From 6f02bcf4af13f82818c247f1683842a53d26a155 Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Wed, 12 Feb 2025 08:36:03 +0100 Subject: [PATCH] Auto-fix usage of modules via FQCN Since ansible-core 2.10 it is recommended to use modules via FQCN In order to align with recommendation, we perform migration by applying suggestions made by `ansible-lint --fix=fqcn` Change-Id: Ibf7bac98d8ca25801a2abd0f4b195d6a248e6589 --- handlers/main.yml | 6 ++--- tasks/configure_metal_hosts.yml | 20 +++++++-------- tasks/main.yml | 34 ++++++++++++------------- tasks/openstack_authorized_keys.yml | 4 +-- tasks/openstack_gitconfig.yml | 6 ++--- tasks/openstack_hosts_configure_apt.yml | 10 ++++---- tasks/openstack_hosts_configure_dnf.yml | 29 ++++++++++----------- tasks/openstack_hosts_configure_yum.yml | 19 +++++++------- tasks/openstack_hosts_systemd.yml | 10 ++++---- tasks/openstack_release.yml | 4 +-- tasks/openstack_sysstat.yml | 6 ++--- tasks/openstack_update_hosts_file.yml | 6 ++--- 12 files changed, 76 insertions(+), 78 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 68d67171..f5a9dd3a 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -14,13 +14,13 @@ # limitations under the License. - name: Restart sysstat - service: + ansible.builtin.service: name: "sysstat" state: "restarted" enabled: "yes" - name: Restart systemd-journald - service: + ansible.builtin.service: name: systemd-journald state: restarted enabled: true @@ -30,5 +30,5 @@ delay: 2 - name: Systemd daemon reload - systemd: + ansible.builtin.systemd: daemon_reload: true diff --git a/tasks/configure_metal_hosts.yml b/tasks/configure_metal_hosts.yml index 8392b318..d4c22b97 100644 --- a/tasks/configure_metal_hosts.yml +++ b/tasks/configure_metal_hosts.yml @@ -14,7 +14,7 @@ # limitations under the License. - name: Check Kernel Version - fail: + ansible.builtin.fail: msg: > Wrong kernel Version found [ {{ ansible_facts['kernel'] }} < {{ openstack_host_required_kernel }} ] @@ -23,7 +23,7 @@ - ansible_facts['kernel'] is version(openstack_host_required_kernel, '<') - name: Install distro packages for bare metal nodes - package: + ansible.builtin.package: name: "{{ openstack_host_metal_distro_packages }}" state: "{{ openstack_hosts_package_state }}" register: install_packages @@ -32,7 +32,7 @@ delay: 2 - name: Install user defined extra distro packages for bare metal nodes - package: + ansible.builtin.package: name: "{{ openstack_host_extra_metal_distro_packages }}" state: "{{ openstack_hosts_package_state }}" when: @@ -43,14 +43,14 @@ delay: 2 - name: Check how kernel modules are implemented (statically builtin, dynamic, not set) - slurp: + ansible.builtin.slurp: src: "/boot/config-{{ ansible_facts['kernel'] }}" register: modules when: - openstack_host_specific_kernel_modules | length > 0 - name: Fail fast if we can't load a module - fail: + ansible.builtin.fail: msg: "{{ item.pattern }} is not set" with_items: "{{ openstack_host_specific_kernel_modules }}" when: @@ -58,7 +58,7 @@ - (modules.content | b64decode).find(item.pattern + ' is not set') != -1 - name: "Load kernel module(s)" - modprobe: + community.general.modprobe: name: "{{ item.name }}" with_items: "{{ openstack_host_kernel_modules + openstack_host_specific_kernel_modules }}" when: @@ -66,13 +66,13 @@ - item.pattern is undefined or (item.pattern is defined and (modules.content | b64decode).find(item.pattern + '=m') != -1) - name: Write list of modules to load at boot - template: + ansible.builtin.template: src: modprobe.conf.j2 dest: "{{ openstack_host_module_file }}" mode: "0644" - name: Adding new system tuning - sysctl: + ansible.posix.sysctl: name: "{{ item.key }}" value: "{{ item.value }}" sysctl_set: "{{ item.set | default('yes') }}" @@ -83,12 +83,12 @@ failed_when: false - name: Configure sysstat - include_tasks: openstack_sysstat.yml + ansible.builtin.include_tasks: openstack_sysstat.yml when: - openstack_host_sysstat_enabled | bool - name: Create a directory to hold systemd journals on disk - file: + ansible.builtin.file: path: /var/log/journal state: directory owner: root diff --git a/tasks/main.yml b/tasks/main.yml index 7fff2e7b..beb86f5d 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -14,7 +14,7 @@ # limitations under the License. - name: Gather variables for each operating system - include_vars: "{{ lookup('first_found', params) }}" + ansible.builtin.include_vars: "{{ lookup('first_found', params) }}" vars: params: files: @@ -29,7 +29,7 @@ - always - name: Allow the usage of local facts - file: + ansible.builtin.file: path: /etc/ansible/facts.d/ state: directory mode: "0755" @@ -38,13 +38,13 @@ # Deploy the release file everywhere - name: Importing openstack_release tasks - import_tasks: openstack_release.yml + ansible.builtin.import_tasks: openstack_release.yml tags: - openstack_hosts-install # Proxy configuration applies to all nodes - name: Add global_environment_variables to environment file - blockinfile: + ansible.builtin.blockinfile: dest: "/etc/environment" state: present marker: "# {mark} Managed by OpenStack-Ansible" @@ -54,7 +54,7 @@ - openstack_hosts-config - name: Ensure environement is applied during sudo - lineinfile: + ansible.builtin.lineinfile: path: /etc/pam.d/sudo line: "session required pam_env.so readenv=1 user_readenv=0" regexp: "session\\s+required\\s+pam_env\\.so" @@ -62,7 +62,7 @@ when: ansible_facts['distribution'] | lower == 'debian' - name: Create systemd global directory - file: + ansible.builtin.file: path: /etc/systemd/system.conf.d/ state: directory owner: "root" @@ -82,7 +82,7 @@ # Configure host files should apply to all nodes - name: Configure etc hosts files - include_tasks: openstack_update_hosts_file.yml + ansible.builtin.include_tasks: openstack_update_hosts_file.yml args: apply: tags: @@ -94,7 +94,7 @@ - always - name: Remove the blacklisted packages - package: + ansible.builtin.package: name: "{{ openstack_hosts_package_list | selectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}" state: absent @@ -103,11 +103,11 @@ # It is also used for installing common packages to # all nodes - name: Apply package management distro specific configuration - include_tasks: "openstack_hosts_configure_{{ ansible_facts['pkg_mgr'] | lower }}.yml" + ansible.builtin.include_tasks: "openstack_hosts_configure_{{ ansible_facts['pkg_mgr'] | lower }}.yml" # Configure bare metal nodes: Kernel, sysctl, sysstat, hosts files, metal packages - name: Including configure_metal_hosts tasks - include_tasks: configure_metal_hosts.yml + ansible.builtin.include_tasks: configure_metal_hosts.yml args: apply: tags: @@ -118,7 +118,7 @@ - always - name: Decreasing tcp_retries2 sysctl - sysctl: + ansible.posix.sysctl: name: "net.ipv4.tcp_retries2" value: "{{ keepalived_sysctl_tcp_retries | default(8) }}" sysctl_set: true @@ -128,7 +128,7 @@ failed_when: false - name: Install distro packages - package: + ansible.builtin.package: name: "{{ openstack_host_distro_packages }}" state: "{{ openstack_hosts_package_state }}" when: @@ -139,7 +139,7 @@ delay: 2 - name: Install user defined extra distro packages - package: + ansible.builtin.package: name: "{{ openstack_host_extra_distro_packages }}" state: "{{ openstack_hosts_package_state }}" when: @@ -150,12 +150,12 @@ delay: 2 - name: Importing openstack_authorized_keys tasks - import_tasks: openstack_authorized_keys.yml + ansible.builtin.import_tasks: openstack_authorized_keys.yml tags: - openstack_hosts-config - name: Including PKI role - include_role: + ansible.builtin.include_role: name: pki tasks_from: main_ca_install.yml vars: @@ -165,14 +165,14 @@ - always - name: Including openstack_gitconfig tasks - include_tasks: openstack_gitconfig.yml + ansible.builtin.include_tasks: openstack_gitconfig.yml args: apply: tags: - openstack_hosts-config - name: Including openstack_hosts_systemd tasks - include_tasks: openstack_hosts_systemd.yml + ansible.builtin.include_tasks: openstack_hosts_systemd.yml args: apply: tags: diff --git a/tasks/openstack_authorized_keys.yml b/tasks/openstack_authorized_keys.yml index 69de201f..4ef1fa3f 100644 --- a/tasks/openstack_authorized_keys.yml +++ b/tasks/openstack_authorized_keys.yml @@ -14,7 +14,7 @@ # limitations under the License. - name: Ensure ssh directory - file: + ansible.builtin.file: path: "{{ ansible_facts['env']['HOME'] }}/.ssh" state: "directory" group: "{{ ansible_facts['user_id'] }}" @@ -22,7 +22,7 @@ mode: "0700" - name: Update SSH keys - authorized_key: + ansible.posix.authorized_key: user: "{{ ansible_facts['user'] }}" state: present key: "{{ item }}" diff --git a/tasks/openstack_gitconfig.yml b/tasks/openstack_gitconfig.yml index 0a126408..02db3728 100644 --- a/tasks/openstack_gitconfig.yml +++ b/tasks/openstack_gitconfig.yml @@ -23,14 +23,14 @@ - skip_ansible_lint - name: Write git config when git is installed - git_config: + community.general.git_config: scope: system name: http.https://opendev.org/.userAgent value: "{{ 'git/' ~ _git_version.stdout.split(' ')[2] ~ ' (osa/' ~ lookup('env', 'OSA_VERSION') ~ '/' ~ component | default('undefined') ~ ')' }}" when: _git_version.rc == 0 - name: Configure git safe directories - git_config: + community.general.git_config: scope: system name: safe.directory value: "{{ item }}" @@ -40,7 +40,7 @@ - openstack_hosts_git_safe_directories is defined - name: Write git config when git is not installed - template: + ansible.builtin.template: src: gitconfig.j2 dest: /etc/gitconfig mode: "0644" diff --git a/tasks/openstack_hosts_configure_apt.yml b/tasks/openstack_hosts_configure_apt.yml index 29cd2161..39512c66 100644 --- a/tasks/openstack_hosts_configure_apt.yml +++ b/tasks/openstack_hosts_configure_apt.yml @@ -16,7 +16,7 @@ # APT configuration tasks that apply on all nodes. - name: Ensure /etc/apt/sources.list.d exists - file: + ansible.builtin.file: path: /etc/apt/sources.list.d state: directory owner: root @@ -36,14 +36,14 @@ openstack_hosts_apt_repo_cleanup: - uca.list - osbpo.list - file: + ansible.builtin.file: path: "/etc/apt/sources.list.d/{{ item }}" state: absent register: _cleanup_apt_repositories with_items: "{{ openstack_hosts_apt_repo_cleanup }}" - name: Add requirement packages (repositories gpg keys, toolkits...) - apt: + ansible.builtin.apt: name: "{{ openstack_hosts_package_list | rejectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}" state: "{{ openstack_hosts_package_state }}" update_cache: true @@ -81,7 +81,7 @@ register: _manage_apt_repositories - name: Add apt extra conf - copy: + ansible.builtin.copy: content: "{{ openstack_hosts_package_manager_default_conf + openstack_hosts_package_manager_extra_conf }}" dest: /etc/apt/apt.conf.d/99openstack-ansible mode: "0644" @@ -89,7 +89,7 @@ - openstack_hosts_package_manager_extra_conf | length > 0 or openstack_hosts_package_manager_default_conf | length > 0 - name: Update Apt cache - apt: + ansible.builtin.apt: update_cache: true when: - (_manage_apt_repositories is changed) or (_cleanup_apt_repositories is changed) diff --git a/tasks/openstack_hosts_configure_dnf.yml b/tasks/openstack_hosts_configure_dnf.yml index f614364b..f2cf316e 100644 --- a/tasks/openstack_hosts_configure_dnf.yml +++ b/tasks/openstack_hosts_configure_dnf.yml @@ -14,12 +14,12 @@ # limitations under the License. - name: Check to see if yum's fastestmirror plugin is present - stat: + ansible.builtin.stat: path: /etc/yum/pluginconf.d/fastestmirror.conf register: fastestmirror_plugin_check - name: Configure yum's fastestmirror plugin - ini_file: + community.general.ini_file: path: /etc/yum/pluginconf.d/fastestmirror.conf section: main option: enabled @@ -30,7 +30,7 @@ - fastestmirror_plugin_check.stat.exists - name: Disable requiretty for root sudo on centos - template: + ansible.builtin.template: dest: /etc/sudoers.d/openstack-ansible owner: root group: root @@ -41,20 +41,19 @@ # KeyID 764429E6 from https://raw.githubusercontent.com/rdo-infra/centos-release-openstack/ocata-rdo/RPM-GPG-KEY-CentOS-SIG-Cloud # KeyID 61E8806C from keyserver for rdo-qemu-ev - name: If a keyfile is provided, copy the gpg keyfile to the key location - copy: + ansible.builtin.copy: src: "{{ item.keyfile }}" dest: "{{ item.key }}" mode: "0644" with_items: "{{ openstack_hosts_package_repos_keys | selectattr('keyfile', 'defined') | list }}" - name: Ensure GPG keys have the correct SELinux contexts applied - command: restorecon -Rv /etc/pki/rpm-gpg/ - # TODO(evrardjp): Be more idempotent + ansible.builtin.command: restorecon -Rv /etc/pki/rpm-gpg/ changed_when: false # Handle gpg keys manually - name: Install gpg keys - rpm_key: + ansible.builtin.rpm_key: key: "{{ key.key }}" validate_certs: "{{ key.validate_certs | default(omit) }}" state: "{{ key.state | default('present') }}" @@ -67,12 +66,12 @@ delay: 2 - name: Add requirement packages (repositories gpg keys packages, toolkits...) - package: + ansible.builtin.package: name: "{{ openstack_hosts_package_list | rejectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}" state: "{{ openstack_hosts_package_state }}" - name: Add yum repositories if they do not exist - yum_repository: + ansible.builtin.yum_repository: name: "{{ repo.name }}" file: "{{ repo.file | default(omit) }}" description: "{{ repo.description | default(omit) }}" @@ -94,7 +93,7 @@ delay: 2 - name: Add dnf extra conf - blockinfile: + ansible.builtin.blockinfile: block: "{{ openstack_hosts_package_manager_default_conf + openstack_hosts_package_manager_extra_conf }}" path: /etc/dnf/dnf.conf marker: "# {mark} OPENSTACK-ANSIBLE-OPENSTACK_HOSTS MANAGED BLOCK" @@ -104,7 +103,7 @@ - openstack_hosts_package_manager_extra_conf | length > 0 or openstack_hosts_package_manager_default_conf | length > 0 - name: Add rdo repositories via url for trunk based installation - get_url: + ansible.builtin.get_url: url: "{{ openstack_hosts_rdo_repo_url }}/delorean.repo" dest: /etc/yum.repos.d/rdo.repo mode: "0640" @@ -117,7 +116,7 @@ - openstack_hosts_rdo_repo_type == 'trunk' - name: Install centos-release-openstack package for cloudsig based installation - package: + ansible.builtin.package: name: - centos-release-openstack-{{ openstack_distrib_code_name | lower }} when: @@ -125,14 +124,14 @@ - openstack_hosts_rdo_repo_type == 'cloudsig' - name: Enable CodeReadyBuilder repository - command: dnf config-manager --set-enabled "crb" + ansible.builtin.command: dnf config-manager --set-enabled "crb" changed_when: false when: - openstack_hosts_power_tool_enable | bool - ansible_facts['distribution_major_version'] == "9" - name: Create SSL certificate and key directories - file: + ansible.builtin.file: path: "{{ item.path }}" state: directory owner: "{{ item.owner | default(root) }}" @@ -143,7 +142,7 @@ - { path: "/etc/pki/tls/private", owner: "root", group: "root" } - name: Create SSL certificate and key directory symlinks - file: + ansible.builtin.file: src: "{{ item.src }}" dest: "{{ item.dest }}" state: "link" diff --git a/tasks/openstack_hosts_configure_yum.yml b/tasks/openstack_hosts_configure_yum.yml index 94eb0ccc..11284d6f 100644 --- a/tasks/openstack_hosts_configure_yum.yml +++ b/tasks/openstack_hosts_configure_yum.yml @@ -14,12 +14,12 @@ # limitations under the License. - name: Check to see if yum's fastestmirror plugin is present - stat: + ansible.builtin.stat: path: /etc/yum/pluginconf.d/fastestmirror.conf register: fastestmirror_plugin_check - name: Configure yum's fastestmirror plugin - ini_file: + community.general.ini_file: path: /etc/yum/pluginconf.d/fastestmirror.conf section: main option: enabled @@ -30,7 +30,7 @@ - fastestmirror_plugin_check.stat.exists - name: Disable requiretty for root sudo on centos - template: + ansible.builtin.template: dest: /etc/sudoers.d/openstack-ansible owner: root group: root @@ -41,20 +41,19 @@ # KeyID 764429E6 from https://raw.githubusercontent.com/rdo-infra/centos-release-openstack/ocata-rdo/RPM-GPG-KEY-CentOS-SIG-Cloud # KeyID 61E8806C from keyserver for rdo-qemu-ev - name: If a keyfile is provided, copy the gpg keyfile to the key location - copy: + ansible.builtin.copy: src: "{{ item.keyfile }}" dest: "{{ item.key }}" mode: "0644" with_items: "{{ openstack_hosts_package_repos_keys | selectattr('keyfile', 'defined') | list }}" - name: Ensure GPG keys have the correct SELinux contexts applied - command: restorecon -Rv /etc/pki/rpm-gpg/ - # TODO(evrardjp): Be more idempotent + ansible.builtin.command: restorecon -Rv /etc/pki/rpm-gpg/ changed_when: false # Handle gpg keys manually - name: Install gpg keys - rpm_key: + ansible.builtin.rpm_key: key: "{{ key.key }}" validate_certs: "{{ key.validate_certs | default(omit) }}" state: "{{ key.state | default('present') }}" @@ -67,12 +66,12 @@ delay: 2 - name: Add requirement packages (repositories gpg keys packages, toolkits...) - package: + ansible.builtin.package: name: "{{ openstack_hosts_package_list | rejectattr('state', 'equalto', 'absent') | map(attribute='name') | list }}" state: "{{ openstack_hosts_package_state }}" - name: Add yum repositories if they do not exist - yum_repository: + ansible.builtin.yum_repository: name: "{{ repo.name }}" file: "{{ repo.file | default(omit) }}" description: "{{ repo.description | default(omit) }}" @@ -92,7 +91,7 @@ delay: 2 - name: Add yum extra conf - blockinfile: + ansible.builtin.blockinfile: block: "{{ openstack_hosts_package_manager_default_conf + openstack_hosts_package_manager_extra_conf }}" path: /etc/yum.conf marker: "# {mark} OPENSTACK-ANSIBLE-OPENSTACK_HOSTS MANAGED BLOCK" diff --git a/tasks/openstack_hosts_systemd.yml b/tasks/openstack_hosts_systemd.yml index f469558c..aa5d4100 100644 --- a/tasks/openstack_hosts_systemd.yml +++ b/tasks/openstack_hosts_systemd.yml @@ -14,7 +14,7 @@ # limitations under the License. - name: Run the systemd-networkd role - include_role: + ansible.builtin.include_role: name: systemd_networkd vars: systemd_networkd_prefix: "{{ openstack_hosts_systemd_networkd_prefix }}" @@ -27,7 +27,7 @@ - is_metal - name: Run the systemd-service role - include_role: + ansible.builtin.include_role: name: systemd_service vars: systemd_slice_name: "{{ openstack_hosts_systemd_slice }}" @@ -36,7 +36,7 @@ - openstack_hosts_systemd_services - name: Run the systemd mount role - include_role: + ansible.builtin.include_role: name: systemd_mount vars: systemd_mounts: "{{ openstack_hosts_systemd_mounts }}" @@ -47,7 +47,7 @@ when: openstack_hosts_journald_config block: - name: Create /etc/systemd/journald.conf.d directory - file: + ansible.builtin.file: path: /etc/systemd/journald.conf.d state: directory owner: root @@ -55,7 +55,7 @@ mode: "0755" - name: Define journald configuration - copy: + ansible.builtin.copy: content: |- [Journal] {% for key, value in openstack_hosts_journald_config.items() %} diff --git a/tasks/openstack_release.yml b/tasks/openstack_release.yml index 17ab8b8f..a39af0bd 100644 --- a/tasks/openstack_release.yml +++ b/tasks/openstack_release.yml @@ -14,7 +14,7 @@ # limitations under the License. - name: Drop openstack release file - template: + ansible.builtin.template: src: "openstack-release.j2" dest: "{{ openstack_distrib_file_path }}" owner: "root" @@ -24,7 +24,7 @@ - openstack_distrib_file | bool - name: Remove legacy openstack release file - file: + ansible.builtin.file: path: "{{ openstack_distrib_file_path }}" state: absent when: diff --git a/tasks/openstack_sysstat.yml b/tasks/openstack_sysstat.yml index 09e225d2..1036c799 100644 --- a/tasks/openstack_sysstat.yml +++ b/tasks/openstack_sysstat.yml @@ -14,7 +14,7 @@ # limitations under the License. - name: Enable sysstat config - template: + ansible.builtin.template: src: "sysstat.default.j2" dest: "{{ openstack_host_sysstat_file }}" mode: "0644" @@ -23,14 +23,14 @@ notify: Restart sysstat - name: Enable sysstat cron - template: + ansible.builtin.template: src: "{{ openstack_host_cron_template }}" dest: "{{ openstack_host_sysstat_cron_file }}" mode: "{{ openstack_host_sysstat_cron_mode }}" setype: "{{ (ansible_facts['selinux']['status'] == 'enabled') | ternary('system_cron_spool_t', omit) }}" - name: Start and enable the sysstat service - service: + ansible.builtin.service: name: sysstat state: started enabled: true diff --git a/tasks/openstack_update_hosts_file.yml b/tasks/openstack_update_hosts_file.yml index 06c1df39..3d922a14 100644 --- a/tasks/openstack_update_hosts_file.yml +++ b/tasks/openstack_update_hosts_file.yml @@ -15,7 +15,7 @@ - name: Generate hosts file records run_once: true - set_fact: + ansible.builtin.set_fact: _etc_hosts_content: |- {% set records = [] %} {% set _groups = groups['all'] %} @@ -40,7 +40,7 @@ {{ records }} - name: Update hosts file - blockinfile: + ansible.builtin.blockinfile: dest: /etc/hosts block: "{{ (_etc_hosts_content + openstack_host_custom_hosts_records) | join('\n') }}" marker: "### {mark} OPENSTACK-ANSIBLE MANAGED BLOCK ###" @@ -48,7 +48,7 @@ - openstack_host_manage_hosts_file | bool - name: Update hosts file on deploy host - blockinfile: + ansible.builtin.blockinfile: dest: /etc/hosts block: "{{ (_etc_hosts_content + openstack_host_custom_hosts_records) | join('\n') }}" marker: "### {mark} OPENSTACK-ANSIBLE {{ lookup('env', 'OSA_CONFIG_DIR') }} MANAGED BLOCK ###"