Upgrade ansible

.ansible-lint

@@ -35,6 +35,41 @@ skip_list:
   # Roles in kubespray don't need fully qualified collection names
   # (Disabled in Feb 2023)
   - 'fqcn-builtins'
+
+  # names should start with an uppercase letter
+  # (Disabled in June 2023 after ansible upgrade; FIXME)
+  - 'name[casing]'
+
+  # Everything should be named
+  # (Disabled in June 2023 after ansible upgrade; FIXME)
+  - 'name[play]'
+  - 'name[missing]'
+
+  # templates should only be at the end of 'name'
+  # (Disabled in June 2023 after ansible upgrade; FIXME)
+  - 'name[jinja]'
+  - 'name[template]'
+
+  # order of keys errors
+  # (Disabled in June 2023 after ansible upgrade; FIXME)
+  - 'key-order'
+
+  # No changed-when on commands
+  # (Disabled in June 2023 after ansible upgrade; FIXME)
+  - 'no-changed-when'
+
+  # Disable galaxy rules
+  # (Disabled in June 2023 after ansible upgrade; FIXME)
+  - 'galaxy'
+
+  # Disable run-once check with free strategy
+  # (Disabled in June 2023 after ansible upgrade; FIXME)
+  - 'run-once[task]'
+
+  # Disable outdated-tag check
+  # (Disabled in June 2023 after ansible upgrade; FIXME)
+  - 'warning[outdated-tag]'
 exclude_paths:
   # Generated files
   - tests/files/custom_cni/cilium.yaml
+  - venv

.gitlab-ci.yml

@@ -42,6 +42,7 @@ before_script:
   - update-alternatives --install /usr/bin/python python /usr/bin/python3 1
   - python -m pip uninstall -y ansible ansible-base ansible-core
   - python -m pip install -r tests/requirements.txt
+  - ansible-galaxy install -r tests/requirements.yml
   - mkdir -p /.ssh
 
 .job: &job

.gitlab-ci/lint.yml

@@ -71,6 +71,7 @@ tox-inventory-builder:
     - update-alternatives --install /usr/bin/python python /usr/bin/python3 10
     - python -m pip uninstall -y ansible ansible-base ansible-core
     - python -m pip install -r tests/requirements.txt
+    - ansible-galaxy install -r tests/requirements.yml
   script:
     - pip3 install tox
     - cd contrib/inventory_builder && tox

.gitlab-ci/molecule.yml

@@ -13,6 +13,7 @@
     - update-alternatives --install /usr/bin/python python /usr/bin/python3 10
     - python -m pip uninstall -y ansible ansible-base ansible-core
     - python -m pip install -r tests/requirements.txt
+    - ansible-galaxy install -r tests/requirements.yml
     - ./tests/scripts/vagrant_clean.sh
   script:
     - ./tests/scripts/molecule_run.sh

.gitlab-ci/vagrant.yml

@@ -17,6 +17,7 @@
     - update-alternatives --install /usr/bin/python python /usr/bin/python3 10
     - python -m pip uninstall -y ansible ansible-base ansible-core
     - python -m pip install -r tests/requirements.txt
+    - ansible-galaxy install -r tests/requirements.yml
     - ./tests/scripts/vagrant_clean.sh
   script:
     - ./tests/scripts/testcases_run.sh

CONTRIBUTING.md

@@ -12,6 +12,7 @@ To install development dependencies you can set up a python virtual env with the
 virtualenv venv
 source venv/bin/activate
 pip install -r tests/requirements.txt
+ansible-galaxy install -r tests/requirements.yml
 ```
 
 #### Linting

contrib/dind/roles/dind-cluster/tasks/main.yaml

@@ -67,7 +67,7 @@
     mode: 0640
 
 - name: Add my pubkey to "{{ distro_user }}" user authorized keys
-  authorized_key:
+  ansible.posix.authorized_key:
     user: "{{ distro_user }}"
     state: present
     key: "{{ lookup('file', lookup('env','HOME') + '/.ssh/id_rsa.pub') }}"

contrib/dind/roles/dind-host/tasks/main.yaml

@@ -13,7 +13,7 @@
     distro_agetty_svc: "{{ distro_setup['agetty_svc'] }}"
 
 - name: Create dind node containers from "containers" inventory section
-  docker_container:
+  community.docker.docker_container:
     image: "{{ distro_image }}"
     name: "{{ item }}"
     state: started

contrib/kvm-setup/kvm-setup.yml

@@ -3,6 +3,6 @@
   gather_facts: False
   become: yes
   vars:
-    - bootstrap_os: none
+    bootstrap_os: none
   roles:
-    - kvm-setup
+    - { role: kvm-setup }

contrib/kvm-setup/roles/kvm-setup/tasks/main.yml

@@ -23,8 +23,8 @@
   when: ansible_os_family == "Debian"
 
 # Create deployment user if required
-- include: user.yml
+- include_tasks: user.yml
   when: k8s_deployment_user is defined
 
 # Set proper sysctl values
-- include: sysctl.yml
+- import_tasks: sysctl.yml

contrib/kvm-setup/roles/kvm-setup/tasks/sysctl.yml

@@ -1,6 +1,6 @@
 ---
 - name: Load br_netfilter module
-  modprobe:
+  community.general.modprobe:
     name: br_netfilter
     state: present
   register: br_netfilter
@@ -25,15 +25,15 @@
 
 
 - name: Enable net.ipv4.ip_forward in sysctl
-  sysctl:
+  ansible.posix.sysctl:
     name: net.ipv4.ip_forward
     value: 1
     sysctl_file: "{{ sysctl_file_path }}"
     state: present
     reload: yes
 
 - name: Set bridge-nf-call-{arptables,iptables} to 0
-  sysctl:
+  ansible.posix.sysctl:
     name: "{{ item }}"
     state: present
     value: 0

contrib/mitogen/mitogen.yml

@@ -1,6 +1,6 @@
 ---
 - name: Check ansible version
-  import_playbook: ansible_version.yml
+  import_playbook: kubernetes_sigs.kubespray.ansible_version
 
 - hosts: localhost
   strategy: linear
@@ -24,19 +24,20 @@
         url: "{{ mitogen_url }}"
         dest: "{{ playbook_dir }}/dist/mitogen_{{ mitogen_version }}.tar.gz"
         validate_certs: true
+        mode: 0644
 
     - name: extract archive
       unarchive:
         src: "{{ playbook_dir }}/dist/mitogen_{{ mitogen_version }}.tar.gz"
         dest: "{{ playbook_dir }}/dist/"
 
     - name: copy plugin
-      synchronize:
+      ansible.posix.synchronize:
         src: "{{ playbook_dir }}/dist/mitogen-{{ mitogen_version }}/"
         dest: "{{ playbook_dir }}/plugins/mitogen"
 
     - name: add strategy to ansible.cfg
-      ini_file:
+      community.general.ini_file:
         path: ansible.cfg
         mode: 0644
         section: "{{ item.section | d('defaults') }}"

contrib/network-storage/glusterfs/roles/glusterfs/client/meta/main.yml

@@ -6,12 +6,12 @@ galaxy_info:
   description: GlusterFS installation for Linux.
   company: "Midwestern Mac, LLC"
   license: "license (BSD, MIT)"
-  min_ansible_version: 2.0
+  min_ansible_version: "2.0"
   platforms:
   - name: EL
     versions:
-    - 6
-    - 7
+    - "6"
+    - "7"
   - name: Ubuntu
     versions:
     - precise

contrib/network-storage/glusterfs/roles/glusterfs/client/tasks/main.yml

@@ -3,14 +3,17 @@
 # hyperkube and needs to be installed as part of the system.
 
 # Setup/install tasks.
-- include: setup-RedHat.yml
+- include_tasks: setup-RedHat.yml
   when: ansible_os_family == 'RedHat' and groups['gfs-cluster'] is defined
 
-- include: setup-Debian.yml
+- include_tasks: setup-Debian.yml
   when: ansible_os_family == 'Debian' and groups['gfs-cluster'] is defined
 
 - name: Ensure Gluster mount directories exist.
-  file: "path={{ item }} state=directory mode=0775"
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: 0775
   with_items:
     - "{{ gluster_mount_dir }}"
   when: ansible_os_family in ["Debian","RedHat"] and groups['gfs-cluster'] is defined

contrib/network-storage/glusterfs/roles/glusterfs/client/tasks/setup-RedHat.yml

@@ -1,10 +1,14 @@
 ---
 - name: Install Prerequisites
-  package: name={{ item }}  state=present
+  package:
+    name: "{{ item }}"
+    state: present
   with_items:
     - "centos-release-gluster{{ glusterfs_default_release }}"
 
 - name: Install Packages
-  package: name={{ item }}  state=present
+  package:
+    name: "{{ item }}"
+    state: present
   with_items:
     - glusterfs-client

contrib/network-storage/glusterfs/roles/glusterfs/server/meta/main.yml

@@ -6,12 +6,12 @@ galaxy_info:
   description: GlusterFS installation for Linux.
   company: "Midwestern Mac, LLC"
   license: "license (BSD, MIT)"
-  min_ansible_version: 2.0
+  min_ansible_version: "2.0"
   platforms:
   - name: EL
     versions:
-    - 6
-    - 7
+    - "6"
+    - "7"
   - name: Ubuntu
     versions:
     - precise

contrib/network-storage/glusterfs/roles/glusterfs/server/tasks/main.yml

@@ -5,39 +5,55 @@
 
 # Install xfs package
 - name: install xfs Debian
-  apt: name=xfsprogs state=present
+  apt:
+    name: xfsprogs
+    state: present
   when: ansible_os_family == "Debian"
 
 - name: install xfs RedHat
-  package: name=xfsprogs state=present
+  package:
+    name: xfsprogs
+    state: present
   when: ansible_os_family == "RedHat"
 
 # Format external volumes in xfs
 - name: Format volumes in xfs
-  filesystem: "fstype=xfs dev={{ disk_volume_device_1 }}"
+  community.general.filesystem:
+    fstype: xfs
+    dev: "{{ disk_volume_device_1 }}"
 
 # Mount external volumes
 - name: mounting new xfs filesystem
-  mount: "name={{ gluster_volume_node_mount_dir }} src={{ disk_volume_device_1 }} fstype=xfs state=mounted"
+  ansible.posix.mount:
+    name: "{{ gluster_volume_node_mount_dir }}"
+    src: "{{ disk_volume_device_1 }}"
+    fstype: xfs
+    state: mounted"
 
 # Setup/install tasks.
-- include: setup-RedHat.yml
+- include_tasks: setup-RedHat.yml
   when: ansible_os_family == 'RedHat'
 
-- include: setup-Debian.yml
+- include_tasks: setup-Debian.yml
   when: ansible_os_family == 'Debian'
 
 - name: Ensure GlusterFS is started and enabled at boot.
-  service: "name={{ glusterfs_daemon }} state=started enabled=yes"
+  service:
+    name: "{{ glusterfs_daemon }}"
+    state: started
+    enabled: yes
 
 - name: Ensure Gluster brick and mount directories exist.
-  file: "path={{ item }} state=directory mode=0775"
+  file:
+    path: "{{ item }}"
+    state: directory
+    mode: 0775
   with_items:
     - "{{ gluster_brick_dir }}"
     - "{{ gluster_mount_dir }}"
 
 - name: Configure Gluster volume with replicas
-  gluster_volume:
+  gluster.gluster.gluster_volume:
     state: present
     name: "{{ gluster_brick_name }}"
     brick: "{{ gluster_brick_dir }}"
@@ -49,7 +65,7 @@
   when: groups['gfs-cluster']|length > 1
 
 - name: Configure Gluster volume without replicas
-  gluster_volume:
+  gluster.gluster.gluster_volume:
     state: present
     name: "{{ gluster_brick_name }}"
     brick: "{{ gluster_brick_dir }}"
@@ -60,7 +76,7 @@
   when: groups['gfs-cluster']|length <= 1
 
 - name: Mount glusterfs to retrieve disk size
-  mount:
+  ansible.posix.mount:
     name: "{{ gluster_mount_dir }}"
     src: "{{ ip|default(ansible_default_ipv4['address']) }}:/gluster"
     fstype: glusterfs
@@ -69,7 +85,8 @@
   when: groups['gfs-cluster'] is defined and inventory_hostname == groups['gfs-cluster'][0]
 
 - name: Get Gluster disk size
-  setup: filter=ansible_mounts
+  setup:
+    filter: ansible_mounts
   register: mounts_data
   when: groups['gfs-cluster'] is defined and inventory_hostname == groups['gfs-cluster'][0]
 
@@ -86,7 +103,7 @@
   when: groups['gfs-cluster'] is defined and inventory_hostname == groups['gfs-cluster'][0]
 
 - name: Unmount glusterfs
-  mount:
+  ansible.posix.mount:
     name: "{{ gluster_mount_dir }}"
     fstype: glusterfs
     src: "{{ ip|default(ansible_default_ipv4['address']) }}:/gluster"

contrib/network-storage/glusterfs/roles/glusterfs/server/tasks/setup-RedHat.yml

@@ -1,11 +1,15 @@
 ---
 - name: Install Prerequisites
-  package: name={{ item }}  state=present
+  package:
+    name: "{{ item }}"
+    state: present
   with_items:
     - "centos-release-gluster{{ glusterfs_default_release }}"
 
 - name: Install Packages
-  package: name={{ item }}  state=present
+  package:
+    name: "{{ item }}"
+    state: present
   with_items:
     - glusterfs-server
     - glusterfs-client

contrib/network-storage/heketi/roles/prepare/tasks/main.yml

@@ -5,7 +5,7 @@
     - "dm_snapshot"
     - "dm_mirror"
     - "dm_thin_pool"
-  modprobe:
+  community.general.modprobe:
     name: "{{ item }}"
     state: "present"
 

contrib/offline/generate_list.yml

@@ -14,6 +14,7 @@
     - template:
         src: ./contrib/offline/temp/{{ item }}.list.template
         dest: ./contrib/offline/temp/{{ item }}.list
+        mode: 0644
       with_items:
         - files
         - images

playbooks/ansible_version.yml

@@ -3,8 +3,8 @@
   gather_facts: false
   become: no
   vars:
-    minimal_ansible_version: 2.12.0
-    maximal_ansible_version: 2.13.0
+    minimal_ansible_version: 2.14.0
+    maximal_ansible_version: 2.16.0
     ansible_connection: local
   tags: always
   tasks: