openstack/openstack-ansible-plugins
Code Issues Proposed changes

Auto-fix usage of modules via FQCN

Browse Source 
Since ansible-core 2.10 it is recommended to use modules via FQCN
In order to align with recommendation, we perform migration
by applying suggestions made by `ansible-lint --fix=fqcn`

Change-Id: I8132b995ffce690c6876dde816f1aed88a73ebb2
This commit is contained in:
Dmitriy Rabotyagov
2025-02-17 12:46:38 +01:00
parent 0381ae1a80
commit 7401a10fc6
18 changed files with 69 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/dynamic_address_fact/tasks/main.yml
View File

@@ -14,7 +14,7 @@
# limitations under the License.
- name: Gathering facts for {{ network_address }} interface on metal hosts
setup:
ansible.builtin.setup:
gather_subset: "!all,network"
filter: "{{ dynamic_address_gather_filter | default(('ansible_' ~ default_network_interface_name) | replace('-','_')) }}"
vars:
@@ -27,7 +27,7 @@
- always
- name: Set IP to use for {{ network_address }}
set_fact: "{{ network_address }}={{ hostvars[inventory_hostname] | json_query(query) }}"
ansible.builtin.set_fact: "{{ network_address }}={{ hostvars[inventory_hostname] | json_query(query) }}"
vars:
query: "{{ is_metal | ternary(metal_query, non_metal_query) }}"
non_metal_query: "container_networks.{{ network_address }}.address || ansible_host"

2
roles/gather_extra_facts/tasks/main.yml
View File

@@ -14,6 +14,6 @@
# limitations under the License.
- name: Gather additional facts
setup:
ansible.builtin.setup:
gather_subset: "{{ deployment_extra_facts_subset }}"
filter: "{{ deployment_extra_facts_filter }}"

31
roles/glusterfs/tasks/main.yml
View File

@@ -14,7 +14,7 @@
# limitations under the License.
- name: Gather variables for each operating system
include_vars: "{{ lookup('first_found', params) }}"
ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
@@ -33,16 +33,16 @@
when: ansible_facts['pkg_mgr'] == 'dnf'
block:
- name: Enable extra repositories
command: dnf config-manager --set-enabled "{{ item }}"
ansible.builtin.command: dnf config-manager --set-enabled "{{ item }}"
changed_when: false
with_items: "{{ glusterfs_server_dnf_enable }}"
- name: Install gluster repo packages
package:
ansible.builtin.package:
name: "{{ glusterfs_server_dnf_sig_packages }}"
- name: Apply systemctl overrides
import_role:
ansible.builtin.import_role:
name: systemd_service
vars:
systemd_services:
@@ -54,18 +54,18 @@
ConditionCapability: ""
- name: Install glusterfs server packages
package:
ansible.builtin.package:
name: "{{ glusterfs_server_distro_packages }}"
state: "{{ glusterfs_package_state }}"
- name: Drop glusterfs-wait.sh script
copy:
ansible.builtin.copy:
src: glusterfs-wait.sh
dest: /usr/local/sbin
mode: "0744"
- name: Add glusterd.service overrides
import_role:
ansible.builtin.import_role:
name: systemd_service
vars:
systemd_services:
@@ -76,7 +76,7 @@
ExecStartPost: "/usr/local/sbin/glusterfs-wait.sh"
- name: Configure systemd-tmpfiles to create /dev/fuse at boot
copy:
ansible.builtin.copy:
content: "c /dev/fuse 0600 - - - 10:229"
dest: "/etc/tmpfiles.d/openstack-ansible-glusterfs-server.conf"
mode: "0644"
@@ -84,7 +84,7 @@
register: _glusterfs_server_tmpfiles
- name: Restart systemd-tmpfiles-setup-dev
service:
ansible.builtin.service:
name: "systemd-tmpfiles-setup-dev"
enabled: true
state: restarted
@@ -93,7 +93,7 @@
- _glusterfs_server_tmpfiles is changed
- name: Start glusterfs server
service:
ansible.builtin.service:
name: "{{ glusterfs_server_service }}"
enabled: true
state: started
@@ -104,7 +104,7 @@
when: _glusterfs_is_bootstrap_host
- name: Ensure glusterfs backing directory exists
file:
ansible.builtin.file:
path: "{{ glusterfs_server_backing_dir }}"
state: directory
mode: "0755"
@@ -112,7 +112,8 @@
- name: Check brick status
throttle: 1
command: gluster volume status {{ glusterfs_server_volume_name }} {{ inventory_hostname | regex_replace('_', '-') }}:{{ glusterfs_server_bricks }} detail
ansible.builtin.command: gluster volume status {{ glusterfs_server_volume_name }} {{ inventory_hostname | regex_replace('_', '-') }}:{{ glusterfs_server_bricks
}} detail
register: _brick_online_status
changed_when: false
failed_when: false
@@ -122,7 +123,7 @@
- name: Reset brick for a replaced node
vars:
brick: "{{ inventory_hostname | regex_replace('_', '-') }}:{{ glusterfs_server_bricks }}"
command: "{{ item }}"
ansible.builtin.command: "{{ item }}"
changed_when: false
when:
- _backing_dir_create is changed
@@ -138,13 +139,13 @@
# peer's active hostname not to match the one stored on disk. Restarting the service resolves
# this and prevents failures upon calls to create volumes.
- name: Find existing peers' runtime hostnames
shell: "gluster peer status | grep Hostname: | cut -d ' ' -f 2"
ansible.builtin.shell: "gluster peer status | grep Hostname: | cut -d ' ' -f 2"
changed_when: false
register: _existing_peer_hostnames
when: (glusterfs_server_cluster_members | length) > 1
- name: Restart glusterfs server
service:
ansible.builtin.service:
name: "{{ glusterfs_server_service }}"
state: restarted
when:

4
roles/journald_remote/handlers/main.yml
View File

@@ -15,7 +15,7 @@
# limitations under the License.
- name: Ensure systemd-journal-remote socket enabled
systemd:
ansible.builtin.systemd:
name: systemd-journal-remote.socket
enabled: true
state: started
@@ -23,6 +23,6 @@
- (ansible_host in journald_remote_targets)
- name: Restart systemd-journald
systemd:
ansible.builtin.systemd:
name: systemd-journald
state: restarted

4
roles/journald_remote/tasks/journald_remote_install.yml
View File

@@ -15,14 +15,14 @@
# limitations under the License.
- name: Install systemd-journal-remote
package:
ansible.builtin.package:
name: "{{ journald_remote_distro_packages }}"
state: "{{ journald_remote_package_state }}"
notify:
- Ensure systemd-journal-remote socket enabled
- name: Create journald-remote log directory
file:
ansible.builtin.file:
path: "{{ journald_remote_log_path }}"
state: "directory"
owner: "{{ journald_remote_system_user }}"

4
roles/journald_remote/tasks/journald_remote_post_install.yml
View File

@@ -15,7 +15,7 @@
# limitations under the License.
- name: Ensure receiving hosts are tuned
ini_file:
community.general.ini_file:
path: "/etc/systemd/journald.conf"
section: "{{ item.section | default('Journal') }}"
state: "{{ item.state | default('present') }}"
@@ -30,7 +30,7 @@
- Restart systemd-journald
- name: Setup journald services
import_role:
ansible.builtin.import_role:
name: systemd_service
vars:
systemd_tempd_prefix: "openstack"

6
roles/journald_remote/tasks/main.yml
View File

@@ -15,7 +15,7 @@
# limitations under the License.
- name: Gather variables for each operating system
include_vars: "{{ lookup('first_found', params) }}"
ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
vars:
params:
files:
@@ -31,13 +31,13 @@
- always
- name: Install journald-remote packages
import_tasks: journald_remote_install.yml
ansible.builtin.import_tasks: journald_remote_install.yml
tags:
- journald-remote-install
- journald-remote
- name: Configure journald-remote
import_tasks: journald_remote_post_install.yml
ansible.builtin.import_tasks: journald_remote_post_install.yml
tags:
- journald-remote-config
- journald-remote

20
roles/lxc_container_setup/tasks/main.yml
View File

@@ -28,7 +28,7 @@
# "extra_container_config" list to strings containing the options needed.
- name: Set default bind mounts (bind var/log)
set_fact:
ansible.builtin.set_fact:
lxc_default_bind_mounts: '{{ lxc_default_bind_mounts | default([{"bind_dir_path": "/var/log", "mount_path": "/openstack/log/" ~ inventory_hostname}]) }}'
when:
- default_bind_mount_logs | bool
@@ -36,7 +36,7 @@
- common-lxc
- name: Ensure mount directories exists
file:
ansible.builtin.file:
path: "{{ item['mount_path'] }}"
state: "directory"
with_items:
@@ -49,7 +49,7 @@
- common-lxc
- name: Add bind mount configuration to container
lineinfile:
ansible.builtin.lineinfile:
dest: "/var/lib/lxc/{{ inventory_hostname }}/config"
line: "lxc.mount.entry = {{ item['mount_path'] }} {{ item['bind_dir_path'].lstrip('/') }} none bind,create={{ item.create | default('dir') }} 0 0"
insertbefore: "^lxc.mount.entry = .*\\s{{ item['bind_dir_path'].lstrip('/') | regex_replace('/', '\/') }}.*"
@@ -63,7 +63,7 @@
- common-lxc
- name: Extra lxc config
lineinfile:
ansible.builtin.lineinfile:
path: "/var/lib/lxc/{{ inventory_hostname }}/config"
regexp: "^{{ item.split('=')[0] }} ="
line: "{{ item.split('=')[0] }} = {{ item.split('=', 1)[1] }}"
@@ -75,7 +75,7 @@
- common-lxc
- name: Extra lxc config no restart
lineinfile:
ansible.builtin.lineinfile:
path: "/var/lib/lxc/{{ inventory_hostname }}/config"
regexp: "^{{ item.split('=')[0] }} ="
line: "{{ item.split('=')[0] }} = {{ item.split('=', 1)[1] }}"
@@ -86,7 +86,7 @@
- common-lxc
- name: Check container state
command: "lxc-info -n {{ inventory_hostname }} --state"
ansible.builtin.command: "lxc-info -n {{ inventory_hostname }} --state"
changed_when: false
delegate_to: "{{ physical_host }}"
register: _lxc_container_state
@@ -102,7 +102,7 @@
# NOTE(cloudnull): The `lxc-stop` command will have an RC of 2 if the command
# fails due to a container already being in a stopped state.
- name: Lxc container restart
command: >
ansible.builtin.command: >
lxc-stop --name {{ inventory_hostname }}
--logfile {{ lxc_container_log_path }}/lxc-{{ inventory_hostname }}.log
--logpriority {{ (debug | bool) | ternary('DEBUG', 'INFO') }}
@@ -123,7 +123,7 @@
# this uses the LXC CLI tools to ensure that we get logging.
# TODO(odyssey4me): revisit this once the bug is fixed and released
- name: Start Container
command: >
ansible.builtin.command: >
lxc-start --daemon --name {{ inventory_hostname }}
--logfile {{ lxc_container_log_path }}/lxc-{{ inventory_hostname }}.log
--logpriority {{ (debug | bool) | ternary('DEBUG', 'INFO') }}
@@ -137,7 +137,7 @@
- common-lxc
- name: Wait for container tmpfiles-setup finish
raw: systemctl list-units systemd-tmpfiles-setup.service --no-legend | grep 'exited' >/dev/null
ansible.builtin.raw: systemctl list-units systemd-tmpfiles-setup.service --no-legend | grep 'exited' >/dev/null
register: systemd_tmpfiles
until: systemd_tmpfiles.rc == 0
retries: 20
@@ -145,7 +145,7 @@
changed_when: false
- name: Wait for container connectivity
wait_for_connection:
ansible.builtin.wait_for_connection:
connect_timeout: "{{ lxc_container_wait_params.connect_timeout | default(omit) }}"
delay: "{{ lxc_container_wait_params.delay | default(omit) }}"
sleep: "{{ lxc_container_wait_params.sleep | default(omit) }}"

8
roles/mq_setup/tasks/main.yml
View File

@@ -19,7 +19,7 @@
- name: Setup RPC vhost and policies
vars:
__mq_policies: "{{ (_oslomsg_rpc_policies | default([]) + oslomsg_rpc_policies) | unique(attribute='name') }}"
include_tasks: rabbit_vhost_setup.yml
ansible.builtin.include_tasks: rabbit_vhost_setup.yml
loop: "{{ __resolved_oslomsg_rpc_vhost }}"
loop_control:
loop_var: __mq_vhost
@@ -29,7 +29,7 @@
__mq_nolog: "{{ _oslomsg_nolog | default(True) }}"
__mq_userid: "{{ _oslomsg_rpc_userid }}"
__mq_password: "{{ _oslomsg_rpc_password }}"
include_tasks: rabbit_user_setup.yml
ansible.builtin.include_tasks: rabbit_user_setup.yml
loop: "{{ __resolved_oslomsg_rpc_vhost }}"
loop_control:
loop_var: __mq_vhost
@@ -50,7 +50,7 @@
- name: Setup Notify vhost and policies
vars:
__mq_policies: "{{ (_oslomsg_notify_policies | default([]) + oslomsg_notify_policies) | unique(attribute='name') }}"
include_tasks: rabbit_vhost_setup.yml
ansible.builtin.include_tasks: rabbit_vhost_setup.yml
loop: "{{ __resolved_oslomsg_notify_vhost }}"
loop_control:
loop_var: __mq_vhost
@@ -65,7 +65,7 @@
__mq_nolog: "{{ _oslomsg_nolog | default(True) }}"
__mq_userid: "{{ _oslomsg_notify_userid }}"
__mq_password: "{{ _oslomsg_notify_password }}"
include_tasks: rabbit_user_setup.yml
ansible.builtin.include_tasks: rabbit_user_setup.yml
loop: "{{ __resolved_oslomsg_notify_vhost }}"
loop_control:
loop_var: __mq_vhost

2
roles/openstack_resources/tasks/image_upload.yml
View File

@@ -131,6 +131,6 @@
loop: "{{ upload_status }}"
- name: Removing tmpdir
file:
ansible.builtin.file:
path: "{{ tempdir.path }}"
state: absent

4
roles/service_setup/tasks/main.yml
View File

@@ -93,9 +93,9 @@
no_log: "{{ _service_setup_nolog | default(True) }}"
- name: Include task for role assignment
include_tasks: setup_roles.yml
ansible.builtin.include_tasks: setup_roles.yml
vars:
user_roles: "{{ (user.role is not string and user.role is iterable) | ternary(user.role, [ user.role ]) }}"
user_roles: "{{ (user.role is not string and user.role is iterable) | ternary(user.role, [user.role]) }}"
when:
- not (_service_in_ldap | default(False) | bool)
- _service_users is defined

4
roles/ssh_keypairs/handlers/main.yml
View File

@@ -14,7 +14,7 @@
# limitations under the License.
- name: Regenerate trusted_ca file
assemble:
ansible.builtin.assemble:
src: "/etc/ssh/trusted_ca.d/"
dest: "{{ ssh_keypairs_trusted_ca_file }}"
mode: "0644"
@@ -24,7 +24,7 @@
_sshd_service_name:
redhat: "sshd"
debian: "ssh"
service:
ansible.builtin.service:
name: "{{ _sshd_service_name[ansible_facts['os_family'] | lower] }}"
state: reloaded
listen:

10
roles/ssh_keypairs/tasks/main.yml
View File

@@ -14,14 +14,14 @@
# limitations under the License.
- name: Include keypair variables for {{ ssh_keypairs_method }}
include_vars:
ansible.builtin.include_vars:
file: "{{ ssh_keypairs_method ~ '_keypair.yml' }}"
- name: Create keypairs
when: ssh_keypairs_create_keys
block:
- name: Create keypair directories
file:
ansible.builtin.file:
state: directory
path: "{{ item.path }}"
owner: "{{ item.owner | default(omit) }}"
@@ -33,7 +33,7 @@
check_mode: false
- name: Create keypairs
include_tasks: "{{ ssh_keypairs_method }}/create_keypair.yml"
ansible.builtin.include_tasks: "{{ ssh_keypairs_method }}/create_keypair.yml"
loop: "{{ ssh_keypairs }}"
loop_control:
loop_var: kp
@@ -41,11 +41,11 @@
kp_dir: "{{ ssh_keypairs_dir }}"
- name: Install ssh server certificate authorities
include_tasks: "{{ ssh_keypairs_method }}/install_ssh_ca.yml"
ansible.builtin.include_tasks: "{{ ssh_keypairs_method }}/install_ssh_ca.yml"
when:
- ssh_keypairs_install_authorities
- name: Install ssh keys
include_tasks: "{{ ssh_keypairs_method }}/install_ssh_key.yml"
ansible.builtin.include_tasks: "{{ ssh_keypairs_method }}/install_ssh_key.yml"
when:
- ssh_keypairs_install_keypairs

2
roles/ssh_keypairs/tasks/standalone/create_keypair.yml
View File

@@ -49,7 +49,7 @@
register: kp_cert
- name: Save certificate info for signed key {{ kp['name'] }}
copy:
ansible.builtin.copy:
content: "{{ kp_cert['info'] | to_nice_yaml }}"
dest: "{{ kp_keys['filename'] ~ '-cert.info' }}"
mode: "0644"

18
roles/ssh_keypairs/tasks/standalone/install_ssh_ca.yml
View File

@@ -14,14 +14,14 @@
# limitations under the License.
- name: Ensure trusted CA directory is present
file:
ansible.builtin.file:
path: "/etc/ssh/trusted_ca.d"
state: directory
mode: "0700"
- name: Slurp up SSH CA certificates from keypair setup host ({{ ssh_keypairs_setup_host }})
delegate_to: "{{ ssh_keypairs_setup_host }}"
slurp:
ansible.builtin.slurp:
src: "{{ item.src | default(ssh_keypairs_dir ~ '/' ~ item.name ~ '.pub') }}"
register: _ssh_ca_slurp
when:
@@ -30,7 +30,7 @@
ignore_errors: "{{ ansible_check_mode }}"
- name: Create sshd trusted certificate config files
template:
ansible.builtin.template:
src: "ssh_ca.j2"
dest: "/etc/ssh/trusted_ca.d/{{ item.item.name }}"
mode: "0644"
@@ -42,7 +42,7 @@
- Regenerate trusted_ca file
- name: Remove sshd trusted authorities for absent CA
file:
ansible.builtin.file:
path: "/etc/sshd/trusted_ca.d/{{ item.item.name }}"
state: absent
with_items: "{{ _ssh_ca_slurp.results }}"
@@ -56,7 +56,7 @@
# NOTE (jrosser) Centos-8 sshd is too old to support the 'Include' directive
# This task will need keeping in sync with ssh_ca_config.j2
- name: Ensure sshd config fragments are read on Centos-8
lineinfile:
ansible.builtin.lineinfile:
path: "/etc/ssh/sshd_config"
line: "{{ item }}"
with_items:
@@ -67,7 +67,7 @@
- Reload sshd
- name: Write sshd trusted authorities config fragement
template:
ansible.builtin.template:
src: ssh_ca_config.j2
dest: "/etc/ssh/sshd_config.d/{{ ssh_keypairs_trusted_ca_config_file }}"
mode: "0644"
@@ -76,13 +76,13 @@
- Reload sshd
- name: Ensure authorized principals directory is present
file:
ansible.builtin.file:
path: "{{ ssh_keypairs_authorized_principals_file | dirname }}"
state: directory
mode: "0755"
- name: Create sshd certificate principals config files
template:
ansible.builtin.template:
src: "ssh_principal.j2"
dest: "{{ (ssh_keypairs_authorized_principals_file | dirname) ~ '/' ~ item.user ~ '_principals' }}"
mode: "0644"
@@ -94,7 +94,7 @@
- Reload sshd
- name: Remove sshd certificate principals which are absent
file:
ansible.builtin.file:
path: "{{ (ssh_keypairs_authorized_principals_file | dirname) ~ '/' ~ item.user ~ '_principals' }}"
state: absent
with_items: "{{ ssh_keypairs_principals }}"

4
roles/ssh_keypairs/tasks/standalone/install_ssh_key.yml
View File

@@ -15,7 +15,7 @@
- name: Slurp up SSH keys from ssh keypairs setup host {{ ssh_keypairs_setup_host }}
delegate_to: "{{ ssh_keypairs_setup_host }}"
slurp:
ansible.builtin.slurp:
src: "{{ item.src | default(ssh_keypairs_dir ~ item.name | default('')) }}"
register: _ssh_key_slurp
when:
@@ -24,7 +24,7 @@
ignore_errors: "{{ ansible_check_mode }}"
- name: Copy ssh keys to target
copy:
ansible.builtin.copy:
content: "{{ item.content | b64decode }}"
dest: "{{ item.item.dest }}"
mode: "{{ item.item.mode | default(omit) }}"

2
roles/system_crontab_coordination/tasks/main.yml
View File

@@ -14,7 +14,7 @@
# limitations under the License.
- name: Create crontab
template:
ansible.builtin.template:
src: "crontab.j2"
dest: "/etc/crontab"
owner: "root"

8
roles/unbound_clients/tasks/main.yml
View File

@@ -16,7 +16,7 @@
# create a sorted resolver list with affinity toward unbound container(s)
# on the same physical_host
- name: Apply resolver sorting
set_fact:
ansible.builtin.set_fact:
resolver_list: |-
{% set _var = [] %}
{% for host in groups[resolvconf_resolver_group] %}
@@ -43,7 +43,7 @@
- physical_host in hostvars['localhost']['unbound_physical_hosts']
- name: Set resolver IP list fact
set_fact:
ansible.builtin.set_fact:
resolvconf_resolver_ips: "{{ resolver_list }}"
resolvconf_options:
- "timeout:1"
@@ -53,7 +53,7 @@
# rotate is only used when no physical_host affinity is defined
- name: Set resolver rotate when physical_host is not an unbound host
set_fact:
ansible.builtin.set_fact:
resolvconf_options:
- "timeout:1"
- "rotate"
@@ -61,5 +61,5 @@
- resolver_list is not defined
- name: Include the resolvconf role
include_role:
ansible.builtin.include_role:
name: resolvconf