From 2aed220123e994df349251eb63300ce9e78c1475 Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Thu, 13 Feb 2025 09:36:17 +0100 Subject: [PATCH] Auto-fix yaml rules In order to reduce divergance with ansible-lint rules, we apply auto-fixing of violations. In current patch we replace all kind of truthy variables with `true` or `false` values to align with recommendations along with alignment of used quotes. Change-Id: I84f2efb55945e0379f44fca8ddb7b92241c1d9ef --- .gitignore | 1 + defaults/main.yml | 21 ++++++++++----------- handlers/main.yml | 10 +++++----- tasks/lxc_cache.yml | 2 +- tasks/lxc_cache_rootfs.yml | 12 ++++++------ tasks/lxc_install_apt.yml | 4 ++-- tasks/lxc_install_dnf.yml | 12 +++++------- tasks/lxc_net.yml | 11 +++++------ vars/debian.yml | 12 +++++++----- vars/redhat.yml | 2 +- 10 files changed, 43 insertions(+), 44 deletions(-) diff --git a/.gitignore b/.gitignore index 3a772066..c46a9ec6 100644 --- a/.gitignore +++ b/.gitignore @@ -45,6 +45,7 @@ logs/* # OS generated files # ###################### ._* +.ansible .tox *.egg-info .eggs diff --git a/defaults/main.yml b/defaults/main.yml index 91dfcc9a..257af400 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -59,7 +59,6 @@ lxc_host_machine_quota_disabled: false lxc_host_machine_qgroup_space_limit: none lxc_host_machine_qgroup_compression_limit: none - # DefaultTasksMax systemd value. It's not recommended to change this value as it # could prevent new processes from starting on busy containers. lxc_default_tasks_max: 8192 @@ -98,30 +97,30 @@ lxc_net_bridge_type: linuxbridge lxc_net_address: 10.0.3.1 lxc_net_netmask: 255.255.255.0 lxc_net_cidr: 24 -lxc_net_gateway: null ## if null, no gateway will be on the LXC bridge. lxc_net_nat must be "false" to use a gateway. +lxc_net_gateway: ## if null, no gateway will be on the LXC bridge. lxc_net_nat must be "false" to use a gateway. # lxc_net_mtu: 1500 ##setting this variable will add mtu configuration for the lxc config and network bridge # lxc container nat enabled -lxc_net_nat: true ## If "true", nat rules will be created with the lxc network. +lxc_net_nat: true ## If "true", nat rules will be created with the lxc network. # Enable iptables for lxc network -lxc_net_manage_iptables: true ## If "true" iptables rules will be added when the bridge is up and deleted when bridge is down +lxc_net_manage_iptables: true ## If "true" iptables rules will be added when the bridge is up and deleted when bridge is down # lxc container dhcp settings lxc_net_dhcp_range: 10.0.3.2,10.0.3.253 lxc_net_dhcp_max: 253 -lxc_net_dhcp_config: '' +lxc_net_dhcp_config: "" lxc_net_dnsmasq_user: lxc-dnsmasq -lxc_net_domain: '' +lxc_net_domain: "" # lxc network ipv6 settings -lxc_net6_address: null ## ie. fd05:ffb8:32b4:1212::1 -lxc_net6_netmask: null ## ie. 64 +lxc_net6_address: ## ie. fd05:ffb8:32b4:1212::1 +lxc_net6_netmask: ## ie. 64 lxc_net6_nat: false # System control kernel tuning lxc_kernel_options: - - { key: 'fs.inotify.max_user_instances', value: 1024 } + - { key: "fs.inotify.max_user_instances", value: 1024 } # The compression ratio used when creating the container cache rootfs archive lxc_image_compression_ratio: 0 @@ -150,8 +149,8 @@ lxc_cache_prep_dns: # Custom shell commands to run before/after the LXC cache prep process has taken # place. -lxc_cache_prep_pre_commands: '## pre command skipped ##' -lxc_cache_prep_post_commands: '## post command skipped ##' +lxc_cache_prep_pre_commands: "## pre command skipped ##" +lxc_cache_prep_post_commands: "## post command skipped ##" # Full path to the base image prep script. By default this will use the # named script for a given OS within the "templates/prep-scripts" directory. diff --git a/handlers/main.yml b/handlers/main.yml index b23b6cc0..5f8a95f8 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -16,7 +16,7 @@ - name: Start apparmor systemd: name: "apparmor" - enabled: yes + enabled: true state: "started" - name: Reload apparmor @@ -34,20 +34,20 @@ name: "irqbalance" state: "restarted" enabled: "yes" - daemon_reload: yes + daemon_reload: true - name: Bring bridge up command: "ip link set {{ lxc_net_bridge }} up" # noqa: no-changed-when - name: Reload systemd units systemd: - daemon_reload: yes + daemon_reload: true - name: Restart sshd service: name: sshd state: "restarted" - enabled: yes + enabled: true - name: Remove rootfs archive file: @@ -59,7 +59,7 @@ name: "lxc-dnsmasq" state: "restarted" enabled: "yes" - daemon_reload: yes + daemon_reload: true register: _lxc_dnsmasq_systemd until: _lxc_dnsmasq_systemd is success retries: 5 diff --git a/tasks/lxc_cache.yml b/tasks/lxc_cache.yml index 71426c67..147951bb 100644 --- a/tasks/lxc_cache.yml +++ b/tasks/lxc_cache.yml @@ -37,7 +37,7 @@ set_fact: lxc_image_cache_refresh: true when: - cache_time | int >= (expiry.content | default('MQo=') | b64decode | int) + - cache_time | int >= (expiry.content | default('MQo=') | b64decode | int) tags: - always diff --git a/tasks/lxc_cache_rootfs.yml b/tasks/lxc_cache_rootfs.yml index dab91243..5d534af9 100644 --- a/tasks/lxc_cache_rootfs.yml +++ b/tasks/lxc_cache_rootfs.yml @@ -31,14 +31,14 @@ name: systemd_mount vars: systemd_mounts: - - what: '/var/lib/machines.raw' - where: '/var/lib/machines' - type: 'ext4' - options: 'loop' + - what: "/var/lib/machines.raw" + where: "/var/lib/machines" + type: "ext4" + options: "loop" unit: ConditionPathExists: - - '/var/lib/machines.raw' - state: 'started' + - "/var/lib/machines.raw" + state: "started" enabled: true - name: Remove the old image cache diff --git a/tasks/lxc_install_apt.yml b/tasks/lxc_install_apt.yml index a18084ba..50bd09d6 100644 --- a/tasks/lxc_install_apt.yml +++ b/tasks/lxc_install_apt.yml @@ -17,7 +17,7 @@ apt: pkg: "{{ lxc_hosts_remove_distro_packages }}" state: absent - purge: yes + purge: true tags: - lxc-apt-packages @@ -26,7 +26,7 @@ pkg: "{{ lxc_hosts_distro_packages }}" state: "{{ lxc_hosts_package_state }}" default_release: "{{ lxc_default_release | default(omit) }}" - update_cache: yes + update_cache: true policy_rc_d: 101 cache_valid_time: "{{ cache_timeout }}" register: install_packages diff --git a/tasks/lxc_install_dnf.yml b/tasks/lxc_install_dnf.yml index 23c1f3a7..00e91965 100644 --- a/tasks/lxc_install_dnf.yml +++ b/tasks/lxc_install_dnf.yml @@ -23,13 +23,12 @@ name: thm-lxc3.0 description: "Copr repo for lxc3.0 owned by thm" baseurl: "{{ lxc_centos_package_baseurl }}" - enabled: yes - gpgcheck: yes + enabled: true + gpgcheck: true gpgkey: "{{ lxc_centos_package_key }}" - repo_gpgcheck: no + repo_gpgcheck: false state: present - - name: Add GPG key for COPR LXC repo rpm_key: key: "{{ lxc_centos_package_key }}" @@ -39,7 +38,6 @@ retries: 5 delay: 2 - - name: Download EPEL gpg keys get_url: url: "{{ lxc_centos_epel_key }}" @@ -60,9 +58,9 @@ name: epel-lxc_hosts baseurl: "{{ lxc_centos_epel_mirror ~ '/' ~ ansible_facts['distribution_major_version'] ~ '/Everything/' ~ ansible_facts['architecture'] }}" description: "Extra Packages for Enterprise Linux {{ ansible_facts['distribution_major_version'] }} - $basearch" - gpgcheck: yes + gpgcheck: true gpgkey: "file:///etc/pki/rpm-gpg/{{ lxc_centos_epel_key.split('/')[-1] }}" - enabled: yes + enabled: true state: present includepkgs: "systemd-networkd" register: install_epel_repo diff --git a/tasks/lxc_net.yml b/tasks/lxc_net.yml index 2353d7fd..29801fe0 100644 --- a/tasks/lxc_net.yml +++ b/tasks/lxc_net.yml @@ -1,5 +1,4 @@ --- - # Copyright 2014, Rackspace US, Inc. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -29,7 +28,7 @@ - name: Ensure network services wait on networking (if using NetworkManager) service: name: NetworkManager-wait-online.service - enabled: yes + enabled: true when: networkmanager_check.rc == 0 # NOTE(mhayden): There are systemd services that act like ifup/ifdown hooks @@ -38,7 +37,7 @@ - name: Disable and stop lxc-net systemd: name: lxc-net - enabled: no + enabled: false state: stopped masked: true tags: @@ -63,7 +62,7 @@ ForwardDelaySec: 0 HelloTimeSec: 2 MaxAgeSec: 12 - STP: off + STP: false systemd_networkd_prefix: "lxc-net" systemd_run_networkd: true systemd_netdevs: "{{ (lxc_net_bridge_type == 'openvswitch') | ternary([], _lxc_net_bridge_devices) }}" @@ -73,7 +72,7 @@ netmask: "{{ lxc_net_netmask }}" config_overrides: Network: - ConfigureWithoutCarrier: yes + ConfigureWithoutCarrier: true Gateway: "{{ lxc_net_gateway is not none | ternary(lxc_net_gateway, {}) }}" - name: Run the systemd-service role @@ -85,7 +84,7 @@ systemd_services: - service_name: lxc-dnsmasq state: started - enabled: yes + enabled: true execstartpres: | {% set pres = ['-/usr/bin/pkill -u {{ lxc_net_dnsmasq_user }} "^dnsmasq"'] %} {% if lxc_net_manage_iptables | bool %} diff --git a/vars/debian.yml b/vars/debian.yml index 74dd8ed3..38df87c5 100644 --- a/vars/debian.yml +++ b/vars/debian.yml @@ -40,21 +40,23 @@ _lxc_cache_distro_libpython: bookworm: libpython3.11 noble: libpython3.12 -_lxc_cache_need_systemd_resolved: "{{ ansible_facts['distribution'] == 'Debian' or - (ansible_facts['distribution'] == 'Ubuntu' and - ansible_facts['distribution_major_version'] is ansible.builtin.version('24', 'ge')) }}" +_lxc_cache_need_systemd_resolved: >- + {{ + ansible_facts['distribution'] == 'Debian' or + (ansible_facts['distribution'] == 'Ubuntu' and ansible_facts['distribution_major_version'] is ansible.builtin.version('24', 'ge')) + }} # This list should contain a minimum set of packages. Add extra packages via roles that require them. _lxc_cache_distro_packages: - ca-certificates - dbus - - git # needed everywhere when wheel_build=false + - git # needed everywhere when wheel_build=false - iputils-ping - iproute2 - libxml2 - locales - netbase - - procps # needed for sysctl-container.service + - procps # needed for sysctl-container.service - python3 - "{{ _lxc_cache_distro_libpython[ansible_facts['distribution_release'] | lower] }}" - sudo diff --git a/vars/redhat.yml b/vars/redhat.yml index 2047e471..b3893fff 100644 --- a/vars/redhat.yml +++ b/vars/redhat.yml @@ -38,7 +38,7 @@ _lxc_cache_prep_template: "prep-scripts/redhat_prep.sh.j2" _lxc_cache_distro_packages: - ca-certificates - - git-core # needed everywhere when wheel_build=false + - git-core # needed everywhere when wheel_build=false - iputils - iproute - libxml2