diff --git a/playbooks/ansible-dependencies.yaml b/playbooks/ansible-dependencies.yaml index 92ed2698..7a353904 100644 --- a/playbooks/ansible-dependencies.yaml +++ b/playbooks/ansible-dependencies.yaml @@ -2,6 +2,6 @@ - hosts: "{{ hostname | default('controller') }}" tasks: - name: Ensure ansible-lint is installed - shell: type ansible-galaxy || pip install --user ansible-core + ansible.builtin.shell: type ansible-galaxy || pip install --user ansible-core - name: install required collections - shell: ansible-galaxy collection install community.general community.crypto ansible.posix kubernetes.core \ No newline at end of file + ansible.builtin.shell: ansible-galaxy collection install community.general community.crypto ansible.posix kubernetes.core \ No newline at end of file diff --git a/playbooks/health-check/dstat-post.yaml b/playbooks/health-check/dstat-post.yaml index 1d3479d3..695c2e00 100644 --- a/playbooks/health-check/dstat-post.yaml +++ b/playbooks/health-check/dstat-post.yaml @@ -1,5 +1,5 @@ - hosts: all tasks: - - include_role: + - ansible.builtin.include_role: name: dstat-graph when: ansible_distribution == "CentOS" diff --git a/playbooks/health-check/dstat-pre.yaml b/playbooks/health-check/dstat-pre.yaml index 027de471..1fb07a2c 100644 --- a/playbooks/health-check/dstat-pre.yaml +++ b/playbooks/health-check/dstat-pre.yaml @@ -3,12 +3,12 @@ - name: Setup dstat block: - name: Install dstat package - package: + ansible.builtin.package: name: dstat state: present become: true - - include_role: + - ansible.builtin.include_role: name: "{{ item }}" loop: - ensure-dstat-graph diff --git a/playbooks/post.yaml b/playbooks/post.yaml index 9bf6fb2f..c089e162 100644 --- a/playbooks/post.yaml +++ b/playbooks/post.yaml @@ -1,39 +1,39 @@ - hosts: "{{ hostname | default('controller') }}" tasks: # Fetch zuul jobs artifacts stored in the logserver during the sf-operator functional test - - include_role: + - ansible.builtin.include_role: name: post/get-logserver-content # Fetch nodepool-builder build image logs - - include_role: + - ansible.builtin.include_role: name: post/get-nodepool-builds-logs # Fetch k8s cluster wide resources - - include_role: + - ansible.builtin.include_role: name: post/get-k8s-cluster-resources # Fetch k8s resources for the sf namespace - - include_role: + - ansible.builtin.include_role: name: post/get-k8s-resources vars: namespace: sf # Fetch k8s resources for the sf-operator namespace - - include_role: + - ansible.builtin.include_role: name: post/get-k8s-resources vars: namespace: operators # Fetch system-config repo - - include_role: + - ansible.builtin.include_role: name: post/get-system-config # Fetch repos stored on code review service - - include_role: + - ansible.builtin.include_role: name: post/get-repos - - include_role: + - ansible.builtin.include_role: name: post/get-system-logs - - include_role: + - ansible.builtin.include_role: name: post/get-loki-logs \ No newline at end of file diff --git a/roles/build-operator-assets/tasks/main.yaml b/roles/build-operator-assets/tasks/main.yaml index 696b5afc..7f73ee4e 100644 --- a/roles/build-operator-assets/tasks/main.yaml +++ b/roles/build-operator-assets/tasks/main.yaml @@ -1,7 +1,7 @@ --- - name: "Sync sf-operator to {{ microshift_host }}:{{ src_dir }} instance" when: remote_os_host - command: "rsync -av ../../sf-operator/ {{ microshift_host }}:{{ src_dir }} --exclude=.git --delete" + ansible.builtin.command: "rsync -av ../../sf-operator/ {{ microshift_host }}:{{ src_dir }} --exclude=.git --delete" tags: - skip_ansible_lint diff --git a/roles/health-check/check-sf-resource-ready/tasks/main.yaml b/roles/health-check/check-sf-resource-ready/tasks/main.yaml index 46a5d0b1..ef89c052 100644 --- a/roles/health-check/check-sf-resource-ready/tasks/main.yaml +++ b/roles/health-check/check-sf-resource-ready/tasks/main.yaml @@ -19,7 +19,7 @@ # by k8s right after any object change # https://github.com/kubernetes/community/blob/master/contributors/devel/sig-architecture/api-conventions.md#metadata - name: Ensure 1 sec delay to let time for k8s to update the metadata.generation field - command: sleep 1 + ansible.builtin.command: sleep 1 - name: Get current resource generation ansible.builtin.command: kubectl get sf my-sf -o=jsonpath='{.metadata.generation}' diff --git a/roles/health-check/config-update-nodepool-builder/tasks/main.yaml b/roles/health-check/config-update-nodepool-builder/tasks/main.yaml index db6835ff..37bcf1aa 100644 --- a/roles/health-check/config-update-nodepool-builder/tasks/main.yaml +++ b/roles/health-check/config-update-nodepool-builder/tasks/main.yaml @@ -62,7 +62,7 @@ key: "{{ nodepool_get_key.stdout }}" - name: Ensure nodepool-builder pod can connect via SSH using the 'nodepool' user to the image-builder machine - command: > + ansible.builtin.command: > kubectl exec -it nodepool-builder-0 -c nodepool-builder -- ssh -o StrictHostKeyChecking=no nodepool@{{ microshift_host }} hostname @@ -104,7 +104,7 @@ - name: Dummy cloud image build playbook hosts: image-builder tasks: - - debug: + - ansible.builtin.debug: msg: "Hello from build of {{ nodepool_diskimage_name }}" - name: Copy Zuul public key on the image-builder copy: diff --git a/roles/health-check/scale-resources/tasks/scale.yaml b/roles/health-check/scale-resources/tasks/scale.yaml index 0f5cb64c..a8475fdf 100644 --- a/roles/health-check/scale-resources/tasks/scale.yaml +++ b/roles/health-check/scale-resources/tasks/scale.yaml @@ -1,6 +1,6 @@ --- - name: "Collect {{ service.kind }} log before executing the scale command" - shell: | + ansible.builtin.shell: | mkdir -p ~/zuul-output/logs/k8s-resources/sf/pod kubectl logs {{ service.kind }}/{{ service.name }} > ~/zuul-output/logs/k8s-resources/sf/pod/{{ service.name }}-0-{{ service.name }}-logs0.txt diff --git a/roles/health-check/test-cert-manager-letsencrypt/tasks/main.yaml b/roles/health-check/test-cert-manager-letsencrypt/tasks/main.yaml index 51d06af2..ad0be3a6 100644 --- a/roles/health-check/test-cert-manager-letsencrypt/tasks/main.yaml +++ b/roles/health-check/test-cert-manager-letsencrypt/tasks/main.yaml @@ -16,7 +16,7 @@ # This partialy verifies the flow with Let's Encrypt. - name: Ensure nodepool service Certificate not Ready for expected reason - shell: "kubectl -n sf get challenge -o json | grep {{ fqdn }}" + ansible.builtin.shell: "kubectl -n sf get challenge -o json | grep {{ fqdn }}" register: result until: - result is success diff --git a/roles/health-check/test-custom-certs/tasks/ca.yaml b/roles/health-check/test-custom-certs/tasks/ca.yaml index c98ccb78..2643b4ad 100644 --- a/roles/health-check/test-custom-certs/tasks/ca.yaml +++ b/roles/health-check/test-custom-certs/tasks/ca.yaml @@ -1,10 +1,10 @@ --- - name: Gen CA privkey - openssl_privatekey: + community.crypto.openssl_privatekey: path: "{{ ssl_path }}/localCA.key" - name: Generate CA CSR - openssl_csr: + community.crypto.openssl_csr: path: "{{ ssl_path }}/localCA.csr" privatekey_path: "{{ ssl_path }}/localCA.key" country_name: "{{ country_name }}" diff --git a/roles/health-check/test-custom-certs/tasks/client-cert.yaml b/roles/health-check/test-custom-certs/tasks/client-cert.yaml index bc6d016c..1d2914a6 100644 --- a/roles/health-check/test-custom-certs/tasks/client-cert.yaml +++ b/roles/health-check/test-custom-certs/tasks/client-cert.yaml @@ -1,10 +1,10 @@ --- - name: Gen privkey - client - openssl_privatekey: + community.crypto.openssl_privatekey: path: "{{ ssl_path }}/ssl.key" - name: Generate Openssl CSR - client - openssl_csr: + community.crypto.openssl_csr: path: "{{ ssl_path }}/ssl.csr" privatekey_path: "{{ ssl_path }}/ssl.key" common_name: "{{ common_name }}" diff --git a/roles/health-check/test-custom-certs/tasks/main.yaml b/roles/health-check/test-custom-certs/tasks/main.yaml index a58f413b..dce61c1a 100644 --- a/roles/health-check/test-custom-certs/tasks/main.yaml +++ b/roles/health-check/test-custom-certs/tasks/main.yaml @@ -1,6 +1,6 @@ --- - name: Create temporary directory for the custom CA and Route certificate - tempfile: + ansible.builtin.tempfile: state: directory suffix: ssl register: tempdir diff --git a/roles/health-check/test-log-forwarding/tasks/main.yaml b/roles/health-check/test-log-forwarding/tasks/main.yaml index 3b4f2c14..70bf5ed1 100644 --- a/roles/health-check/test-log-forwarding/tasks/main.yaml +++ b/roles/health-check/test-log-forwarding/tasks/main.yaml @@ -1,12 +1,12 @@ --- - name: Start port forwarding to loki-http - shell: | + ansible.builtin.shell: | kubectl port-forward service/loki-http 3100 -n sf async: 60 poll: 0 - name: Ensure loki is reachable - uri: + ansible.builtin.uri: url: http://localhost:3100/loki/api/v1/status/buildinfo return_content: yes register: loki_buildinfo diff --git a/roles/health-check/test-monitoring/tasks/main.yaml b/roles/health-check/test-monitoring/tasks/main.yaml index 3b273ffc..aca554e8 100644 --- a/roles/health-check/test-monitoring/tasks/main.yaml +++ b/roles/health-check/test-monitoring/tasks/main.yaml @@ -70,7 +70,7 @@ register: statsd_mappings - name: Ensure statsd mapping config has custom mappings from clouds.yaml - fail: + ansible.builtin.fail: msg: "statsd mapping configuration has no reference to clouds config" when: ("nodepool.openstack.nimbus" not in statsd_mappings.stdout) or ("nodepool.openstack.cumulus" not in statsd_mappings.stdout) or diff --git a/roles/health-check/test-nodepool-providers-secrets/tasks/main.yaml b/roles/health-check/test-nodepool-providers-secrets/tasks/main.yaml index 98b113ff..6408eecf 100644 --- a/roles/health-check/test-nodepool-providers-secrets/tasks/main.yaml +++ b/roles/health-check/test-nodepool-providers-secrets/tasks/main.yaml @@ -1,6 +1,6 @@ --- - name: Dump current secrets from nodepool - command: > + ansible.builtin.command: > go run ./main.go {{ cli_global_flags }} nodepool get providers-secrets --clouds /tmp/clouds.yaml --kube /tmp/kubeconfig.yaml args: chdir: "{{ zuul.project.src_dir }}" @@ -11,7 +11,7 @@ dest: /tmp/clouds.yaml - name: Upload clouds secrets to nodepool - command: > + ansible.builtin.command: > go run ./main.go {{ cli_global_flags }} nodepool configure providers-secrets --clouds /tmp/clouds.yaml --kube /tmp/kubeconfig.yaml args: chdir: "{{ zuul.project.src_dir }}" diff --git a/roles/health-check/test-volumestats-sidecar/tasks/main.yaml b/roles/health-check/test-volumestats-sidecar/tasks/main.yaml index dfb1d216..d7f581d7 100644 --- a/roles/health-check/test-volumestats-sidecar/tasks/main.yaml +++ b/roles/health-check/test-volumestats-sidecar/tasks/main.yaml @@ -8,7 +8,7 @@ delay: 10 - name: Start port forwarding to logserver sidecar - shell: | + ansible.builtin.shell: | kubectl port-forward service/logserver 9100 -n sf async: 60 poll: 0 @@ -18,7 +18,7 @@ seconds: 20 - name: Ensure volume info is exposed by metrics - uri: + ansible.builtin.uri: url: http://localhost:9100/metrics return_content: yes register: logserver_metrics diff --git a/roles/health-check/validate-purgelogs/tasks/main.yaml b/roles/health-check/validate-purgelogs/tasks/main.yaml index de7c2678..e2043bf7 100644 --- a/roles/health-check/validate-purgelogs/tasks/main.yaml +++ b/roles/health-check/validate-purgelogs/tasks/main.yaml @@ -26,7 +26,7 @@ loopDelay: 5 - name: Ensure logserver/purgelog restarted with correct loopDelay - command: kubectl get pods {{ pod_name }} -o jsonpath="{.spec.containers[?(@.name=='purgelogs')].command}" + ansible.builtin.command: kubectl get pods {{ pod_name }} -o jsonpath="{.spec.containers[?(@.name=='purgelogs')].command}" register: purgelogs_command until: purgelogs_command is not failed and "5" in purgelogs_command.stdout delay: 5 diff --git a/roles/health-check/zuul-authenticators/tasks/main.yaml b/roles/health-check/zuul-authenticators/tasks/main.yaml index 503650f4..bc8ff52c 100644 --- a/roles/health-check/zuul-authenticators/tasks/main.yaml +++ b/roles/health-check/zuul-authenticators/tasks/main.yaml @@ -1,6 +1,6 @@ --- - name: Initialize new authenticator config - set_fact: + ansible.builtin.set_fact: test_authenticator: - name: keycloak realm: my_test_realm diff --git a/roles/health-check/zuul-connections/tasks/main.yaml b/roles/health-check/zuul-connections/tasks/main.yaml index cc7de237..90fa8a29 100644 --- a/roles/health-check/zuul-connections/tasks/main.yaml +++ b/roles/health-check/zuul-connections/tasks/main.yaml @@ -1,6 +1,6 @@ --- - name: Setting Dummy Connections - set_fact: + ansible.builtin.set_fact: dummy_gerritconn: - name: dummy-gerrit-conn hostname: dummy-gerrit.local @@ -75,7 +75,7 @@ api_token: "{{ 'ghp_51abcFzcvf3GxOJpPFUKxsT6JIL3Nnbf39E' | b64encode }}" - name: Get current Zuul gerrit connections - command: | + ansible.builtin.command: | {% if mode == 'olm' %} kubectl get sf my-sf -o jsonpath='{.spec.zuul.gerritconns}' {% else %} diff --git a/roles/install-operator/tasks/main.yaml b/roles/install-operator/tasks/main.yaml index f7c1aab1..81236055 100644 --- a/roles/install-operator/tasks/main.yaml +++ b/roles/install-operator/tasks/main.yaml @@ -1,6 +1,6 @@ - name: Install busybox from quay.io to avoid docker.io rate limit delegate_to: "{{ os_host }}" - command: "{{ busybox_setup }}" + ansible.builtin.command: "{{ busybox_setup }}" loop: - podman pull quay.io/software-factory/busybox - podman image tag quay.io/software-factory/busybox:latest docker.io/library/busybox:1.36.0 diff --git a/roles/post/get-loki-logs/tasks/main.yaml b/roles/post/get-loki-logs/tasks/main.yaml index 058bf812..155b0cb3 100644 --- a/roles/post/get-loki-logs/tasks/main.yaml +++ b/roles/post/get-loki-logs/tasks/main.yaml @@ -11,14 +11,14 @@ register: _output_dir_realpath - name: Start port forwarding to loki-http if needed - shell: | + ansible.builtin.shell: | kubectl port-forward service/loki-http 3100 -n sf async: 60 poll: 0 ignore_errors: true - name: Ensure loki is reachable - uri: + ansible.builtin.uri: url: http://localhost:3100/loki/api/v1/status/buildinfo return_content: yes register: loki_buildinfo diff --git a/roles/post/get-system-config/tasks/main.yaml b/roles/post/get-system-config/tasks/main.yaml index ff3642f2..0d760c70 100644 --- a/roles/post/get-system-config/tasks/main.yaml +++ b/roles/post/get-system-config/tasks/main.yaml @@ -5,7 +5,7 @@ state: absent - name: Start port forwarding to git server - shell: | + ansible.builtin.shell: | kubectl port-forward service/git-server 9418 -n sf async: 60 poll: 0 diff --git a/roles/publish-operator-quay/tasks/main.yaml b/roles/publish-operator-quay/tasks/main.yaml index 83252a34..ee896a16 100644 --- a/roles/publish-operator-quay/tasks/main.yaml +++ b/roles/publish-operator-quay/tasks/main.yaml @@ -1,7 +1,7 @@ --- - name: Install dependencies become: true - package: + ansible.builtin.package: name: - golang - make @@ -18,7 +18,7 @@ no_log: true - name: Check if the tag variable is set - fail: + ansible.builtin.fail: msg: The version of the repo tag 'zuul.tag' is not defined when: - "'tag' not in zuul" diff --git a/roles/sanity-check/tasks/main.yaml b/roles/sanity-check/tasks/main.yaml index b8dc96e1..f6b8ce01 100644 --- a/roles/sanity-check/tasks/main.yaml +++ b/roles/sanity-check/tasks/main.yaml @@ -2,13 +2,13 @@ when: not remote_os_host block: - name: Run make - command: make + ansible.builtin.command: make args: chdir: "{{ zuul.project.src_dir }}" # for some reasons, LICENSE file is updated with cert-manager license during go build - name: Check for diff - command: git diff -- ":(exclude)LICENSE" + ansible.builtin.command: git diff -- ":(exclude)LICENSE" args: chdir: "{{ zuul.project.src_dir }}" register: render_diff @@ -19,7 +19,7 @@ when: - render_diff.stdout failed_when: true - debug: + ansible.builtin.debug: msg: | The repository content is not consistent. Please commit the change made after running `make`. diff --git a/roles/setup-env/tasks/main.yaml b/roles/setup-env/tasks/main.yaml index 34ebc8d5..b93e67d7 100644 --- a/roles/setup-env/tasks/main.yaml +++ b/roles/setup-env/tasks/main.yaml @@ -22,7 +22,7 @@ - os_host != 'controller' - name: Check if kubeconfig exists - stat: + ansible.builtin.stat: path: ~/.kube/config register: _kubeconfig become: false diff --git a/roles/setup-local-registry/tasks/main.yaml b/roles/setup-local-registry/tasks/main.yaml index c0675816..98a3394c 100644 --- a/roles/setup-local-registry/tasks/main.yaml +++ b/roles/setup-local-registry/tasks/main.yaml @@ -1,5 +1,5 @@ - name: Is registry container exists - command: podman container exists registry + ansible.builtin.command: podman container exists registry register: is_registry_container_exists failed_when: is_registry_container_exists.rc >= 2 @@ -7,23 +7,23 @@ when: is_registry_container_exists.rc == 0 block: - name: Stop registry - command: podman stop registry + ansible.builtin.command: podman stop registry - name: Delete registry contrainer - command: podman rm registry + ansible.builtin.command: podman rm registry - name: Does registry volume exist - command: podman volume exists registry + ansible.builtin.command: podman volume exists registry register: is_registry_volume_exists failed_when: is_registry_volume_exists.rc >= 2 - name: Clean registry volume when: is_registry_volume_exists.rc == 0 - command: podman volume rm registry + ansible.builtin.command: podman volume rm registry # quay.io/software-factory/registry:2 is a copy of https://hub.docker.com/_/registry - name: Fetch the podman registry container image - command: podman pull quay.io/software-factory/registry:2 + ansible.builtin.command: podman pull quay.io/software-factory/registry:2 register: podman_fetch retries: 12 delay: 10 @@ -31,12 +31,12 @@ - podman_fetch.rc == 0 - name: Start the podman registry container - command: | + ansible.builtin.command: | podman container run -dt -p 5000:5000 --name registry \ --volume registry:/var/lib/registry:Z quay.io/software-factory/registry:2 - name: Wait for the registry to be up - command: podman image search localhost:5000/ --tls-verify=false + ansible.builtin.command: podman image search localhost:5000/ --tls-verify=false register: is_registry_running until: is_registry_running.rc == 0 delay: 1 diff --git a/roles/setup-log-forwarding/tasks/install-logCLI.yaml b/roles/setup-log-forwarding/tasks/install-logCLI.yaml index 4225c822..d582e59a 100644 --- a/roles/setup-log-forwarding/tasks/install-logCLI.yaml +++ b/roles/setup-log-forwarding/tasks/install-logCLI.yaml @@ -20,5 +20,5 @@ mode: "0755" - name: move logCLI to ~/bin/ - command: mv /tmp/logcli-linux-amd64 ~/bin/logcli + ansible.builtin.command: mv /tmp/logcli-linux-amd64 ~/bin/logcli when: not logcli_stat.stat.exists diff --git a/roles/setup-namespaces/tasks/main.yaml b/roles/setup-namespaces/tasks/main.yaml index 4e5f0f8e..576a6e0c 100644 --- a/roles/setup-namespaces/tasks/main.yaml +++ b/roles/setup-namespaces/tasks/main.yaml @@ -1,7 +1,7 @@ --- # Where the operator will be installed via the OLM bundle - name: Create the {{ bundlenamespace }} namespace - shell: | + ansible.builtin.shell: | kubectl create namespace {{ bundlenamespace }} oc adm policy add-scc-to-user privileged system:serviceaccount:{{ bundlenamespace }}:default when: create_test_bundle_ns @@ -10,7 +10,7 @@ # Where sf instance will be reclaimed - name: Create namespace - shell: | + ansible.builtin.shell: | kubectl create namespace {{ namespace }} kubectl config set-context {{ context }} --namespace={{ namespace }} kubectl label --overwrite ns {{ namespace }} pod-security.kubernetes.io/enforce=privileged diff --git a/roles/sfconfig-dev-prepare/tasks/main.yaml b/roles/sfconfig-dev-prepare/tasks/main.yaml index 3d7be713..fa9d399b 100644 --- a/roles/sfconfig-dev-prepare/tasks/main.yaml +++ b/roles/sfconfig-dev-prepare/tasks/main.yaml @@ -1,5 +1,5 @@ --- - name: Run the CLI dev create demo-env - command: "go run ./main.go {{ cli_global_flags }} dev create demo-env --repos-path {{ demo_repos_path }}" + ansible.builtin.command: "go run ./main.go {{ cli_global_flags }} dev create demo-env --repos-path {{ demo_repos_path }}" args: chdir: "{{ zuul.project.src_dir }}" diff --git a/roles/update-custom-resource/tasks/main.yaml b/roles/update-custom-resource/tasks/main.yaml index 1b7a654a..1cf70aff 100644 --- a/roles/update-custom-resource/tasks/main.yaml +++ b/roles/update-custom-resource/tasks/main.yaml @@ -21,12 +21,12 @@ when: mode == 'standalone' block: - name: read current crd - slurp: + ansible.builtin.slurp: src: "/tmp/current_cr.yaml" register: base_cr - name: merge the new cr - copy: + ansible.builtin.copy: content: "{{ base_cr['content'] | b64decode | from_yaml | combine(new_cr, recursive=true) }}" dest: "/tmp/current_cr.yaml" vars: diff --git a/roles/upgrade-operator/tasks/main.yaml b/roles/upgrade-operator/tasks/main.yaml index 4c3e7f97..5905c4d5 100644 --- a/roles/upgrade-operator/tasks/main.yaml +++ b/roles/upgrade-operator/tasks/main.yaml @@ -44,7 +44,7 @@ - name: Upgrade the operator via the OLM bundle delegate_to: "{{ os_host }}" - command: | + ansible.builtin.command: | bin/operator-sdk --verbose run bundle-upgrade --skip-tls