Merge "Ensure Fully Qualified Class Names (FQCN) in Playbooks and Roles"

softwarefactory-project · Feb 27, 2024 · 614005c · 614005c
2 parents 47ff782 + 409f2e7
commit 614005c
Show file tree

Hide file tree

Showing 31 changed files with 61 additions and 61 deletions.
diff --git a/playbooks/ansible-dependencies.yaml b/playbooks/ansible-dependencies.yaml
@@ -2,6 +2,6 @@
 - hosts: "{{ hostname | default('controller') }}"
   tasks:
     - name: Ensure ansible-lint is installed
-      shell: type ansible-galaxy || pip install --user ansible-core
+      ansible.builtin.shell: type ansible-galaxy || pip install --user ansible-core
     - name: install required collections
-      shell: ansible-galaxy collection install community.general community.crypto ansible.posix kubernetes.core
+      ansible.builtin.shell: ansible-galaxy collection install community.general community.crypto ansible.posix kubernetes.core
diff --git a/playbooks/health-check/dstat-post.yaml b/playbooks/health-check/dstat-post.yaml
@@ -1,5 +1,5 @@
 - hosts: all
   tasks:
-    - include_role:
+    - ansible.builtin.include_role:
         name: dstat-graph
       when: ansible_distribution == "CentOS"
diff --git a/playbooks/health-check/dstat-pre.yaml b/playbooks/health-check/dstat-pre.yaml
@@ -3,12 +3,12 @@
     - name: Setup dstat
       block:
         - name: Install dstat package
-          package:
+          ansible.builtin.package:
             name: dstat
             state: present
           become: true
 
-        - include_role:
+        - ansible.builtin.include_role:
             name: "{{ item }}"
           loop:
             - ensure-dstat-graph

diff --git a/playbooks/post.yaml b/playbooks/post.yaml
@@ -1,39 +1,39 @@
 - hosts: "{{ hostname | default('controller') }}"
   tasks:
       # Fetch zuul jobs artifacts stored in the logserver during the sf-operator functional test
-      - include_role:
+      - ansible.builtin.include_role:
             name: post/get-logserver-content
 
       # Fetch nodepool-builder build image logs
-      - include_role:
+      - ansible.builtin.include_role:
             name: post/get-nodepool-builds-logs
 
       # Fetch k8s cluster wide resources
-      - include_role:
+      - ansible.builtin.include_role:
             name: post/get-k8s-cluster-resources
 
       # Fetch k8s resources for the sf namespace
-      - include_role:
+      - ansible.builtin.include_role:
             name: post/get-k8s-resources
         vars:
             namespace: sf
 
       # Fetch k8s resources for the sf-operator namespace
-      - include_role:
+      - ansible.builtin.include_role:
             name: post/get-k8s-resources
         vars:
             namespace: operators
 
       # Fetch system-config repo
-      - include_role:
+      - ansible.builtin.include_role:
             name: post/get-system-config
 
       # Fetch repos stored on code review service
-      - include_role:
+      - ansible.builtin.include_role:
             name: post/get-repos
 
-      - include_role:
+      - ansible.builtin.include_role:
             name: post/get-system-logs
 
-      - include_role:
+      - ansible.builtin.include_role:
             name: post/get-loki-logs
diff --git a/roles/build-operator-assets/tasks/main.yaml b/roles/build-operator-assets/tasks/main.yaml
@@ -1,7 +1,7 @@
 ---
 - name: "Sync sf-operator to {{ microshift_host }}:{{ src_dir }} instance"
   when: remote_os_host
-  command: "rsync -av ../../sf-operator/ {{ microshift_host }}:{{ src_dir }} --exclude=.git --delete"
+  ansible.builtin.command: "rsync -av ../../sf-operator/ {{ microshift_host }}:{{ src_dir }} --exclude=.git --delete"
   tags:
     - skip_ansible_lint
 

diff --git a/roles/health-check/check-sf-resource-ready/tasks/main.yaml b/roles/health-check/check-sf-resource-ready/tasks/main.yaml
@@ -19,7 +19,7 @@
     # by k8s right after any object change
     # https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata
     - name: Ensure 1 sec delay to let time for k8s to update the metadata.generation field
-      command: sleep 1
+      ansible.builtin.command: sleep 1
 
     - name: Get current resource generation
       ansible.builtin.command: kubectl get sf my-sf -o=jsonpath='{.metadata.generation}'

diff --git a/roles/health-check/config-update-nodepool-builder/tasks/main.yaml b/roles/health-check/config-update-nodepool-builder/tasks/main.yaml
@@ -62,7 +62,7 @@
     key: "{{ nodepool_get_key.stdout }}"
 
 - name: Ensure nodepool-builder pod can connect via SSH using the 'nodepool' user to the image-builder machine
-  command: >
+  ansible.builtin.command: >
     kubectl exec -it nodepool-builder-0 -c nodepool-builder
     -- ssh -o StrictHostKeyChecking=no nodepool@{{ microshift_host }} hostname
 
@@ -104,7 +104,7 @@
       - name: Dummy cloud image build playbook
         hosts: image-builder
         tasks:
-          - debug:
+          - ansible.builtin.debug:
               msg: "Hello from build of {{ nodepool_diskimage_name }}"
           - name: Copy Zuul public key on the image-builder
             copy:

diff --git a/roles/health-check/scale-resources/tasks/scale.yaml b/roles/health-check/scale-resources/tasks/scale.yaml
@@ -1,6 +1,6 @@
 ---
 - name: "Collect {{ service.kind }} log before executing the scale command"
-  shell: |
+  ansible.builtin.shell: |
     mkdir -p ~/zuul-output/logs/k8s-resources/sf/pod
     kubectl logs {{ service.kind }}/{{ service.name }} > ~/zuul-output/logs/k8s-resources/sf/pod/{{ service.name }}-0-{{ service.name }}-logs0.txt
 

diff --git a/roles/health-check/test-cert-manager-letsencrypt/tasks/main.yaml b/roles/health-check/test-cert-manager-letsencrypt/tasks/main.yaml
@@ -16,7 +16,7 @@
 # This partialy verifies the flow with Let's Encrypt.
 
 - name: Ensure nodepool service Certificate not Ready for expected reason
-  shell: "kubectl -n sf get challenge -o json | grep {{ fqdn }}"
+  ansible.builtin.shell: "kubectl -n sf get challenge -o json | grep {{ fqdn }}"
   register: result
   until:
     - result is success

diff --git a/roles/health-check/test-custom-certs/tasks/ca.yaml b/roles/health-check/test-custom-certs/tasks/ca.yaml
@@ -1,10 +1,10 @@
 ---
 - name: Gen CA privkey
-  openssl_privatekey:
+  community.crypto.openssl_privatekey:
     path: "{{ ssl_path }}/localCA.key"
 
 - name: Generate CA CSR
-  openssl_csr:
+  community.crypto.openssl_csr:
     path: "{{ ssl_path }}/localCA.csr"
     privatekey_path: "{{ ssl_path }}/localCA.key"
     country_name: "{{ country_name }}"

diff --git a/roles/health-check/test-custom-certs/tasks/client-cert.yaml b/roles/health-check/test-custom-certs/tasks/client-cert.yaml
@@ -1,10 +1,10 @@
 ---
 - name: Gen privkey - client
-  openssl_privatekey:
+  community.crypto.openssl_privatekey:
     path: "{{ ssl_path }}/ssl.key"
 
 - name: Generate Openssl CSR - client
-  openssl_csr:
+  community.crypto.openssl_csr:
     path: "{{ ssl_path }}/ssl.csr"
     privatekey_path: "{{ ssl_path }}/ssl.key"
     common_name: "{{ common_name }}"

diff --git a/roles/health-check/test-custom-certs/tasks/main.yaml b/roles/health-check/test-custom-certs/tasks/main.yaml
@@ -1,6 +1,6 @@
 ---
 - name: Create temporary directory for the custom CA and Route certificate
-  tempfile:
+  ansible.builtin.tempfile:
     state: directory
     suffix: ssl
   register: tempdir

diff --git a/roles/health-check/test-log-forwarding/tasks/main.yaml b/roles/health-check/test-log-forwarding/tasks/main.yaml
@@ -1,12 +1,12 @@
 ---
 - name: Start port forwarding to loki-http
-  shell: |
+  ansible.builtin.shell: |
     kubectl port-forward service/loki-http 3100 -n sf
   async: 60
   poll: 0
 
 - name: Ensure loki is reachable
-  uri:
+  ansible.builtin.uri:
     url: http://localhost:3100/loki/api/v1/status/buildinfo
     return_content: yes
   register: loki_buildinfo

diff --git a/roles/health-check/test-monitoring/tasks/main.yaml b/roles/health-check/test-monitoring/tasks/main.yaml
@@ -70,7 +70,7 @@
   register: statsd_mappings
 
 - name: Ensure statsd mapping config has custom mappings from clouds.yaml
-  fail:
+  ansible.builtin.fail:
     msg: "statsd mapping configuration has no reference to clouds config"
   when: ("nodepool.openstack.nimbus" not in statsd_mappings.stdout) or
     ("nodepool.openstack.cumulus" not in statsd_mappings.stdout) or

diff --git a/roles/health-check/test-nodepool-providers-secrets/tasks/main.yaml b/roles/health-check/test-nodepool-providers-secrets/tasks/main.yaml
@@ -1,6 +1,6 @@
 ---
 - name: Dump current secrets from nodepool
-  command: >
+  ansible.builtin.command: >
     go run ./main.go {{ cli_global_flags }} nodepool get providers-secrets --clouds /tmp/clouds.yaml --kube /tmp/kubeconfig.yaml
   args:
     chdir: "{{ zuul.project.src_dir }}"
@@ -11,7 +11,7 @@
     dest: /tmp/clouds.yaml
 
 - name: Upload clouds secrets to nodepool
-  command: >
+  ansible.builtin.command: >
     go run ./main.go {{ cli_global_flags }} nodepool configure providers-secrets --clouds /tmp/clouds.yaml --kube /tmp/kubeconfig.yaml
   args:
     chdir: "{{ zuul.project.src_dir }}"

diff --git a/roles/health-check/test-volumestats-sidecar/tasks/main.yaml b/roles/health-check/test-volumestats-sidecar/tasks/main.yaml
@@ -8,7 +8,7 @@
   delay: 10
 
 - name: Start port forwarding to logserver sidecar
-  shell: |
+  ansible.builtin.shell: |
     kubectl port-forward service/logserver 9100 -n sf
   async: 60
   poll: 0
@@ -18,7 +18,7 @@
     seconds: 20
 
 - name: Ensure volume info is exposed by metrics
-  uri:
+  ansible.builtin.uri:
     url: http://localhost:9100/metrics
     return_content: yes
   register: logserver_metrics

diff --git a/roles/health-check/validate-purgelogs/tasks/main.yaml b/roles/health-check/validate-purgelogs/tasks/main.yaml
@@ -26,7 +26,7 @@
         loopDelay: 5
 
 - name: Ensure logserver/purgelog restarted with correct loopDelay
-  command: kubectl get pods {{ pod_name }} -o jsonpath="{.spec.containers[?(@.name=='purgelogs')].command}"
+  ansible.builtin.command: kubectl get pods {{ pod_name }} -o jsonpath="{.spec.containers[?(@.name=='purgelogs')].command}"
   register: purgelogs_command
   until: purgelogs_command is not failed and "5" in purgelogs_command.stdout
   delay: 5

diff --git a/roles/health-check/zuul-authenticators/tasks/main.yaml b/roles/health-check/zuul-authenticators/tasks/main.yaml
@@ -1,6 +1,6 @@
 ---
 - name: Initialize new authenticator config
-  set_fact:
+  ansible.builtin.set_fact:
     test_authenticator:
       - name: keycloak
         realm: my_test_realm

diff --git a/roles/health-check/zuul-connections/tasks/main.yaml b/roles/health-check/zuul-connections/tasks/main.yaml
@@ -1,6 +1,6 @@
 ---
 - name: Setting Dummy Connections
-  set_fact:
+  ansible.builtin.set_fact:
     dummy_gerritconn:
       - name: dummy-gerrit-conn
         hostname: dummy-gerrit.local
@@ -75,7 +75,7 @@
         api_token: "{{ 'ghp_51abcFzcvf3GxOJpPFUKxsT6JIL3Nnbf39E' | b64encode }}"
 
 - name: Get current Zuul gerrit connections
-  command: |
+  ansible.builtin.command: |
     {% if mode == 'olm' %}
     kubectl get sf my-sf -o jsonpath='{.spec.zuul.gerritconns}'
     {% else %}

diff --git a/roles/install-operator/tasks/main.yaml b/roles/install-operator/tasks/main.yaml
@@ -1,6 +1,6 @@
 - name: Install busybox from quay.io to avoid docker.io rate limit
   delegate_to: "{{ os_host }}"
-  command: "{{ busybox_setup }}"
+  ansible.builtin.command: "{{ busybox_setup }}"
   loop:
     - podman pull quay.io/software-factory/busybox
     - podman image tag quay.io/software-factory/busybox:latest docker.io/library/busybox:1.36.0

diff --git a/roles/post/get-loki-logs/tasks/main.yaml b/roles/post/get-loki-logs/tasks/main.yaml
@@ -11,14 +11,14 @@
   register: _output_dir_realpath
 
 - name: Start port forwarding to loki-http if needed
-  shell: |
+  ansible.builtin.shell: |
     kubectl port-forward service/loki-http 3100 -n sf
   async: 60
   poll: 0
   ignore_errors: true
 
 - name: Ensure loki is reachable
-  uri:
+  ansible.builtin.uri:
     url: http://localhost:3100/loki/api/v1/status/buildinfo
     return_content: yes
   register: loki_buildinfo

diff --git a/roles/post/get-system-config/tasks/main.yaml b/roles/post/get-system-config/tasks/main.yaml
@@ -5,7 +5,7 @@
     state: absent
 
 - name: Start port forwarding to git server
-  shell: |
+  ansible.builtin.shell: |
     kubectl port-forward service/git-server 9418 -n sf
   async: 60
   poll: 0

diff --git a/roles/publish-operator-quay/tasks/main.yaml b/roles/publish-operator-quay/tasks/main.yaml
@@ -1,7 +1,7 @@
 ---
 - name: Install dependencies
   become: true
-  package:
+  ansible.builtin.package:
     name:
       - golang
       - make
@@ -18,7 +18,7 @@
   no_log: true
 
 - name: Check if the tag variable is set
-  fail:
+  ansible.builtin.fail:
     msg: The version of the repo tag 'zuul.tag' is not defined
   when:
     - "'tag' not in zuul"

diff --git a/roles/sanity-check/tasks/main.yaml b/roles/sanity-check/tasks/main.yaml
@@ -2,13 +2,13 @@
   when: not remote_os_host
   block:
     - name: Run make
-      command: make
+      ansible.builtin.command: make
       args:
         chdir: "{{ zuul.project.src_dir }}"
 
     # for some reasons, LICENSE file is updated with cert-manager license during go build
     - name: Check for diff
-      command: git diff -- ":(exclude)LICENSE"
+      ansible.builtin.command: git diff -- ":(exclude)LICENSE"
       args:
         chdir: "{{ zuul.project.src_dir }}"
       register: render_diff
@@ -19,7 +19,7 @@
       when:
         - render_diff.stdout
       failed_when: true
-      debug:
+      ansible.builtin.debug:
         msg: |
           The repository content is not consistent.
           Please commit the change made after running `make`.

diff --git a/roles/setup-env/tasks/main.yaml b/roles/setup-env/tasks/main.yaml
@@ -22,7 +22,7 @@
         - os_host != 'controller'
 
     - name: Check if kubeconfig exists
-      stat:
+      ansible.builtin.stat:
         path: ~/.kube/config
       register: _kubeconfig
       become: false

diff --git a/roles/setup-local-registry/tasks/main.yaml b/roles/setup-local-registry/tasks/main.yaml
@@ -1,42 +1,42 @@
 - name: Is registry container exists
-  command: podman container exists registry
+  ansible.builtin.command: podman container exists registry
   register: is_registry_container_exists
   failed_when: is_registry_container_exists.rc >= 2
 
 - name: Clean registry
   when: is_registry_container_exists.rc == 0
   block:
     - name: Stop registry
-      command: podman stop registry
+      ansible.builtin.command: podman stop registry
 
     - name: Delete registry contrainer
-      command: podman rm registry
+      ansible.builtin.command: podman rm registry
 
 - name: Does registry volume exist
-  command: podman volume exists registry
+  ansible.builtin.command: podman volume exists registry
   register: is_registry_volume_exists
   failed_when: is_registry_volume_exists.rc >= 2
 
 - name: Clean registry volume
   when: is_registry_volume_exists.rc == 0
-  command: podman volume rm registry
+  ansible.builtin.command: podman volume rm registry
 
 # quay.io/software-factory/registry:2 is a copy of https://hub.docker.com/_/registry
 - name: Fetch the podman registry container image
-  command: podman pull quay.io/software-factory/registry:2
+  ansible.builtin.command: podman pull quay.io/software-factory/registry:2
   register: podman_fetch
   retries: 12
   delay: 10
   until:
     - podman_fetch.rc == 0
 
 - name: Start the podman registry container
-  command: |
+  ansible.builtin.command: |
     podman container run -dt -p 5000:5000 --name registry \
     --volume registry:/var/lib/registry:Z quay.io/software-factory/registry:2
 
 - name: Wait for the registry to be up
-  command: podman image search localhost:5000/ --tls-verify=false
+  ansible.builtin.command: podman image search localhost:5000/ --tls-verify=false
   register: is_registry_running
   until: is_registry_running.rc == 0
   delay: 1