Auto-fix yaml rules

In order to reduce divergance with ansible-lint rules, we apply
auto-fixing of violations.

In current patch we replace all kind of truthy variables with
`true` or `false` values to align with recommendations along with
alignment of used quotes.

Change-Id: I84f2efb55945e0379f44fca8ddb7b92241c1d9ef

.gitignore

@@ -45,6 +45,7 @@ logs/*
 # OS generated files #
 ######################
 ._*
+.ansible
 .tox
 *.egg-info
 .eggs

defaults/main.yml

@@ -59,7 +59,6 @@ lxc_host_machine_quota_disabled: false
 lxc_host_machine_qgroup_space_limit: none
 lxc_host_machine_qgroup_compression_limit: none
 
-
 # DefaultTasksMax systemd value. It's not recommended to change this value as it
 # could prevent new processes from starting on busy containers.
 lxc_default_tasks_max: 8192
@@ -98,30 +97,30 @@ lxc_net_bridge_type: linuxbridge
 lxc_net_address: 10.0.3.1
 lxc_net_netmask: 255.255.255.0
 lxc_net_cidr: 24
-lxc_net_gateway: null  ## if null, no gateway will be on the LXC bridge. lxc_net_nat must be "false" to use a gateway.
+lxc_net_gateway: ## if null, no gateway will be on the LXC bridge. lxc_net_nat must be "false" to use a gateway.
 # lxc_net_mtu: 1500 ##setting this variable will add mtu configuration for the lxc config and network bridge
 
 # lxc container nat enabled
-lxc_net_nat: true  ## If "true", nat rules will be created with the lxc network.
+lxc_net_nat: true ## If "true", nat rules will be created with the lxc network.
 
 # Enable iptables for lxc network
-lxc_net_manage_iptables: true  ## If "true" iptables rules will be added when the bridge is up and deleted when bridge is down
+lxc_net_manage_iptables: true ## If "true" iptables rules will be added when the bridge is up and deleted when bridge is down
 
 # lxc container dhcp settings
 lxc_net_dhcp_range: 10.0.3.2,10.0.3.253
 lxc_net_dhcp_max: 253
-lxc_net_dhcp_config: ''
+lxc_net_dhcp_config: ""
 lxc_net_dnsmasq_user: lxc-dnsmasq
-lxc_net_domain: ''
+lxc_net_domain: ""
 
 # lxc network ipv6 settings
-lxc_net6_address: null ## ie. fd05:ffb8:32b4:1212::1
-lxc_net6_netmask: null ## ie. 64
+lxc_net6_address: ## ie. fd05:ffb8:32b4:1212::1
+lxc_net6_netmask: ## ie. 64
 lxc_net6_nat: false
 
 # System control kernel tuning
 lxc_kernel_options:
-  - { key: 'fs.inotify.max_user_instances', value: 1024 }
+  - { key: "fs.inotify.max_user_instances", value: 1024 }
 
 # The compression ratio used when creating the container cache rootfs archive
 lxc_image_compression_ratio: 0
@@ -150,8 +149,8 @@ lxc_cache_prep_dns:
 
 # Custom shell commands to run before/after the LXC cache prep process has taken
 # place.
-lxc_cache_prep_pre_commands: '## pre command skipped ##'
-lxc_cache_prep_post_commands: '## post command skipped ##'
+lxc_cache_prep_pre_commands: "## pre command skipped ##"
+lxc_cache_prep_post_commands: "## post command skipped ##"
 
 # Full path to the base image prep script. By default this will use the
 # named script for a given OS within the "templates/prep-scripts" directory.

handlers/main.yml

@@ -16,7 +16,7 @@
 - name: Start apparmor
   systemd:
     name: "apparmor"
-    enabled: yes
+    enabled: true
     state: "started"
 
 - name: Reload apparmor
@@ -34,20 +34,20 @@
     name: "irqbalance"
     state: "restarted"
     enabled: "yes"
-    daemon_reload: yes
+    daemon_reload: true
 
 - name: Bring bridge up
   command: "ip link set {{ lxc_net_bridge }} up" # noqa: no-changed-when
 
 - name: Reload systemd units
   systemd:
-    daemon_reload: yes
+    daemon_reload: true
 
 - name: Restart sshd
   service:
     name: sshd
     state: "restarted"
-    enabled: yes
+    enabled: true
 
 - name: Remove rootfs archive
   file:
@@ -59,7 +59,7 @@
     name: "lxc-dnsmasq"
     state: "restarted"
     enabled: "yes"
-    daemon_reload: yes
+    daemon_reload: true
   register: _lxc_dnsmasq_systemd
   until: _lxc_dnsmasq_systemd is success
   retries: 5

tasks/lxc_cache.yml

@@ -37,7 +37,7 @@
   set_fact:
     lxc_image_cache_refresh: true
   when:
-    cache_time | int >= (expiry.content | default('MQo=') | b64decode | int)
+    - cache_time | int >= (expiry.content | default('MQo=') | b64decode | int)
   tags:
     - always
 

tasks/lxc_cache_rootfs.yml

@@ -31,14 +31,14 @@
     name: systemd_mount
   vars:
     systemd_mounts:
-      - what: '/var/lib/machines.raw'
-        where: '/var/lib/machines'
-        type: 'ext4'
-        options: 'loop'
+      - what: "/var/lib/machines.raw"
+        where: "/var/lib/machines"
+        type: "ext4"
+        options: "loop"
         unit:
           ConditionPathExists:
-            - '/var/lib/machines.raw'
-        state: 'started'
+            - "/var/lib/machines.raw"
+        state: "started"
         enabled: true
 
 - name: Remove the old image cache

tasks/lxc_install_apt.yml

@@ -17,7 +17,7 @@
   apt:
     pkg: "{{ lxc_hosts_remove_distro_packages }}"
     state: absent
-    purge: yes
+    purge: true
   tags:
     - lxc-apt-packages
 
@@ -26,7 +26,7 @@
     pkg: "{{ lxc_hosts_distro_packages }}"
     state: "{{ lxc_hosts_package_state }}"
     default_release: "{{ lxc_default_release | default(omit) }}"
-    update_cache: yes
+    update_cache: true
     policy_rc_d: 101
     cache_valid_time: "{{ cache_timeout }}"
   register: install_packages

tasks/lxc_install_dnf.yml

@@ -23,13 +23,12 @@
     name: thm-lxc3.0
     description: "Copr repo for lxc3.0 owned by thm"
     baseurl: "{{ lxc_centos_package_baseurl }}"
-    enabled: yes
-    gpgcheck: yes
+    enabled: true
+    gpgcheck: true
     gpgkey: "{{ lxc_centos_package_key }}"
-    repo_gpgcheck: no
+    repo_gpgcheck: false
     state: present
 
-
 - name: Add GPG key for COPR LXC repo
   rpm_key:
     key: "{{ lxc_centos_package_key }}"
@@ -39,7 +38,6 @@
   retries: 5
   delay: 2
 
-
 - name: Download EPEL gpg keys
   get_url:
     url: "{{ lxc_centos_epel_key }}"
@@ -60,9 +58,9 @@
     name: epel-lxc_hosts
     baseurl: "{{ lxc_centos_epel_mirror ~ '/' ~ ansible_facts['distribution_major_version'] ~ '/Everything/' ~ ansible_facts['architecture'] }}"
     description: "Extra Packages for Enterprise Linux {{ ansible_facts['distribution_major_version'] }} - $basearch"
-    gpgcheck: yes
+    gpgcheck: true
     gpgkey: "file:///etc/pki/rpm-gpg/{{ lxc_centos_epel_key.split('/')[-1] }}"
-    enabled: yes
+    enabled: true
     state: present
     includepkgs: "systemd-networkd"
   register: install_epel_repo

tasks/lxc_net.yml

@@ -1,5 +1,4 @@
 ---
-
 # Copyright 2014, Rackspace US, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -29,7 +28,7 @@
 - name: Ensure network services wait on networking (if using NetworkManager)
   service:
     name: NetworkManager-wait-online.service
-    enabled: yes
+    enabled: true
   when: networkmanager_check.rc == 0
 
 # NOTE(mhayden): There are systemd services that act like ifup/ifdown hooks
@@ -38,7 +37,7 @@
 - name: Disable and stop lxc-net
   systemd:
     name: lxc-net
-    enabled: no
+    enabled: false
     state: stopped
     masked: true
   tags:
@@ -63,7 +62,7 @@
           ForwardDelaySec: 0
           HelloTimeSec: 2
           MaxAgeSec: 12
-          STP: off
+          STP: false
     systemd_networkd_prefix: "lxc-net"
     systemd_run_networkd: true
     systemd_netdevs: "{{ (lxc_net_bridge_type == 'openvswitch') | ternary([], _lxc_net_bridge_devices) }}"
@@ -73,7 +72,7 @@
         netmask: "{{ lxc_net_netmask }}"
         config_overrides:
           Network:
-            ConfigureWithoutCarrier: yes
+            ConfigureWithoutCarrier: true
             Gateway: "{{ lxc_net_gateway is not none | ternary(lxc_net_gateway, {}) }}"
 
 - name: Run the systemd-service role
@@ -85,7 +84,7 @@
     systemd_services:
       - service_name: lxc-dnsmasq
         state: started
-        enabled: yes
+        enabled: true
         execstartpres: |
           {% set pres = ['-/usr/bin/pkill -u {{ lxc_net_dnsmasq_user }} "^dnsmasq"'] %}
           {% if lxc_net_manage_iptables | bool %}

vars/debian.yml

@@ -40,21 +40,23 @@ _lxc_cache_distro_libpython:
   bookworm: libpython3.11
   noble: libpython3.12
 
-_lxc_cache_need_systemd_resolved: "{{ ansible_facts['distribution'] == 'Debian' or
-                                     (ansible_facts['distribution'] == 'Ubuntu' and
-                                      ansible_facts['distribution_major_version'] is ansible.builtin.version('24', 'ge')) }}"
+_lxc_cache_need_systemd_resolved: >-
+  {{
+    ansible_facts['distribution'] == 'Debian' or
+    (ansible_facts['distribution'] == 'Ubuntu' and ansible_facts['distribution_major_version'] is ansible.builtin.version('24', 'ge'))
+  }}
 
 # This list should contain a minimum set of packages. Add extra packages via roles that require them.
 _lxc_cache_distro_packages:
   - ca-certificates
   - dbus
-  - git                # needed everywhere when wheel_build=false
+  - git # needed everywhere when wheel_build=false
   - iputils-ping
   - iproute2
   - libxml2
   - locales
   - netbase
-  - procps  # needed for sysctl-container.service
+  - procps # needed for sysctl-container.service
   - python3
   - "{{ _lxc_cache_distro_libpython[ansible_facts['distribution_release'] | lower] }}"
   - sudo

vars/redhat.yml

@@ -38,7 +38,7 @@ _lxc_cache_prep_template: "prep-scripts/redhat_prep.sh.j2"
 
 _lxc_cache_distro_packages:
   - ca-certificates
-  - git-core           # needed everywhere when wheel_build=false
+  - git-core # needed everywhere when wheel_build=false
   - iputils
   - iproute
   - libxml2