy Certs to Capsule' - copy: + ansible.builtin.copy: src: "/tmp/{{ inventory_hostname }}{{ foreman_proxy_content_certs_tar }}" dest: ~/ diff --git a/roles/foreman_proxy_content/tasks/devel_install.yml b/roles/foreman_proxy_content/tasks/devel_install.yml index a43960a91..afea01e48 100644 --- a/roles/foreman_proxy_content/tasks/devel_install.yml +++ b/roles/foreman_proxy_content/tasks/devel_install.yml @@ -1,15 +1,15 @@ --- - name: 'Query Foreman server' - uri: + ansible.builtin.uri: url: http://localhost:3000/api/v2/ping delegate_to: "{{ foreman_proxy_content_server }}" ignore_errors: True register: foreman_get - name: 'Check for rails server' - fail: msg="No rails server detected running on {{ foreman_proxy_content_server }}" + ansible.builtin.fail: msg="No rails server detected running on {{ foreman_proxy_content_server }}" when: foreman_get.status != 200 - name: 'Add group foreman' - group: name=foreman state=present + ansible.builtin.group: name=foreman state=present delegate_to: "{{ foreman_proxy_content_server }}" diff --git a/roles/foreman_proxy_content/tasks/install.yml b/roles/foreman_proxy_content/tasks/install.yml index 1c45b6069..21a800797 100644 --- a/roles/foreman_proxy_content/tasks/install.yml +++ b/roles/foreman_proxy_content/tasks/install.yml @@ -1,34 +1,34 @@ --- - name: 'Gather facts from {{ foreman_proxy_content_server }}' - setup: + ansible.builtin.setup: delegate_to: "{{ foreman_proxy_content_server }}" delegate_facts: true - name: 'Get Server Hostname' - set_fact: + ansible.builtin.set_fact: server_fqdn: "{{ hostvars[foreman_proxy_content_server].ansible_nodename }}" - name: 'Get Foreman settings' - slurp: + ansible.builtin.slurp: src: "{{ foreman_directory }}/settings.yaml" delegate_to: "{{ foreman_proxy_content_server }}" register: foreman_settings - name: 'Get OAuth consumer data from settings' - set_fact: + ansible.builtin.set_fact: oauth_consumer_key: "{{ foreman_settings_yaml[':oauth_consumer_key'] }}" oauth_consumer_secret: "{{ foreman_settings_yaml[':oauth_consumer_secret'] }}" vars: foreman_settings_yaml: "{{ (foreman_settings['content'] | b64decode | from_yaml) }}" -- include_tasks: certs_generate.yml +- ansible.builtin.include_tasks: certs_generate.yml - name: 'Change cert permissions' - file: path='/etc/pki/katello/private' mode=0775 + ansible.builtin.file: path='/etc/pki/katello/private' mode=0775 delegate_to: "{{ foreman_proxy_content_server }}" when: devel is defined and devel - name: 'Install Capsule Installer RPM' - yum: + ansible.builtin.yum: name: foreman-proxy-content when: not custom_install diff --git a/roles/foreman_proxy_content/tasks/main.yml b/roles/foreman_proxy_content/tasks/main.yml index 793bc6fe3..806263654 100644 --- a/roles/foreman_proxy_content/tasks/main.yml +++ b/roles/foreman_proxy_content/tasks/main.yml @@ -1,9 +1,9 @@ --- -- include_tasks: devel_install.yml +- ansible.builtin.include_tasks: devel_install.yml when: (foreman_proxy_content_upgrade == False and devel is defined and devel == True) -- include_tasks: install.yml +- ansible.builtin.include_tasks: install.yml when: foreman_proxy_content_upgrade == False -- include_tasks: upgrade.yml +- ansible.builtin.include_tasks: upgrade.yml when: foreman_proxy_content_upgrade == True diff --git a/roles/foreman_proxy_content/tasks/upgrade.yml b/roles/foreman_proxy_content/tasks/upgrade.yml index 30ca1c3a6..1e1782509 100644 --- a/roles/foreman_proxy_content/tasks/upgrade.yml +++ b/roles/foreman_proxy_content/tasks/upgrade.yml @@ -1,8 +1,8 @@ --- -- include_tasks: certs_generate.yml +- ansible.builtin.include_tasks: certs_generate.yml - name: 'Run installer upgrade' - include_role: + ansible.builtin.include_role: name: foreman_installer vars: foreman_installer_upgrade: true diff --git a/roles/foreman_repositories/tasks/debian_release_repos.yml b/roles/foreman_repositories/tasks/debian_release_repos.yml index 7f89040ae..b36d232ac 100644 --- a/roles/foreman_repositories/tasks/debian_release_repos.yml +++ b/roles/foreman_repositories/tasks/debian_release_repos.yml @@ -1,4 +1,4 @@ --- - name: 'Install Foreman {{ foreman_repositories_version }} repository' - include_role: + ansible.builtin.include_role: role: theforeman.operations.foreman_repositories diff --git a/roles/foreman_repositories/tasks/debian_staging_repos.yml b/roles/foreman_repositories/tasks/debian_staging_repos.yml index 281113cb9..f232ede1a 100644 --- a/roles/foreman_repositories/tasks/debian_staging_repos.yml +++ b/roles/foreman_repositories/tasks/debian_staging_repos.yml @@ -1,17 +1,17 @@ --- - name: 'Install Foreman GPG key' - get_url: + ansible.builtin.get_url: url: https://stagingdeb.theforeman.org/foreman.asc dest: /etc/apt/trusted.gpg.d/foreman.asc mode: '0444' - name: 'Install Foreman {{ foreman_repositories_version }} repository' - apt_repository: + ansible.builtin.apt_repository: repo: "deb http://stagingdeb.theforeman.org {{ ansible_distribution_release }} theforeman-{{ foreman_repositories_version }}" state: present - name: 'Setup Foreman {{ foreman_repositories_version }} plugins repository' - apt_repository: + ansible.builtin.apt_repository: # No plugins staging repository repo: "deb http://deb.theforeman.org plugins {{ foreman_repositories_version }}" state: "{{ foreman_repositories_plugins | ternary('present', 'absent') }}" diff --git a/roles/foreman_repositories/tasks/main.yml b/roles/foreman_repositories/tasks/main.yml index c13c0ee75..d5d0ae5d7 100644 --- a/roles/foreman_repositories/tasks/main.yml +++ b/roles/foreman_repositories/tasks/main.yml @@ -1,8 +1,8 @@ --- -- include_tasks: "{{ ansible_os_family|lower }}_{{ foreman_repositories_environment }}_repos.yml" +- ansible.builtin.include_tasks: "{{ ansible_os_family|lower }}_{{ foreman_repositories_environment }}_repos.yml" - name: 'Install centos-release-scl-rh' - yum: + ansible.builtin.yum: name: centos-release-scl-rh state: latest update_cache: yes @@ -13,7 +13,7 @@ - ansible_distribution_major_version == '7' - name: 'Clean yum' - command: 'yum clean all' + ansible.builtin.command: 'yum clean all' args: warn: false tags: diff --git a/roles/foreman_repositories/tasks/redhat_release_repos.yml b/roles/foreman_repositories/tasks/redhat_release_repos.yml index 1067ccee8..4d511029a 100644 --- a/roles/foreman_repositories/tasks/redhat_release_repos.yml +++ b/roles/foreman_repositories/tasks/redhat_release_repos.yml @@ -1,6 +1,6 @@ --- - name: 'Setup Foreman {{ foreman_repositories_version }} Repository' - include_role: + ansible.builtin.include_role: role: theforeman.operations.foreman_repositories tags: - packages diff --git a/roles/foreman_repositories/tasks/redhat_staging_repos.yml b/roles/foreman_repositories/tasks/redhat_staging_repos.yml index b4a79b6eb..6429cfa44 100644 --- a/roles/foreman_repositories/tasks/redhat_staging_repos.yml +++ b/roles/foreman_repositories/tasks/redhat_staging_repos.yml @@ -1,13 +1,13 @@ --- - name: 'Remove foreman-release' - yum: + ansible.builtin.yum: name: foreman-release state: absent tags: - packages - name: 'Foreman {{ foreman_repositories_version }} Koji repository' - yum_repository: + ansible.builtin.yum_repository: name: foreman-koji description: "Foreman {{ foreman_repositories_version }} Koji Repository" baseurl: "http://koji.katello.org/releases/yum/foreman-{{ foreman_repositories_version }}/el{{ ansible_distribution_major_version }}/x86_64/" @@ -17,7 +17,7 @@ - packages - name: 'Foreman {{ foreman_repositories_version }} Plugins Koji repository' - yum_repository: + ansible.builtin.yum_repository: name: foreman-plugins-koji state: "{{ foreman_repositories_plugins | ternary('present', 'absent') }}" description: "Foreman Plugins {{ foreman_repositories_version }} Koji Repository" @@ -28,7 +28,7 @@ - packages - name: 'Set module_hotfixes=1' - lineinfile: + ansible.builtin.lineinfile: path: "/etc/yum.repos.d/{{ item }}.repo" line: module_hotfixes=1 loop: @@ -41,7 +41,7 @@ - foreman_repositories_version is version('3.1', '<=') - name: 'Enable foreman:el8 module' - command: dnf module enable -y foreman:el8 + ansible.builtin.command: dnf module enable -y foreman:el8 # can't use the `dnf` module for modules without a default stream # https://github.com/ansible/ansible/issues/56504 # https://github.com/ansible/ansible/issues/64852 diff --git a/roles/foreman_seeder/hostgroups/tasks/main.yml b/roles/foreman_seeder/hostgroups/tasks/main.yml index 5dcc2a6d6..17937e87d 100644 --- a/roles/foreman_seeder/hostgroups/tasks/main.yml +++ b/roles/foreman_seeder/hostgroups/tasks/main.yml @@ -1,7 +1,7 @@ --- #testing both --name and --title for backward compatibility - name: 'Create operating systems' - shell: > + ansible.builtin.shell: > {% if 'minor' in item %} {% set title = item.name +' '+ item.major +'.'+ item.minor %} {% else %} @@ -28,7 +28,7 @@ # TODO: fix: Locations you cannot remove locations that are used by hosts or inherited. # - name: 'Add media to organizations' -# shell: > +# ansible.builtin.shell: > # {{ foreman_seeder_hostgroups_hammer }} organization add-medium --name '{{ foreman_seeder_hostgroups_organization }}' --medium '{{ item.medium }}' # with_items: '{{ foreman_seeder_operating_systems }}' # when: foreman_seeder_hostgroups_use_taxonomies @@ -36,7 +36,7 @@ # - seed # # - name: 'Add media to locations' -# shell: > +# ansible.builtin.shell: > # {{ foreman_seeder_hostgroups_hammer }} location add-medium --name '{{ foreman_seeder_hostgroups_location }}' --medium '{{ item.medium }}' # with_items: '{{ foreman_seeder_operating_systems }}' # when: foreman_seeder_hostgroups_use_taxonomies @@ -44,7 +44,7 @@ # - seed - name: 'Find kickstart templates' - shell: > + ansible.builtin.shell: > {{ foreman_seeder_hostgroups_hammer }} --output=json template list --search 'name ~ "Kickstart default"' register: kickstart_templates_json @@ -52,13 +52,13 @@ - seed - name: 'Set kickstart templates' - set_fact: + ansible.builtin.set_fact: kickstart_templates: "{{ kickstart_templates_json.stdout|from_json }}" tags: - seed - name: 'Find preseed templates' - shell: > + ansible.builtin.shell: > {{ foreman_seeder_hostgroups_hammer }} --output=json template list --search 'name ~ "Preseed default"' register: preseed_templates_json @@ -66,13 +66,13 @@ - seed - name: 'Set preseed templates' - set_fact: + ansible.builtin.set_fact: preseed_templates: "{{ preseed_templates_json.stdout|from_json }}" tags: - seed - name: 'Associate kickstart templates to operating systems' - shell: > + ansible.builtin.shell: > {% if 'minor' in item[0] %} {% set title = item[0].name +' '+ item[0].major +'.'+ item[0].minor %} {% else %} @@ -90,7 +90,7 @@ - seed - name: 'Associate preseed templates to operating systems' - shell: > + ansible.builtin.shell: > {% if 'minor' in item[0] %} {% set title = item[0].name +' '+ item[0].major +'.'+ item[0].minor %} {% else %} @@ -108,7 +108,7 @@ - seed - name: 'Find or create parent hostgroup' - shell: > + ansible.builtin.shell: > {{ foreman_seeder_hostgroups_hammer }} --output=silent hostgroup info --name "{{ foreman_seeder_hostgroups_parent_hostgroup }}" || {{ foreman_seeder_hostgroups_hammer }} hostgroup create --name "{{ foreman_seeder_hostgroups_parent_hostgroup }}" {% if foreman_seeder_hostgroups_use_taxonomies %} @@ -119,7 +119,7 @@ - seed - name: 'Create hostgroups' - shell: > + ansible.builtin.shell: > {% if 'minor' in item %} {% set os_title = item.name +' '+ item.major +'.'+ item.minor %} {% else %} diff --git a/roles/foreman_seeder/hosts/tasks/main.yml b/roles/foreman_seeder/hosts/tasks/main.yml index fdc8db5a9..e663160a9 100644 --- a/roles/foreman_seeder/hosts/tasks/main.yml +++ b/roles/foreman_seeder/hosts/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: 'Create hosts' - shell: > + ansible.builtin.shell: > set -o pipefail && {{ foreman_seeder_hosts_hammer }} host create --hostgroup '{{ item.hostgroup }}' diff --git a/roles/foreman_seeder/puppet_modules/tasks/main.yml b/roles/foreman_seeder/puppet_modules/tasks/main.yml index 4b60e2685..b6fb9a987 100644 --- a/roles/foreman_seeder/puppet_modules/tasks/main.yml +++ b/roles/foreman_seeder/puppet_modules/tasks/main.yml @@ -1,12 +1,12 @@ --- - name: 'Install puppet modules' - shell: puppet module install {{ item }} + ansible.builtin.shell: puppet module install {{ item }} with_items: '{{ foreman_seeder_puppet_modules }}' tags: - seed - name: 'Import puppet classes' - shell: > + ansible.builtin.shell: > {{ foreman_seeder_puppet_modules_hammer }} proxy import-classes --name '{{ foreman_seeder_puppet_modules_proxy_name }}' tags: - seed diff --git a/roles/foreman_seeder/users/tasks/main.yml b/roles/foreman_seeder/users/tasks/main.yml index bfa6dcf30..04f02fdbc 100644 --- a/roles/foreman_seeder/users/tasks/main.yml +++ b/roles/foreman_seeder/users/tasks/main.yml @@ -1,18 +1,18 @@ --- - name: 'prepare hammer taxonomy options' - set_fact: + ansible.builtin.set_fact: foreman_seeder_users_hammer_taxonomy_params: "--organizations '{{ foreman_seeder_users_organization }}' --locations '{{ foreman_seeder_users_location }}'" when: foreman_seeder_users_use_taxonomies - name: 'prepare blank hammer taxonomy options' - set_fact: + ansible.builtin.set_fact: foreman_seeder_users_hammer_taxonomy_params: "" when: not foreman_seeder_users_use_taxonomies # john with manager and viewer role - name: 'Find user john' - shell: > + ansible.builtin.shell: > {{ foreman_seeder_users_hammer }} user info --login "john" register: foreman_seeder_users_john ignore_errors: True @@ -20,7 +20,7 @@ - seed - name: 'Create user john' - shell: > + ansible.builtin.shell: > {{ foreman_seeder_users_hammer }} user create --login john --admin false @@ -35,20 +35,20 @@ - seed - name: 'Assign user john to group Manager' - shell: "{{ foreman_seeder_users_hammer }} user add-role --login john --role Manager" + ansible.builtin.shell: "{{ foreman_seeder_users_hammer }} user add-role --login john --role Manager" when: foreman_seeder_users_john.stderr.find('not found') != -1 tags: - seed - name: 'Assign user john to group Manager' - shell: "{{ foreman_seeder_users_hammer }} user add-role --login john --role Viewer" + ansible.builtin.shell: "{{ foreman_seeder_users_hammer }} user add-role --login john --role Viewer" when: foreman_seeder_users_john.stderr.find('not found') != -1 tags: - seed # jane with viewer role - name: 'Find user jane' - shell: > + ansible.builtin.shell: > {{ foreman_seeder_users_hammer }} user info --login "jane" register: foreman_seeder_users_jane ignore_errors: True @@ -56,7 +56,7 @@ - seed - name: 'Create user jane' - shell: > + ansible.builtin.shell: > {{ foreman_seeder_users_hammer }} user create --login jane --admin false @@ -71,14 +71,14 @@ - seed - name: 'Assign user jane to group Manager' - shell: "{{ foreman_seeder_users_hammer }} user add-role --login jane --role Viewer" + ansible.builtin.shell: "{{ foreman_seeder_users_hammer }} user add-role --login jane --role Viewer" when: foreman_seeder_users_jane.stderr.find('not found') != -1 tags: - seed # jack with no roles - name: 'Create user jack' - shell: > + ansible.builtin.shell: > {{ foreman_seeder_users_hammer }} --output=silent user info --login "jack" || {{ foreman_seeder_users_hammer }} user create --login jack diff --git a/roles/foreman_server_repositories/tasks/main.yml b/roles/foreman_server_repositories/tasks/main.yml index 471ee2333..dd80d3227 100644 --- a/roles/foreman_server_repositories/tasks/main.yml +++ b/roles/foreman_server_repositories/tasks/main.yml @@ -1,28 +1,28 @@ --- - name: load epel_repositories - include_role: + ansible.builtin.include_role: role: epel_repositories when: - foreman_server_repositories_epel|bool - ansible_distribution_major_version == '7' - name: load puppet_repositories - include_role: + ansible.builtin.include_role: role: theforeman.operations.puppet_repositories when: - foreman_server_repositories_puppet|bool - name: load foreman_repositories - include_role: + ansible.builtin.include_role: role: foreman_repositories when: foreman_server_repositories_foreman|bool - name: load katello_repositories - include_role: + ansible.builtin.include_role: role: katello_repositories when: foreman_server_repositories_katello|bool - name: load foreman_client_repositories - include_role: + ansible.builtin.include_role: role: foreman_client_repositories when: foreman_server_repositories_foreman_client|bool diff --git a/roles/foreman_testing/tasks/main.yml b/roles/foreman_testing/tasks/main.yml index fbcc1e5fc..6a4d960e3 100644 --- a/roles/foreman_testing/tasks/main.yml +++ b/roles/foreman_testing/tasks/main.yml @@ -1,15 +1,15 @@ --- - name: "Run bats tests" - include_role: + ansible.builtin.include_role: name: "bats" when: foreman_testing_bats - name: "Run hammer tests" - include_role: + ansible.builtin.include_role: name: "hammer_tests" when: foreman_testing_hammer_tests - name: "Run robottelo tests" - include_role: + ansible.builtin.include_role: name: "robottelo" when: foreman_testing_robottelo_tests diff --git a/roles/forklift/tasks/destroy.yml b/roles/forklift/tasks/destroy.yml index 591e6cfb6..fe7ccf798 100644 --- a/roles/forklift/tasks/destroy.yml +++ b/roles/forklift/tasks/destroy.yml @@ -1,10 +1,10 @@ --- - name: 'Destroy boxes' - command: "vagrant destroy -f {{ forklift_boxes.keys()|join(' ') }}" + ansible.builtin.command: "vagrant destroy -f {{ forklift_boxes.keys()|join(' ') }}" args: chdir: "{{ forklift_directory }}" - name: 'Remove box file' - file: + ansible.builtin.file: path: "{{ forklift_directory }}/vagrant/boxes.d/80-tmp-{{ forklift_name }}.yaml" state: "absent" diff --git a/roles/forklift/tasks/halt.yml b/roles/forklift/tasks/halt.yml index aa9258285..e378b072a 100644 --- a/roles/forklift/tasks/halt.yml +++ b/roles/forklift/tasks/halt.yml @@ -1,5 +1,5 @@ --- - name: 'Halt boxes' - command: "vagrant halt {{ forklift_boxes.keys()|join(' ') }}" + ansible.builtin.command: "vagrant halt {{ forklift_boxes.keys()|join(' ') }}" args: chdir: "{{ forklift_directory }}" diff --git a/roles/forklift/tasks/main.yml b/roles/forklift/tasks/main.yml index 4c13a4b42..e364cb89c 100644 --- a/roles/forklift/tasks/main.yml +++ b/roles/forklift/tasks/main.yml @@ -1,20 +1,20 @@ --- - name: 'Check variables defined' - fail: + ansible.builtin.fail: msg: 'Please define forklift_name which determines the file boxes are deployed to' when: forklift_name is undefined - name: 'Check Forklift state' - fail: + ansible.builtin.fail: msg: 'Invalid value for the forklift_state variable. Please use pass "-e "forklift_state=up"" to spin up the boxes or "-e "forklift_state=destroy"" to destroy the boxes. The rebuild state can be used to first destroy and the up.' when: forklift_state not in ('up', 'destroy', 'rebuild', 'halt') - name: 'Define forklift_directory' - set_fact: + ansible.builtin.set_fact: forklift_directory: "{{ lookup('env', 'PWD') }}" - name: 'vagrant {{ forklift_state }} boxes' - include_tasks: '{{ forklift_state }}.yml' + ansible.builtin.include_tasks: '{{ forklift_state }}.yml' - name: 'Refresh inventory' - meta: refresh_inventory + ansible.builtin.meta: refresh_inventory diff --git a/roles/forklift/tasks/rebuild.yml b/roles/forklift/tasks/rebuild.yml index 11d67e51a..6110d67eb 100644 --- a/roles/forklift/tasks/rebuild.yml +++ b/roles/forklift/tasks/rebuild.yml @@ -1,6 +1,6 @@ --- - name: 'Rebuild vagrant boxes' - include_tasks: '{{ item }}.yml' + ansible.builtin.include_tasks: '{{ item }}.yml' with_items: - destroy - up diff --git a/roles/forklift/tasks/up.yml b/roles/forklift/tasks/up.yml index 33728f3e7..700e2e11b 100644 --- a/roles/forklift/tasks/up.yml +++ b/roles/forklift/tasks/up.yml @@ -1,12 +1,12 @@ --- - name: 'Write box file' - copy: + ansible.builtin.copy: dest: "{{ forklift_directory }}/vagrant/boxes.d/80-tmp-{{ forklift_name }}.yaml" content: "{{ forklift_boxes | to_yaml }}" # using --no-parallel here to avoid problems with libvirt storage volumes # see https://github.com/vagrant-libvirt/vagrant-libvirt/issues/850 - name: 'Bring up boxes' - command: "vagrant up --no-parallel {{ forklift_boxes.keys()|join(' ') }}" + ansible.builtin.command: "vagrant up --no-parallel {{ forklift_boxes.keys()|join(' ') }}" args: chdir: "{{ forklift_directory }}" diff --git a/roles/forklift_versions/molecule/default/verify.yml b/roles/forklift_versions/molecule/default/verify.yml index a3c862f0a..43190271c 100644 --- a/roles/forklift_versions/molecule/default/verify.yml +++ b/roles/forklift_versions/molecule/default/verify.yml @@ -10,49 +10,49 @@ pipeline_os: centos7 tasks: - name: "Include forklift_versions for 4.3 installs" - include_role: + ansible.builtin.include_role: name: "forklift_versions" vars: scenario: "{{ pipeline_type }}" scenario_os: "{{ pipeline_os }}" scenario_version: "4.3" - name: Ensure versions have been set correctly - assert: + ansible.builtin.assert: that: - foreman_repositories_version == '3.1' - katello_repositories_version == '4.3' - pulpcore_repositories_version == '3.16' - name: "Include forklift_versions for 4.4 installs" - include_role: + ansible.builtin.include_role: name: "forklift_versions" vars: scenario: "{{ pipeline_type }}" scenario_os: "{{ pipeline_os }}" scenario_version: "4.4" - name: Ensure versions have been set correctly - assert: + ansible.builtin.assert: that: - foreman_repositories_version == '3.2' - katello_repositories_version == '4.4' - pulpcore_repositories_version == '3.16' - name: "Include forklift_versions for nightly installs" - include_role: + ansible.builtin.include_role: name: "forklift_versions" vars: scenario: "{{ pipeline_type }}" scenario_os: "{{ pipeline_os }}" scenario_version: "nightly" - name: Ensure versions have been set correctly - assert: + ansible.builtin.assert: that: - foreman_repositories_version is defined - katello_repositories_version is defined - pulpcore_repositories_version is defined - name: "Include forklift_versions for upgrades" - include_role: + ansible.builtin.include_role: name: "forklift_versions" vars: scenario: "{{ pipeline_type }}" @@ -60,14 +60,14 @@ scenario_version: "4.4" upgrade: True - name: Ensure upgrade steps have been determined correctly - assert: + ansible.builtin.assert: that: - forklift_upgrade_version_start == '4.2' - forklift_upgrade_version_intermediate == '4.3' - forklift_upgrade_version_final == '4.4' - name: "Include forklift_versions for upgrades with upgrade_step=2" - include_role: + ansible.builtin.include_role: name: "forklift_versions" vars: scenario: "{{ pipeline_type }}" @@ -76,7 +76,7 @@ upgrade: True upgrade_step: 2 - name: Ensure upgrade steps have been determined correctly - assert: + ansible.builtin.assert: that: - forklift_upgrade_version_start == '4.0' - forklift_upgrade_version_intermediate == '4.2' diff --git a/roles/forklift_versions/tasks/main.yml b/roles/forklift_versions/tasks/main.yml index 293d84f49..cb61a05d3 100644 --- a/roles/forklift_versions/tasks/main.yml +++ b/roles/forklift_versions/tasks/main.yml @@ -1,6 +1,6 @@ --- -- include_tasks: versions.yml +- ansible.builtin.include_tasks: versions.yml when: not upgrade -- include_tasks: upgrade.yml +- ansible.builtin.include_tasks: upgrade.yml when: upgrade diff --git a/roles/forklift_versions/tasks/upgrade.yml b/roles/forklift_versions/tasks/upgrade.yml index ec25aab77..cb17fae5f 100644 --- a/roles/forklift_versions/tasks/upgrade.yml +++ b/roles/forklift_versions/tasks/upgrade.yml @@ -12,7 +12,7 @@ become: no - name: set individual upgrade vars - set_fact: + ansible.builtin.set_fact: forklift_upgrade_version_start: "{{ forklift_upgrade_versions.versions[0] }}" forklift_upgrade_version_intermediate: "{{ forklift_upgrade_versions.versions[1] }}" forklift_upgrade_version_final: "{{ forklift_upgrade_versions.versions[2] }}" diff --git a/roles/forklift_versions/tasks/versions.yml b/roles/forklift_versions/tasks/versions.yml index ffd4e592d..943d836b3 100644 --- a/roles/forklift_versions/tasks/versions.yml +++ b/roles/forklift_versions/tasks/versions.yml @@ -10,5 +10,5 @@ become: no - name: set individual component vars - set_fact: "{{ item.key }}={{ item.value }}" + ansible.builtin.set_fact: "{{ item.key }}={{ item.value }}" with_items: "{{ forklift_versions.versions | dict2items }}" diff --git a/roles/freeipa_server/tasks/install_freeipa_client.yml b/roles/freeipa_server/tasks/install_freeipa_client.yml index 80037863c..047a1eb5f 100644 --- a/roles/freeipa_server/tasks/install_freeipa_client.yml +++ b/roles/freeipa_server/tasks/install_freeipa_client.yml @@ -2,7 +2,7 @@ - name: 'Add /etc/hosts record for FreeIPA' become: true delegate_to: "{{ katello_server_origin }}" - lineinfile: + ansible.builtin.lineinfile: dest: /etc/hosts regexp: ".*{{ ansible_nodename }}$" line: "{{ freeipa_server_ip }} {{ ansible_nodename }}" @@ -11,21 +11,21 @@ - name: 'Install FreeIPA client and admintools' become: true delegate_to: "{{ katello_server_origin }}" - yum: + ansible.builtin.yum: name: ipa-client,ipa-admintools state: latest - name: 'Register Foreman in FreeIPA' become: true delegate_to: "{{ katello_server_origin }}" - shell: ipa-client-install --domain {{ ansible_domain }} --server {{ ansible_nodename }} --mkhomedir --fixed-primary --realm={{ freeipa_server_realm }} --force-join -p {{ freeipa_server_kerberos_principal }}@{{ freeipa_server_realm }} -w {{ freeipa_server_realm_password }} -U + ansible.builtin.shell: ipa-client-install --domain {{ ansible_domain }} --server {{ ansible_nodename }} --mkhomedir --fixed-primary --realm={{ freeipa_server_realm }} --force-join -p {{ freeipa_server_kerberos_principal }}@{{ freeipa_server_realm }} -w {{ freeipa_server_realm_password }} -U args: creates: /etc/krb5.keytab - name: 'Run foreman-prepare-realm' become: true delegate_to: "{{ katello_server_origin }}" - shell: set -o pipefail && echo changeme | foreman-prepare-realm {{ freeipa_server_kerberos_principal }}@{{ freeipa_server_realm }} {{ katello_server }} + ansible.builtin.shell: set -o pipefail && echo changeme | foreman-prepare-realm {{ freeipa_server_kerberos_principal }}@{{ freeipa_server_realm }} {{ katello_server }} args: chdir: /root creates: /root/freeipa.keytab @@ -33,29 +33,29 @@ - name: 'Create HTTP principal' become: true delegate_to: "{{ katello_server_origin }}" - shell: set -o pipefail && echo changeme | kinit {{ freeipa_server_kerberos_principal }} + ansible.builtin.shell: set -o pipefail && echo changeme | kinit {{ freeipa_server_kerberos_principal }} - name: 'Add the host' become: true delegate_to: "{{ katello_server_origin }}" - shell: ipa host-show {{ katello_server }}.{{ freeipa_server_domain }} || ipa host-add --ip-address {{ ansible_eth0.ipv4.address }} {{ katello_server }}.{{ freeipa_server_domain }} + ansible.builtin.shell: ipa host-show {{ katello_server }}.{{ freeipa_server_domain }} || ipa host-add --ip-address {{ ansible_eth0.ipv4.address }} {{ katello_server }}.{{ freeipa_server_domain }} - name: 'Add the service' become: true delegate_to: "{{ katello_server_origin }}" - shell: ipa service-show HTTP/{{ katello_server }}.{{ freeipa_server_domain }} || ipa service-add HTTP/{{ katello_server }}.{{ freeipa_server_domain }} --force + ansible.builtin.shell: ipa service-show HTTP/{{ katello_server }}.{{ freeipa_server_domain }} || ipa service-add HTTP/{{ katello_server }}.{{ freeipa_server_domain }} --force - name: 'Get the keytab' become: true delegate_to: "{{ katello_server_origin }}" - shell: ipa-getkeytab -s {{ ansible_nodename }} -p HTTP/{{ katello_server }}.{{ freeipa_server_domain }}@{{ freeipa_server_realm }} -k /etc/httpd/conf/ipa.keytab + ansible.builtin.shell: ipa-getkeytab -s {{ ansible_nodename }} -p HTTP/{{ katello_server }}.{{ freeipa_server_domain }}@{{ freeipa_server_realm }} -k /etc/httpd/conf/ipa.keytab args: creates: /etc/httpd/conf/ipa.keytab - name: 'Copy the keytab' become: true delegate_to: "{{ katello_server_origin }}" - copy: + ansible.builtin.copy: src: /root/freeipa.keytab dest: /etc/foreman-proxy/freeipa.keytab remote_src: yes @@ -65,4 +65,4 @@ - name: 'Enable Realm with foreman-installer' become: true delegate_to: "{{ katello_server_origin }}" - shell: foreman-installer --foreman-proxy-realm=true --disable-system-checks + ansible.builtin.shell: foreman-installer --foreman-proxy-realm=true --disable-system-checks diff --git a/roles/freeipa_server/tasks/install_freeipa_server.yml b/roles/freeipa_server/tasks/install_freeipa_server.yml index 4f1f6b543..0ccab2d15 100644 --- a/roles/freeipa_server/tasks/install_freeipa_server.yml +++ b/roles/freeipa_server/tasks/install_freeipa_server.yml @@ -1,12 +1,12 @@ - name: 'Install FreeIPA server packages (this could take a while)' become: true - yum: + ansible.builtin.yum: name: ipa-server,ipa-server-dns state: latest - name: 'Fix /etc/hosts record for self' become: true - lineinfile: + ansible.builtin.lineinfile: dest: /etc/hosts regexp: ".*{{ ansible_nodename }}.*localhost.*" line: "{{ freeipa_server_ip }} {{ ansible_nodename }}" @@ -14,18 +14,18 @@ - name: 'Fix /etc/hosts freeipa installation' become: true - replace: + ansible.builtin.replace: dest: /etc/hosts regexp: "127.*c7-freeipa-server.*" replace: "" - name: 'Ensure localhost record is in /etc/hosts' become: true - lineinfile: + ansible.builtin.lineinfile: dest: /etc/hosts line: "127.0.0.1 localhost.localdomain localhost" state: present - name: 'Run FreeIPA Install' become: true - shell: ipa-server-install -U -r {{ freeipa_server_realm }} -p {{ freeipa_server_directory_manager_password }} -a {{ freeipa_server_directory_admin_password }} creates=/etc/krb5.keytab + ansible.builtin.shell: ipa-server-install -U -r {{ freeipa_server_realm }} -p {{ freeipa_server_directory_manager_password }} -a {{ freeipa_server_directory_admin_password }} creates=/etc/krb5.keytab diff --git a/roles/freeipa_server/tasks/main.yml b/roles/freeipa_server/tasks/main.yml index 54f095122..27eebb533 100644 --- a/roles/freeipa_server/tasks/main.yml +++ b/roles/freeipa_server/tasks/main.yml @@ -1,3 +1,3 @@ --- -- include_tasks: install_freeipa_server.yml -- include_tasks: install_freeipa_client.yml +- ansible.builtin.include_tasks: install_freeipa_server.yml +- ansible.builtin.include_tasks: install_freeipa_client.yml diff --git a/roles/git/tasks/main.yml b/roles/git/tasks/main.yml index 816cd2806..bbf4b0d30 100644 --- a/roles/git/tasks/main.yml +++ b/roles/git/tasks/main.yml @@ -1,4 +1,4 @@ --- - name: 'Install git' become: true - yum: name=git-core state=present + ansible.builtin.yum: name=git-core state=present diff --git a/roles/hammer_credentials/tasks/main.yml b/roles/hammer_credentials/tasks/main.yml index 65d89f025..553365589 100644 --- a/roles/hammer_credentials/tasks/main.yml +++ b/roles/hammer_credentials/tasks/main.yml @@ -1,15 +1,15 @@ --- - name: 'Add hammer config directory' - file: + ansible.builtin.file: path: ~/.hammer state: directory - name: 'Add hammer module config directory' - file: + ansible.builtin.file: path: ~/.hammer/cli.modules.d state: directory - name: 'Deploy configuration file with connection setup' - template: + ansible.builtin.template: src: zzz_foreman_forklift_credentials.yml.j2 dest: ~/.hammer/cli.modules.d/zzz_foreman_forklift_credentials.yml diff --git a/roles/hammer_devel/tasks/hammer_config.yml b/roles/hammer_devel/tasks/hammer_config.yml index b589a8bc8..326c42266 100644 --- a/roles/hammer_devel/tasks/hammer_config.yml +++ b/roles/hammer_devel/tasks/hammer_config.yml @@ -1,82 +1,82 @@ --- - name: 'Add hammer config directory' - file: path=~/.hammer state=directory + ansible.builtin.file: path=~/.hammer state=directory - name: 'Add hammer module config directory' - file: path=~/.hammer/cli.modules.d state=directory + ansible.builtin.file: path=~/.hammer/cli.modules.d state=directory - name: 'Configure hammer' - command: cp ~/hammer-cli/config/cli_config.template.yml ~/.hammer/cli_config.yml + ansible.builtin.command: cp ~/hammer-cli/config/cli_config.template.yml ~/.hammer/cli_config.yml args: creates: ~/.hammer/cli_config.yml - name: 'Configure hammer-cli-foreman' - command: cp ~/hammer-cli-foreman/config/foreman.yml ~/.hammer/cli.modules.d/ + ansible.builtin.command: cp ~/hammer-cli-foreman/config/foreman.yml ~/.hammer/cli.modules.d/ args: creates: ~/.hammer/cli.modules.d/foreman.yml - name: 'Update hammer-cli-foreman host' - lineinfile: + ansible.builtin.lineinfile: dest: ~/.hammer/cli.modules.d/foreman.yml line: ' :host: {{ hammer_devel_host }}' regexp: 'host' - name: 'Update hammer-cli-foreman username' - lineinfile: + ansible.builtin.lineinfile: dest: ~/.hammer/cli.modules.d/foreman.yml line: ' :username: {{ hammer_devel_username }}' regexp: 'username' - name: 'Update hammer-cli-foreman password' - lineinfile: + ansible.builtin.lineinfile: dest: ~/.hammer/cli.modules.d/foreman.yml line: ' :password: {{ hammer_devel_password }}' regexp: 'password' - name: 'Enable hammer-cli-foreman-admin' - command: cp ~/hammer-cli-foreman-admin/config/foreman_admin.yml ~/.hammer/cli.modules.d/ + ansible.builtin.command: cp ~/hammer-cli-foreman-admin/config/foreman_admin.yml ~/.hammer/cli.modules.d/ args: creates: ~/.hammer/cli.modules.d/foreman_admin.yml when: ('theforeman/hammer-cli-foreman-admin' in hammer_devel_repositories) - name: 'Configure hammer-cli-foreman-admin logging core' - command: cp ~/hammer-cli-foreman-admin/config/cli.modules.d/foreman_admin_logging_core.yml ~/.hammer/cli.modules.d/ + ansible.builtin.command: cp ~/hammer-cli-foreman-admin/config/cli.modules.d/foreman_admin_logging_core.yml ~/.hammer/cli.modules.d/ args: creates: ~/.hammer/cli.modules.d/foreman_admin_logging_core.yml when: ('theforeman/hammer-cli-foreman-admin' in hammer_devel_repositories) - name: 'Configure hammer-cli-foreman-admin logging for katello' - command: cp ~/hammer-cli-foreman-admin/config/cli.modules.d/foreman_admin_logging_katello.yml ~/.hammer/cli.modules.d/ + ansible.builtin.command: cp ~/hammer-cli-foreman-admin/config/cli.modules.d/foreman_admin_logging_katello.yml ~/.hammer/cli.modules.d/ args: creates: ~/.hammer/cli.modules.d/foreman_admin_logging_katello.yml when: ('theforeman/hammer-cli-foreman-admin' in hammer_devel_repositories) - name: 'Configure hammer-cli-katello' - command: cp ~/hammer-cli-katello/config/katello.yml ~/.hammer/cli.modules.d/ + ansible.builtin.command: cp ~/hammer-cli-katello/config/katello.yml ~/.hammer/cli.modules.d/ args: creates: ~/.hammer/cli.modules.d/katello.yml when: ('katello/hammer-cli-katello' in hammer_devel_repositories) - name: 'Configure hammer-cli-csv' - command: cp ~/hammer-cli-csv/config/csv.yml ~/.hammer/cli.modules.d/ + ansible.builtin.command: cp ~/hammer-cli-csv/config/csv.yml ~/.hammer/cli.modules.d/ args: creates: ~/.hammer/cli.modules.d/csv.yml when: ('katello/hammer-cli-csv' in hammer_devel_repositories) - name: 'Configure hammer_cli_foreman_remote_execution' - command: cp ~/hammer_cli_foreman_remote_execution/config/foreman_remote_execution.yml ~/.hammer/cli.modules.d/ + ansible.builtin.command: cp ~/hammer_cli_foreman_remote_execution/config/foreman_remote_execution.yml ~/.hammer/cli.modules.d/ args: creates: ~/.hammer/cli.modules.d/foreman_remote_execution.yml when: ('theforeman/hammer_cli_foreman_remote_execution' in hammer_devel_repositories) - name: 'Configure hammer_cli_virt_who_configure' - command: cp ~/hammer-cli-foreman-virt-who-configure/config/foreman_virt_who_configure.yml ~/.hammer/cli.modules.d/ + ansible.builtin.command: cp ~/hammer-cli-foreman-virt-who-configure/config/foreman_virt_who_configure.yml ~/.hammer/cli.modules.d/ args: creates: ~/.hammer/cli.modules.d/foreman_virt_who_configure.yml when: ('theforeman/hammer-cli-foreman-virt-who-configure' in hammer_devel_repositories) - name: 'Alias hammer' - lineinfile: dest=~/.bash_profile line="alias hammer='BUNDLE_GEMFILE=~/hammer-cli-foreman/Gemfile bundle exec hammer'" + ansible.builtin.lineinfile: dest=~/.bash_profile line="alias hammer='BUNDLE_GEMFILE=~/hammer-cli-foreman/Gemfile bundle exec hammer'" - name: 'Alias rake' - lineinfile: dest=~/.bash_profile line="alias rake='bundle exec rake'" + ansible.builtin.lineinfile: dest=~/.bash_profile line="alias rake='bundle exec rake'" diff --git a/roles/hammer_devel/tasks/hammer_install.yml b/roles/hammer_devel/tasks/hammer_install.yml index 85c8b2192..0af769a1f 100644 --- a/roles/hammer_devel/tasks/hammer_install.yml +++ b/roles/hammer_devel/tasks/hammer_install.yml @@ -1,6 +1,6 @@ --- - name: 'Clone the hammer repositories' - git: + ansible.builtin.git: repo: https://github.com/{{ item }}.git dest: ~/{{ item.split('/')[1] }} update: no @@ -8,7 +8,7 @@ with_items: "{{ hammer_devel_repositories }}" - name: 'Check if the local fork remotes exist' - shell: "git remote | grep ^{{ hammer_devel_github_fork_remote_name }}$" + ansible.builtin.shell: "git remote | grep ^{{ hammer_devel_github_fork_remote_name }}$" args: chdir: ~/{{ item.split('/')[1] }} ignore_errors: yes @@ -17,7 +17,7 @@ register: local_fork_remotes_exist - name: 'Check the GitHub fork repos exist for missing local fork remotes' - shell: "git ls-remote --exit-code -h https://:@github.com/{{ hammer_devel_github_username }}/{{ item.item.split('/')[1] }}" + ansible.builtin.shell: "git ls-remote --exit-code -h https://:@github.com/{{ hammer_devel_github_username }}/{{ item.item.split('/')[1] }}" args: chdir: ~/{{ item.item.split('/')[1] }} ignore_errors: yes @@ -27,7 +27,7 @@ register: github_forks_exist - name: 'Add local fork remotes to cloned repositories' - command: "git remote add {{ hammer_devel_github_fork_remote_name }} git@github.com:{{ hammer_devel_github_username }}/{{ item.item.item.split('/')[1] }}.git" + ansible.builtin.command: "git remote add {{ hammer_devel_github_fork_remote_name }} git@github.com:{{ hammer_devel_github_username }}/{{ item.item.item.split('/')[1] }}.git" when: - ('skipped' not in item) - item.rc == 0 @@ -37,7 +37,7 @@ with_items: "{{ github_forks_exist.results }}" - name: 'Add local gems to Gemfile.local' - blockinfile: + ansible.builtin.blockinfile: dest: ~/hammer-cli-foreman/Gemfile.local create: yes block: | @@ -48,7 +48,7 @@ - name: 'Install gem native dependencies' become: true - yum: name=gcc-c++ state=present + ansible.builtin.yum: name=gcc-c++ state=present - name: 'Install gems' - bundler: chdir=~/hammer-cli-foreman state=present + community.general.bundler: chdir=~/hammer-cli-foreman state=present diff --git a/roles/hammer_devel/tasks/main.yml b/roles/hammer_devel/tasks/main.yml index 43b7202be..d7f73c116 100644 --- a/roles/hammer_devel/tasks/main.yml +++ b/roles/hammer_devel/tasks/main.yml @@ -1,3 +1,3 @@ --- -- include_tasks: hammer_install.yml -- include_tasks: hammer_config.yml +- ansible.builtin.include_tasks: hammer_install.yml +- ansible.builtin.include_tasks: hammer_config.yml diff --git a/roles/hammer_tests/tasks/main.yml b/roles/hammer_tests/tasks/main.yml index acba60ed1..0e949937f 100644 --- a/roles/hammer_tests/tasks/main.yml +++ b/roles/hammer_tests/tasks/main.yml @@ -1,24 +1,24 @@ --- - name: "Install dependencies" - gem: + community.general.gem: name: "{{ item }}" state: present with_items: "{{ hammer_tests_dependencies }}" - name: "Clone hammer-tests" - git: + ansible.builtin.git: repo: "{{ hammer_tests_repo }}" dest: "{{ hammer_tests_dir }}" update: "{{ hammer_tests_update }}" version: "{{ hammer_tests_version }}" - name: "Create log directory" - file: + ansible.builtin.file: path: "{{ hammer_tests_log_dir }}" state: directory - name: "Run tests" - shell: ./run_tests ./tests/ + ansible.builtin.shell: ./run_tests ./tests/ environment: HT_FOREMAN_LOG_FILE: /var/log/foreman/production.log HT_HAMMER_LOG_FILE: /root/.hammer/log/hammer.log diff --git a/roles/haproxy/handlers/main.yml b/roles/haproxy/handlers/main.yml index ee60adcab..3db66288b 100644 --- a/roles/haproxy/handlers/main.yml +++ b/roles/haproxy/handlers/main.yml @@ -1,5 +1,5 @@ --- - name: restart haproxy - service: + ansible.builtin.service: name: haproxy state: restarted diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml index 2222236a0..f295adb6b 100644 --- a/roles/haproxy/tasks/main.yml +++ b/roles/haproxy/tasks/main.yml @@ -1,28 +1,28 @@ --- - name: discover foreman proxies - setup: + ansible.builtin.setup: delegate_to: "{{ item }}" delegate_facts: yes with_items: - "{{ foreman_proxies }}" - name: install haproxy - package: + ansible.builtin.package: name: haproxy state: present - name: set haproxy_connect_any - seboolean: + ansible.posix.seboolean: name: haproxy_connect_any state: yes persistent: yes - name: configure haproxy - template: + ansible.builtin.template: dest: /etc/haproxy/haproxy.cfg src: haproxy.cfg.j2 validate: haproxy -c -f %s notify: - restart haproxy - name: enable haproxy - service: + ansible.builtin.service: name: haproxy state: started enabled: yes diff --git a/roles/haveged/tasks/main.yml b/roles/haveged/tasks/main.yml index c116fbc36..40d0b2638 100644 --- a/roles/haveged/tasks/main.yml +++ b/roles/haveged/tasks/main.yml @@ -1,9 +1,9 @@ - name: 'Install Haveged (faster population of PRNG)' - package: + ansible.builtin.package: name: haveged state: present - name: 'Start Haveged' - service: + ansible.builtin.service: name: haveged state: started diff --git a/roles/katello_client/tasks/cleanup.yml b/roles/katello_client/tasks/cleanup.yml index fcec0c5b6..136066405 100644 --- a/roles/katello_client/tasks/cleanup.yml +++ b/roles/katello_client/tasks/cleanup.yml @@ -1,24 +1,24 @@ --- - name: 'Remove possibly faulty RHSM facts' - file: + ansible.builtin.file: name: /etc/rhsm/facts/katello.facts state: absent - name: 'Install subscription-manager' - yum: + ansible.builtin.yum: name: "subscription-manager" state: "present" - name: 'Try to unregister from any old upstream' - redhat_subscription: + community.general.redhat_subscription: state: "absent" ignore_errors: True - name: 'Clean old registrations' - command: subscription-manager clean + ansible.builtin.command: subscription-manager clean - name: 'Remove old katello-ca-consumer RPM' - yum: + ansible.builtin.yum: name: katello-ca-consumer-* state: absent ignore_errors: True diff --git a/roles/katello_client/tasks/main.yml b/roles/katello_client/tasks/main.yml index 5c03f3dce..fe1fc7e95 100644 --- a/roles/katello_client/tasks/main.yml +++ b/roles/katello_client/tasks/main.yml @@ -1,16 +1,16 @@ --- - name: 'Cleanup previous registrations' - include_tasks: cleanup.yml + ansible.builtin.include_tasks: cleanup.yml when: katello_client_cleanup - name: 'Install bootstrap rpm' - yum: + ansible.builtin.yum: name: "http://{{ katello_client_server }}/pub/katello-ca-consumer-latest.noarch.rpm" disable_gpg_check: True state: "present" - name: 'Register client with subscription-manager as user {{ katello_client_username }}' - redhat_subscription: + community.general.redhat_subscription: state: "present" org_id: "{{ katello_client_organization }}" environment: "{{ katello_client_environment }}" @@ -22,7 +22,7 @@ - katello_client_activationkey is not defined - name: 'Register client with subscription-manager using AK {{ katello_client_activationkey }}' - redhat_subscription: + community.general.redhat_subscription: state: "present" org_id: "{{ katello_client_organization }}" activationkey: "{{ katello_client_activationkey }}" @@ -32,23 +32,23 @@ - katello_client_activationkey is defined - name: 'Enable extra repositories' - command: subscription-manager repos --enable {{ item }} + ansible.builtin.command: subscription-manager repos --enable {{ item }} with_items: "{{ katello_client_extra_repos }}" - name: 'Install katello-host-tools' - yum: + ansible.builtin.yum: name: "katello-host-tools" state: "present" ignore_errors: yes - name: 'Install katello-agent' - yum: + ansible.builtin.yum: name: "katello-agent" state: "present" when: katello_client_install_agent - name: 'Install katello-host-tools-tracer' - yum: + ansible.builtin.yum: name: "katello-host-tools-tracer" state: "present" when: katello_client_install_tracer diff --git a/roles/katello_provisioning/tasks/main.yml b/roles/katello_provisioning/tasks/main.yml index e45a0320f..e4404c274 100644 --- a/roles/katello_provisioning/tasks/main.yml +++ b/roles/katello_provisioning/tasks/main.yml @@ -1,7 +1,7 @@ --- # Product - name: 'find product' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} product info --name "CentOS" --organization "{{ katello_provisioning_organization }}" @@ -9,7 +9,7 @@ ignore_errors: True - name: 'create centos product' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} product create --name "CentOS" --organization "{{ katello_provisioning_organization }}" @@ -17,7 +17,7 @@ # CentOS - name: 'find centos repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository info --name "CentOS 7" --product "CentOS" @@ -26,7 +26,7 @@ ignore_errors: True - name: 'create centos repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository create --product="CentOS" --content-type="yum" @@ -37,7 +37,7 @@ when: katello_provisioning_repo.stderr.find('not found') != -1 - name: 'sync the centos repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository synchronize --name "CentOS 7" --product "CentOS" @@ -46,7 +46,7 @@ # Foreman Client - name: 'find client repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository info --name "Foreman Client" --product "CentOS" @@ -55,7 +55,7 @@ ignore_errors: True - name: 'create client repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository create --product="CentOS" --content-type="yum" @@ -66,7 +66,7 @@ when: foreman_client_repo.stderr.find('not found') != -1 - name: 'sync the client repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository synchronize --name "Foreman Client" --product "CentOS" @@ -75,7 +75,7 @@ # Puppet 5 - name: 'find puppet5 repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository info --name "Puppet 5" --product "CentOS" @@ -84,7 +84,7 @@ ignore_errors: True - name: 'create puppet5 repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository create --product="CentOS" --content-type="yum" @@ -95,7 +95,7 @@ when: katello_puppet_repo.stderr.find('not found') != -1 - name: 'sync the puppet5 repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository synchronize --name "Puppet 5" --product "CentOS" @@ -104,7 +104,7 @@ # EPEL - name: 'find epel repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository info --name "EPEL 7" --product "CentOS" @@ -113,7 +113,7 @@ ignore_errors: True - name: 'create epel repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository create --product="CentOS" --content-type="yum" @@ -124,7 +124,7 @@ when: katello_epel_repo.stderr.find('not found') != -1 - name: 'sync the epel repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository synchronize --name "EPEL 7" --product "CentOS" @@ -132,7 +132,7 @@ when: katello_provisioning_sync_repos - name: 'find foreman plugins repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository info --name "Foreman Plugins" --product "CentOS" @@ -141,7 +141,7 @@ ignore_errors: True - name: 'create foreman plugins repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository create --product="CentOS" --content-type="yum" @@ -152,7 +152,7 @@ when: "'not found' in katello_foreman_plugins_repo.stderr" - name: 'sync foreman plugins repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository synchronize --name "Foreman Plugins" --product "CentOS" @@ -161,7 +161,7 @@ # Activation key - name: 'find activation key' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} activation-key info --name "CentOS 7" --organization "{{ katello_provisioning_organization }}" @@ -169,7 +169,7 @@ ignore_errors: True - name: 'create activation key' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} activation-key create --organization "{{ katello_provisioning_organization }}" --name="CentOS 7" @@ -179,13 +179,13 @@ when: katello_provisioning_activation_key.stderr.find('not found') != -1 - name: 'Get all the subscriptions' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} --output json subscription list --organization '{{ katello_provisioning_organization }}' register: subscriptions_json - name: 'Add subscriptions to activation key' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} activation-key add-subscription --organization '{{ katello_provisioning_organization }}' --name 'CentOS 7' @@ -194,76 +194,76 @@ # Associate templates - name: 'find CentOS 7' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} --output json os info --title "CentOS 7" register: katello_provisioning_centos7_json ignore_errors: True - name: 'get CentOS 7 info' - set_fact: + ansible.builtin.set_fact: katello_provisioning_centos7: "{{ katello_provisioning_centos7_json.stdout|from_json }}" when: katello_provisioning_centos7_json is success - block: - name: 'Create CentOS_Linux 7' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} os create --name CentOS_Linux --major 7 --architectures x86_64 --family 'Redhat' - name: 'find newly created CentOS_Linux 7' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} --output json os info --name "CentOS_Linux 7" || {{ katello_provisioning_hammer }} --output json os info --title "CentOS_Linux 7" register: katello_provisioning_centos7_json_new - name: 'get new CentOS 7 info' - set_fact: + ansible.builtin.set_fact: katello_provisioning_centos7: "{{ katello_provisioning_centos7_json_new.stdout|from_json }}" when: "'not found' in katello_provisioning_centos7_json.stderr" - name: 'update partition table for CentOS 7' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} os update --id {{ katello_provisioning_centos7.Id }} --partition-tables 'Kickstart default' register: katello_provisioning_centos7_json - name: 'find kickstart templates' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} --output=json template list --search 'name ~ "Kickstart default"' register: kickstart_templates_json - name: 'set kickstart templates' - set_fact: + ansible.builtin.set_fact: kickstart_templates: "{{ kickstart_templates_json.stdout|from_json }}" - name: 'find katello kickstart templates' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} --output=json template list --search 'name ~ "Katello Kickstart default"' register: katello_kickstart_templates_json - name: 'set kickstart templates' - set_fact: + ansible.builtin.set_fact: katello_kickstart_templates: "{{ katello_kickstart_templates_json.stdout|from_json }}" - name: 'associate kickstart templates to CentOS 7' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} template add-operatingsystem --id {{ item.Id }} --operatingsystem 'CentOS 7' with_items: "{{ kickstart_templates }}" - name: 'set default templates for CentOS 7' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} os set-default-template --id {{ katello_provisioning_centos7.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ kickstart_templates }}" - name: 'overwrite default templates with katello specific ones for CentOS 7' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} os set-default-template --id {{ katello_provisioning_centos7.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ katello_kickstart_templates }}" # Host group - name: 'find centos kickstart repo' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} --output=json repository info --name "CentOS 7" --product "CentOS" @@ -271,17 +271,17 @@ register: katello_provisioning_repo - name: 'set find centos kickstart repo' - set_fact: + ansible.builtin.set_fact: katello_provisioning_repo_json: "{{ katello_provisioning_repo.stdout|from_json }}" - name: 'find hostgroup Katello CentOS 7' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} hostgroup info --name 'Katello CentOS 7' register: katello_provisioning_hostgroup_katello_centos ignore_errors: True - name: 'create Katello CentOS 7 host group' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} hostgroup create --name "Katello CentOS 7" --content-view "Default Organization View" @@ -296,14 +296,14 @@ when: katello_provisioning_hostgroup_katello_centos.stderr.find('not found') != -1 - name: 'add activation key to Katello CentOS 7 host group' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} hostgroup set-parameter --hostgroup "Katello CentOS 7" --name kt_activation_keys --value "CentOS 7" - name: 'set enable-puppet5 parameter' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} hostgroup set-parameter --hostgroup "Katello CentOS 7" --name enable-puppet5 @@ -311,7 +311,7 @@ # Lifecycle environments - name: 'find lifecycle-environment Development' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} lifecycle-environment info --name Development --organization "{{ katello_provisioning_organization }}" @@ -319,14 +319,14 @@ ignore_errors: True - name: 'create lifecycle-environment Development' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} lifecycle-environment create --name Development --prior Library --organization "{{ katello_provisioning_organization }}" when: katello_provisioning_lce_development.stderr.find('not found') != -1 - name: 'find lifecycle-environment Production' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} lifecycle-environment info --name Development --organization "{{ katello_provisioning_organization }}" @@ -334,7 +334,7 @@ ignore_errors: True - name: 'create lifecycle-environment Production' - shell: > + ansible.builtin.shell: > {{ katello_provisioning_hammer }} lifecycle-environment create --name Production --prior Development --organization "{{ katello_provisioning_organization }}" diff --git a/roles/katello_repositories/tasks/main.yml b/roles/katello_repositories/tasks/main.yml index 3f617eac3..7b2e712ec 100644 --- a/roles/katello_repositories/tasks/main.yml +++ b/roles/katello_repositories/tasks/main.yml @@ -1,11 +1,11 @@ --- - name: "Set up {{ katello_repositories_environment }} repositories" - include_tasks: "{{ katello_repositories_environment }}_repos.yml" + ansible.builtin.include_tasks: "{{ katello_repositories_environment }}_repos.yml" - name: enable powertools for libdb_cxx used by qpid-cpp-server-linearstore - command: dnf config-manager --set-enabled powertools + ansible.builtin.command: dnf config-manager --set-enabled powertools when: ansible_distribution_major_version == "8" and ansible_distribution != "RedHat" - name: enable codeready-builder for libdb_cxx used by qpid-cpp-server-linearstore - command: subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms + ansible.builtin.command: subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms when: ansible_distribution_major_version == "8" and ansible_distribution == "RedHat" diff --git a/roles/katello_repositories/tasks/release_repos.yml b/roles/katello_repositories/tasks/release_repos.yml index de9f08a2c..c3e9a9869 100644 --- a/roles/katello_repositories/tasks/release_repos.yml +++ b/roles/katello_repositories/tasks/release_repos.yml @@ -1,6 +1,6 @@ --- - name: 'Setup Katello {{ katello_repositories_version }} Repository' - include_role: + ansible.builtin.include_role: role: theforeman.operations.foreman_repositories vars: foreman_repositories_katello_version: "{{ katello_repositories_version }}" diff --git a/roles/katello_repositories/tasks/staging_repos.yml b/roles/katello_repositories/tasks/staging_repos.yml index febe644ce..936d1dc9b 100644 --- a/roles/katello_repositories/tasks/staging_repos.yml +++ b/roles/katello_repositories/tasks/staging_repos.yml @@ -1,11 +1,11 @@ --- - name: 'Remove katello-repos' - yum: + ansible.builtin.yum: name: katello-repos state: absent - name: 'Katello {{ katello_repositories_version }} Koji repository' - yum_repository: + ansible.builtin.yum_repository: name: katello-koji description: "Katello {{ katello_repositories_version }} Koji Repository" baseurl: "http://koji.katello.org/releases/yum/katello-{{ katello_repositories_version }}/katello/el{{ ansible_distribution_major_version }}/x86_64/" @@ -13,7 +13,7 @@ gpgcheck: no - name: 'Candlepin Koji repository' - yum_repository: + ansible.builtin.yum_repository: name: candlepin-koji description: "Candlepin {{ katello_repositories_version }} Koji Repository" baseurl: "http://koji.katello.org/releases/yum/katello-{{ katello_repositories_version }}/candlepin/el{{ ansible_distribution_major_version }}/x86_64/" @@ -21,7 +21,7 @@ gpgcheck: no - name: 'Set module_hotfixes=1' - lineinfile: + ansible.builtin.lineinfile: path: "/etc/yum.repos.d/{{ item }}.repo" line: module_hotfixes=1 loop: @@ -32,7 +32,7 @@ - katello_repositories_version is version('4.2', '<=') - name: 'Enable katello:el8 module' - command: dnf module enable -y katello:el8 + ansible.builtin.command: dnf module enable -y katello:el8 # can't use the `dnf` module for modules without a default stream # https://github.com/ansible/ansible/issues/56504 # https://github.com/ansible/ansible/issues/64852 @@ -44,5 +44,5 @@ - ansible_distribution_major_version == '8' - name: 'Add Pulpcore repository' - include_role: + ansible.builtin.include_role: name: pulpcore_repositories diff --git a/roles/keycloak/tasks/main.yml b/roles/keycloak/tasks/main.yml index a6b90b4f5..36f12850f 100644 --- a/roles/keycloak/tasks/main.yml +++ b/roles/keycloak/tasks/main.yml @@ -1,37 +1,37 @@ --- - name: Install OpenJDK become: true - package: + ansible.builtin.package: name: "{{ keycloak_java_package }}" state: present - name: Download keycloak - get_url: + ansible.builtin.get_url: url: "{{ keycloak_download_url }}" dest: "{{ keycloak_download_dest }}" - name: Unpack keycloak - unarchive: + ansible.builtin.unarchive: src: "{{ keycloak_download_dest }}" remote_src: yes dest: "{{ keycloak_directory_parent }}" creates: "{{ keycloak_directory }}" - name: "Create user {{ keycloak_user_username }}" - command: "{{ keycloak_directory }}/bin/add-user-keycloak.sh -u '{{ keycloak_user_username }}' -p '{{ keycloak_user_password }}'" + ansible.builtin.command: "{{ keycloak_directory }}/bin/add-user-keycloak.sh -u '{{ keycloak_user_username }}' -p '{{ keycloak_user_password }}'" args: creates: "{{ keycloak_directory }}/standalone/configuration/keycloak-add-user.json" - name: "Create systemd service" become: true - template: + ansible.builtin.template: src: "keycloak.service.j2" dest: "/etc/systemd/system/keycloak.service" mode: 0664 - name: "Start keycloak" become: true - systemd: + ansible.builtin.systemd: name: "keycloak.service" enabled: true state: started diff --git a/roles/koji/tasks/download.yml b/roles/koji/tasks/download.yml index f20cc9048..5e6967570 100644 --- a/roles/koji/tasks/download.yml +++ b/roles/koji/tasks/download.yml @@ -1,36 +1,36 @@ --- - name: 'Install koji package' - yum: + ansible.builtin.yum: name: 'koji' state: 'present' - name: 'Make repo directory' - file: + ansible.builtin.file: path: '{{ koji_repo_directory }}' state: 'directory' - name: 'Download RPMs from tasks' - command: "koji --server {{ koji_host }} --topurl {{ koji_topurl }} download-task {{ item }}" + ansible.builtin.command: "koji --server {{ koji_host }} --topurl {{ koji_topurl }} download-task {{ item }}" args: chdir: "{{ koji_repo_directory }}" with_items: "{{ koji_task_ids }}" - name: 'Download RPMs from builds' - command: "koji --server {{ koji_host }} --topurl {{ koji_topurl }} download-build {{ item }}" + ansible.builtin.command: "koji --server {{ koji_host }} --topurl {{ koji_topurl }} download-build {{ item }}" args: chdir: "{{ koji_repo_directory }}" with_items: "{{ koji_build_ids }}" - name: 'Install createrepo' - yum: + ansible.builtin.yum: name: 'createrepo' state: 'present' - name: 'Create repo' - command: "createrepo {{ koji_repo_directory }}" + ansible.builtin.command: "createrepo {{ koji_repo_directory }}" - name: 'Add repo file' - yum_repository: + ansible.builtin.yum_repository: name: "koji-forklift-task-repo" description: 'Local repository for Koji task RPMs' baseurl: "file://{{ koji_repo_directory }}" diff --git a/roles/koji/tasks/main.yml b/roles/koji/tasks/main.yml index 2200992f2..b21961397 100644 --- a/roles/koji/tasks/main.yml +++ b/roles/koji/tasks/main.yml @@ -1,3 +1,3 @@ --- -- include_tasks: download.yml +- ansible.builtin.include_tasks: download.yml when: koji_task_ids != [] or koji_build_ids != [] diff --git a/roles/libvirt/tasks/main.yml b/roles/libvirt/tasks/main.yml index 1f7c9dc58..2488ad733 100644 --- a/roles/libvirt/tasks/main.yml +++ b/roles/libvirt/tasks/main.yml @@ -1,32 +1,32 @@ --- - name: 'Set OS version dependent variables' - include_vars: "el{{ ansible_distribution_major_version }}.yml" + ansible.builtin.include_vars: "el{{ ansible_distribution_major_version }}.yml" - name: 'install the virtualization hypervisor package group' - yum: + ansible.builtin.yum: name: "@Virtualization Hypervisor" state: present - name: 'install the virtualization tools package group' - yum: + ansible.builtin.yum: name: "@Virtualization Tools" state: present - name: 'install the libvirt-python support' - yum: + ansible.builtin.yum: name: "{{ libvirt_python_deps }}" state: present - name: 'disable libvirt authentication' - lineinfile: + ansible.builtin.lineinfile: dest: /etc/libvirt/libvirtd.conf line: 'auth_unix_rw = "none"' -- include_tasks: 'nested.yml' +- ansible.builtin.include_tasks: 'nested.yml' when: libvirt_nested - name: 'restart libvirt' - service: name=libvirtd state=restarted + ansible.builtin.service: name=libvirtd state=restarted -- include_tasks: 'tftp.yml' +- ansible.builtin.include_tasks: 'tftp.yml' when: libvirt_tftp diff --git a/roles/libvirt/tasks/nested.yml b/roles/libvirt/tasks/nested.yml index 228e782c1..e9db2a93b 100644 --- a/roles/libvirt/tasks/nested.yml +++ b/roles/libvirt/tasks/nested.yml @@ -1,15 +1,15 @@ - name: 'check if Intel or AMD processor' - shell: "grep -q Intel /proc/cpuinfo && echo -n 'intel' || echo -n 'amd'" + ansible.builtin.shell: "grep -q Intel /proc/cpuinfo && echo -n 'intel' || echo -n 'amd'" ignore_errors: true register: cpu_type - name: 'rmmod kvm' - command: "modprobe -r kvm_{{ cpu_type.stdout }}" + ansible.builtin.command: "modprobe -r kvm_{{ cpu_type.stdout }}" - name: 'enable nested virtualization' - copy: + ansible.builtin.copy: dest: /etc/modprobe.d/kvm.conf content: "options kvm_{{ cpu_type.stdout }} nested=1" - name: 'insmod kvm with nested' - command: "modprobe kvm_{{ cpu_type.stdout }} nested=1" + ansible.builtin.command: "modprobe kvm_{{ cpu_type.stdout }} nested=1" diff --git a/roles/libvirt/tasks/tftp.yml b/roles/libvirt/tasks/tftp.yml index 1adf96571..d9d8ab168 100644 --- a/roles/libvirt/tasks/tftp.yml +++ b/roles/libvirt/tasks/tftp.yml @@ -1,6 +1,6 @@ --- - name: 'create the provisioning libvirt network' - virt_net: + community.libvirt.virt_net: command: define name: provision xml: '{{ lookup("template", "../templates/network.xml.j2") }}' @@ -8,32 +8,32 @@ # libvirt seems to have bug that it does not create the symlink even if the network was defined with auto provisioning # so we ensure the symlink exists and network autostarts after reboot - name: 'make provisioning network autostart on reboot' - file: state=link src=/etc/libvirt/qemu/networks/provision.xml path=/etc/libvirt/qemu/networks/autostart/provision.xml + ansible.builtin.file: state=link src=/etc/libvirt/qemu/networks/provision.xml path=/etc/libvirt/qemu/networks/autostart/provision.xml - name: 'create the provisioning storage' - virt_pool: + community.libvirt.virt_pool: command: define name: provision xml: '{{ lookup("template", "../templates/storage.xml.j2") }}' # Setup TFTP for libvirt - name: 'create /var/lib/tftpboot' - file: path=/var/lib/tftpboot state=directory mode=0755 + ansible.builtin.file: path=/var/lib/tftpboot state=directory mode=0755 - name: 'create /var/lib/tftpboot/boot' - file: path=/var/lib/tftpboot/boot state=directory mode=0755 + ansible.builtin.file: path=/var/lib/tftpboot/boot state=directory mode=0755 - name: 'create /var/lib/tftpboot/pxelinux.cfg' - file: path=/var/lib/tftpboot/pxelinux.cfg state=directory mode=0755 + ansible.builtin.file: path=/var/lib/tftpboot/pxelinux.cfg state=directory mode=0755 - name: 'install syslinux for tftp directory' - yum: name=syslinux state=present + ansible.builtin.yum: name=syslinux state=present - name: 'copy syslinux files to /var/lib/tftpboot' - shell: cp /usr/share/syslinux/{pxelinux.0,menu.c32,chain.c32} /var/lib/tftpboot + ansible.builtin.shell: cp /usr/share/syslinux/{pxelinux.0,menu.c32,chain.c32} /var/lib/tftpboot - name: 'chown /var/lib/tftpboot for foreman-proxy user' - file: + ansible.builtin.file: path: /var/lib/tftpboot state: directory owner: foreman-proxy @@ -41,10 +41,10 @@ recurse: true - name: 'setuid on /var/lib/tftpboot' - shell: set -o pipefail && find /var/lib/tftpboot/ -type d | xargs chmod g+s + ansible.builtin.shell: set -o pipefail && find /var/lib/tftpboot/ -type d | xargs chmod g+s - name: 'start the provision libvirt network' - virt_net: state=active name=provision autostart=yes + community.libvirt.virt_net: state=active name=provision autostart=yes - name: 'start the provision libvirt storage pool' - virt_pool: state=active name=provision autostart=yes + community.libvirt.virt_pool: state=active name=provision autostart=yes diff --git a/roles/myhostname/tasks/main.yml b/roles/myhostname/tasks/main.yml index ad672aee0..80d2df202 100644 --- a/roles/myhostname/tasks/main.yml +++ b/roles/myhostname/tasks/main.yml @@ -1,5 +1,5 @@ - name: Ensure nss-myhostname is installed - package: + ansible.builtin.package: name: libnss-myhostname state: present # On EL7 it's always installed diff --git a/roles/nodejs_scl/tasks/main.yml b/roles/nodejs_scl/tasks/main.yml index 04c08e433..f04c45f8d 100644 --- a/roles/nodejs_scl/tasks/main.yml +++ b/roles/nodejs_scl/tasks/main.yml @@ -1,16 +1,16 @@ - name: 'Install SCL repository' - yum: + ansible.builtin.yum: name: centos-release-scl-rh state: present - name: 'Install NodeJS SCL' - yum: + ansible.builtin.yum: name: - "{{ nodejs_scl_version }}-npm" state: present - name: Enable and configure SCL at login - blockinfile: + ansible.builtin.blockinfile: dest: /etc/profile.d/enable-{{ nodejs_scl_version }}.sh create: yes block: | diff --git a/roles/plugins/foreman_ansible/install/tasks/main.yml b/roles/plugins/foreman_ansible/install/tasks/main.yml index e7770b7e1..9da487573 100644 --- a/roles/plugins/foreman_ansible/install/tasks/main.yml +++ b/roles/plugins/foreman_ansible/install/tasks/main.yml @@ -1,10 +1,10 @@ - name: 'Install ansible' - yum: + ansible.builtin.yum: name: ansible state: present - name: 'Install ansible plugin' - include_role: + ansible.builtin.include_role: name: plugins/plugin_installer vars: plugin_installer_options: > diff --git a/roles/plugins/foreman_ansible/seed/tasks/main.yml b/roles/plugins/foreman_ansible/seed/tasks/main.yml index 965400668..4ab5624f1 100644 --- a/roles/plugins/foreman_ansible/seed/tasks/main.yml +++ b/roles/plugins/foreman_ansible/seed/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: 'Setup ssh' - template: + ansible.builtin.template: src: "{{ role_path }}/templates/ssh_config" dest: ~foreman-proxy/.ssh/config owner: foreman-proxy @@ -8,12 +8,12 @@ mode: "u=rw,g=,o=" - name: 'Install ansible roles' - shell: > + ansible.builtin.shell: > ansible-galaxy install {{ item }} -p /etc/ansible/roles with_items: '{{ foreman_ansible_roles }}' - name: 'Import installed ansible roles' - shell: > + ansible.builtin.shell: > curl -k -u {{ foreman_ansible_foreman_user }}:{{ foreman_ansible_foreman_password }} \ -H 'Content-Type: application/json' \ -X PUT https://localhost/ansible/api/v2/ansible_roles/import diff --git a/roles/plugins/foreman_bootdisk/tasks/main.yml b/roles/plugins/foreman_bootdisk/tasks/main.yml index 6e95537dc..05132976c 100644 --- a/roles/plugins/foreman_bootdisk/tasks/main.yml +++ b/roles/plugins/foreman_bootdisk/tasks/main.yml @@ -1,5 +1,5 @@ - name: 'Install bootdisk plugin' - include_role: + ansible.builtin.include_role: name: plugins/plugin_installer vars: plugin_installer_options: > diff --git a/roles/plugins/foreman_discovery/tasks/main.yml b/roles/plugins/foreman_discovery/tasks/main.yml index 4e2ae3a90..ca98303e2 100644 --- a/roles/plugins/foreman_discovery/tasks/main.yml +++ b/roles/plugins/foreman_discovery/tasks/main.yml @@ -1,5 +1,5 @@ - name: 'Install discovery plugin' - include_role: + ansible.builtin.include_role: name: plugins/plugin_installer vars: plugin_installer_options: > diff --git a/roles/plugins/foreman_openscap/install/tasks/main.yml b/roles/plugins/foreman_openscap/install/tasks/main.yml index 324d6da3b..dd63bd88c 100644 --- a/roles/plugins/foreman_openscap/install/tasks/main.yml +++ b/roles/plugins/foreman_openscap/install/tasks/main.yml @@ -1,5 +1,5 @@ - name: 'Install openscap plugin' - include_role: + ansible.builtin.include_role: name: plugins/plugin_installer vars: plugin_installer_options: > @@ -9,6 +9,6 @@ {{ foreman_openscap_installer_options }} - name: 'Install foreman openscap puppet module' - yum: + ansible.builtin.yum: name: 'puppet-foreman_scap_client' state: 'present' diff --git a/roles/plugins/foreman_openscap/seed/tasks/main.yml b/roles/plugins/foreman_openscap/seed/tasks/main.yml index 79989795f..3f3e3d708 100644 --- a/roles/plugins/foreman_openscap/seed/tasks/main.yml +++ b/roles/plugins/foreman_openscap/seed/tasks/main.yml @@ -1,17 +1,17 @@ --- - name: 'Import puppet classes' - command: > + ansible.builtin.command: > {{ foreman_openscap_hammer }} proxy import-classes --name {{ foreman_openscap_proxy_name }} when: foreman_openscap_proxy_name is defined - name: 'Import default scap content' - command: > + ansible.builtin.command: > foreman-rake foreman_openscap:bulk_upload:default when: foreman_openscap_proxy_name is defined # TODO: disabled until cli is fixed # - name: 'Create example policy' -# shell: > +# ansible.builtin.shell: > # {{ foreman_openscap_hammer }} policy create --name 'Example policy' # --period weekly --weekday monday # --scap-content 'Red Hat centos6 default content' diff --git a/roles/plugins/foreman_remote_execution/tasks/main.yml b/roles/plugins/foreman_remote_execution/tasks/main.yml index f468d25fa..654d1d654 100644 --- a/roles/plugins/foreman_remote_execution/tasks/main.yml +++ b/roles/plugins/foreman_remote_execution/tasks/main.yml @@ -1,5 +1,5 @@ - name: 'Install remote execution plugin' - include_role: + ansible.builtin.include_role: name: plugins/plugin_installer vars: plugin_installer_options: > diff --git a/roles/plugins/foreman_templates/install/tasks/main.yml b/roles/plugins/foreman_templates/install/tasks/main.yml index 7b0e7e87d..77590b83e 100644 --- a/roles/plugins/foreman_templates/install/tasks/main.yml +++ b/roles/plugins/foreman_templates/install/tasks/main.yml @@ -1,5 +1,5 @@ - name: 'Install templates plugin' - include_role: + ansible.builtin.include_role: name: plugins/plugin_installer vars: plugin_installer_options: > diff --git a/roles/plugins/foreman_templates/seed/tasks/main.yml b/roles/plugins/foreman_templates/seed/tasks/main.yml index 3d30c61cd..b973bc9b7 100644 --- a/roles/plugins/foreman_templates/seed/tasks/main.yml +++ b/roles/plugins/foreman_templates/seed/tasks/main.yml @@ -1,5 +1,5 @@ --- - name: 'Fetch community templates' - shell: > + ansible.builtin.shell: > foreman-rake templates:sync {{ foreman_templates_sync_params }} when: foreman_templates_sync diff --git a/roles/plugins/plugin_installer/tasks/main.yml b/roles/plugins/plugin_installer/tasks/main.yml index be8507abc..190aa84bd 100644 --- a/roles/plugins/plugin_installer/tasks/main.yml +++ b/roles/plugins/plugin_installer/tasks/main.yml @@ -1,13 +1,13 @@ --- - name: 'Test if katello is installed' - stat: + ansible.builtin.stat: path: /etc/foreman/plugins/katello.yaml register: katello_config tags: - installation - name: 'Install plugin' - shell: > + ansible.builtin.shell: > foreman-installer {% if katello_config.stat.exists %} --disable-system-checks diff --git a/roles/podman/tasks/main.yml b/roles/podman/tasks/main.yml index 889210692..48277762b 100644 --- a/roles/podman/tasks/main.yml +++ b/roles/podman/tasks/main.yml @@ -1,23 +1,23 @@ - name: 'Install podman' become: true - package: + ansible.builtin.package: name: 'podman' - name: Install shadow-utils become: true - package: + ansible.builtin.package: name: 'shadow-utils' - name: Set max user namespaces become: true - sysctl: + ansible.posix.sysctl: name: user.max_user_namespaces value: '100000' - name: Set subuid range for user become: true - command: usermod --add-subuids 10000-75535 {{ ansible_user }} + ansible.builtin.command: usermod --add-subuids 10000-75535 {{ ansible_user }} - name: Set subgid range for user become: true - command: usermod --add-subgids 10000-75535 {{ ansible_user }} + ansible.builtin.command: usermod --add-subgids 10000-75535 {{ ansible_user }} diff --git a/roles/postgresql_scl/tasks/main.yml b/roles/postgresql_scl/tasks/main.yml index 3e0024a8c..ada252e62 100644 --- a/roles/postgresql_scl/tasks/main.yml +++ b/roles/postgresql_scl/tasks/main.yml @@ -1,17 +1,17 @@ --- - name: 'Install SCL repository' - yum: + ansible.builtin.yum: name: centos-release-scl-rh state: present - name: 'Install PostgreSQL SCL' - yum: + ansible.builtin.yum: name: - "{{ postgresql_scl_version }}" state: present - name: Enable and configure SCL at login - blockinfile: + ansible.builtin.blockinfile: dest: /etc/profile.d/enable-{{ postgresql_scl_version }}.sh create: yes block: | diff --git a/roles/powerdns/tasks/main.yml b/roles/powerdns/tasks/main.yml index 2a737def0..d013d6512 100644 --- a/roles/powerdns/tasks/main.yml +++ b/roles/powerdns/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Add PowerDNS repository" - yum_repository: + ansible.builtin.yum_repository: name: "powerdns-auth-40" description: "PowerDNS repository for PowerDNS Authoritative Server - version 4.0.X" baseurl: "http://repo.powerdns.com/centos/$basearch/$releasever/auth-40" @@ -9,14 +9,14 @@ enabled: yes - name: "Install PowerDNS" - package: + ansible.builtin.package: name: - "pdns" - "pdns-backend-mysql" state: "present" - name: "Configure PowerDNS" - template: + ansible.builtin.template: src: "pdns.conf.j2" dest: "/etc/pdns/pdns.conf" owner: "root" @@ -25,19 +25,19 @@ register: "pdns_configured" - name: "Enable PowerDNS" - service: + ansible.builtin.service: name: "pdns" state: "started" enabled: yes - name: "Restart PowerDNS" - service: + ansible.builtin.service: name: "pdns" state: "restarted" when: pdns_configured.changed -- include_tasks: "schema.mysql.yml" +- ansible.builtin.include_tasks: "schema.mysql.yml" when: powerdns_db_backend == "gmysql" -- include_tasks: "zones.yml" +- ansible.builtin.include_tasks: "zones.yml" when: powerdns_zones diff --git a/roles/powerdns/tasks/schema.mysql.yml b/roles/powerdns/tasks/schema.mysql.yml index eb64cbaea..ab7b2c3f4 100644 --- a/roles/powerdns/tasks/schema.mysql.yml +++ b/roles/powerdns/tasks/schema.mysql.yml @@ -1,6 +1,6 @@ --- - name: Check if DB tables exist - command: > + ansible.builtin.command: > mysql -u {{ powerdns_db_user }} --password={{ powerdns_db_pass }} @@ -9,7 +9,7 @@ register: "powerdns_tables" - name: "Import DB schema" - shell: > + ansible.builtin.shell: > set -o pipefail && cat /usr/share/doc/pdns-backend-mysql-*/schema.mysql.sql | mysql diff --git a/roles/powerdns/tasks/zones.yml b/roles/powerdns/tasks/zones.yml index 721947e90..261ebed67 100644 --- a/roles/powerdns/tasks/zones.yml +++ b/roles/powerdns/tasks/zones.yml @@ -1,12 +1,12 @@ --- - name: "Check if zones exist" - command: "pdnsutil show-zone {{ item }}" + ansible.builtin.command: "pdnsutil show-zone {{ item }}" register: powerdns_zones_result ignore_errors: true no_log: true with_items: "{{ powerdns_zones }}" - name: "Create zones" - command: "pdnsutil create-zone {{ item.item }} {{ ansible_hostname }}" + ansible.builtin.command: "pdnsutil create-zone {{ item.item }} {{ ansible_hostname }}" when: item.rc != 0 with_items: "{{ powerdns_zones_result.results }}" diff --git a/roles/pulp_repositories/tasks/main.yml b/roles/pulp_repositories/tasks/main.yml index a51f0c8da..de4a5881f 100644 --- a/roles/pulp_repositories/tasks/main.yml +++ b/roles/pulp_repositories/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Add Pulp {{ pulp_repositories_version }} stable repository" - yum_repository: + ansible.builtin.yum_repository: name: pulp-repository description: Pulp release repository baseurl: "https://repos.fedorapeople.org/repos/pulp/pulp/{{ pulp_repositories_release }}/{{ pulp_repositories_version }}/$releasever/$basearch" @@ -10,7 +10,7 @@ - pulp_repositories_version != "nightly" - name: Add Pulp nightly repository - yum_repository: + ansible.builtin.yum_repository: name: pulp-repository description: Pulp nightly repository baseurl: "https://repos.fedorapeople.org/repos/pulp/pulp/testing/automation/2-master/stage/$releasever/$basearch" @@ -20,7 +20,7 @@ - pulp_repositories_version == "nightly" - name: 'Gofer repository' - yum_repository: + ansible.builtin.yum_repository: name: jortel-gofer description: Copr repo for gofer owned by jortel baseurl: "https://copr-be.cloud.fedoraproject.org/results/jortel/gofer/epel-{{ ansible_distribution_major_version }}-x86_64/" diff --git a/roles/pulpcore_repositories/tasks/main.yml b/roles/pulpcore_repositories/tasks/main.yml index faa1b27ed..215f6fc1b 100644 --- a/roles/pulpcore_repositories/tasks/main.yml +++ b/roles/pulpcore_repositories/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: "Add Pulpcore {{ pulpcore_repositories_version }} repository" - yum_repository: + ansible.builtin.yum_repository: name: pulpcore-repository description: Pulpcore {{ pulpcore_repositories_version }} baseurl: "https://yum.theforeman.org/pulpcore/{{ pulpcore_repositories_version }}/el{{ ansible_distribution_major_version }}/x86_64/" @@ -8,6 +8,6 @@ enabled: yes - name: 'Set module_hotfixes=1' - lineinfile: + ansible.builtin.lineinfile: path: "/etc/yum.repos.d/pulpcore-repository.repo" line: module_hotfixes=1 diff --git a/roles/puppet_agent/tasks/main.yml b/roles/puppet_agent/tasks/main.yml index c60fd2e53..9bab8f569 100644 --- a/roles/puppet_agent/tasks/main.yml +++ b/roles/puppet_agent/tasks/main.yml @@ -1,12 +1,12 @@ --- - name: manage puppet package - package: + ansible.builtin.package: name: "{{ puppet_agent_package_name }}" state: "{{ puppet_agent_package_state }}" when: puppet_agent_package_manage - name: ensure puppet group - group: + ansible.builtin.group: name: "{{ puppet_agent_group_name }}" state: "{{ puppet_agent_group_state }}" when: puppet_agent_group_manage @@ -16,18 +16,18 @@ block: # This makes sure 'sudo puppet' works which is needed for bootstrapping - name: setup sudo secure_path - copy: + ansible.builtin.copy: content: "Defaults secure_path = \"/sbin:/bin:/usr/sbin:/usr/bin:/opt/puppetlabs/bin\"\n" dest: /etc/sudoers.d/puppet - name: construct puppet ssl bootstrap command - set_fact: + ansible.builtin.set_fact: puppet_agent_bootstrap_command: "puppet ssl bootstrap --waitforcert {{ puppet_agent_bootstrap_waitforcert }}" - name: add server option - set_fact: + ansible.builtin.set_fact: puppet_agent_bootstrap_command: "{{ puppet_agent_bootstrap_command }} --server {{ puppet_agent_bootstrap_server }}" when: puppet_agent_bootstrap_server is defined - name: run puppet ssl boostrap command - command: "{{ puppet_agent_bootstrap_command }}" + ansible.builtin.command: "{{ puppet_agent_bootstrap_command }}" diff --git a/roles/pytest_project/tasks/install.yml b/roles/pytest_project/tasks/install.yml index 062ed9100..4e9a8052c 100644 --- a/roles/pytest_project/tasks/install.yml +++ b/roles/pytest_project/tasks/install.yml @@ -1,12 +1,12 @@ --- - name: Install packages become: true - package: + ansible.builtin.package: name: "{{ pytest_project_packages }}" state: present - name: Clone project - git: + ansible.builtin.git: repo: "{{ pytest_project_url }}" dest: "{{ pytest_project_directory }}" version: "{{ pytest_project_version }}" @@ -14,7 +14,7 @@ force: yes - name: Install requirements - pip: + ansible.builtin.pip: requirements: "{{ pytest_project_directory }}/{{ pytest_project_requirements }}" virtualenv: "{{ pytest_project_virtualenv_path }}" virtualenv_command: "{{ pytest_project_virtualenv_command }}" diff --git a/roles/pytest_project/tasks/local_env.yml b/roles/pytest_project/tasks/local_env.yml index e1f6687e4..9b7c888b4 100644 --- a/roles/pytest_project/tasks/local_env.yml +++ b/roles/pytest_project/tasks/local_env.yml @@ -1,16 +1,16 @@ - name: "Create alias for testing command" - lineinfile: + ansible.builtin.lineinfile: dest: ~/.bash_profile line: "alias {{ pytest_project_alias }}=\"{{ pytest_project_command }}\"" when: pytest_project_alias - name: "Print pytest command" - debug: + ansible.builtin.debug: msg: | pytest is installed and testing can be run with {{ pytest_project_command }} - name: "Print project alias" - debug: + ansible.builtin.debug: msg: "The testing command is aliased as {{ pytest_project_alias }}" when: pytest_project_alias diff --git a/roles/pytest_project/tasks/run.yml b/roles/pytest_project/tasks/run.yml index 69664f77d..efb3ff3ee 100644 --- a/roles/pytest_project/tasks/run.yml +++ b/roles/pytest_project/tasks/run.yml @@ -1,19 +1,19 @@ --- - name: 'Build command' - set_fact: + ansible.builtin.set_fact: pytest_project_command: "{{ pytest_project_virtualenv_path }}/bin/pytest --junit-xml={{ pytest_project_junit_output }} {{ pytest_project_command_args }}" - name: 'Limit to markers' - set_fact: + ansible.builtin.set_fact: pytest_project_command: "{{ pytest_project_command }} -m '{{ pytest_project_markers }}'" when: pytest_project_markers|bool - name: 'Run tests' - command: "{{ pytest_project_command }}" + ansible.builtin.command: "{{ pytest_project_command }}" ignore_errors: "{{ pytest_project_ignore_errors }}" args: chdir: "{{ pytest_project_directory }}" when: pytest_run_tests -- include_tasks: local_env.yml +- ansible.builtin.include_tasks: local_env.yml when: not pytest_run_tests diff --git a/roles/realm_join/tasks/install_pexpect.yml b/roles/realm_join/tasks/install_pexpect.yml index 92e600420..91ad78c62 100644 --- a/roles/realm_join/tasks/install_pexpect.yml +++ b/roles/realm_join/tasks/install_pexpect.yml @@ -1,6 +1,6 @@ - name: Ensure pexpect to answer password become: yes - package: + ansible.builtin.package: name: "{{ realm_pexpect_package }}" state: latest # on Fedora this will be True due to the major version. Not nice, but works. @@ -8,7 +8,7 @@ - name: Install pip to get supported pexpect version on RedHat < 8 become: yes - package: + ansible.builtin.package: name: - epel-release - python-pip @@ -19,7 +19,7 @@ - name: Ensure pexpect to answer password from pip become: yes - pip: + ansible.builtin.pip: name: pexpect when: - ansible_os_family == "RedHat" diff --git a/roles/realm_join/tasks/main.yml b/roles/realm_join/tasks/main.yml index 00588b818..eb0cdf71a 100644 --- a/roles/realm_join/tasks/main.yml +++ b/roles/realm_join/tasks/main.yml @@ -1,5 +1,5 @@ - name: "Load OS specific variables" - include_vars: "{{ ansible_os_family }}.yml" -- include_tasks: install_pexpect.yml -- include_tasks: realm_join_ad.yml -- include_tasks: prepare_httpd_mod_auth.yml + ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" +- ansible.builtin.include_tasks: install_pexpect.yml +- ansible.builtin.include_tasks: realm_join_ad.yml +- ansible.builtin.include_tasks: prepare_httpd_mod_auth.yml diff --git a/roles/realm_join/tasks/prepare_httpd_mod_auth.yml b/roles/realm_join/tasks/prepare_httpd_mod_auth.yml index 7ea362d89..8c9a112b4 100644 --- a/roles/realm_join/tasks/prepare_httpd_mod_auth.yml +++ b/roles/realm_join/tasks/prepare_httpd_mod_auth.yml @@ -1,7 +1,7 @@ --- - name: Create the config file to get keytab become: yes - template: + ansible.builtin.template: src: net-keytab.conf.j2 dest: /etc/net-keytab.conf owner: root @@ -10,7 +10,7 @@ - name: Create httpd conf dir to put keytab [Hack - remove once using gssproxy] become: yes - file: + ansible.builtin.file: path: /etc/httpd/conf state: directory mode: '0775' @@ -20,7 +20,7 @@ become: yes environment: KRB5_KTNAME: 'FILE:/etc/httpd/conf/http.keytab' - expect: + ansible.builtin.expect: command: "net ads keytab add HTTP -U {{ foreman_realm_directory_admin_name }} -d3 -s /etc/net-keytab.conf" responses: (?i)password: '{{ foreman_realm_directory_admin_password }}' @@ -28,7 +28,7 @@ - name: Change perms for keytab become: yes - file: + ansible.builtin.file: path: /etc/httpd/conf/http.keytab owner: root group: root @@ -36,31 +36,31 @@ - name: "[Irrelevant] add gssproxy config" become: yes - copy: + ansible.builtin.copy: src: apache-gssproxy.conf dest: /etc/gssproxy/80-http.conf - name: "[Irrelevant] start gssproxy service" become: yes - service: + ansible.builtin.service: name: gssproxy state: started enabled: yes - name: "[Irrelevant] enable GSS_PROXY for httpd" become: yes - copy: + ansible.builtin.copy: src: httpd-gssproxy.service dest: /etc/systemd/system/httpd.service - name: Create fake IPA conf dir become: yes - file: + ansible.builtin.file: path: /etc/ipa state: directory - name: Prepare fake IPA config used by Installer become: yes - template: + ansible.builtin.template: src: fake-ipa.conf.j2 dest: /etc/ipa/default.conf diff --git a/roles/realm_join/tasks/realm_join_ad.yml b/roles/realm_join/tasks/realm_join_ad.yml index c7c0b6eb4..c205dca4c 100644 --- a/roles/realm_join/tasks/realm_join_ad.yml +++ b/roles/realm_join/tasks/realm_join_ad.yml @@ -1,7 +1,7 @@ --- - name: Ensure realm packages become: yes - package: + ansible.builtin.package: name: - sssd - adcli @@ -15,13 +15,13 @@ state: present - name: Find user - to find out if server is already joined - command: id '{{ foreman_realm_directory_admin_name | quote }}@{{ foreman_realm_domain | quote }}' + ansible.builtin.command: id '{{ foreman_realm_directory_admin_name | quote }}@{{ foreman_realm_domain | quote }}' register: realm_connected ignore_errors: True - name: Join the realm become: yes - expect: + ansible.builtin.expect: command: '/usr/sbin/realm join -v {{ foreman_realm }}' responses: (?i)password: '{{ foreman_realm_directory_admin_password }}' diff --git a/roles/remove_pulp2/tasks/main.yml b/roles/remove_pulp2/tasks/main.yml index a56d538e9..3018ee5da 100644 --- a/roles/remove_pulp2/tasks/main.yml +++ b/roles/remove_pulp2/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: Run remove Pulp 2 - shell: yes | foreman-maintain content remove-pulp2 # noqa risky-shell-pipe + ansible.builtin.shell: yes | foreman-maintain content remove-pulp2 # noqa risky-shell-pipe when: - ansible_os_family == "RedHat" - ansible_distribution_major_version == "7" diff --git a/roles/reviewer/tasks/main.yml b/roles/reviewer/tasks/main.yml index 997e0601f..848f2fc46 100644 --- a/roles/reviewer/tasks/main.yml +++ b/roles/reviewer/tasks/main.yml @@ -1,23 +1,23 @@ - name: "Install git" - package: + ansible.builtin.package: name: 'git' state: 'present' - name: Install reviewer tool from git - git: + ansible.builtin.git: repo: "{{ reviewer_install_repo }}" dest: "{{ reviewer_install_dir }}/reviewer" become: true become_user: "{{ reviewer_user }}" - name: Install symlink for reviewing - file: + ansible.builtin.file: src: "{{ reviewer_install_dir }}/reviewer/rpr" dest: /usr/bin/rpr state: link - name: Install symlink for cancelling review - file: + ansible.builtin.file: src: "{{ reviewer_install_dir }}/reviewer/rpr" dest: /usr/bin/rrpr state: link diff --git a/roles/robottelo/tasks/main.yml b/roles/robottelo/tasks/main.yml index 69a2b33c6..1f945989f 100644 --- a/roles/robottelo/tasks/main.yml +++ b/roles/robottelo/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: 'Install Robottelo via pytest_project' - include_role: + ansible.builtin.include_role: name: pytest_project tasks_from: install vars: @@ -11,42 +11,42 @@ pytest_project_virtualenv_command: "{{ robottelo_virtualenv_command }}" pytest_project_version: "{{ robottelo_version }}" -- include_tasks: ssh.yml +- ansible.builtin.include_tasks: ssh.yml - name: robottelo properties file - command: cp robottelo.properties.sample robottelo.properties + ansible.builtin.command: cp robottelo.properties.sample robottelo.properties args: chdir: "{{ robottelo_directory }}" - name: Set robottelo hostname - ini_file: + community.general.ini_file: path: "{{ robottelo_directory }}/robottelo.properties" section: server option: hostname value: "{{ robottelo_hostname }}" - name: Set robottelo SSH key - ini_file: + community.general.ini_file: path: "{{ robottelo_directory }}/robottelo.properties" section: server option: ssh_key value: "{{ robottelo_ssh_key }}" - name: Set robottelo SSH username - ini_file: + community.general.ini_file: path: "{{ robottelo_directory }}/robottelo.properties" section: server option: ssh_username value: "{{ robottelo_ssh_username }}" - name: Set robottelo logging - replace: + ansible.builtin.replace: dest: "{{ robottelo_directory }}/logging.conf" regexp: "^level=DEBUG" replace: "level=INFO" - name: 'Run Robottelo via pytest_project' - include_role: + ansible.builtin.include_role: name: pytest_project tasks_from: run vars: diff --git a/roles/robottelo/tasks/ssh.yml b/roles/robottelo/tasks/ssh.yml index d408c7ba4..ed95cd1f7 100644 --- a/roles/robottelo/tasks/ssh.yml +++ b/roles/robottelo/tasks/ssh.yml @@ -1,14 +1,14 @@ --- - name: 'Create ssh keys' - command: "ssh-keygen -b 2048 -t rsa -f {{ robottelo_ssh_key }} -q -N ''" + ansible.builtin.command: "ssh-keygen -b 2048 -t rsa -f {{ robottelo_ssh_key }} -q -N ''" args: creates: "{{ robottelo_ssh_key }}" - name: 'Get public key' - command: cat {{ robottelo_ssh_key }}.pub + ansible.builtin.command: cat {{ robottelo_ssh_key }}.pub register: robottelo_public_key - name: 'Add ssh key to authorized_keys' - authorized_key: + ansible.posix.authorized_key: key: "{{ robottelo_public_key.stdout }}" user: "{{ robottelo_ssh_username }}" diff --git a/roles/ruby_libvirt_gem/handlers/main.yml b/roles/ruby_libvirt_gem/handlers/main.yml index b165eb8a8..5b7329280 100644 --- a/roles/ruby_libvirt_gem/handlers/main.yml +++ b/roles/ruby_libvirt_gem/handlers/main.yml @@ -1,3 +1,3 @@ --- - name: 'Restart smart proxy' - service: name=foreman-proxy state=restarted + ansible.builtin.service: name=foreman-proxy state=restarted diff --git a/roles/ruby_libvirt_gem/tasks/main.yml b/roles/ruby_libvirt_gem/tasks/main.yml index 9e829ed5c..fa9203910 100644 --- a/roles/ruby_libvirt_gem/tasks/main.yml +++ b/roles/ruby_libvirt_gem/tasks/main.yml @@ -1,5 +1,5 @@ --- - name: 'Install libvirt gem' - yum: name=rubygem-ruby-libvirt state=present + ansible.builtin.yum: name=rubygem-ruby-libvirt state=present notify: - 'Restart smart proxy' diff --git a/roles/ruby_scl/tasks/main.yml b/roles/ruby_scl/tasks/main.yml index 7db51637a..9550cf2f4 100644 --- a/roles/ruby_scl/tasks/main.yml +++ b/roles/ruby_scl/tasks/main.yml @@ -1,10 +1,10 @@ - name: 'Install SCL repository' - yum: + ansible.builtin.yum: name: centos-release-scl-rh state: present - name: 'Install Ruby SCL' - yum: + ansible.builtin.yum: name: - "{{ ruby_scl_version }}" - "{{ ruby_scl_version }}-ruby-devel" @@ -12,7 +12,7 @@ state: present - name: Enable and configure SCL at login - blockinfile: + ansible.builtin.blockinfile: dest: /etc/profile.d/enable-{{ ruby_scl_version }}.sh create: yes block: | diff --git a/roles/selinux/tasks/main.yml b/roles/selinux/tasks/main.yml index d93710806..e54e7a49c 100644 --- a/roles/selinux/tasks/main.yml +++ b/roles/selinux/tasks/main.yml @@ -2,21 +2,21 @@ - when: ansible_os_family == 'RedHat' block: - name: 'Define selinux_packages for EL7' - set_fact: + ansible.builtin.set_fact: selinux_packages: ['libselinux-python', 'libsemanage-python'] when: ansible_distribution_major_version == '7' tags: - env_setup - name: 'Ensure python selinux packages are installed' - package: + ansible.builtin.package: name: "{{ selinux_packages }}" state: present tags: - env_setup - name: 'Set selinux state' - selinux: + ansible.posix.selinux: policy: targeted state: "{{ selinux_state }}" tags: diff --git a/roles/smoker/tasks/main.yml b/roles/smoker/tasks/main.yml index b90fdf47f..e9462fc6a 100644 --- a/roles/smoker/tasks/main.yml +++ b/roles/smoker/tasks/main.yml @@ -1,11 +1,11 @@ --- - name: 'Install browser' become: true - package: + ansible.builtin.package: name: '{{ smoker_browser_packages }}' - name: 'Install Smoker via pytest_project' - include_role: + ansible.builtin.include_role: name: pytest_project tasks_from: install vars: @@ -14,16 +14,16 @@ pytest_project_directory: "{{ smoker_directory }}" - name: "Show variables" - debug: + ansible.builtin.debug: var: smoker_variables - name: 'Write variables.json' - copy: + ansible.builtin.copy: dest: "{{ smoker_variables_path }}" content: "{{ smoker_variables|to_json }}" - name: 'Run Smoker via pytest_project' - include_role: + ansible.builtin.include_role: name: pytest_project tasks_from: run vars: diff --git a/roles/sos_report/tasks/main.yml b/roles/sos_report/tasks/main.yml index 6f763e4b3..d4a1aa426 100644 --- a/roles/sos_report/tasks/main.yml +++ b/roles/sos_report/tasks/main.yml @@ -1,15 +1,15 @@ --- - name: "Load OS variables" - include_vars: "{{ ansible_os_family }}.yml" + ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" - name: 'install sos' - package: + ansible.builtin.package: name: '{{ sos_package }}' state: present - name: 'Generate sosreport' - command: "sosreport --batch --tmp-dir={{ sosreport_output_dir }}" + ansible.builtin.command: "sosreport --batch --tmp-dir={{ sosreport_output_dir }}" ignore_errors: true -- include_tasks: 'sosreport_fetch_results.yml' +- ansible.builtin.include_tasks: 'sosreport_fetch_results.yml' when: sosreport_fetch diff --git a/roles/sos_report/tasks/sosreport_fetch_results.yml b/roles/sos_report/tasks/sosreport_fetch_results.yml index 6267e1e12..fc63768c8 100644 --- a/roles/sos_report/tasks/sosreport_fetch_results.yml +++ b/roles/sos_report/tasks/sosreport_fetch_results.yml @@ -1,13 +1,13 @@ --- - name: 'Find sosreport file' - find: + ansible.builtin.find: paths: "{{ sosreport_output_dir }}" patterns: "sosreport*" recurse: no register: sosreport_files - name: 'Fetch sosreport' - fetch: + ansible.builtin.fetch: src: "{{ item.path }}" dest: "{{ sosreport_local_dir }}" with_items: "{{ sosreport_files.files }}" diff --git a/roles/squid/tasks/main.yml b/roles/squid/tasks/main.yml index 2335ef2d0..d62c35fb0 100644 --- a/roles/squid/tasks/main.yml +++ b/roles/squid/tasks/main.yml @@ -1,11 +1,11 @@ --- - name: Install squid - package: + ansible.builtin.package: name: squid state: present - name: "Start and enable squid" - service: + ansible.builtin.service: name: squid state: started enabled: yes diff --git a/roles/swapfile/tasks/main.yml b/roles/swapfile/tasks/main.yml index 986709c4b..004b4ab7d 100644 --- a/roles/swapfile/tasks/main.yml +++ b/roles/swapfile/tasks/main.yml @@ -1,42 +1,42 @@ --- - name: check if swap file exists - stat: + ansible.builtin.stat: path: "{{ swapfile_path }}" get_checksum: False get_md5: False register: swapfile_check - name: create swap file {{ swapfile_path }} - command: dd if=/dev/zero of={{ swapfile_path }} count={{ swapfile_size }} bs=1MiB + ansible.builtin.command: dd if=/dev/zero of={{ swapfile_path }} count={{ swapfile_size }} bs=1MiB when: not swapfile_check.stat.exists - name: set permissions on swap file - file: + ansible.builtin.file: path: "{{ swapfile_path }}" mode: 0600 - name: mkswap {{ swapfile_path }} - command: mkswap {{ swapfile_path }} + ansible.builtin.command: mkswap {{ swapfile_path }} when: not swapfile_check.stat.exists - name: create swap entry in fstab - mount: + ansible.posix.mount: name: none src: "{{ swapfile_path }}" fstype: swap state: present - name: get active swap - shell: "swapon --summary | grep '^{{ swapfile_path }}'" + ansible.builtin.shell: "swapon --summary | grep '^{{ swapfile_path }}'" register: swapfile_active ignore_errors: True - name: "activate {{ swapfile_path }}" - command: "swapon {{ swapfile_path }}" + ansible.builtin.command: "swapon {{ swapfile_path }}" when: swapfile_active is failed - name: set vm.swappiness to 60 - sysctl: + ansible.posix.sysctl: name: vm.swappiness value: 60 state: present diff --git a/roles/umask/tasks/debian.yml b/roles/umask/tasks/debian.yml index 123880dcd..3ff9a7507 100644 --- a/roles/umask/tasks/debian.yml +++ b/roles/umask/tasks/debian.yml @@ -1,6 +1,6 @@ --- - name: "Configure pam" - lineinfile: + ansible.builtin.lineinfile: state: present path: "{{ item }}" regexp: "^session\\s+optional\\s+pam_umask.so$" @@ -11,7 +11,7 @@ - /etc/pam.d/common-session-noninteractive - name: "Configure defaults" - lineinfile: + ansible.builtin.lineinfile: state: present path: "/etc/login.defs" regexp: "^UMASK" diff --git a/roles/umask/tasks/main.yml b/roles/umask/tasks/main.yml index f8be84372..028851138 100644 --- a/roles/umask/tasks/main.yml +++ b/roles/umask/tasks/main.yml @@ -1,4 +1,4 @@ --- - name: "Configure system wide umask on {{ ansible_os_family }} to {{ umask_mode }}" - include_tasks: "{{ ansible_os_family|lower }}.yml" + ansible.builtin.include_tasks: "{{ ansible_os_family|lower }}.yml" when: umask_mode != false diff --git a/roles/umask/tasks/redhat.yml b/roles/umask/tasks/redhat.yml index 9ed2af357..511ef7f05 100644 --- a/roles/umask/tasks/redhat.yml +++ b/roles/umask/tasks/redhat.yml @@ -1,5 +1,5 @@ --- - name: "Configure profile.d" - copy: + ansible.builtin.copy: content: "umask {{ umask_mode }}\n" dest: "/etc/profile.d/umask.sh" diff --git a/roles/unprivileged_user/tasks/main.yml b/roles/unprivileged_user/tasks/main.yml index 85a46d7ac..fca902f30 100644 --- a/roles/unprivileged_user/tasks/main.yml +++ b/roles/unprivileged_user/tasks/main.yml @@ -1,12 +1,12 @@ --- - name: "Creating of {{ unprivileged_user_username }} user" - user: + ansible.builtin.user: name: "{{ unprivileged_user_username }}" comment: "John Vagrant" become: true - name: "Add {{ unprivileged_user_username }} to sudoers" - lineinfile: + ansible.builtin.lineinfile: dest: "/etc/sudoers.d/{{ unprivileged_user_username }}" state: present regexp: '^{{ unprivileged_user_username }}' @@ -16,7 +16,7 @@ become: true - name: "Create {{ unprivileged_user_username }} .ssh" - file: + ansible.builtin.file: path: "/home/{{ unprivileged_user_username }}/.ssh" owner: "{{ unprivileged_user_username }}" group: root @@ -25,7 +25,7 @@ become: true - name: "Ensure public key is in authorized_keys" - lineinfile: + ansible.builtin.lineinfile: line: "{{ lookup('file', unprivileged_user_import_ssh_pub_key) }}" path: "/home/{{ unprivileged_user_username }}/.ssh/authorized_keys" create: yes @@ -36,19 +36,19 @@ become: true - name: "Check /home/{{ unprivileged_user_username }}/.ssh/authorized_keys" - stat: + ansible.builtin.stat: path: /home/{{ unprivileged_user_username }}/.ssh/authorized_keys register: authorized_keys_file become: true - block: - name: "Check /root/.ssh/authorized_keys" - stat: + ansible.builtin.stat: path: /root/.ssh/authorized_keys register: root_authorized_keys_file - name: "Copy /root/.ssh/authorized_keys" - copy: + ansible.builtin.copy: remote_src: true src: /root/.ssh/authorized_keys owner: "{{ unprivileged_user_username }}" diff --git a/roles/update_os_packages/tasks/main.yml b/roles/update_os_packages/tasks/main.yml index 67bf58034..8c286c56e 100644 --- a/roles/update_os_packages/tasks/main.yml +++ b/roles/update_os_packages/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: 'RedHat | Update packages' - yum: + ansible.builtin.yum: name: '*' update_cache: yes state: latest @@ -9,7 +9,7 @@ when: ansible_os_family == 'RedHat' - name: 'Debian | Update packages' - apt: + ansible.builtin.apt: upgrade: dist update_cache: yes tags: diff --git a/roles/vagrant/tasks/main.yml b/roles/vagrant/tasks/main.yml index 5f835f2fd..055c9cf65 100644 --- a/roles/vagrant/tasks/main.yml +++ b/roles/vagrant/tasks/main.yml @@ -1,16 +1,16 @@ --- - name: 'install hashicorp repo' - get_url: + ansible.builtin.get_url: url: https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo dest: /etc/yum.repos.d/hashicorp.repo - name: 'install vagrant' - yum: + ansible.builtin.yum: name: vagrant-{{ vagrant_version }} state: present -- include_tasks: 'vagrant_libvirt.yml' +- ansible.builtin.include_tasks: 'vagrant_libvirt.yml' when: vagrant_libvirt -- include_tasks: 'vagrant_scp.yml' +- ansible.builtin.include_tasks: 'vagrant_scp.yml' when: vagrant_scp diff --git a/roles/vagrant/tasks/vagrant_libvirt.yml b/roles/vagrant/tasks/vagrant_libvirt.yml index 41e523c25..ff970a46b 100644 --- a/roles/vagrant/tasks/vagrant_libvirt.yml +++ b/roles/vagrant/tasks/vagrant_libvirt.yml @@ -1,6 +1,6 @@ --- - name: 'install vagrant-libvirt requirements' - yum: + ansible.builtin.yum: name: - libvirt-devel - ruby-devel @@ -9,9 +9,9 @@ state: present - name: 'perform EL8-specific vagrant-libvirt tasks' - include_tasks: vagrant_libvirt_el8.yml + ansible.builtin.include_tasks: vagrant_libvirt_el8.yml when: - ansible_distribution_major_version == "8" - name: 'install vagrant-libvirt' - command: vagrant plugin install vagrant-libvirt + ansible.builtin.command: vagrant plugin install vagrant-libvirt diff --git a/roles/vagrant/tasks/vagrant_libvirt_el8.yml b/roles/vagrant/tasks/vagrant_libvirt_el8.yml index 81884e653..c242ba5af 100644 --- a/roles/vagrant/tasks/vagrant_libvirt_el8.yml +++ b/roles/vagrant/tasks/vagrant_libvirt_el8.yml @@ -5,7 +5,7 @@ # before we can build the libvirt gem - name: 'install EL8-specific vagrant-libvirt requirements' - package: + ansible.builtin.package: name: - cmake - zlib-devel @@ -16,12 +16,12 @@ state: present - name: 'create directory for vagrant library builds' - file: + ansible.builtin.file: path: /tmp/vagrant-libvirt-deps state: directory - name: 'download krb5 and libssh' - unarchive: + ansible.builtin.unarchive: src: "{{ item }}" dest: /tmp/vagrant-libvirt-deps remote_src: yes @@ -30,36 +30,36 @@ - https://kerberos.org/dist/krb5/1.18/krb5-1.18.2.tar.gz - name: 'configure krb5' - command: ./configure + ansible.builtin.command: ./configure args: chdir: /tmp/vagrant-libvirt-deps/krb5-1.18.2/src - name: 'build krb5' - command: make -j {{ ansible_processor_vcpus }} + ansible.builtin.command: make -j {{ ansible_processor_vcpus }} args: chdir: /tmp/vagrant-libvirt-deps/krb5-1.18.2/src - name: 'install krb5crypto libs' - shell: cp lib/libk5crypto.so* /opt/vagrant/embedded/lib64/ + ansible.builtin.shell: cp lib/libk5crypto.so* /opt/vagrant/embedded/lib64/ args: chdir: /tmp/vagrant-libvirt-deps/krb5-1.18.2/src - name: 'create libssh build directory' - file: + ansible.builtin.file: path: /tmp/vagrant-libvirt-deps/libssh-0.9.4/build state: directory - name: 'configure libssh' - command: cmake .. -DOPENSSL_ROOT_DIR=/opt/vagrant/embedded/ + ansible.builtin.command: cmake .. -DOPENSSL_ROOT_DIR=/opt/vagrant/embedded/ args: chdir: /tmp/vagrant-libvirt-deps/libssh-0.9.4/build - name: 'build libssh' - command: make -j {{ ansible_processor_vcpus }} + ansible.builtin.command: make -j {{ ansible_processor_vcpus }} args: chdir: /tmp/vagrant-libvirt-deps/libssh-0.9.4/build - name: 'install libssh libs' - shell: cp lib/libssh.so* /opt/vagrant/embedded/lib64/ + ansible.builtin.shell: cp lib/libssh.so* /opt/vagrant/embedded/lib64/ args: chdir: /tmp/vagrant-libvirt-deps/libssh-0.9.4/build diff --git a/roles/vagrant/tasks/vagrant_scp.yml b/roles/vagrant/tasks/vagrant_scp.yml index a455cc67f..b6d6e507b 100644 --- a/roles/vagrant/tasks/vagrant_scp.yml +++ b/roles/vagrant/tasks/vagrant_scp.yml @@ -1,3 +1,3 @@ --- - name: 'install vagrant-scp' - command: vagrant plugin install vagrant-scp + ansible.builtin.command: vagrant plugin install vagrant-scp diff --git a/roles/vagrant_workarounds/tasks/main.yml b/roles/vagrant_workarounds/tasks/main.yml index 16c9e4332..cfcece7ae 100644 --- a/roles/vagrant_workarounds/tasks/main.yml +++ b/roles/vagrant_workarounds/tasks/main.yml @@ -1,6 +1,6 @@ --- - name: make grub not care that it can't be installed - debconf: + ansible.builtin.debconf: name: grub-pc question: grub-pc/install_devices_empty value: 'true' From ebb1898a217e872c16fea7dc0c830e72a547c794 Mon Sep 17 00:00:00 2001 From: William Bradford Clark Date: Sun, 28 Aug 2022 20:11:01 -0400 Subject: [PATCH 03/11] Replace include with include_tasks --- roles/custom_certificates/tasks/main.yml | 2 +- roles/foreman_provisioning_infrastructure/tasks/main.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/custom_certificates/tasks/main.yml b/roles/custom_certificates/tasks/main.yml index 8d1eadb9b..4d07d8fc4 100644 --- a/roles/custom_certificates/tasks/main.yml +++ b/roles/custom_certificates/tasks/main.yml @@ -88,7 +88,7 @@ args: creates: "{{ custom_certificates_ca_directory_certs }}/{{ custom_certificates_server }}.crt" -- ansible.builtin.include: issue.yml +- ansible.builtin.include_tasks: issue.yml when: custom_certificates_hostnames is defined with_items: "{{ custom_certificates_hostnames }}" loop_control: diff --git a/roles/foreman_provisioning_infrastructure/tasks/main.yml b/roles/foreman_provisioning_infrastructure/tasks/main.yml index 112f36dbb..766f05251 100644 --- a/roles/foreman_provisioning_infrastructure/tasks/main.yml +++ b/roles/foreman_provisioning_infrastructure/tasks/main.yml @@ -49,7 +49,7 @@ register: foreman_provisioning_compute_profile_cmd ignore_errors: True -- ansible.builtin.include: compute_profiles.yml +- ansible.builtin.include_tasks: compute_profiles.yml when: "'Error' not in foreman_provisioning_compute_profile_cmd.stderr" # Domain From 86da61a13f6d0526ee5e2c2061e462b13d158b1a Mon Sep 17 00:00:00 2001 From: William Bradford Clark Date: Sun, 28 Aug 2022 20:15:23 -0400 Subject: [PATCH 04/11] Dont compare Booleans to literal True/False --- roles/foreman_installer/tasks/main.yml | 4 ++-- roles/foreman_proxy_content/tasks/main.yml | 6 +++--- roles/umask/tasks/main.yml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/roles/foreman_installer/tasks/main.yml b/roles/foreman_installer/tasks/main.yml index 265889078..101f8b2d0 100644 --- a/roles/foreman_installer/tasks/main.yml +++ b/roles/foreman_installer/tasks/main.yml @@ -11,7 +11,7 @@ when: foreman_installer_custom_hiera - ansible.builtin.include_tasks: install.yml - when: foreman_installer_upgrade == False + when: not foreman_installer_upgrade - ansible.builtin.include_tasks: upgrade.yml - when: foreman_installer_upgrade == True + when: foreman_installer_upgrade diff --git a/roles/foreman_proxy_content/tasks/main.yml b/roles/foreman_proxy_content/tasks/main.yml index 806263654..937b8a3d3 100644 --- a/roles/foreman_proxy_content/tasks/main.yml +++ b/roles/foreman_proxy_content/tasks/main.yml @@ -1,9 +1,9 @@ --- - ansible.builtin.include_tasks: devel_install.yml - when: (foreman_proxy_content_upgrade == False and devel is defined and devel == True) + when: (not foreman_proxy_content_upgrade and devel is defined and devel) - ansible.builtin.include_tasks: install.yml - when: foreman_proxy_content_upgrade == False + when: not foreman_proxy_content_upgrade - ansible.builtin.include_tasks: upgrade.yml - when: foreman_proxy_content_upgrade == True + when: foreman_proxy_content_upgrade diff --git a/roles/umask/tasks/main.yml b/roles/umask/tasks/main.yml index 028851138..e616492e2 100644 --- a/roles/umask/tasks/main.yml +++ b/roles/umask/tasks/main.yml @@ -1,4 +1,4 @@ --- - name: "Configure system wide umask on {{ ansible_os_family }} to {{ umask_mode }}" ansible.builtin.include_tasks: "{{ ansible_os_family|lower }}.yml" - when: umask_mode != false + when: umask_mode From 588605eff42863d3e95284d029aa9411fb9f5f82 Mon Sep 17 00:00:00 2001 From: William Bradford Clark Date: Sun, 28 Aug 2022 20:34:02 -0400 Subject: [PATCH 05/11] Name all role tasks and capitalize names --- roles/bats/tasks/main.yml | 8 +- roles/custom_certificates/tasks/main.yml | 3 +- roles/customize_home/tasks/main.yml | 6 +- roles/debian_backports/tasks/main.yml | 4 +- roles/disable_firewall/tasks/main.yml | 4 +- roles/dynflow_devel/tasks/main.yml | 3 +- roles/fips/tasks/el8.yml | 2 +- roles/fips/tasks/main.yml | 5 +- .../tasks/main.yml | 3 +- .../tasks/staging_repo.yml | 3 +- roles/foreman_devel/tasks/github_push_ssh.yml | 2 +- roles/foreman_devel/tasks/main.yml | 11 ++- .../foreman_installer/tasks/custom_hiera.yml | 2 +- roles/foreman_installer/tasks/install.yml | 3 +- roles/foreman_installer/tasks/locales.yml | 2 +- roles/foreman_installer/tasks/main.yml | 18 ++-- roles/foreman_installer/tasks/module_pr.yml | 14 +-- roles/foreman_installer/tasks/module_prs.yml | 8 +- roles/foreman_installer/tasks/upgrade.yml | 3 +- .../tasks/configure_centos_7.yml | 16 ++-- .../tasks/configure_debian_9_3.yml | 14 +-- .../tasks/configure_fedora_27.yml | 14 +-- .../tasks/configure_ubuntu_17_10.yml | 14 +-- roles/foreman_provisioning/tasks/main.yml | 14 +-- .../tasks/compute_profiles.yml | 6 +- .../tasks/main.yml | 35 ++++---- roles/foreman_proxy_content/tasks/install.yml | 3 +- roles/foreman_proxy_content/tasks/main.yml | 9 +- roles/foreman_proxy_content/tasks/upgrade.yml | 3 +- roles/foreman_repositories/tasks/main.yml | 3 +- roles/foreman_seeder/users/tasks/main.yml | 4 +- .../tasks/main.yml | 10 +-- roles/forklift_versions/tasks/main.yml | 6 +- roles/forklift_versions/tasks/upgrade.yml | 4 +- roles/forklift_versions/tasks/versions.yml | 4 +- roles/freeipa_server/tasks/main.yml | 7 +- roles/hammer_devel/tasks/main.yml | 7 +- roles/haproxy/handlers/main.yml | 2 +- roles/haproxy/tasks/main.yml | 10 +-- roles/katello_provisioning/tasks/main.yml | 85 ++++++++++--------- roles/katello_repositories/tasks/main.yml | 4 +- roles/koji/tasks/main.yml | 3 +- roles/libvirt/tasks/main.yml | 16 ++-- roles/libvirt/tasks/nested.yml | 8 +- roles/libvirt/tasks/tftp.yml | 24 +++--- roles/powerdns/tasks/main.yml | 6 +- roles/puppet_agent/tasks/main.yml | 14 +-- roles/pytest_project/tasks/run.yml | 3 +- roles/realm_join/tasks/main.yml | 12 ++- .../tasks/prepare_httpd_mod_auth.yml | 6 +- roles/robottelo/tasks/main.yml | 5 +- roles/selinux/tasks/main.yml | 3 +- roles/sos_report/tasks/main.yml | 5 +- roles/swapfile/tasks/main.yml | 16 ++-- roles/unprivileged_user/tasks/main.yml | 3 +- roles/vagrant/tasks/main.yml | 10 ++- roles/vagrant/tasks/vagrant_libvirt.yml | 6 +- roles/vagrant/tasks/vagrant_libvirt_el8.yml | 20 ++--- roles/vagrant/tasks/vagrant_scp.yml | 2 +- roles/vagrant_workarounds/tasks/main.yml | 2 +- 60 files changed, 299 insertions(+), 243 deletions(-) diff --git a/roles/bats/tasks/main.yml b/roles/bats/tasks/main.yml index 95360902f..97775a6d0 100644 --- a/roles/bats/tasks/main.yml +++ b/roles/bats/tasks/main.yml @@ -2,7 +2,7 @@ - name: "Load OS variables" ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" -- name: "install required packages" +- name: "Install required packages" ansible.builtin.package: name: "{{ bats_packages }}" state: present @@ -41,7 +41,8 @@ state: "directory" path: "{{ bats_output_dir }}" -- block: +- name: "Run tests" + block: - name: "Run bats" ansible.builtin.shell: "bats --tap {{ item }} > {{ bats_output_dir }}/{{ item }}.tap" args: @@ -68,7 +69,8 @@ ansible.builtin.debug: msg: "{{ test_results.results | join('\n', attribute='stdout') }}" - - ansible.builtin.include_tasks: 'bats_fetch_results.yml' + - name: "Include bats_fetch_results.yml" + ansible.builtin.include_tasks: 'bats_fetch_results.yml' when: bats_fetch_results - name: "Fail if tests didn't pass" diff --git a/roles/custom_certificates/tasks/main.yml b/roles/custom_certificates/tasks/main.yml index 4d07d8fc4..b860a32c5 100644 --- a/roles/custom_certificates/tasks/main.yml +++ b/roles/custom_certificates/tasks/main.yml @@ -88,7 +88,8 @@ args: creates: "{{ custom_certificates_ca_directory_certs }}/{{ custom_certificates_server }}.crt" -- ansible.builtin.include_tasks: issue.yml +- name: 'include issue.yml' + ansible.builtin.include_tasks: issue.yml when: custom_certificates_hostnames is defined with_items: "{{ custom_certificates_hostnames }}" loop_control: diff --git a/roles/customize_home/tasks/main.yml b/roles/customize_home/tasks/main.yml index 8353b4676..201d7fc31 100644 --- a/roles/customize_home/tasks/main.yml +++ b/roles/customize_home/tasks/main.yml @@ -16,7 +16,8 @@ path: "{{ ansible_env.HOME }}/.gitkeep/" state: absent -- ansible.builtin.include_tasks: clone_specified_repo.yml +- name: Include clone_specified_repo.yml + ansible.builtin.include_tasks: clone_specified_repo.yml when: customize_home_git_repo is defined - name: Check custom bootstrap script exists @@ -24,5 +25,6 @@ path: "{{ ansible_env.HOME }}/{{ customize_home_bootstrap_script }}" register: bootstrap_script_path -- ansible.builtin.include_tasks: boostrap_script.yml +- name: Include bootstrap_script.yml + ansible.builtin.include_tasks: boostrap_script.yml when: bootstrap_script_path.stat.exists diff --git a/roles/debian_backports/tasks/main.yml b/roles/debian_backports/tasks/main.yml index 11809e880..0665df767 100644 --- a/roles/debian_backports/tasks/main.yml +++ b/roles/debian_backports/tasks/main.yml @@ -1,8 +1,8 @@ --- -- name: add distribution-specific variables +- name: Add distribution-specific variables ansible.builtin.include_vars: "{{ ansible_distribution }}.yml" -- name: add backports repository +- name: Add backports repository ansible.builtin.apt_repository: repo: 'deb {{ debian_backports_uri }} {{ debian_backports_components }}' state: present diff --git a/roles/disable_firewall/tasks/main.yml b/roles/disable_firewall/tasks/main.yml index 640bab163..4c54754b5 100644 --- a/roles/disable_firewall/tasks/main.yml +++ b/roles/disable_firewall/tasks/main.yml @@ -1,12 +1,12 @@ --- -- name: disable firewalld +- name: Disable firewalld ansible.builtin.service: name: firewalld enabled: false state: stopped ignore_errors: true -- name: disable iptables +- name: Disable iptables ansible.builtin.service: name: iptables enabled: false diff --git a/roles/dynflow_devel/tasks/main.yml b/roles/dynflow_devel/tasks/main.yml index e39dee95a..35000b868 100644 --- a/roles/dynflow_devel/tasks/main.yml +++ b/roles/dynflow_devel/tasks/main.yml @@ -1,2 +1,3 @@ --- -- ansible.builtin.include_tasks: dynflow_install.yml +- name: Include dynflow_install.yml + ansible.builtin.include_tasks: dynflow_install.yml diff --git a/roles/fips/tasks/el8.yml b/roles/fips/tasks/el8.yml index c5440d8fb..023f9f87d 100644 --- a/roles/fips/tasks/el8.yml +++ b/roles/fips/tasks/el8.yml @@ -4,5 +4,5 @@ name: crypto-policies-scripts state: present -- name: enable fips mode +- name: Enable fips mode ansible.builtin.command: /usr/bin/fips-mode-setup --enable diff --git a/roles/fips/tasks/main.yml b/roles/fips/tasks/main.yml index 521967175..ce131d84f 100644 --- a/roles/fips/tasks/main.yml +++ b/roles/fips/tasks/main.yml @@ -1,8 +1,9 @@ --- -- ansible.builtin.include_tasks: 'el{{ ansible_distribution_major_version }}.yml' +- name: Include tasks specific to OS major version + ansible.builtin.include_tasks: 'el{{ ansible_distribution_major_version }}.yml' when: not ansible_fips -- name: reboot vm +- name: Reboot vm ansible.builtin.reboot: when: not ansible_fips diff --git a/roles/foreman_client_repositories/tasks/main.yml b/roles/foreman_client_repositories/tasks/main.yml index 46e06f31a..c04960638 100644 --- a/roles/foreman_client_repositories/tasks/main.yml +++ b/roles/foreman_client_repositories/tasks/main.yml @@ -1,5 +1,6 @@ --- -- ansible.builtin.include_tasks: "{{ foreman_client_repositories_environment }}_repo.yml" +- name: Include repositories_environment specific tasks + ansible.builtin.include_tasks: "{{ foreman_client_repositories_environment }}_repo.yml" when: - ansible_os_family == 'RedHat' diff --git a/roles/foreman_client_repositories/tasks/staging_repo.yml b/roles/foreman_client_repositories/tasks/staging_repo.yml index f838fb4c0..7f5fce89c 100644 --- a/roles/foreman_client_repositories/tasks/staging_repo.yml +++ b/roles/foreman_client_repositories/tasks/staging_repo.yml @@ -14,6 +14,7 @@ priority: '1' gpgcheck: no -- ansible.builtin.include_tasks: qpid.yml +- name: Include qpid.yml + ansible.builtin.include_tasks: qpid.yml when: - ansible_distribution_major_version == "7" diff --git a/roles/foreman_devel/tasks/github_push_ssh.yml b/roles/foreman_devel/tasks/github_push_ssh.yml index 29a304e79..7ea0646f9 100644 --- a/roles/foreman_devel/tasks/github_push_ssh.yml +++ b/roles/foreman_devel/tasks/github_push_ssh.yml @@ -1,5 +1,5 @@ --- -- name: "install git" +- name: "Install git" ansible.builtin.package: name: 'git' state: 'present' diff --git a/roles/foreman_devel/tasks/main.yml b/roles/foreman_devel/tasks/main.yml index b99d885a8..c5d2b2bfd 100644 --- a/roles/foreman_devel/tasks/main.yml +++ b/roles/foreman_devel/tasks/main.yml @@ -1,13 +1,16 @@ --- -- ansible.builtin.include_tasks: check_forks_of_repos.yml +- name: Include check_forks_of_repos.yml + ansible.builtin.include_tasks: check_forks_of_repos.yml when: katello_devel_github_username is defined and foreman_installer_options_internal_use_only is defined -- ansible.builtin.include_tasks: rhel.yml +- name: Include rhel.yml + ansible.builtin.include_tasks: rhel.yml when: ansible_distribution == "RedHat" -- ansible.builtin.include_tasks: github_push_ssh.yml +- name: Include github_push_ssh.yml + ansible.builtin.include_tasks: github_push_ssh.yml when: foreman_devel_github_push_ssh -- name: setup reviewing script +- name: Setup reviewing script ansible.builtin.include_role: name: reviewer diff --git a/roles/foreman_installer/tasks/custom_hiera.yml b/roles/foreman_installer/tasks/custom_hiera.yml index 55d73778d..02040881a 100644 --- a/roles/foreman_installer/tasks/custom_hiera.yml +++ b/roles/foreman_installer/tasks/custom_hiera.yml @@ -1,5 +1,5 @@ --- -- name: deploy custom-hiera.yaml +- name: Deploy custom-hiera.yaml ansible.builtin.blockinfile: dest: /etc/foreman-installer/custom-hiera.yaml block: "{{ foreman_installer_custom_hiera }}" diff --git a/roles/foreman_installer/tasks/install.yml b/roles/foreman_installer/tasks/install.yml index 6633fc3d9..8bf90d7f6 100644 --- a/roles/foreman_installer/tasks/install.yml +++ b/roles/foreman_installer/tasks/install.yml @@ -1,5 +1,6 @@ --- -- ansible.builtin.include_tasks: installer_version.yml +- name: Include installer_version.yml + ansible.builtin.include_tasks: installer_version.yml - name: 'Check if foreman_installer_options is a string' ansible.builtin.fail: diff --git a/roles/foreman_installer/tasks/locales.yml b/roles/foreman_installer/tasks/locales.yml index 7d2ece77d..844776b85 100644 --- a/roles/foreman_installer/tasks/locales.yml +++ b/roles/foreman_installer/tasks/locales.yml @@ -13,7 +13,7 @@ name: "{{ item }}" loop: "{{ query('env', 'LANG', 'LC_ADDRESS', 'LC_ALL', 'LC_COLLATE', 'LC_CTYPE', 'LC_IDENTIFICATION', 'LC_MEASUREMENT', 'LC_MESSAGES', 'LC_MONETARY', 'LC_NAME', 'LC_NUMERIC', 'LC_PAPER', 'LC_TELEPHONE', 'LC_TIME') | unique | select() | list }}" -- name: configure /etc/default/locale +- name: Configure /etc/default/locale ansible.builtin.copy: dest: /etc/default/locale content: | diff --git a/roles/foreman_installer/tasks/main.yml b/roles/foreman_installer/tasks/main.yml index 101f8b2d0..f5b0428a8 100644 --- a/roles/foreman_installer/tasks/main.yml +++ b/roles/foreman_installer/tasks/main.yml @@ -1,17 +1,23 @@ --- -- ansible.builtin.include_tasks: packages.yml +- name: Include packages.yml + ansible.builtin.include_tasks: packages.yml -- ansible.builtin.include_tasks: locales.yml +- name: Include locales.yml + ansible.builtin.include_tasks: locales.yml when: ansible_os_family == 'Debian' -- ansible.builtin.include_tasks: module_prs.yml +- name: Include module_prs.yml + ansible.builtin.include_tasks: module_prs.yml when: (foreman_installer_module_prs|length > 0) or (foreman_installer_module_branches|length > 0) -- ansible.builtin.include_tasks: custom_hiera.yml +- name: Include custom_hiera.yml + ansible.builtin.include_tasks: custom_hiera.yml when: foreman_installer_custom_hiera -- ansible.builtin.include_tasks: install.yml +- name: Include install.yml + ansible.builtin.include_tasks: install.yml when: not foreman_installer_upgrade -- ansible.builtin.include_tasks: upgrade.yml +- name: Include upgrade.yml + ansible.builtin.include_tasks: upgrade.yml when: foreman_installer_upgrade diff --git a/roles/foreman_installer/tasks/module_pr.yml b/roles/foreman_installer/tasks/module_pr.yml index 119a7c06a..aba0d916c 100644 --- a/roles/foreman_installer/tasks/module_pr.yml +++ b/roles/foreman_installer/tasks/module_pr.yml @@ -1,30 +1,30 @@ --- -- name: set namespace, module_name and ref facts +- name: Set namespace, module_name and ref facts ansible.builtin.set_fact: namespace: "{{ module.split('/')[0] }}" module_name: "{{ module.split('/')[1] | replace('puppet-', '') | replace('puppetlabs-', '') }}" ref: "{{ module.split('/')[2] }}" -- name: find puppet module +- name: Find puppet module ansible.builtin.find: paths: /usr/share/foreman-installer/modules patterns: "{{ module_name }}" file_type: directory register: foreman_module -- name: find puppet module +- name: Find puppet module ansible.builtin.find: paths: /usr/share/katello-installer-base/modules patterns: "{{ module_name }}" file_type: directory register: katello_module -- name: define module_dir for foreman +- name: Define module_dir for foreman ansible.builtin.set_fact: module_dir: /usr/share/foreman-installer/modules when: foreman_module.matched > 0 -- name: define module_dir for katello +- name: Define module_dir for katello ansible.builtin.set_fact: module_dir: /usr/share/katello-installer-base/modules when: katello_module.matched > 0 @@ -39,7 +39,7 @@ repo: https://github.com/{{ namespace }}/puppet-{{ module_name }}.git dest: "{{ module_dir }}/{{ module_name }}" -- name: "fetch git PR" +- name: "Fetch git PR" ansible.builtin.shell: > git fetch origin pull/{{ ref }}/head:pr && git {{ foreman_installer_module_prs_strategy }} pr @@ -47,7 +47,7 @@ chdir: "{{ module_dir }}/{{ module_name }}" when: pr is defined and pr -- name: "install module branches into installer directory" +- name: "Install module branches into installer directory" ansible.builtin.shell: git checkout {{ ref }} args: chdir: "{{ module_dir }}/{{ module_name }}" diff --git a/roles/foreman_installer/tasks/module_prs.yml b/roles/foreman_installer/tasks/module_prs.yml index 1853e3f54..04ad9541a 100644 --- a/roles/foreman_installer/tasks/module_prs.yml +++ b/roles/foreman_installer/tasks/module_prs.yml @@ -14,14 +14,15 @@ tags: - packages -- name: "install git" +- name: "Install git" ansible.builtin.package: name: 'git' state: 'present' tags: - packages -- ansible.builtin.include_tasks: module_pr.yml +- name: Include module_pr.yml for specified pull request + ansible.builtin.include_tasks: module_pr.yml vars: pr: true loop: "{{ foreman_installer_module_prs }}" @@ -30,7 +31,8 @@ tags: - packages -- ansible.builtin.include_tasks: module_pr.yml +- name: Include module_pr.yml for specified branch + ansible.builtin.include_tasks: module_pr.yml vars: branch: true loop: "{{ foreman_installer_module_branches }}" diff --git a/roles/foreman_installer/tasks/upgrade.yml b/roles/foreman_installer/tasks/upgrade.yml index bfaa9893a..8b29d3064 100644 --- a/roles/foreman_installer/tasks/upgrade.yml +++ b/roles/foreman_installer/tasks/upgrade.yml @@ -14,7 +14,8 @@ - ansible_os_family == "RedHat" - ansible_distribution_major_version == '8' -- ansible.builtin.include_tasks: installer_version.yml +- name: Include installer_version.yml + ansible.builtin.include_tasks: installer_version.yml - name: 'Set internal installer options' ansible.builtin.set_fact: diff --git a/roles/foreman_provisioning/tasks/configure_centos_7.yml b/roles/foreman_provisioning/tasks/configure_centos_7.yml index eda23aff5..20be49c6f 100644 --- a/roles/foreman_provisioning/tasks/configure_centos_7.yml +++ b/roles/foreman_provisioning/tasks/configure_centos_7.yml @@ -1,40 +1,40 @@ -- name: 'set CentOS medium name' +- name: 'Set CentOS medium name' ansible.builtin.set_fact: centos_medium_name: "{{ 'CentOS 7 mirror' if foreman_provisioning_foreman_version == 'nightly' or (foreman_provisioning_foreman_version is version_compare('2.1', '>=')) else 'CentOS mirror' }}" -- name: 'create CentOS 7' +- name: 'Create CentOS 7' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os info --title "CentOS 7" || {{ foreman_provisioning_hammer }} os create --name CentOS --major 7 --architectures x86_64 --family 'Redhat' --media '{{ centos_medium_name }}' --partition-tables 'Kickstart default' -- name: 'find CentOS 7' +- name: 'Find CentOS 7' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output json os info --name "CentOS 7" || {{ foreman_provisioning_hammer }} --output json os info --title "CentOS 7" register: foreman_provisioning_centos73_json ignore_errors: True -- name: 'get CentOS 7 info' +- name: 'Get CentOS 7 info' ansible.builtin.set_fact: foreman_provisioning_centos73: "{{ foreman_provisioning_centos73_json.stdout|from_json }}" -- name: 'find kickstart templates' +- name: 'Find kickstart templates' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output=json template list --search 'name ~ "Kickstart default"' register: kickstart_templates_json -- name: 'set kickstart templates' +- name: 'Set kickstart templates' ansible.builtin.set_fact: kickstart_templates: "{{ kickstart_templates_json.stdout|from_json }}" -- name: 'associate kickstart templates to CentOS 7' +- name: 'Associate kickstart templates to CentOS 7' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} template add-operatingsystem --id {{ item.Id }} --operatingsystem 'CentOS 7' with_items: "{{ kickstart_templates }}" -- name: 'set default templates for CentOS 7' +- name: 'Set default templates for CentOS 7' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os set-default-template --id {{ foreman_provisioning_centos73.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ kickstart_templates }}" diff --git a/roles/foreman_provisioning/tasks/configure_debian_9_3.yml b/roles/foreman_provisioning/tasks/configure_debian_9_3.yml index f7975cd50..9919e359c 100644 --- a/roles/foreman_provisioning/tasks/configure_debian_9_3.yml +++ b/roles/foreman_provisioning/tasks/configure_debian_9_3.yml @@ -1,36 +1,36 @@ -- name: 'create Debian 9.3' +- name: 'Create Debian 9.3' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os info --title "Debian 9.3" || {{ foreman_provisioning_hammer }} os create --name Debian --major 9 --minor 3 --release-name 'stretch' --architectures x86_64 --family 'Debian' --media 'Debian mirror' --partition-tables 'Preseed default' -- name: 'find Debian 9.3' +- name: 'Find Debian 9.3' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output json os info --name "Debian 9.3" || {{ foreman_provisioning_hammer }} --output json os info --title "Debian 9.3" register: foreman_provisioning_debian93_json ignore_errors: True -- name: 'get CentOS 9.3 info' +- name: 'Get CentOS 9.3 info' ansible.builtin.set_fact: foreman_provisioning_debian93: "{{ foreman_provisioning_debian93_json.stdout|from_json }}" -- name: 'find preseed templates' +- name: 'Find preseed templates' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output=json template list --search 'name ~ "Preseed default"' register: preseed_templates_json -- name: 'set preseed templates' +- name: 'Set preseed templates' ansible.builtin.set_fact: preseed_templates: "{{ preseed_templates_json.stdout|from_json }}" -- name: 'associate preseed templates to Debian 9.3' +- name: 'Associate preseed templates to Debian 9.3' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} template add-operatingsystem --id {{ item.Id }} --operatingsystem 'Debian 9.3' with_items: "{{ preseed_templates }}" -- name: 'set default templates for Debian 9.3' +- name: 'Set default templates for Debian 9.3' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os set-default-template --id {{ foreman_provisioning_debian93.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ preseed_templates }}" diff --git a/roles/foreman_provisioning/tasks/configure_fedora_27.yml b/roles/foreman_provisioning/tasks/configure_fedora_27.yml index 4c70f32f3..33dc35a43 100644 --- a/roles/foreman_provisioning/tasks/configure_fedora_27.yml +++ b/roles/foreman_provisioning/tasks/configure_fedora_27.yml @@ -1,36 +1,36 @@ -- name: 'create Fedora 27' +- name: 'Create Fedora 27' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os info --title "Fedora 27" || {{ foreman_provisioning_hammer }} os create --name Fedora --major 27 --architectures x86_64 --family 'Redhat' --media 'Fedora mirror' --partition-tables 'Kickstart default' -- name: 'find Fedora 27' +- name: 'Find Fedora 27' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output json os info --name "Fedora 27" || {{ foreman_provisioning_hammer }} --output json os info --title "Fedora 27" register: foreman_provisioning_fedora27_json ignore_errors: True -- name: 'get Fedora 27 info' +- name: 'Get Fedora 27 info' ansible.builtin.set_fact: foreman_provisioning_fedora27: "{{ foreman_provisioning_fedora27_json.stdout|from_json }}" -- name: 'find kickstart templates' +- name: 'Find kickstart templates' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output=json template list --search 'name ~ "Kickstart default"' register: kickstart_templates_json -- name: 'set kickstart templates' +- name: 'Set kickstart templates' ansible.builtin.set_fact: kickstart_templates: "{{ kickstart_templates_json.stdout|from_json }}" -- name: 'associate kickstart templates to Fedora 27' +- name: 'Associate kickstart templates to Fedora 27' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} template add-operatingsystem --id {{ item.Id }} --operatingsystem 'Fedora 27' with_items: "{{ kickstart_templates }}" -- name: 'set default templates for Fedora 27' +- name: 'Set default templates for Fedora 27' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os set-default-template --id {{ foreman_provisioning_fedora27.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ kickstart_templates }}" diff --git a/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml b/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml index d5d6f97e5..a20e9565c 100644 --- a/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml +++ b/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml @@ -1,36 +1,36 @@ -- name: 'create Ubuntu 17.10' +- name: 'Create Ubuntu 17.10' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os info --title "Ubuntu 17.10" || {{ foreman_provisioning_hammer }} os create --name Ubuntu --major 17 --minor 10 --release-name 'artful' --architectures x86_64 --family 'Debian' --media 'Ubuntu mirror' --partition-tables 'Preseed default' -- name: 'find Ubuntu 17.10' +- name: 'Find Ubuntu 17.10' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output json os info --name "Ubuntu 17.10" || {{ foreman_provisioning_hammer }} --output json os info --title "Ubuntu 17.10" register: foreman_provisioning_ubuntu1710_json ignore_errors: True -- name: 'get Ubuntu 17.10 info' +- name: 'Get Ubuntu 17.10 info' ansible.builtin.set_fact: foreman_provisioning_ubuntu1710: "{{ foreman_provisioning_ubuntu1710_json.stdout|from_json }}" -- name: 'find preseed templates' +- name: 'Find preseed templates' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output=json template list --search 'name ~ "Preseed default"' register: preseed_templates_json -- name: 'set preseed templates' +- name: 'Set preseed templates' ansible.builtin.set_fact: preseed_templates: "{{ preseed_templates_json.stdout|from_json }}" -- name: 'associate preseed templates to Ubuntu 17.10' +- name: 'Associate preseed templates to Ubuntu 17.10' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} template add-operatingsystem --id {{ item.Id }} --operatingsystem 'Ubuntu 17.10' with_items: "{{ preseed_templates }}" -- name: 'set default templates for Ubuntu 17.10' +- name: 'Set default templates for Ubuntu 17.10' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} os set-default-template --id {{ foreman_provisioning_ubuntu1710.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ preseed_templates }}" diff --git a/roles/foreman_provisioning/tasks/main.yml b/roles/foreman_provisioning/tasks/main.yml index 22eac1485..4a625c59c 100644 --- a/roles/foreman_provisioning/tasks/main.yml +++ b/roles/foreman_provisioning/tasks/main.yml @@ -12,26 +12,26 @@ ansible.builtin.import_tasks: configure_ubuntu_17_10.yml # TODO verify - should not be needed, DNS should work just fine -- name: 'set unattended_url' +- name: 'Set unattended_url' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} settings set --name unattended_url --value 'http://{{ foreman_provisioning_ip_address }}' -- name: 'find hostgroup Base' +- name: 'Find hostgroup Base' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} hostgroup info --name 'Base' register: foreman_provisioning_hostgroup_base ignore_errors: True -- name: 'prepare compute resource option' +- name: 'Prepare compute resource option' ansible.builtin.set_fact: foreman_provisioning_compute_resource_option: "{{ '--compute-resource libvirt' if foreman_provisioning_foreman_version == 'nightly' else '' }}" -- name: 'prepare compute profile option' +- name: 'Prepare compute profile option' ansible.builtin.set_fact: foreman_provisioning_compute_profile_option: "{{ '--compute-profile libvirt-profile' if 'Error' not in foreman_provisioning_compute_profile_cmd.stderr else '' }}" # TODO compute-profile can't be specified by name until http://projects.theforeman.org/issues/21580/ so we hardcode 1 -- name: 'create hostgroup Base' +- name: 'Create hostgroup Base' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} hostgroup create --name 'Base' @@ -49,13 +49,13 @@ {{ foreman_provisioning_hammer_taxonomy_params }} when: foreman_provisioning_hostgroup_base.stderr.find('not found') != -1 -- name: 'find hostgroup CentOS 7' +- name: 'Find hostgroup CentOS 7' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} hostgroup info --name 'CentOS 7 Mirror' register: foreman_provisioning_hostgroup_centos_mirror ignore_errors: True -- name: 'create hostgroup CentOS 7 Mirror' +- name: 'Create hostgroup CentOS 7 Mirror' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} hostgroup create --name 'CentOS 7 Mirror' diff --git a/roles/foreman_provisioning_infrastructure/tasks/compute_profiles.yml b/roles/foreman_provisioning_infrastructure/tasks/compute_profiles.yml index 1157c1ade..576a474d4 100644 --- a/roles/foreman_provisioning_infrastructure/tasks/compute_profiles.yml +++ b/roles/foreman_provisioning_infrastructure/tasks/compute_profiles.yml @@ -1,17 +1,17 @@ --- -- name: 'find compute profile' +- name: 'Find compute profile' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} compute-profile info --name "libvirt-profile" register: foreman_provisioning_compute_profile ignore_errors: True -- name: 'create compute profile' +- name: 'Create compute profile' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} compute-profile create --name "libvirt-profile" when: "'Error' in foreman_provisioning_compute_profile.stderr" -- name: 'create compute attributes' +- name: 'Create compute attributes' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} compute-profile values create --compute-profile libvirt-profile diff --git a/roles/foreman_provisioning_infrastructure/tasks/main.yml b/roles/foreman_provisioning_infrastructure/tasks/main.yml index 766f05251..5552fbe34 100644 --- a/roles/foreman_provisioning_infrastructure/tasks/main.yml +++ b/roles/foreman_provisioning_infrastructure/tasks/main.yml @@ -1,24 +1,24 @@ --- # Make sure admin does not default to any taxonomy -- name: 'disable default context for admin' +- name: 'Disable default context for admin' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} user update --login admin --default-organization-id 0 --default-location-id 0 # Get the smart proxy ID of the local katello: -- name: 'get smart proxy id' +- name: 'Get smart proxy id' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} --output json proxy info --name {{ foreman_provisioning_proxy_name }} register: foreman_provisioning_smart_proxy_json -- name: 'set smart proxy id' +- name: 'Set smart proxy id' ansible.builtin.set_fact: foreman_provisioning_smart_proxy: "{{ foreman_provisioning_smart_proxy_json.stdout|from_json }}" -- name: 'refresh features' +- name: 'Refresh features' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} proxy refresh-features --id {{ foreman_provisioning_smart_proxy.Id }} -- name: 'prepare hammer taxonomy options' +- name: 'Prepare hammer taxonomy options' ansible.builtin.set_fact: foreman_provisioning_hammer_taxonomy_params: "--organizations '{{ foreman_provisioning_organization }}' --locations '{{ foreman_provisioning_location }}'" @@ -27,13 +27,13 @@ {{ foreman_provisioning_hammer }} proxy update --id {{ foreman_provisioning_smart_proxy.Id }} {{ foreman_provisioning_hammer_taxonomy_params }} # Compute Resource -- name: 'find compute resource' +- name: 'Find compute resource' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} compute-resource info --name "libvirt" register: foreman_provisioning_compute_resource ignore_errors: True -- name: 'create compute resource' +- name: 'Create compute resource' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} compute-resource create --name "libvirt" @@ -49,17 +49,18 @@ register: foreman_provisioning_compute_profile_cmd ignore_errors: True -- ansible.builtin.include_tasks: compute_profiles.yml +- name: 'Include compute_profiles.yml' + ansible.builtin.include_tasks: compute_profiles.yml when: "'Error' not in foreman_provisioning_compute_profile_cmd.stderr" # Domain -- name: 'find domain' +- name: 'Find domain' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} domain info --name "{{ foreman_provisioning_domain }}" register: foreman_provisioning_domain_task ignore_errors: True -- name: 'create domain' +- name: 'Create domain' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} domain create --name {{ foreman_provisioning_domain }} @@ -67,7 +68,7 @@ {{ foreman_provisioning_hammer_taxonomy_params }} when: foreman_provisioning_domain_task.stderr.find('not found') != -1 -- name: 'update domain' +- name: 'Update domain' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} domain update --name {{ foreman_provisioning_domain }} @@ -76,13 +77,13 @@ when: "'Error' not in foreman_provisioning_domain_task.stderr" # Subnet -- name: 'find subnet' +- name: 'Find subnet' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} subnet info --name "{{ foreman_provisioning_network }}/24" register: foreman_provisioning_subnet ignore_errors: True -- name: 'create subnet' +- name: 'Create subnet' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} subnet create --name "{{ foreman_provisioning_network }}/24" @@ -101,26 +102,26 @@ when: foreman_provisioning_subnet.stderr.find('not found') != -1 # Puppet -- name: 'find environment' +- name: 'Find environment' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} environment info --name "production" register: foreman_provisioning_environment ignore_errors: True -- name: 'create environment' +- name: 'Create environment' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} environment create --name production {{ foreman_provisioning_hammer_taxonomy_params }} when: foreman_provisioning_environment.stderr.find('not found') != -1 -- name: 'update environment' # it may have been automatically created by puppet if katello reports first +- name: 'Update environment' # it may have been automatically created by puppet if katello reports first ansible.builtin.shell: > {{ foreman_provisioning_hammer }} environment update --name production {{ foreman_provisioning_hammer_taxonomy_params }} # query local nameservers http://projects.theforeman.org/issues/13419 -- name: 'query local nameservers' +- name: 'Query local nameservers' ansible.builtin.shell: > {{ foreman_provisioning_hammer }} settings set --name query_local_nameservers --value true diff --git a/roles/foreman_proxy_content/tasks/install.yml b/roles/foreman_proxy_content/tasks/install.yml index 21a800797..4fa9d72a3 100644 --- a/roles/foreman_proxy_content/tasks/install.yml +++ b/roles/foreman_proxy_content/tasks/install.yml @@ -21,7 +21,8 @@ vars: foreman_settings_yaml: "{{ (foreman_settings['content'] | b64decode | from_yaml) }}" -- ansible.builtin.include_tasks: certs_generate.yml +- name: Include certs_generate.yml + ansible.builtin.include_tasks: certs_generate.yml - name: 'Change cert permissions' ansible.builtin.file: path='/etc/pki/katello/private' mode=0775 diff --git a/roles/foreman_proxy_content/tasks/main.yml b/roles/foreman_proxy_content/tasks/main.yml index 937b8a3d3..b92a358ce 100644 --- a/roles/foreman_proxy_content/tasks/main.yml +++ b/roles/foreman_proxy_content/tasks/main.yml @@ -1,9 +1,12 @@ --- -- ansible.builtin.include_tasks: devel_install.yml +- name: Include devel_install.yml + ansible.builtin.include_tasks: devel_install.yml when: (not foreman_proxy_content_upgrade and devel is defined and devel) -- ansible.builtin.include_tasks: install.yml +- name: Include install.yml + ansible.builtin.include_tasks: install.yml when: not foreman_proxy_content_upgrade -- ansible.builtin.include_tasks: upgrade.yml +- name: Include upgrade.yml + ansible.builtin.include_tasks: upgrade.yml when: foreman_proxy_content_upgrade diff --git a/roles/foreman_proxy_content/tasks/upgrade.yml b/roles/foreman_proxy_content/tasks/upgrade.yml index 1e1782509..f2b9eafa4 100644 --- a/roles/foreman_proxy_content/tasks/upgrade.yml +++ b/roles/foreman_proxy_content/tasks/upgrade.yml @@ -1,5 +1,6 @@ --- -- ansible.builtin.include_tasks: certs_generate.yml +- name: Include certs_generate.yml + ansible.builtin.include_tasks: certs_generate.yml - name: 'Run installer upgrade' ansible.builtin.include_role: diff --git a/roles/foreman_repositories/tasks/main.yml b/roles/foreman_repositories/tasks/main.yml index d5d0ae5d7..fe7646aac 100644 --- a/roles/foreman_repositories/tasks/main.yml +++ b/roles/foreman_repositories/tasks/main.yml @@ -1,5 +1,6 @@ --- -- ansible.builtin.include_tasks: "{{ ansible_os_family|lower }}_{{ foreman_repositories_environment }}_repos.yml" +- name: Include OS + environment specific tasks + ansible.builtin.include_tasks: "{{ ansible_os_family|lower }}_{{ foreman_repositories_environment }}_repos.yml" - name: 'Install centos-release-scl-rh' ansible.builtin.yum: diff --git a/roles/foreman_seeder/users/tasks/main.yml b/roles/foreman_seeder/users/tasks/main.yml index 04f02fdbc..94d9a265b 100644 --- a/roles/foreman_seeder/users/tasks/main.yml +++ b/roles/foreman_seeder/users/tasks/main.yml @@ -1,10 +1,10 @@ --- -- name: 'prepare hammer taxonomy options' +- name: 'Prepare hammer taxonomy options' ansible.builtin.set_fact: foreman_seeder_users_hammer_taxonomy_params: "--organizations '{{ foreman_seeder_users_organization }}' --locations '{{ foreman_seeder_users_location }}'" when: foreman_seeder_users_use_taxonomies -- name: 'prepare blank hammer taxonomy options' +- name: 'Prepare blank hammer taxonomy options' ansible.builtin.set_fact: foreman_seeder_users_hammer_taxonomy_params: "" when: not foreman_seeder_users_use_taxonomies diff --git a/roles/foreman_server_repositories/tasks/main.yml b/roles/foreman_server_repositories/tasks/main.yml index dd80d3227..717442685 100644 --- a/roles/foreman_server_repositories/tasks/main.yml +++ b/roles/foreman_server_repositories/tasks/main.yml @@ -1,28 +1,28 @@ --- -- name: load epel_repositories +- name: Load epel_repositories ansible.builtin.include_role: role: epel_repositories when: - foreman_server_repositories_epel|bool - ansible_distribution_major_version == '7' -- name: load puppet_repositories +- name: Load puppet_repositories ansible.builtin.include_role: role: theforeman.operations.puppet_repositories when: - foreman_server_repositories_puppet|bool -- name: load foreman_repositories +- name: Load foreman_repositories ansible.builtin.include_role: role: foreman_repositories when: foreman_server_repositories_foreman|bool -- name: load katello_repositories +- name: Load katello_repositories ansible.builtin.include_role: role: katello_repositories when: foreman_server_repositories_katello|bool -- name: load foreman_client_repositories +- name: Load foreman_client_repositories ansible.builtin.include_role: role: foreman_client_repositories when: foreman_server_repositories_foreman_client|bool diff --git a/roles/forklift_versions/tasks/main.yml b/roles/forklift_versions/tasks/main.yml index cb61a05d3..9a1ac505e 100644 --- a/roles/forklift_versions/tasks/main.yml +++ b/roles/forklift_versions/tasks/main.yml @@ -1,6 +1,8 @@ --- -- ansible.builtin.include_tasks: versions.yml +- name: Include versions.yml + ansible.builtin.include_tasks: versions.yml when: not upgrade -- ansible.builtin.include_tasks: upgrade.yml +- name: Include upgrade.yml + ansible.builtin.include_tasks: upgrade.yml when: upgrade diff --git a/roles/forklift_versions/tasks/upgrade.yml b/roles/forklift_versions/tasks/upgrade.yml index cb17fae5f..d35236872 100644 --- a/roles/forklift_versions/tasks/upgrade.yml +++ b/roles/forklift_versions/tasks/upgrade.yml @@ -1,5 +1,5 @@ --- -- name: get forklift upgrade versions +- name: Get forklift upgrade versions forklift_versions: file: "{{ forklift_versions_file }}" scenario: "{{ scenario }}" @@ -11,7 +11,7 @@ delegate_to: localhost become: no -- name: set individual upgrade vars +- name: Set individual upgrade vars ansible.builtin.set_fact: forklift_upgrade_version_start: "{{ forklift_upgrade_versions.versions[0] }}" forklift_upgrade_version_intermediate: "{{ forklift_upgrade_versions.versions[1] }}" diff --git a/roles/forklift_versions/tasks/versions.yml b/roles/forklift_versions/tasks/versions.yml index 943d836b3..b7387e8c2 100644 --- a/roles/forklift_versions/tasks/versions.yml +++ b/roles/forklift_versions/tasks/versions.yml @@ -1,5 +1,5 @@ --- -- name: get forklift versions +- name: Get forklift versions forklift_versions: file: "{{ forklift_versions_file }}" scenario: "{{ scenario }}" @@ -9,6 +9,6 @@ delegate_to: localhost become: no -- name: set individual component vars +- name: Set individual component vars ansible.builtin.set_fact: "{{ item.key }}={{ item.value }}" with_items: "{{ forklift_versions.versions | dict2items }}" diff --git a/roles/freeipa_server/tasks/main.yml b/roles/freeipa_server/tasks/main.yml index 27eebb533..c0d4f5209 100644 --- a/roles/freeipa_server/tasks/main.yml +++ b/roles/freeipa_server/tasks/main.yml @@ -1,3 +1,6 @@ --- -- ansible.builtin.include_tasks: install_freeipa_server.yml -- ansible.builtin.include_tasks: install_freeipa_client.yml +- name: Include install_freeipa_server.yml + ansible.builtin.include_tasks: install_freeipa_server.yml + +- name: Include install_freeipa_client.yml + ansible.builtin.include_tasks: install_freeipa_client.yml diff --git a/roles/hammer_devel/tasks/main.yml b/roles/hammer_devel/tasks/main.yml index d7f73c116..722a48b1d 100644 --- a/roles/hammer_devel/tasks/main.yml +++ b/roles/hammer_devel/tasks/main.yml @@ -1,3 +1,6 @@ --- -- ansible.builtin.include_tasks: hammer_install.yml -- ansible.builtin.include_tasks: hammer_config.yml +- name: Include hammer_install.yml + ansible.builtin.include_tasks: hammer_install.yml + +- name: Include hammer_config.yml + ansible.builtin.include_tasks: hammer_config.yml diff --git a/roles/haproxy/handlers/main.yml b/roles/haproxy/handlers/main.yml index 3db66288b..3e753dea7 100644 --- a/roles/haproxy/handlers/main.yml +++ b/roles/haproxy/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: restart haproxy +- name: Restart haproxy ansible.builtin.service: name: haproxy state: restarted diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml index f295adb6b..3236ddbb5 100644 --- a/roles/haproxy/tasks/main.yml +++ b/roles/haproxy/tasks/main.yml @@ -1,27 +1,27 @@ --- -- name: discover foreman proxies +- name: Discover foreman proxies ansible.builtin.setup: delegate_to: "{{ item }}" delegate_facts: yes with_items: - "{{ foreman_proxies }}" -- name: install haproxy +- name: Install haproxy ansible.builtin.package: name: haproxy state: present -- name: set haproxy_connect_any +- name: Set haproxy_connect_any ansible.posix.seboolean: name: haproxy_connect_any state: yes persistent: yes -- name: configure haproxy +- name: Configure haproxy ansible.builtin.template: dest: /etc/haproxy/haproxy.cfg src: haproxy.cfg.j2 validate: haproxy -c -f %s notify: - restart haproxy -- name: enable haproxy +- name: Enable haproxy ansible.builtin.service: name: haproxy state: started diff --git a/roles/katello_provisioning/tasks/main.yml b/roles/katello_provisioning/tasks/main.yml index e4404c274..20c171acc 100644 --- a/roles/katello_provisioning/tasks/main.yml +++ b/roles/katello_provisioning/tasks/main.yml @@ -1,6 +1,6 @@ --- # Product -- name: 'find product' +- name: 'Find product' ansible.builtin.shell: > {{ katello_provisioning_hammer }} product info --name "CentOS" @@ -8,7 +8,7 @@ register: katello_provisioning_product ignore_errors: True -- name: 'create centos product' +- name: 'Create centos product' ansible.builtin.shell: > {{ katello_provisioning_hammer }} product create --name "CentOS" @@ -16,7 +16,7 @@ when: katello_provisioning_product.stderr.find('not found') != -1 # CentOS -- name: 'find centos repo' +- name: 'Find centos repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository info --name "CentOS 7" @@ -25,7 +25,7 @@ register: katello_provisioning_repo ignore_errors: True -- name: 'create centos repo' +- name: 'Create centos repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository create --product="CentOS" @@ -36,7 +36,7 @@ --organization "{{ katello_provisioning_organization }}" when: katello_provisioning_repo.stderr.find('not found') != -1 -- name: 'sync the centos repo' +- name: 'Sync the centos repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository synchronize --name "CentOS 7" @@ -45,7 +45,7 @@ when: katello_provisioning_sync_repos # Foreman Client -- name: 'find client repo' +- name: 'Find client repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository info --name "Foreman Client" @@ -54,7 +54,7 @@ register: foreman_client_repo ignore_errors: True -- name: 'create client repo' +- name: 'Create client repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository create --product="CentOS" @@ -65,7 +65,7 @@ --organization "{{ katello_provisioning_organization }}" when: foreman_client_repo.stderr.find('not found') != -1 -- name: 'sync the client repo' +- name: 'Sync the client repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository synchronize --name "Foreman Client" @@ -74,7 +74,7 @@ when: katello_provisioning_sync_repos # Puppet 5 -- name: 'find puppet5 repo' +- name: 'Find puppet5 repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository info --name "Puppet 5" @@ -83,7 +83,7 @@ register: katello_puppet_repo ignore_errors: True -- name: 'create puppet5 repo' +- name: 'Create puppet5 repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository create --product="CentOS" @@ -94,7 +94,7 @@ --organization "{{ katello_provisioning_organization }}" when: katello_puppet_repo.stderr.find('not found') != -1 -- name: 'sync the puppet5 repo' +- name: 'Sync the puppet5 repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository synchronize --name "Puppet 5" @@ -103,7 +103,7 @@ when: katello_provisioning_sync_repos # EPEL -- name: 'find epel repo' +- name: 'Find epel repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository info --name "EPEL 7" @@ -112,7 +112,7 @@ register: katello_epel_repo ignore_errors: True -- name: 'create epel repo' +- name: 'Create epel repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository create --product="CentOS" @@ -123,7 +123,7 @@ --organization "{{ katello_provisioning_organization }}" when: katello_epel_repo.stderr.find('not found') != -1 -- name: 'sync the epel repo' +- name: 'Sync the epel repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository synchronize --name "EPEL 7" @@ -131,7 +131,7 @@ --organization "{{ katello_provisioning_organization }}" when: katello_provisioning_sync_repos -- name: 'find foreman plugins repo' +- name: 'Find foreman plugins repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository info --name "Foreman Plugins" @@ -140,7 +140,7 @@ register: katello_foreman_plugins_repo ignore_errors: True -- name: 'create foreman plugins repo' +- name: 'Create foreman plugins repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository create --product="CentOS" @@ -151,7 +151,7 @@ --organization "{{ katello_provisioning_organization }}" when: "'not found' in katello_foreman_plugins_repo.stderr" -- name: 'sync foreman plugins repo' +- name: 'Sync foreman plugins repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} repository synchronize --name "Foreman Plugins" @@ -160,7 +160,7 @@ when: katello_provisioning_sync_repos # Activation key -- name: 'find activation key' +- name: 'Find activation key' ansible.builtin.shell: > {{ katello_provisioning_hammer }} activation-key info --name "CentOS 7" @@ -168,7 +168,7 @@ register: katello_provisioning_activation_key ignore_errors: True -- name: 'create activation key' +- name: 'Create activation key' ansible.builtin.shell: > {{ katello_provisioning_hammer }} activation-key create --organization "{{ katello_provisioning_organization }}" @@ -193,76 +193,77 @@ with_items: "{{ subscriptions_json.stdout | from_json }}" # Associate templates -- name: 'find CentOS 7' +- name: 'Find CentOS 7' ansible.builtin.shell: > {{ katello_provisioning_hammer }} --output json os info --title "CentOS 7" register: katello_provisioning_centos7_json ignore_errors: True -- name: 'get CentOS 7 info' +- name: 'Get CentOS 7 info' ansible.builtin.set_fact: katello_provisioning_centos7: "{{ katello_provisioning_centos7_json.stdout|from_json }}" when: katello_provisioning_centos7_json is success -- block: +- name: 'Create CentOS 7 os when not found' + block: - name: 'Create CentOS_Linux 7' ansible.builtin.shell: > {{ katello_provisioning_hammer }} os create --name CentOS_Linux --major 7 --architectures x86_64 --family 'Redhat' - - name: 'find newly created CentOS_Linux 7' + - name: 'Find newly created CentOS_Linux 7' ansible.builtin.shell: > {{ katello_provisioning_hammer }} --output json os info --name "CentOS_Linux 7" || {{ katello_provisioning_hammer }} --output json os info --title "CentOS_Linux 7" register: katello_provisioning_centos7_json_new - - name: 'get new CentOS 7 info' + - name: 'Get new CentOS 7 info' ansible.builtin.set_fact: katello_provisioning_centos7: "{{ katello_provisioning_centos7_json_new.stdout|from_json }}" when: "'not found' in katello_provisioning_centos7_json.stderr" -- name: 'update partition table for CentOS 7' +- name: 'Update partition table for CentOS 7' ansible.builtin.shell: > {{ katello_provisioning_hammer }} os update --id {{ katello_provisioning_centos7.Id }} --partition-tables 'Kickstart default' register: katello_provisioning_centos7_json -- name: 'find kickstart templates' +- name: 'Find kickstart templates' ansible.builtin.shell: > {{ katello_provisioning_hammer }} --output=json template list --search 'name ~ "Kickstart default"' register: kickstart_templates_json -- name: 'set kickstart templates' +- name: 'Set kickstart templates' ansible.builtin.set_fact: kickstart_templates: "{{ kickstart_templates_json.stdout|from_json }}" -- name: 'find katello kickstart templates' +- name: 'Find katello kickstart templates' ansible.builtin.shell: > {{ katello_provisioning_hammer }} --output=json template list --search 'name ~ "Katello Kickstart default"' register: katello_kickstart_templates_json -- name: 'set kickstart templates' +- name: 'Set kickstart templates' ansible.builtin.set_fact: katello_kickstart_templates: "{{ katello_kickstart_templates_json.stdout|from_json }}" -- name: 'associate kickstart templates to CentOS 7' +- name: 'Associate kickstart templates to CentOS 7' ansible.builtin.shell: > {{ katello_provisioning_hammer }} template add-operatingsystem --id {{ item.Id }} --operatingsystem 'CentOS 7' with_items: "{{ kickstart_templates }}" -- name: 'set default templates for CentOS 7' +- name: 'Set default templates for CentOS 7' ansible.builtin.shell: > {{ katello_provisioning_hammer }} os set-default-template --id {{ katello_provisioning_centos7.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ kickstart_templates }}" -- name: 'overwrite default templates with katello specific ones for CentOS 7' +- name: 'Overwrite default templates with katello specific ones for CentOS 7' ansible.builtin.shell: > {{ katello_provisioning_hammer }} os set-default-template --id {{ katello_provisioning_centos7.Id }} --provisioning-template-id {{ item.Id }} with_items: "{{ katello_kickstart_templates }}" # Host group -- name: 'find centos kickstart repo' +- name: 'Find centos kickstart repo' ansible.builtin.shell: > {{ katello_provisioning_hammer }} --output=json repository info --name "CentOS 7" @@ -270,17 +271,17 @@ --organization "{{ katello_provisioning_organization }}" register: katello_provisioning_repo -- name: 'set find centos kickstart repo' +- name: 'Set find centos kickstart repo' ansible.builtin.set_fact: katello_provisioning_repo_json: "{{ katello_provisioning_repo.stdout|from_json }}" -- name: 'find hostgroup Katello CentOS 7' +- name: 'Find hostgroup Katello CentOS 7' ansible.builtin.shell: > {{ katello_provisioning_hammer }} hostgroup info --name 'Katello CentOS 7' register: katello_provisioning_hostgroup_katello_centos ignore_errors: True -- name: 'create Katello CentOS 7 host group' +- name: 'Create Katello CentOS 7 host group' ansible.builtin.shell: > {{ katello_provisioning_hammer }} hostgroup create --name "Katello CentOS 7" @@ -295,14 +296,14 @@ {{ foreman_provisioning_hammer_taxonomy_params }} when: katello_provisioning_hostgroup_katello_centos.stderr.find('not found') != -1 -- name: 'add activation key to Katello CentOS 7 host group' +- name: 'Add activation key to Katello CentOS 7 host group' ansible.builtin.shell: > {{ katello_provisioning_hammer }} hostgroup set-parameter --hostgroup "Katello CentOS 7" --name kt_activation_keys --value "CentOS 7" -- name: 'set enable-puppet5 parameter' +- name: 'Set enable-puppet5 parameter' ansible.builtin.shell: > {{ katello_provisioning_hammer }} hostgroup set-parameter --hostgroup "Katello CentOS 7" @@ -310,7 +311,7 @@ --value true # Lifecycle environments -- name: 'find lifecycle-environment Development' +- name: 'Find lifecycle-environment Development' ansible.builtin.shell: > {{ katello_provisioning_hammer }} lifecycle-environment info --name Development @@ -318,14 +319,14 @@ register: katello_provisioning_lce_development ignore_errors: True -- name: 'create lifecycle-environment Development' +- name: 'Create lifecycle-environment Development' ansible.builtin.shell: > {{ katello_provisioning_hammer }} lifecycle-environment create --name Development --prior Library --organization "{{ katello_provisioning_organization }}" when: katello_provisioning_lce_development.stderr.find('not found') != -1 -- name: 'find lifecycle-environment Production' +- name: 'Find lifecycle-environment Production' ansible.builtin.shell: > {{ katello_provisioning_hammer }} lifecycle-environment info --name Development @@ -333,7 +334,7 @@ register: katello_provisioning_lce_production ignore_errors: True -- name: 'create lifecycle-environment Production' +- name: 'Create lifecycle-environment Production' ansible.builtin.shell: > {{ katello_provisioning_hammer }} lifecycle-environment create --name Production --prior Development diff --git a/roles/katello_repositories/tasks/main.yml b/roles/katello_repositories/tasks/main.yml index 7b2e712ec..89c3ffdda 100644 --- a/roles/katello_repositories/tasks/main.yml +++ b/roles/katello_repositories/tasks/main.yml @@ -2,10 +2,10 @@ - name: "Set up {{ katello_repositories_environment }} repositories" ansible.builtin.include_tasks: "{{ katello_repositories_environment }}_repos.yml" -- name: enable powertools for libdb_cxx used by qpid-cpp-server-linearstore +- name: Enable powertools for libdb_cxx used by qpid-cpp-server-linearstore ansible.builtin.command: dnf config-manager --set-enabled powertools when: ansible_distribution_major_version == "8" and ansible_distribution != "RedHat" -- name: enable codeready-builder for libdb_cxx used by qpid-cpp-server-linearstore +- name: Enable codeready-builder for libdb_cxx used by qpid-cpp-server-linearstore ansible.builtin.command: subscription-manager repos --enable codeready-builder-for-rhel-8-x86_64-rpms when: ansible_distribution_major_version == "8" and ansible_distribution == "RedHat" diff --git a/roles/koji/tasks/main.yml b/roles/koji/tasks/main.yml index b21961397..59a8bccd7 100644 --- a/roles/koji/tasks/main.yml +++ b/roles/koji/tasks/main.yml @@ -1,3 +1,4 @@ --- -- ansible.builtin.include_tasks: download.yml +- name: Include download.yml + ansible.builtin.include_tasks: download.yml when: koji_task_ids != [] or koji_build_ids != [] diff --git a/roles/libvirt/tasks/main.yml b/roles/libvirt/tasks/main.yml index 2488ad733..ef9c1233a 100644 --- a/roles/libvirt/tasks/main.yml +++ b/roles/libvirt/tasks/main.yml @@ -2,31 +2,33 @@ - name: 'Set OS version dependent variables' ansible.builtin.include_vars: "el{{ ansible_distribution_major_version }}.yml" -- name: 'install the virtualization hypervisor package group' +- name: 'Install the virtualization hypervisor package group' ansible.builtin.yum: name: "@Virtualization Hypervisor" state: present -- name: 'install the virtualization tools package group' +- name: 'Install the virtualization tools package group' ansible.builtin.yum: name: "@Virtualization Tools" state: present -- name: 'install the libvirt-python support' +- name: 'Install the libvirt-python support' ansible.builtin.yum: name: "{{ libvirt_python_deps }}" state: present -- name: 'disable libvirt authentication' +- name: 'Disable libvirt authentication' ansible.builtin.lineinfile: dest: /etc/libvirt/libvirtd.conf line: 'auth_unix_rw = "none"' -- ansible.builtin.include_tasks: 'nested.yml' +- name: Include nested.yml + ansible.builtin.include_tasks: 'nested.yml' when: libvirt_nested -- name: 'restart libvirt' +- name: 'Restart libvirt' ansible.builtin.service: name=libvirtd state=restarted -- ansible.builtin.include_tasks: 'tftp.yml' +- name: Include tftp.yml + ansible.builtin.include_tasks: 'tftp.yml' when: libvirt_tftp diff --git a/roles/libvirt/tasks/nested.yml b/roles/libvirt/tasks/nested.yml index e9db2a93b..a60c0f77b 100644 --- a/roles/libvirt/tasks/nested.yml +++ b/roles/libvirt/tasks/nested.yml @@ -1,15 +1,15 @@ -- name: 'check if Intel or AMD processor' +- name: 'Check if Intel or AMD processor' ansible.builtin.shell: "grep -q Intel /proc/cpuinfo && echo -n 'intel' || echo -n 'amd'" ignore_errors: true register: cpu_type -- name: 'rmmod kvm' +- name: 'Rmmod kvm' ansible.builtin.command: "modprobe -r kvm_{{ cpu_type.stdout }}" -- name: 'enable nested virtualization' +- name: 'Enable nested virtualization' ansible.builtin.copy: dest: /etc/modprobe.d/kvm.conf content: "options kvm_{{ cpu_type.stdout }} nested=1" -- name: 'insmod kvm with nested' +- name: 'Insmod kvm with nested' ansible.builtin.command: "modprobe kvm_{{ cpu_type.stdout }} nested=1" diff --git a/roles/libvirt/tasks/tftp.yml b/roles/libvirt/tasks/tftp.yml index d9d8ab168..985f704c5 100644 --- a/roles/libvirt/tasks/tftp.yml +++ b/roles/libvirt/tasks/tftp.yml @@ -1,5 +1,5 @@ --- -- name: 'create the provisioning libvirt network' +- name: 'Create the provisioning libvirt network' community.libvirt.virt_net: command: define name: provision @@ -7,32 +7,32 @@ # libvirt seems to have bug that it does not create the symlink even if the network was defined with auto provisioning # so we ensure the symlink exists and network autostarts after reboot -- name: 'make provisioning network autostart on reboot' +- name: 'Make provisioning network autostart on reboot' ansible.builtin.file: state=link src=/etc/libvirt/qemu/networks/provision.xml path=/etc/libvirt/qemu/networks/autostart/provision.xml -- name: 'create the provisioning storage' +- name: 'Create the provisioning storage' community.libvirt.virt_pool: command: define name: provision xml: '{{ lookup("template", "../templates/storage.xml.j2") }}' # Setup TFTP for libvirt -- name: 'create /var/lib/tftpboot' +- name: 'Create /var/lib/tftpboot' ansible.builtin.file: path=/var/lib/tftpboot state=directory mode=0755 -- name: 'create /var/lib/tftpboot/boot' +- name: 'Create /var/lib/tftpboot/boot' ansible.builtin.file: path=/var/lib/tftpboot/boot state=directory mode=0755 -- name: 'create /var/lib/tftpboot/pxelinux.cfg' +- name: 'Create /var/lib/tftpboot/pxelinux.cfg' ansible.builtin.file: path=/var/lib/tftpboot/pxelinux.cfg state=directory mode=0755 -- name: 'install syslinux for tftp directory' +- name: 'Install syslinux for tftp directory' ansible.builtin.yum: name=syslinux state=present -- name: 'copy syslinux files to /var/lib/tftpboot' +- name: 'Copy syslinux files to /var/lib/tftpboot' ansible.builtin.shell: cp /usr/share/syslinux/{pxelinux.0,menu.c32,chain.c32} /var/lib/tftpboot -- name: 'chown /var/lib/tftpboot for foreman-proxy user' +- name: 'Chown /var/lib/tftpboot for foreman-proxy user' ansible.builtin.file: path: /var/lib/tftpboot state: directory @@ -40,11 +40,11 @@ group: nobody recurse: true -- name: 'setuid on /var/lib/tftpboot' +- name: 'Setuid on /var/lib/tftpboot' ansible.builtin.shell: set -o pipefail && find /var/lib/tftpboot/ -type d | xargs chmod g+s -- name: 'start the provision libvirt network' +- name: 'Start the provision libvirt network' community.libvirt.virt_net: state=active name=provision autostart=yes -- name: 'start the provision libvirt storage pool' +- name: 'Start the provision libvirt storage pool' community.libvirt.virt_pool: state=active name=provision autostart=yes diff --git a/roles/powerdns/tasks/main.yml b/roles/powerdns/tasks/main.yml index d013d6512..eb15a6331 100644 --- a/roles/powerdns/tasks/main.yml +++ b/roles/powerdns/tasks/main.yml @@ -36,8 +36,10 @@ state: "restarted" when: pdns_configured.changed -- ansible.builtin.include_tasks: "schema.mysql.yml" +- name: "Include schema.mysql.yml" + ansible.builtin.include_tasks: "schema.mysql.yml" when: powerdns_db_backend == "gmysql" -- ansible.builtin.include_tasks: "zones.yml" +- name: "Include zones.yml" + ansible.builtin.include_tasks: "zones.yml" when: powerdns_zones diff --git a/roles/puppet_agent/tasks/main.yml b/roles/puppet_agent/tasks/main.yml index 9bab8f569..49480bcf7 100644 --- a/roles/puppet_agent/tasks/main.yml +++ b/roles/puppet_agent/tasks/main.yml @@ -1,33 +1,33 @@ --- -- name: manage puppet package +- name: Manage puppet package ansible.builtin.package: name: "{{ puppet_agent_package_name }}" state: "{{ puppet_agent_package_state }}" when: puppet_agent_package_manage -- name: ensure puppet group +- name: Ensure puppet group ansible.builtin.group: name: "{{ puppet_agent_group_name }}" state: "{{ puppet_agent_group_state }}" when: puppet_agent_group_manage -- name: puppet ssl bootstrap +- name: Puppet ssl bootstrap when: puppet_agent_bootstrap_manage block: # This makes sure 'sudo puppet' works which is needed for bootstrapping - - name: setup sudo secure_path + - name: Setup sudo secure_path ansible.builtin.copy: content: "Defaults secure_path = \"/sbin:/bin:/usr/sbin:/usr/bin:/opt/puppetlabs/bin\"\n" dest: /etc/sudoers.d/puppet - - name: construct puppet ssl bootstrap command + - name: Construct puppet ssl bootstrap command ansible.builtin.set_fact: puppet_agent_bootstrap_command: "puppet ssl bootstrap --waitforcert {{ puppet_agent_bootstrap_waitforcert }}" - - name: add server option + - name: Add server option ansible.builtin.set_fact: puppet_agent_bootstrap_command: "{{ puppet_agent_bootstrap_command }} --server {{ puppet_agent_bootstrap_server }}" when: puppet_agent_bootstrap_server is defined - - name: run puppet ssl boostrap command + - name: Run puppet ssl boostrap command ansible.builtin.command: "{{ puppet_agent_bootstrap_command }}" diff --git a/roles/pytest_project/tasks/run.yml b/roles/pytest_project/tasks/run.yml index efb3ff3ee..d2739c025 100644 --- a/roles/pytest_project/tasks/run.yml +++ b/roles/pytest_project/tasks/run.yml @@ -15,5 +15,6 @@ chdir: "{{ pytest_project_directory }}" when: pytest_run_tests -- ansible.builtin.include_tasks: local_env.yml +- name: 'Include local_env.yml' + ansible.builtin.include_tasks: local_env.yml when: not pytest_run_tests diff --git a/roles/realm_join/tasks/main.yml b/roles/realm_join/tasks/main.yml index eb0cdf71a..7537506bb 100644 --- a/roles/realm_join/tasks/main.yml +++ b/roles/realm_join/tasks/main.yml @@ -1,5 +1,11 @@ - name: "Load OS specific variables" ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" -- ansible.builtin.include_tasks: install_pexpect.yml -- ansible.builtin.include_tasks: realm_join_ad.yml -- ansible.builtin.include_tasks: prepare_httpd_mod_auth.yml + +- name: Include install_pexpect.yml + ansible.builtin.include_tasks: install_pexpect.yml + +- name: Include realm_join_ad.yml + ansible.builtin.include_tasks: realm_join_ad.yml + +- name: Include prepare_httpd_mod_auth.yml + ansible.builtin.include_tasks: prepare_httpd_mod_auth.yml diff --git a/roles/realm_join/tasks/prepare_httpd_mod_auth.yml b/roles/realm_join/tasks/prepare_httpd_mod_auth.yml index 8c9a112b4..c9e43e375 100644 --- a/roles/realm_join/tasks/prepare_httpd_mod_auth.yml +++ b/roles/realm_join/tasks/prepare_httpd_mod_auth.yml @@ -34,20 +34,20 @@ group: root mode: '0644' -- name: "[Irrelevant] add gssproxy config" +- name: "Add gssproxy config [irrelevant]" become: yes ansible.builtin.copy: src: apache-gssproxy.conf dest: /etc/gssproxy/80-http.conf -- name: "[Irrelevant] start gssproxy service" +- name: "Start gssproxy service [irrelevant]" become: yes ansible.builtin.service: name: gssproxy state: started enabled: yes -- name: "[Irrelevant] enable GSS_PROXY for httpd" +- name: "Enable GSS_PROXY for httpd [irrelevant]" become: yes ansible.builtin.copy: src: httpd-gssproxy.service diff --git a/roles/robottelo/tasks/main.yml b/roles/robottelo/tasks/main.yml index 1f945989f..828010574 100644 --- a/roles/robottelo/tasks/main.yml +++ b/roles/robottelo/tasks/main.yml @@ -11,9 +11,10 @@ pytest_project_virtualenv_command: "{{ robottelo_virtualenv_command }}" pytest_project_version: "{{ robottelo_version }}" -- ansible.builtin.include_tasks: ssh.yml +- name: Include ssh.yml + ansible.builtin.include_tasks: ssh.yml -- name: robottelo properties file +- name: Robottelo properties file ansible.builtin.command: cp robottelo.properties.sample robottelo.properties args: chdir: "{{ robottelo_directory }}" diff --git a/roles/selinux/tasks/main.yml b/roles/selinux/tasks/main.yml index e54e7a49c..da2192c71 100644 --- a/roles/selinux/tasks/main.yml +++ b/roles/selinux/tasks/main.yml @@ -1,5 +1,6 @@ --- -- when: ansible_os_family == 'RedHat' +- name: 'Configure selinux' + when: ansible_os_family == 'RedHat' block: - name: 'Define selinux_packages for EL7' ansible.builtin.set_fact: diff --git a/roles/sos_report/tasks/main.yml b/roles/sos_report/tasks/main.yml index d4a1aa426..8ccdd1fa6 100644 --- a/roles/sos_report/tasks/main.yml +++ b/roles/sos_report/tasks/main.yml @@ -2,7 +2,7 @@ - name: "Load OS variables" ansible.builtin.include_vars: "{{ ansible_os_family }}.yml" -- name: 'install sos' +- name: 'Install sos' ansible.builtin.package: name: '{{ sos_package }}' state: present @@ -11,5 +11,6 @@ ansible.builtin.command: "sosreport --batch --tmp-dir={{ sosreport_output_dir }}" ignore_errors: true -- ansible.builtin.include_tasks: 'sosreport_fetch_results.yml' +- name: Include sosreport_fetch_results.yml + ansible.builtin.include_tasks: 'sosreport_fetch_results.yml' when: sosreport_fetch diff --git a/roles/swapfile/tasks/main.yml b/roles/swapfile/tasks/main.yml index 004b4ab7d..46d59b1c2 100644 --- a/roles/swapfile/tasks/main.yml +++ b/roles/swapfile/tasks/main.yml @@ -1,41 +1,41 @@ --- -- name: check if swap file exists +- name: Check if swap file exists ansible.builtin.stat: path: "{{ swapfile_path }}" get_checksum: False get_md5: False register: swapfile_check -- name: create swap file {{ swapfile_path }} +- name: Create swap file {{ swapfile_path }} ansible.builtin.command: dd if=/dev/zero of={{ swapfile_path }} count={{ swapfile_size }} bs=1MiB when: not swapfile_check.stat.exists -- name: set permissions on swap file +- name: Set permissions on swap file ansible.builtin.file: path: "{{ swapfile_path }}" mode: 0600 -- name: mkswap {{ swapfile_path }} +- name: Run mkswap {{ swapfile_path }} ansible.builtin.command: mkswap {{ swapfile_path }} when: not swapfile_check.stat.exists -- name: create swap entry in fstab +- name: Create swap entry in fstab ansible.posix.mount: name: none src: "{{ swapfile_path }}" fstype: swap state: present -- name: get active swap +- name: Get active swap ansible.builtin.shell: "swapon --summary | grep '^{{ swapfile_path }}'" register: swapfile_active ignore_errors: True -- name: "activate {{ swapfile_path }}" +- name: "Activate {{ swapfile_path }}" ansible.builtin.command: "swapon {{ swapfile_path }}" when: swapfile_active is failed -- name: set vm.swappiness to 60 +- name: Set vm.swappiness to 60 ansible.posix.sysctl: name: vm.swappiness value: 60 diff --git a/roles/unprivileged_user/tasks/main.yml b/roles/unprivileged_user/tasks/main.yml index fca902f30..6a0f8d283 100644 --- a/roles/unprivileged_user/tasks/main.yml +++ b/roles/unprivileged_user/tasks/main.yml @@ -41,7 +41,8 @@ register: authorized_keys_file become: true -- block: +- name: "Copy root authorized_keys to unprivileged user" + block: - name: "Check /root/.ssh/authorized_keys" ansible.builtin.stat: path: /root/.ssh/authorized_keys diff --git a/roles/vagrant/tasks/main.yml b/roles/vagrant/tasks/main.yml index 055c9cf65..7abd232e3 100644 --- a/roles/vagrant/tasks/main.yml +++ b/roles/vagrant/tasks/main.yml @@ -1,16 +1,18 @@ --- -- name: 'install hashicorp repo' +- name: 'Install hashicorp repo' ansible.builtin.get_url: url: https://rpm.releases.hashicorp.com/RHEL/hashicorp.repo dest: /etc/yum.repos.d/hashicorp.repo -- name: 'install vagrant' +- name: 'Install vagrant' ansible.builtin.yum: name: vagrant-{{ vagrant_version }} state: present -- ansible.builtin.include_tasks: 'vagrant_libvirt.yml' +- name: 'Include vagrant_libvirt.yml' + ansible.builtin.include_tasks: 'vagrant_libvirt.yml' when: vagrant_libvirt -- ansible.builtin.include_tasks: 'vagrant_scp.yml' +- name: 'Include vagrant_scp.yml' + ansible.builtin.include_tasks: 'vagrant_scp.yml' when: vagrant_scp diff --git a/roles/vagrant/tasks/vagrant_libvirt.yml b/roles/vagrant/tasks/vagrant_libvirt.yml index ff970a46b..b67fa9457 100644 --- a/roles/vagrant/tasks/vagrant_libvirt.yml +++ b/roles/vagrant/tasks/vagrant_libvirt.yml @@ -1,5 +1,5 @@ --- -- name: 'install vagrant-libvirt requirements' +- name: 'Install vagrant-libvirt requirements' ansible.builtin.yum: name: - libvirt-devel @@ -8,10 +8,10 @@ - make state: present -- name: 'perform EL8-specific vagrant-libvirt tasks' +- name: 'Perform EL8-specific vagrant-libvirt tasks' ansible.builtin.include_tasks: vagrant_libvirt_el8.yml when: - ansible_distribution_major_version == "8" -- name: 'install vagrant-libvirt' +- name: 'Install vagrant-libvirt' ansible.builtin.command: vagrant plugin install vagrant-libvirt diff --git a/roles/vagrant/tasks/vagrant_libvirt_el8.yml b/roles/vagrant/tasks/vagrant_libvirt_el8.yml index c242ba5af..92c78bd9d 100644 --- a/roles/vagrant/tasks/vagrant_libvirt_el8.yml +++ b/roles/vagrant/tasks/vagrant_libvirt_el8.yml @@ -4,7 +4,7 @@ # one shipped by EL8, so we need to build a few libs against it # before we can build the libvirt gem -- name: 'install EL8-specific vagrant-libvirt requirements' +- name: 'Install EL8-specific vagrant-libvirt requirements' ansible.builtin.package: name: - cmake @@ -15,12 +15,12 @@ - byacc state: present -- name: 'create directory for vagrant library builds' +- name: 'Create directory for vagrant library builds' ansible.builtin.file: path: /tmp/vagrant-libvirt-deps state: directory -- name: 'download krb5 and libssh' +- name: 'Download krb5 and libssh' ansible.builtin.unarchive: src: "{{ item }}" dest: /tmp/vagrant-libvirt-deps @@ -29,37 +29,37 @@ - https://www.libssh.org/files/0.9/libssh-0.9.4.tar.xz - https://kerberos.org/dist/krb5/1.18/krb5-1.18.2.tar.gz -- name: 'configure krb5' +- name: 'Configure krb5' ansible.builtin.command: ./configure args: chdir: /tmp/vagrant-libvirt-deps/krb5-1.18.2/src -- name: 'build krb5' +- name: 'Build krb5' ansible.builtin.command: make -j {{ ansible_processor_vcpus }} args: chdir: /tmp/vagrant-libvirt-deps/krb5-1.18.2/src -- name: 'install krb5crypto libs' +- name: 'Install krb5crypto libs' ansible.builtin.shell: cp lib/libk5crypto.so* /opt/vagrant/embedded/lib64/ args: chdir: /tmp/vagrant-libvirt-deps/krb5-1.18.2/src -- name: 'create libssh build directory' +- name: 'Create libssh build directory' ansible.builtin.file: path: /tmp/vagrant-libvirt-deps/libssh-0.9.4/build state: directory -- name: 'configure libssh' +- name: 'Configure libssh' ansible.builtin.command: cmake .. -DOPENSSL_ROOT_DIR=/opt/vagrant/embedded/ args: chdir: /tmp/vagrant-libvirt-deps/libssh-0.9.4/build -- name: 'build libssh' +- name: 'Build libssh' ansible.builtin.command: make -j {{ ansible_processor_vcpus }} args: chdir: /tmp/vagrant-libvirt-deps/libssh-0.9.4/build -- name: 'install libssh libs' +- name: 'Install libssh libs' ansible.builtin.shell: cp lib/libssh.so* /opt/vagrant/embedded/lib64/ args: chdir: /tmp/vagrant-libvirt-deps/libssh-0.9.4/build diff --git a/roles/vagrant/tasks/vagrant_scp.yml b/roles/vagrant/tasks/vagrant_scp.yml index b6d6e507b..255dcebd4 100644 --- a/roles/vagrant/tasks/vagrant_scp.yml +++ b/roles/vagrant/tasks/vagrant_scp.yml @@ -1,3 +1,3 @@ --- -- name: 'install vagrant-scp' +- name: 'Install vagrant-scp' ansible.builtin.command: vagrant plugin install vagrant-scp diff --git a/roles/vagrant_workarounds/tasks/main.yml b/roles/vagrant_workarounds/tasks/main.yml index cfcece7ae..9580c020a 100644 --- a/roles/vagrant_workarounds/tasks/main.yml +++ b/roles/vagrant_workarounds/tasks/main.yml @@ -1,5 +1,5 @@ --- -- name: make grub not care that it can't be installed +- name: "Make grub not care that it can't be installed" ansible.builtin.debconf: name: grub-pc question: grub-pc/install_devices_empty From c5fb67190c9bd9c078ec711844af073f22b2cfde Mon Sep 17 00:00:00 2001 From: William Bradford Clark Date: Sun, 28 Aug 2022 23:39:21 -0400 Subject: [PATCH 06/11] Capitalize task names in playbooks/ --- playbooks/kubevirt.yml | 72 ++++++++++++++++++------------------ playbooks/setup_forklift.yml | 2 +- 2 files changed, 37 insertions(+), 37 deletions(-) diff --git a/playbooks/kubevirt.yml b/playbooks/kubevirt.yml index a7ec6d7db..88243d05b 100644 --- a/playbooks/kubevirt.yml +++ b/playbooks/kubevirt.yml @@ -13,21 +13,21 @@ - selinux - epel_repositories tasks: - - name: disable swap + - name: Disable swap ansible.builtin.command: swapoff -a - - name: deconfigure swap + - name: Deconfigure swap ansible.posix.mount: src: /swapfile fstype: swap path: none state: absent - - name: modprobe br_netfilter + - name: Modprobe br_netfilter community.general.modprobe: name: br_netfilter - - name: configure bridge iptables + - name: Configure bridge iptables ansible.posix.sysctl: name: "{{ item }}" value: 1 @@ -36,7 +36,7 @@ - net.bridge.bridge-nf-call-ip6tables - net.bridge.bridge-nf-call-iptables - - name: install needed network manager libs + - name: Install needed network manager libs ansible.builtin.yum: name: - NetworkManager-glib @@ -48,17 +48,17 @@ type: bridge conn_name: foreman - - name: install docker + - name: Install docker ansible.builtin.yum: name: docker - - name: enable docker + - name: Enable docker ansible.builtin.service: name: docker enabled: true state: started - - name: k8s repo + - name: Enable kubernetes repo ansible.builtin.yum_repository: name: kubernetes description: Kubernetes @@ -69,7 +69,7 @@ gpgkey: https://packages.cloud.google.com/yum/doc/yum-key.gpg https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg exclude: kube* - - name: install kubelet kubeadm kubectl + - name: Install kubelet kubeadm kubectl ansible.builtin.yum: name: - kubelet-{{ kubernetes_version }} @@ -77,12 +77,12 @@ - kubectl-{{ kubernetes_version }} disable_excludes: kubernetes - - name: create /etc/systemd/system/kubelet.service.d/ + - name: Create /etc/systemd/system/kubelet.service.d/ ansible.builtin.file: path: /etc/systemd/system/kubelet.service.d/ state: directory - - name: enable kubelet accounting + - name: Enable kubelet accounting ansible.builtin.copy: dest: /etc/systemd/system/kubelet.service.d/11-cgroups.conf content: | @@ -90,22 +90,22 @@ CPUAccounting=true MemoryAccounting=true - - name: reload systemd + - name: Reload systemd ansible.builtin.systemd: daemon_reload: yes - - name: enable kubelet + - name: Enable kubelet ansible.builtin.service: name: kubelet enabled: true state: started - - name: init cluster + - name: Init cluster ansible.builtin.command: kubeadm init --pod-network-cidr={{ pod_network }} --apiserver-advertise-address={{ ansible_eth0['ipv4']['address'] }} args: creates: /etc/kubernetes/admin.conf - - name: untaint master + - name: Untaint master ansible.builtin.command: kubectl taint nodes --all node-role.kubernetes.io/master- register: untaint_master failed_when: false @@ -113,49 +113,49 @@ environment: KUBECONFIG: /etc/kubernetes/admin.conf - - name: deploy flannel + - name: Deploy flannel ansible.builtin.command: kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/{{ flannel_version }}/Documentation/kube-flannel.yml args: creates: /etc/cni/net.d/10-flannel.conflist environment: KUBECONFIG: /etc/kubernetes/admin.conf - - name: deploy network namespace + - name: Deploy network namespace ansible.builtin.command: kubectl apply -f https://github.com/kubevirt/cluster-network-addons-operator/releases/download/{{ network_operator }}/namespace.yaml args: creates: /etc/cni/net.d/multus.d/multus.kubeconfig environment: KUBECONFIG: /etc/kubernetes/admin.conf - - name: deploy network crd + - name: Deploy network crd ansible.builtin.command: kubectl apply -f https://github.com/kubevirt/cluster-network-addons-operator/releases/download/{{ network_operator }}/network-addons-config.crd.yaml args: creates: /etc/cni/net.d/multus.d/multus.kubeconfig environment: KUBECONFIG: /etc/kubernetes/admin.conf - - name: deploy network operator + - name: Deploy network operator ansible.builtin.command: kubectl apply -f https://github.com/kubevirt/cluster-network-addons-operator/releases/download/{{ network_operator }}/operator.yaml args: creates: /etc/cni/net.d/multus.d/multus.kubeconfig environment: KUBECONFIG: /etc/kubernetes/admin.conf - - name: deploy kubevirt operator + - name: Deploy kubevirt operator ansible.builtin.command: kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/{{ kubevirt_version }}/kubevirt-operator.yaml args: creates: /var/lib/kubelet/device-plugins/kubevirt-tun.sock environment: KUBECONFIG: /etc/kubernetes/admin.conf - - name: deploy kubevirt cr + - name: Deploy kubevirt cr ansible.builtin.command: kubectl apply -f https://github.com/kubevirt/kubevirt/releases/download/{{ kubevirt_version }}/kubevirt-cr.yaml args: creates: /var/lib/kubelet/device-plugins/kubevirt-tun.sock environment: KUBECONFIG: /etc/kubernetes/admin.conf - - name: check for NetworkAddonsConfig + - name: Check for NetworkAddonsConfig ansible.builtin.command: kubectl get networkaddonsconfigs cluster environment: KUBECONFIG: /etc/kubernetes/admin.conf @@ -163,7 +163,7 @@ changed_when: false register: netaddonsconfig - - name: prepare NetworkAddonsConfig file + - name: Prepare NetworkAddonsConfig file ansible.builtin.copy: dest: /tmp/netaddonsconfig content: | @@ -178,24 +178,24 @@ linuxBridge: {} when: netaddonsconfig.rc != 0 - - name: create NetworkAddonsConfig + - name: Create NetworkAddonsConfig ansible.builtin.command: kubectl create -f /tmp/netaddonsconfig environment: KUBECONFIG: /etc/kubernetes/admin.conf when: netaddonsconfig.rc != 0 - - name: install virtctl + - name: Install virtctl ansible.builtin.get_url: url: https://github.com/kubevirt/kubevirt/releases/download/{{ kubevirt_version }}/virtctl-{{ kubevirt_version }}-linux-amd64 dest: /usr/bin/virtctl mode: u=rwx,g=rx,o=rx - - name: wait for the network to be ready + - name: Wait for the network to be ready ansible.builtin.command: kubectl wait networkaddonsconfig cluster --for condition=Ready --timeout=300s environment: KUBECONFIG: /etc/kubernetes/admin.conf - - name: check for bridge-foreman NetworkAttachmentDefinition + - name: Check for bridge-foreman NetworkAttachmentDefinition ansible.builtin.command: kubectl get net-attach-def bridge-foreman environment: KUBECONFIG: /etc/kubernetes/admin.conf @@ -203,7 +203,7 @@ changed_when: false register: bridge_foreman_net_attach - - name: prepare bridge-foreman NetworkAttachmentDefinition file + - name: Prepare bridge-foreman NetworkAttachmentDefinition file ansible.builtin.copy: dest: /tmp/bridge-foreman-net-attach-def content: | @@ -220,13 +220,13 @@ }' when: bridge_foreman_net_attach.rc != 0 - - name: create bridge-foreman NetworkAttachmentDefinition + - name: Create bridge-foreman NetworkAttachmentDefinition ansible.builtin.command: kubectl create -f /tmp/bridge-foreman-net-attach-def environment: KUBECONFIG: /etc/kubernetes/admin.conf when: bridge_foreman_net_attach.rc != 0 - - name: check for foreman-account ServiceAccount + - name: Check for foreman-account ServiceAccount ansible.builtin.command: kubectl get sa foreman-account environment: KUBECONFIG: /etc/kubernetes/admin.conf @@ -234,7 +234,7 @@ changed_when: false register: foreman_service_sa - - name: prepare foreman-account ServiceAccount file + - name: Prepare foreman-account ServiceAccount file ansible.builtin.copy: dest: /tmp/foreman-account-sa content: | @@ -258,20 +258,20 @@ namespace: default when: foreman_service_sa.rc != 0 - - name: create foreman-account ServiceAccount + - name: Create foreman-account ServiceAccount ansible.builtin.command: kubectl create -f /tmp/foreman-account-sa environment: KUBECONFIG: /etc/kubernetes/admin.conf when: foreman_service_sa.rc != 0 - - name: create /home/vagrant/.kube + - name: Create /home/vagrant/.kube ansible.builtin.file: path: /home/vagrant/.kube state: directory owner: vagrant group: vagrant - - name: deploy kube config + - name: Deploy kube config ansible.builtin.copy: src: /etc/kubernetes/admin.conf dest: /home/vagrant/.kube/config @@ -279,13 +279,13 @@ owner: vagrant group: vagrant - - name: get foreman-account secret + - name: Get foreman-account secret ansible.builtin.shell: "set -o pipefail && kubectl get secrets $(kubectl get sa foreman-account -o jsonpath='{.secrets[0].name}') -o jsonpath='{.data.token}' | base64 -d | xargs" environment: KUBECONFIG: /etc/kubernetes/admin.conf changed_when: false register: foreman_account_secret - - name: show foreman-account secret + - name: Show foreman-account secret ansible.builtin.debug: msg: "{{ foreman_account_secret.stdout }}" diff --git a/playbooks/setup_forklift.yml b/playbooks/setup_forklift.yml index 886fb166b..080e43367 100644 --- a/playbooks/setup_forklift.yml +++ b/playbooks/setup_forklift.yml @@ -32,7 +32,7 @@ - rubygem-deep_merge state: 'present' - - name: 'install telemetry dependencies' + - name: 'Install telemetry dependencies' ansible.builtin.pip: name: - protobuf<3.21 From 7d9b1828ce9ceb325cde79db284f2fdd7eaea92b Mon Sep 17 00:00:00 2001 From: William Bradford Clark Date: Sun, 28 Aug 2022 23:15:47 -0400 Subject: [PATCH 07/11] Improve Jinja2 spacing --- roles/fips/tasks/el7.yml | 2 +- roles/foreman_installer/tasks/install.yml | 8 +++---- roles/foreman_installer/tasks/upgrade.yml | 2 +- .../tasks/configure_centos_7.yml | 4 ++-- .../tasks/configure_debian_9_3.yml | 4 ++-- .../tasks/configure_fedora_27.yml | 4 ++-- .../tasks/configure_ubuntu_17_10.yml | 4 ++-- .../tasks/main.yml | 2 +- .../foreman_seeder/hostgroups/tasks/main.yml | 22 +++++++++---------- .../tasks/main.yml | 8 +++---- roles/forklift/tasks/destroy.yml | 2 +- roles/forklift/tasks/halt.yml | 2 +- roles/forklift/tasks/up.yml | 2 +- roles/freeipa_server/defaults/main.yml | 2 +- roles/katello_provisioning/defaults/main.yml | 2 +- roles/katello_provisioning/tasks/main.yml | 10 ++++----- roles/pytest_project/tasks/run.yml | 2 +- roles/smoker/tasks/main.yml | 2 +- 18 files changed, 42 insertions(+), 42 deletions(-) diff --git a/roles/fips/tasks/el7.yml b/roles/fips/tasks/el7.yml index e2c4ab028..8825c2328 100644 --- a/roles/fips/tasks/el7.yml +++ b/roles/fips/tasks/el7.yml @@ -14,7 +14,7 @@ - name: 'Generate boot=UUID=XXXX kernel command' ansible.builtin.set_fact: boot_cmd: "boot=UUID={{ boot_mount[0]['uuid'] }}" - when: boot_mount|length > 0 + when: boot_mount | length > 0 - name: 'Edit kernel command-line to include the fips=1 and boot=UUID=XXXX argument' ansible.builtin.shell: 'grubby --update-kernel=DEFAULT --args="fips=1 {{ boot_cmd | default() }}"' diff --git a/roles/foreman_installer/tasks/install.yml b/roles/foreman_installer/tasks/install.yml index 8bf90d7f6..99ada0729 100644 --- a/roles/foreman_installer/tasks/install.yml +++ b/roles/foreman_installer/tasks/install.yml @@ -23,10 +23,10 @@ - name: 'Run installer' ansible.builtin.shell: > - {{ foreman_installer_command }} {{ (foreman_installer_verbose|bool) | ternary("-v", "") }} - {{ (foreman_installer_no_colors|bool) | ternary("--no-colors", "") }} - {{ (foreman_installer_version is version('3.4', '<') and foreman_installer_disable_system_checks|bool) | ternary("--disable-system-checks", "") }} - {{ (foreman_installer_version is version('3.4', '>=') and foreman_installer_disable_system_checks|bool and foreman_installer_scenario in ['katello']) | ternary("--tuning development", "") }} + {{ foreman_installer_command }} {{ (foreman_installer_verbose | bool) | ternary("-v", "") }} + {{ (foreman_installer_no_colors | bool) | ternary("--no-colors", "") }} + {{ (foreman_installer_version is version('3.4', '<') and foreman_installer_disable_system_checks | bool) | ternary("--disable-system-checks", "") }} + {{ (foreman_installer_version is version('3.4', '>=') and foreman_installer_disable_system_checks | bool and foreman_installer_scenario in ['katello']) | ternary("--tuning development", "") }} {{ foreman_installer_scenario_flag }} {{ foreman_installer_scenario }} {{ foreman_installer_options_joined }} when: not foreman_installer_skip_installer diff --git a/roles/foreman_installer/tasks/upgrade.yml b/roles/foreman_installer/tasks/upgrade.yml index 8b29d3064..5b7722cb1 100644 --- a/roles/foreman_installer/tasks/upgrade.yml +++ b/roles/foreman_installer/tasks/upgrade.yml @@ -19,7 +19,7 @@ - name: 'Set internal installer options' ansible.builtin.set_fact: - foreman_installer_options_internal_use_only: "{{ [ '--upgrade', '--certs-update-all' ] + foreman_installer_options_internal_use_only }}" + foreman_installer_options_internal_use_only: "{{ ['--upgrade', '--certs-update-all'] + foreman_installer_options_internal_use_only }}" when: - foreman_installer_version is version('2.1', '<') - foreman_installer_scenario != 'foreman' diff --git a/roles/foreman_provisioning/tasks/configure_centos_7.yml b/roles/foreman_provisioning/tasks/configure_centos_7.yml index 20be49c6f..13988268b 100644 --- a/roles/foreman_provisioning/tasks/configure_centos_7.yml +++ b/roles/foreman_provisioning/tasks/configure_centos_7.yml @@ -17,7 +17,7 @@ - name: 'Get CentOS 7 info' ansible.builtin.set_fact: - foreman_provisioning_centos73: "{{ foreman_provisioning_centos73_json.stdout|from_json }}" + foreman_provisioning_centos73: "{{ foreman_provisioning_centos73_json.stdout | from_json }}" - name: 'Find kickstart templates' ansible.builtin.shell: > @@ -27,7 +27,7 @@ - name: 'Set kickstart templates' ansible.builtin.set_fact: - kickstart_templates: "{{ kickstart_templates_json.stdout|from_json }}" + kickstart_templates: "{{ kickstart_templates_json.stdout | from_json }}" - name: 'Associate kickstart templates to CentOS 7' ansible.builtin.shell: > diff --git a/roles/foreman_provisioning/tasks/configure_debian_9_3.yml b/roles/foreman_provisioning/tasks/configure_debian_9_3.yml index 9919e359c..55f73acc4 100644 --- a/roles/foreman_provisioning/tasks/configure_debian_9_3.yml +++ b/roles/foreman_provisioning/tasks/configure_debian_9_3.yml @@ -13,7 +13,7 @@ - name: 'Get CentOS 9.3 info' ansible.builtin.set_fact: - foreman_provisioning_debian93: "{{ foreman_provisioning_debian93_json.stdout|from_json }}" + foreman_provisioning_debian93: "{{ foreman_provisioning_debian93_json.stdout | from_json }}" - name: 'Find preseed templates' ansible.builtin.shell: > @@ -23,7 +23,7 @@ - name: 'Set preseed templates' ansible.builtin.set_fact: - preseed_templates: "{{ preseed_templates_json.stdout|from_json }}" + preseed_templates: "{{ preseed_templates_json.stdout | from_json }}" - name: 'Associate preseed templates to Debian 9.3' ansible.builtin.shell: > diff --git a/roles/foreman_provisioning/tasks/configure_fedora_27.yml b/roles/foreman_provisioning/tasks/configure_fedora_27.yml index 33dc35a43..c85eae106 100644 --- a/roles/foreman_provisioning/tasks/configure_fedora_27.yml +++ b/roles/foreman_provisioning/tasks/configure_fedora_27.yml @@ -13,7 +13,7 @@ - name: 'Get Fedora 27 info' ansible.builtin.set_fact: - foreman_provisioning_fedora27: "{{ foreman_provisioning_fedora27_json.stdout|from_json }}" + foreman_provisioning_fedora27: "{{ foreman_provisioning_fedora27_json.stdout | from_json }}" - name: 'Find kickstart templates' ansible.builtin.shell: > @@ -23,7 +23,7 @@ - name: 'Set kickstart templates' ansible.builtin.set_fact: - kickstart_templates: "{{ kickstart_templates_json.stdout|from_json }}" + kickstart_templates: "{{ kickstart_templates_json.stdout | from_json }}" - name: 'Associate kickstart templates to Fedora 27' ansible.builtin.shell: > diff --git a/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml b/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml index a20e9565c..31c9ceb92 100644 --- a/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml +++ b/roles/foreman_provisioning/tasks/configure_ubuntu_17_10.yml @@ -13,7 +13,7 @@ - name: 'Get Ubuntu 17.10 info' ansible.builtin.set_fact: - foreman_provisioning_ubuntu1710: "{{ foreman_provisioning_ubuntu1710_json.stdout|from_json }}" + foreman_provisioning_ubuntu1710: "{{ foreman_provisioning_ubuntu1710_json.stdout | from_json }}" - name: 'Find preseed templates' ansible.builtin.shell: > @@ -23,7 +23,7 @@ - name: 'Set preseed templates' ansible.builtin.set_fact: - preseed_templates: "{{ preseed_templates_json.stdout|from_json }}" + preseed_templates: "{{ preseed_templates_json.stdout | from_json }}" - name: 'Associate preseed templates to Ubuntu 17.10' ansible.builtin.shell: > diff --git a/roles/foreman_provisioning_infrastructure/tasks/main.yml b/roles/foreman_provisioning_infrastructure/tasks/main.yml index 5552fbe34..35bc5c699 100644 --- a/roles/foreman_provisioning_infrastructure/tasks/main.yml +++ b/roles/foreman_provisioning_infrastructure/tasks/main.yml @@ -12,7 +12,7 @@ - name: 'Set smart proxy id' ansible.builtin.set_fact: - foreman_provisioning_smart_proxy: "{{ foreman_provisioning_smart_proxy_json.stdout|from_json }}" + foreman_provisioning_smart_proxy: "{{ foreman_provisioning_smart_proxy_json.stdout | from_json }}" - name: 'Refresh features' ansible.builtin.shell: > diff --git a/roles/foreman_seeder/hostgroups/tasks/main.yml b/roles/foreman_seeder/hostgroups/tasks/main.yml index 17937e87d..0152fd950 100644 --- a/roles/foreman_seeder/hostgroups/tasks/main.yml +++ b/roles/foreman_seeder/hostgroups/tasks/main.yml @@ -3,9 +3,9 @@ - name: 'Create operating systems' ansible.builtin.shell: > {% if 'minor' in item %} - {% set title = item.name +' '+ item.major +'.'+ item.minor %} + {% set title = item.name + ' ' + item.major + '.' + item.minor %} {% else %} - {% set title = item.name +' '+ item.major %} + {% set title = item.name + ' ' + item.major %} {% endif %} {{ foreman_seeder_hostgroups_hammer }} --output=silent os info --name "{{ title }}" || {{ foreman_seeder_hostgroups_hammer }} --output=silent os info --title "{{ title }}" || @@ -53,7 +53,7 @@ - name: 'Set kickstart templates' ansible.builtin.set_fact: - kickstart_templates: "{{ kickstart_templates_json.stdout|from_json }}" + kickstart_templates: "{{ kickstart_templates_json.stdout | from_json }}" tags: - seed @@ -67,16 +67,16 @@ - name: 'Set preseed templates' ansible.builtin.set_fact: - preseed_templates: "{{ preseed_templates_json.stdout|from_json }}" + preseed_templates: "{{ preseed_templates_json.stdout | from_json }}" tags: - seed - name: 'Associate kickstart templates to operating systems' ansible.builtin.shell: > {% if 'minor' in item[0] %} - {% set title = item[0].name +' '+ item[0].major +'.'+ item[0].minor %} + {% set title = item[0].name + ' ' + item[0].major + '.' + item[0].minor %} {% else %} - {% set title = item[0].name +' '+ item[0].major %} + {% set title = item[0].name + ' ' + item[0].major %} {% endif %} {% if item[0].family == 'Redhat' %} {{ foreman_seeder_hostgroups_hammer }} template add-operatingsystem --id {{ item[1].Id }} --operatingsystem '{{ title }}' @@ -92,9 +92,9 @@ - name: 'Associate preseed templates to operating systems' ansible.builtin.shell: > {% if 'minor' in item[0] %} - {% set title = item[0].name +' '+ item[0].major +'.'+ item[0].minor %} + {% set title = item[0].name + ' ' + item[0].major + '.' + item[0].minor %} {% else %} - {% set title = item[0].name +' '+ item[0].major %} + {% set title = item[0].name + ' ' + item[0].major %} {% endif %} {% if item[0].family == 'Debian' %} {{ foreman_seeder_hostgroups_hammer }} template add-operatingsystem --id {{ item[1].Id }} --operatingsystem '{{ title }}' @@ -121,11 +121,11 @@ - name: 'Create hostgroups' ansible.builtin.shell: > {% if 'minor' in item %} - {% set os_title = item.name +' '+ item.major +'.'+ item.minor %} + {% set os_title = item.name + ' ' + item.major + '.' + item.minor %} {% else %} - {% set os_title = item.name +' '+ item.major %} + {% set os_title = item.name + ' ' + item.major %} {% endif %} - {% set name = 'Forklift '+ os_title %} + {% set name = 'Forklift ' + os_title %} {{ foreman_seeder_hostgroups_hammer }} --output=silent hostgroup info --name "{{ name }}" || {{ foreman_seeder_hostgroups_hammer }} hostgroup create --name '{{ name }}' diff --git a/roles/foreman_server_repositories/tasks/main.yml b/roles/foreman_server_repositories/tasks/main.yml index 717442685..ebf3c1816 100644 --- a/roles/foreman_server_repositories/tasks/main.yml +++ b/roles/foreman_server_repositories/tasks/main.yml @@ -10,19 +10,19 @@ ansible.builtin.include_role: role: theforeman.operations.puppet_repositories when: - - foreman_server_repositories_puppet|bool + - foreman_server_repositories_puppet | bool - name: Load foreman_repositories ansible.builtin.include_role: role: foreman_repositories - when: foreman_server_repositories_foreman|bool + when: foreman_server_repositories_foreman | bool - name: Load katello_repositories ansible.builtin.include_role: role: katello_repositories - when: foreman_server_repositories_katello|bool + when: foreman_server_repositories_katello | bool - name: Load foreman_client_repositories ansible.builtin.include_role: role: foreman_client_repositories - when: foreman_server_repositories_foreman_client|bool + when: foreman_server_repositories_foreman_client | bool diff --git a/roles/forklift/tasks/destroy.yml b/roles/forklift/tasks/destroy.yml index fe7ccf798..914502823 100644 --- a/roles/forklift/tasks/destroy.yml +++ b/roles/forklift/tasks/destroy.yml @@ -1,6 +1,6 @@ --- - name: 'Destroy boxes' - ansible.builtin.command: "vagrant destroy -f {{ forklift_boxes.keys()|join(' ') }}" + ansible.builtin.command: "vagrant destroy -f {{ forklift_boxes.keys() | join(' ') }}" args: chdir: "{{ forklift_directory }}" diff --git a/roles/forklift/tasks/halt.yml b/roles/forklift/tasks/halt.yml index e378b072a..afa832a1e 100644 --- a/roles/forklift/tasks/halt.yml +++ b/roles/forklift/tasks/halt.yml @@ -1,5 +1,5 @@ --- - name: 'Halt boxes' - ansible.builtin.command: "vagrant halt {{ forklift_boxes.keys()|join(' ') }}" + ansible.builtin.command: "vagrant halt {{ forklift_boxes.keys() | join(' ') }}" args: chdir: "{{ forklift_directory }}" diff --git a/roles/forklift/tasks/up.yml b/roles/forklift/tasks/up.yml index 700e2e11b..0ebc9b4f7 100644 --- a/roles/forklift/tasks/up.yml +++ b/roles/forklift/tasks/up.yml @@ -7,6 +7,6 @@ # using --no-parallel here to avoid problems with libvirt storage volumes # see https://github.com/vagrant-libvirt/vagrant-libvirt/issues/850 - name: 'Bring up boxes' - ansible.builtin.command: "vagrant up --no-parallel {{ forklift_boxes.keys()|join(' ') }}" + ansible.builtin.command: "vagrant up --no-parallel {{ forklift_boxes.keys() | join(' ') }}" args: chdir: "{{ forklift_directory }}" diff --git a/roles/freeipa_server/defaults/main.yml b/roles/freeipa_server/defaults/main.yml index a11809b73..811df4954 100644 --- a/roles/freeipa_server/defaults/main.yml +++ b/roles/freeipa_server/defaults/main.yml @@ -1,7 +1,7 @@ --- server_group: "server-{{ inventory_hostname }}" katello_server_origin: "{{ groups[server_group][0] }}" -katello_server: "{{ katello_server_origin.replace('centos','c') }}" +katello_server: "{{ katello_server_origin.replace('centos', 'c') }}" katello_server_ip: "{{ hostvars[katello_server_origin]['ansible_host'] }}" freeipa_server_ip: "{{ ansible_eth0.ipv4.address }}" diff --git a/roles/katello_provisioning/defaults/main.yml b/roles/katello_provisioning/defaults/main.yml index c321c24cf..3363baf93 100644 --- a/roles/katello_provisioning/defaults/main.yml +++ b/roles/katello_provisioning/defaults/main.yml @@ -1,7 +1,7 @@ --- katello_provisioning_hammer: hammer katello_provisioning_organization: Default Organization -katello_provisioning_organization_label: "{{ katello_provisioning_organization|regex_replace('\\s', '_') }}" +katello_provisioning_organization_label: "{{ katello_provisioning_organization | regex_replace('\\s', '_') }}" katello_provisioning_location: Default Location katello_provisioning_sync_repos: True katello_provisioning_download_policy: on_demand diff --git a/roles/katello_provisioning/tasks/main.yml b/roles/katello_provisioning/tasks/main.yml index 20c171acc..a39495846 100644 --- a/roles/katello_provisioning/tasks/main.yml +++ b/roles/katello_provisioning/tasks/main.yml @@ -201,7 +201,7 @@ - name: 'Get CentOS 7 info' ansible.builtin.set_fact: - katello_provisioning_centos7: "{{ katello_provisioning_centos7_json.stdout|from_json }}" + katello_provisioning_centos7: "{{ katello_provisioning_centos7_json.stdout | from_json }}" when: katello_provisioning_centos7_json is success - name: 'Create CentOS 7 os when not found' @@ -219,7 +219,7 @@ - name: 'Get new CentOS 7 info' ansible.builtin.set_fact: - katello_provisioning_centos7: "{{ katello_provisioning_centos7_json_new.stdout|from_json }}" + katello_provisioning_centos7: "{{ katello_provisioning_centos7_json_new.stdout | from_json }}" when: "'not found' in katello_provisioning_centos7_json.stderr" - name: 'Update partition table for CentOS 7' @@ -235,7 +235,7 @@ - name: 'Set kickstart templates' ansible.builtin.set_fact: - kickstart_templates: "{{ kickstart_templates_json.stdout|from_json }}" + kickstart_templates: "{{ kickstart_templates_json.stdout | from_json }}" - name: 'Find katello kickstart templates' ansible.builtin.shell: > @@ -245,7 +245,7 @@ - name: 'Set kickstart templates' ansible.builtin.set_fact: - katello_kickstart_templates: "{{ katello_kickstart_templates_json.stdout|from_json }}" + katello_kickstart_templates: "{{ katello_kickstart_templates_json.stdout | from_json }}" - name: 'Associate kickstart templates to CentOS 7' ansible.builtin.shell: > @@ -273,7 +273,7 @@ - name: 'Set find centos kickstart repo' ansible.builtin.set_fact: - katello_provisioning_repo_json: "{{ katello_provisioning_repo.stdout|from_json }}" + katello_provisioning_repo_json: "{{ katello_provisioning_repo.stdout | from_json }}" - name: 'Find hostgroup Katello CentOS 7' ansible.builtin.shell: > diff --git a/roles/pytest_project/tasks/run.yml b/roles/pytest_project/tasks/run.yml index d2739c025..42ec2d490 100644 --- a/roles/pytest_project/tasks/run.yml +++ b/roles/pytest_project/tasks/run.yml @@ -6,7 +6,7 @@ - name: 'Limit to markers' ansible.builtin.set_fact: pytest_project_command: "{{ pytest_project_command }} -m '{{ pytest_project_markers }}'" - when: pytest_project_markers|bool + when: pytest_project_markers | bool - name: 'Run tests' ansible.builtin.command: "{{ pytest_project_command }}" diff --git a/roles/smoker/tasks/main.yml b/roles/smoker/tasks/main.yml index e9462fc6a..c33d5a855 100644 --- a/roles/smoker/tasks/main.yml +++ b/roles/smoker/tasks/main.yml @@ -20,7 +20,7 @@ - name: 'Write variables.json' ansible.builtin.copy: dest: "{{ smoker_variables_path }}" - content: "{{ smoker_variables|to_json }}" + content: "{{ smoker_variables | to_json }}" - name: 'Run Smoker via pytest_project' ansible.builtin.include_role: From 2bc1f4932c104038f700e557d1aa519713ee7913 Mon Sep 17 00:00:00 2001 From: William Bradford Clark Date: Wed, 31 Aug 2022 09:14:28 -0400 Subject: [PATCH 08/11] Optionally add additional groups to unprivileged_user Also grants passwordless sudo via the groupname, which defaults to the username if groupname is not specified. --- roles/unprivileged_user/defaults/main.yml | 1 + roles/unprivileged_user/tasks/main.yml | 26 +++++++++++++++++------ 2 files changed, 20 insertions(+), 7 deletions(-) diff --git a/roles/unprivileged_user/defaults/main.yml b/roles/unprivileged_user/defaults/main.yml index 5bfb8aa1e..1f0bcb4ba 100644 --- a/roles/unprivileged_user/defaults/main.yml +++ b/roles/unprivileged_user/defaults/main.yml @@ -1,2 +1,3 @@ --- unprivileged_user_username: vagrant +unprivileged_user_additional_groups: [] diff --git a/roles/unprivileged_user/tasks/main.yml b/roles/unprivileged_user/tasks/main.yml index 6a0f8d283..01a4036ff 100644 --- a/roles/unprivileged_user/tasks/main.yml +++ b/roles/unprivileged_user/tasks/main.yml @@ -1,17 +1,29 @@ --- -- name: "Creating of {{ unprivileged_user_username }} user" +- name: "Set group name" + ansible.builtin.set_fact: + unprivileged_user_groupname: "{{ unprivileged_user_primary_group | default(unprivileged_user_username) }}" + +- name: "Create groups" + ansible.builtin.group: + name: "{{ item }}" + state: present + with_items: "{{ unprivileged_user_additional_groups + [unprivileged_user_groupname] }}" + become: true + +- name: "Create the {{ unprivileged_user_username }} user" ansible.builtin.user: name: "{{ unprivileged_user_username }}" - comment: "John Vagrant" + groups: "{{ unprivileged_user_additional_groups + [unprivileged_user_groupname] }}" + append: yes become: true -- name: "Add {{ unprivileged_user_username }} to sudoers" +- name: "Grant passwordless sudo via {{ unprivileged_user_groupname }} group" ansible.builtin.lineinfile: - dest: "/etc/sudoers.d/{{ unprivileged_user_username }}" + dest: "/etc/sudoers.d/{{ unprivileged_user_groupname }}" state: present - regexp: '^{{ unprivileged_user_username }}' - line: '{{ unprivileged_user_username }} ALL=(ALL) NOPASSWD: ALL' - validate: 'visudo -cf %s' + regexp: '^%{{ unprivileged_user_groupname }}' + line: '%{{ unprivileged_user_groupname }} ALL=(ALL) NOPASSWD: ALL' + validate: '/usr/sbin/visudo -cf %s' create: yes become: true From 27e491c67b70b238b9916cfb8785c9a07970b7e5 Mon Sep 17 00:00:00 2001 From: William Bradford Clark Date: Wed, 31 Aug 2022 14:55:41 -0400 Subject: [PATCH 09/11] Use authorized_key module and optionally import shh pubkey from GitHub --- roles/unprivileged_user/tasks/main.yml | 28 +++++++++++--------------- 1 file changed, 12 insertions(+), 16 deletions(-) diff --git a/roles/unprivileged_user/tasks/main.yml b/roles/unprivileged_user/tasks/main.yml index 01a4036ff..5fbf513d5 100644 --- a/roles/unprivileged_user/tasks/main.yml +++ b/roles/unprivileged_user/tasks/main.yml @@ -27,24 +27,20 @@ create: yes become: true -- name: "Create {{ unprivileged_user_username }} .ssh" - ansible.builtin.file: - path: "/home/{{ unprivileged_user_username }}/.ssh" - owner: "{{ unprivileged_user_username }}" - group: root - state: directory - mode: 0700 +- name: "Add public key to authorized_keys from Host Machine" + ansible.posix.authorized_key: + user: "{{ unprivileged_user_username }}" + state: present + key: "{{ lookup('file', unprivileged_user_import_ssh_pub_key) }}" + when: unprivileged_user_import_ssh_pub_key | default(False) become: true -- name: "Ensure public key is in authorized_keys" - ansible.builtin.lineinfile: - line: "{{ lookup('file', unprivileged_user_import_ssh_pub_key) }}" - path: "/home/{{ unprivileged_user_username }}/.ssh/authorized_keys" - create: yes - mode: 0600 - owner: "{{ unprivileged_user_username }}" +- name: "Add public key to authorized_keys via GitHub" + ansible.posix.authorized_key: + user: "{{ unprivileged_user_username }}" state: present - when: unprivileged_user_import_ssh_pub_key | default(False) + key: "https://github.com/{{ unprivileged_user_import_ssh_pub_key_github }}.keys" + when: unprivileged_user_import_ssh_pub_key_github | default(False) become: true - name: "Check /home/{{ unprivileged_user_username }}/.ssh/authorized_keys" @@ -53,7 +49,7 @@ register: authorized_keys_file become: true -- name: "Copy root authorized_keys to unprivileged user" +- name: "Inherit authorized_keys from root user if none imported for {{ unprivileged_user_username }}" block: - name: "Check /root/.ssh/authorized_keys" ansible.builtin.stat: From 625308a3b4a14575a0bbe5afb70e486502725e58 Mon Sep 17 00:00:00 2001 From: William Bradford Clark Date: Wed, 31 Aug 2022 15:17:17 -0400 Subject: [PATCH 10/11] Use community.general.sudoers for unprivileged_user sudoers control --- roles/unprivileged_user/tasks/main.yml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/roles/unprivileged_user/tasks/main.yml b/roles/unprivileged_user/tasks/main.yml index 5fbf513d5..82f1b00a9 100644 --- a/roles/unprivileged_user/tasks/main.yml +++ b/roles/unprivileged_user/tasks/main.yml @@ -18,13 +18,10 @@ become: true - name: "Grant passwordless sudo via {{ unprivileged_user_groupname }} group" - ansible.builtin.lineinfile: - dest: "/etc/sudoers.d/{{ unprivileged_user_groupname }}" - state: present - regexp: '^%{{ unprivileged_user_groupname }}' - line: '%{{ unprivileged_user_groupname }} ALL=(ALL) NOPASSWD: ALL' - validate: '/usr/sbin/visudo -cf %s' - create: yes + community.general.sudoers: + name: "{{ unprivileged_user_groupname }}" + group: "{{ unprivileged_user_groupname }}" + commands: ALL become: true - name: "Add public key to authorized_keys from Host Machine" From 8bc3978963d2317fb8eb7996db93ecb300bad4c7 Mon Sep 17 00:00:00 2001 From: William Bradford Clark Date: Wed, 31 Aug 2022 17:13:45 -0400 Subject: [PATCH 11/11] Add options to configure unprivileged_user for Kerberos auth --- roles/unprivileged_user/defaults/main.yml | 3 ++ roles/unprivileged_user/tasks/main.yml | 37 +++++++++++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/roles/unprivileged_user/defaults/main.yml b/roles/unprivileged_user/defaults/main.yml index 1f0bcb4ba..d36019fb4 100644 --- a/roles/unprivileged_user/defaults/main.yml +++ b/roles/unprivileged_user/defaults/main.yml @@ -1,3 +1,6 @@ --- unprivileged_user_username: vagrant unprivileged_user_additional_groups: [] +unprivileged_user_kerberos_install: False +unprivileged_user_kerberos_copy_config: False +unprivileged_user_kerberos_copy_ccache: False diff --git a/roles/unprivileged_user/tasks/main.yml b/roles/unprivileged_user/tasks/main.yml index 82f1b00a9..11d03d83f 100644 --- a/roles/unprivileged_user/tasks/main.yml +++ b/roles/unprivileged_user/tasks/main.yml @@ -66,3 +66,40 @@ - not authorized_keys_file.stat.exists - unprivileged_user_import_ssh_pub_key | default(True) become: true + +- name: "Configure {{ unprivileged_user_username }} for Kerberos authentication" + block: + - name: "Install krb5-workstation on Red Hat based distributions" + ansible.builtin.dnf: + name: + - "krb5-workstation" + - "krb5-libs" + state: present + when: ansible_os_family == "RedHat" + + - name: "Install krb5-user on Debian based distributions" + ansible.builtin.apt: + name: "krb5-user" + state: present + when: ansible_os_family == "Debian" + + - name: "Copy Kerberos client config from Host" + ansible.builtin.copy: + src: "{{ unprivileged_user_kerberos_copy_config }}" + dest: /etc/krb5.conf + owner: root + group: root + mode: '0644' + when: unprivileged_user_kerberos_copy_config + + - name: "Copy Kerberos Credential Cache from Host" + ansible.builtin.copy: + src: "{{ unprivileged_user_kerberos_copy_ccache }}" + dest: "{{ unprivileged_user_kerberos_copy_ccache }}" + owner: "{{ unprivileged_user_username }}" + group: "{{ unprivileged_user_groupname }}" + mode: '0600' + when: unprivileged_user_kerberos_copy_ccache + + when: unprivileged_user_kerberos_install + become: true