From a5589beb5f64e01fecffefbcd398a34f6566e101 Mon Sep 17 00:00:00 2001
From: Dmitriy Rabotyagov <dmitriy.rabotyagov@cleura.com>
Date: Tue, 11 Jul 2023 21:56:15 +0200
Subject: [PATCH] Fix linters issue and metadata

With update of ansible-lint to version >=6.0.0 a lot of new
linters were added, that enabled by default. In order to comply
with linter rules we're applying changes to the role.

With that we also update metdata to reflect current state.

Change-Id: If6171be3d649f6e7dd26decf1460d45775bd5f9e
---
 meta/main.yml                   |  8 +++++---
 tasks/lxc_cache.yml             | 12 ++++++++----
 tasks/lxc_cache_create.yml      |  4 +++-
 tasks/lxc_cache_preparation.yml |  3 +++
 tasks/lxc_cache_rootfs.yml      |  3 ++-
 tasks/lxc_install_dnf.yml       |  6 +++---
 tasks/lxc_net.yml               |  7 ++++---
 tasks/lxc_post_install.yml      | 12 ++++++------
 tasks/lxc_pre_install.yml       |  1 +
 tasks/main.yml                  | 15 ++++++++++-----
 vars/debian.yml                 |  7 ++++---
 vars/redhat.yml                 |  9 ++++++---
 12 files changed, 55 insertions(+), 32 deletions(-)

diff --git a/meta/main.yml b/meta/main.yml
index 7eec8df6..26c4dade 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -18,7 +18,9 @@ galaxy_info:
   description: Deployment of LXC hosts for use in Rackspace Private Cloud
   company: Rackspace
   license: Apache2
-  min_ansible_version: 2.9
+  role_name: lxc_hosts
+  namespace: openstack
+  min_ansible_version: "2.10"
   platforms:
     - name: Debian
       versions:
@@ -28,8 +30,8 @@ galaxy_info:
         - jammy
     - name: EL
       versions:
-        - 9
-  categories:
+        - "9"
+  galaxy_tags:
     - cloud
     - lxc
     - development
diff --git a/tasks/lxc_cache.yml b/tasks/lxc_cache.yml
index fef2eed6..f1951f53 100644
--- a/tasks/lxc_cache.yml
+++ b/tasks/lxc_cache.yml
@@ -15,7 +15,8 @@
 
 - name: Set LXC cache fact(s)
   set_fact:
-    cache_path_fact: "{{ lxc_container_cache_path }}/{{ lxc_cache_map.distro }}/{{ lxc_cache_map.release }}/{{ lxc_cache_map.arch }}/{{ lxc_cache_default_variant }}"
+    cache_path_fact: >-
+      {{ lxc_container_cache_path }}/{{ lxc_cache_map.distro }}/{{ lxc_cache_map.release }}/{{ lxc_cache_map.arch }}/{{ lxc_cache_default_variant }}
     cache_time: "{{ now().timestamp() }}"
 
 - name: Retrieve the expiry object
@@ -36,19 +37,22 @@
   tags:
     - always
 
-- include_tasks: lxc_cache_rootfs.yml
+- name: Including lxc_cache_rootfs tasks
+  include_tasks: lxc_cache_rootfs.yml
   when:
     - lxc_image_cache_refresh | bool
   tags:
     - lxc_hosts-config
 
-- include_tasks: lxc_cache_preparation.yml
+- name: Including lxc_cache_preparation tasks
+  include_tasks: lxc_cache_preparation.yml
   when:
     - lxc_image_cache_refresh | bool
   tags:
     - lxc_hosts-config
 
-- include_tasks: lxc_cache_create.yml
+- name: Including lxc_cache_create tasks
+  include_tasks: lxc_cache_create.yml
   when:
     - lxc_image_cache_refresh | bool
   tags:
diff --git a/tasks/lxc_cache_create.yml b/tasks/lxc_cache_create.yml
index 050512f2..baafd8c4 100644
--- a/tasks/lxc_cache_create.yml
+++ b/tasks/lxc_cache_create.yml
@@ -52,13 +52,15 @@
   copy:
     content: "{{ cache_time | int + lxc_image_cache_expiration | community.general.to_seconds | int }}"
     dest: "{{ cache_path_fact }}/expiry"
+    mode: "0644"
 
 - name: Set build ID
   copy:
     content: "{{ cache_time | int }}"
     dest: "{{ cache_path_fact }}/build_id"
+    mode: "0644"
 
-- name: Create base container to use for {{ lxc_container_backing_store }}-backed containers
+- name: Create base container to use for containers with {{ lxc_container_backing_store }}
   lxc_container:
     name: "{{ lxc_container_base_name }}"
     template: "download"
diff --git a/tasks/lxc_cache_preparation.yml b/tasks/lxc_cache_preparation.yml
index 58d1751c..cf165a38 100644
--- a/tasks/lxc_cache_preparation.yml
+++ b/tasks/lxc_cache_preparation.yml
@@ -34,6 +34,7 @@
   file:
     dest: "{{ lxc_image_cache_path }}{{ item.dest | default(item.src) | dirname }}"
     state: directory
+    mode: "0755"
   with_items: "{{ lxc_container_cache_files }}"
 
 - name: Copy files from deployment host to the container cache
@@ -49,6 +50,7 @@
   file:
     dest: "{{ lxc_image_cache_path }}/opt"
     state: directory
+    mode: "0755"
 
 - name: Cached image preparation script
   template:
@@ -75,6 +77,7 @@
     dest: "{{ lxc_image_cache_path }}/root/.ssh/authorized_keys"
     line: "{{ lxc_container_ssh_key }}"
     create: true
+    mode: "0600"
 
 # NOTE(cloudnull): Wait for the cache preparation script has completed before
 #                  building the new RootFS
diff --git a/tasks/lxc_cache_rootfs.yml b/tasks/lxc_cache_rootfs.yml
index ca1784d3..1da72051 100644
--- a/tasks/lxc_cache_rootfs.yml
+++ b/tasks/lxc_cache_rootfs.yml
@@ -52,6 +52,7 @@
   file:
     path: "/var/lib/machines/{{ lxc_container_base_name }}"
     state: directory
+    mode: "0755"
   register: create_new_dir
 
 - name: Tasks for image download
@@ -76,4 +77,4 @@
 - name: Build the base image using a CLI tool
   command: "{{ lxc_hosts_container_build_command }}"
   when: lxc_hosts_container_build_command | length > 0
-
+  changed_when: false
diff --git a/tasks/lxc_install_dnf.yml b/tasks/lxc_install_dnf.yml
index f8342d49..23c1f3a7 100644
--- a/tasks/lxc_install_dnf.yml
+++ b/tasks/lxc_install_dnf.yml
@@ -30,7 +30,6 @@
     state: present
 
 
-
 - name: Add GPG key for COPR LXC repo
   rpm_key:
     key: "{{ lxc_centos_package_key }}"
@@ -43,8 +42,9 @@
 
 - name: Download EPEL gpg keys
   get_url:
-     url: "{{ lxc_centos_epel_key }}"
-     dest: /etc/pki/rpm-gpg
+    url: "{{ lxc_centos_epel_key }}"
+    dest: /etc/pki/rpm-gpg
+    mode: "0640"
   register: _get_yum_keys
   until: _get_yum_keys is success
   retries: 5
diff --git a/tasks/lxc_net.yml b/tasks/lxc_net.yml
index 1ba8578f..bcfc9369 100644
--- a/tasks/lxc_net.yml
+++ b/tasks/lxc_net.yml
@@ -46,7 +46,7 @@
 # and handle the customized LXC container networking. Starting lxc-net will
 # trample over these hooks and cause networking issues for containers.
 - name: Disable and stop lxc-net
-  service:
+  systemd:
     name: lxc-net
     enabled: no
     state: stopped
@@ -100,7 +100,7 @@
           {% set pres = ['-/usr/bin/pkill -u {{ lxc_net_dnsmasq_user }} "^dnsmasq"'] %}
           {% if lxc_net_manage_iptables | bool %}
           {%   set _ = pres.append('/usr/local/bin/lxc-system-manage iptables-create') %}
-          {% endif%}
+          {% endif %}
           {{ pres }}
         execstarts:
           - /usr/local/bin/lxc-system-manage dnsmasq-start
@@ -132,4 +132,5 @@
     - lxc-bridge
 
 # Ensure lxc networks are running as they're supposed to
-- meta: flush_handlers
+- name: Flush handlers
+  meta: flush_handlers
diff --git a/tasks/lxc_post_install.yml b/tasks/lxc_post_install.yml
index 31504a0d..9bed91f0 100644
--- a/tasks/lxc_post_install.yml
+++ b/tasks/lxc_post_install.yml
@@ -27,9 +27,9 @@
   template:
     src: "{{ item.src }}"
     dest: "{{ item.dest }}"
-    owner: "{{ item.owner|default('root') }}"
-    group: "{{ item.group|default('root') }}"
-    mode: "{{ item.mode|default('0644') }}"
+    owner: "{{ item.owner | default('root') }}"
+    group: "{{ item.group | default('root') }}"
+    mode: "{{ item.mode | default('0644') }}"
   with_items:
     - { src: lxc-openstack.conf.j2, dest: "/etc/lxc/lxc-openstack.conf" }
     - { src: lxc-net.default.j2, dest: "{{ system_config_dir }}/lxc-net", mode: "0644" }
@@ -78,8 +78,8 @@
   sysctl:
     name: "{{ item.key }}"
     value: "{{ item.value }}"
-    sysctl_set: "{{ item.set|default('yes') }}"
-    state: "{{ item.state|default('present') }}"
-    reload: "{{ item.reload|default('yes') }}"
+    sysctl_set: "{{ item.set | default('yes') }}"
+    state: "{{ item.state | default('present') }}"
+    reload: "{{ item.reload | default('yes') }}"
   failed_when: false
   with_items: "{{ lxc_kernel_options }}"
diff --git a/tasks/lxc_pre_install.yml b/tasks/lxc_pre_install.yml
index d1b1bead..2e899ab6 100644
--- a/tasks/lxc_pre_install.yml
+++ b/tasks/lxc_pre_install.yml
@@ -19,6 +19,7 @@
     state: "directory"
     owner: "root"
     group: "root"
+    mode: "0644"
   with_items:
     - /etc/lxc
     - /usr/local/bin
diff --git a/tasks/main.yml b/tasks/main.yml
index 64db2852..a4061793 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -62,25 +62,30 @@
   tags:
     - always
 
-- include_tasks: lxc_pre_install.yml
+- name: Including lxc_pre_install tasks
+  include_tasks: lxc_pre_install.yml
   tags:
     - lxc_hosts-install
 
-- include_tasks: "lxc_install_{{ ansible_facts['pkg_mgr'] }}.yml"
+- name: Including lxc_install tasks"
+  include_tasks: "lxc_install_{{ ansible_facts['pkg_mgr'] }}.yml"
   tags:
     - lxc_hosts-install
 
-- include_tasks: lxc_post_install.yml
+- name: Including lxc_post_install tasks
+  include_tasks: lxc_post_install.yml
   tags:
     - lxc_hosts-config
 
-- include_tasks: lxc_net.yml
+- name: Including lxc_net tasks
+  include_tasks: lxc_net.yml
   when:
     - lxc_net_managed | bool
   tags:
     - lxc_hosts-config
 
-- include_tasks: lxc_cache.yml
+- name: Including lxc_cache tasks
+  include_tasks: lxc_cache.yml
   tags:
     - lxc_hosts-install
     - lxc_hosts-config
diff --git a/vars/debian.yml b/vars/debian.yml
index 5045c7b0..41b76be0 100644
--- a/vars/debian.yml
+++ b/vars/debian.yml
@@ -13,11 +13,12 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-_lxc_hosts_container_build_command: "debootstrap --variant minbase {{ ansible_facts['distribution_release'] }} /var/lib/machines/{{ lxc_container_base_name }} {{ lxc_apt_mirror }}"
+_lxc_hosts_container_build_command: >-
+  debootstrap --variant minbase {{ ansible_facts['distribution_release'] }} /var/lib/machines/{{ lxc_container_base_name }} {{ lxc_apt_mirror }}
 
 _lxc_cache_map:
   distro: "{{ ansible_facts['distribution'] | lower }}"
-  arch: "{{ lxc_architecture_mapping.get( ansible_facts['architecture'] ) }}"
+  arch: "{{ lxc_architecture_mapping.get(ansible_facts['architecture']) }}"
   release: "{{ ansible_facts['distribution_major_version'] }}"
   copy_from_host:
     - /etc/apt/sources.list
@@ -47,7 +48,7 @@ _lxc_cache_distro_packages:
   - netbase
   - openssh-server
   - python3
-  -  "{{ _lxc_cache_distro_libpython[ansible_facts['distribution_release'] | lower] }}"
+  - "{{ _lxc_cache_distro_libpython[ansible_facts['distribution_release'] | lower] }}"
   - rsync              # os_keystone runs serial=1 and uses rsync before the distro packages have been installed on all keystone targets
   - sudo
   - systemd
diff --git a/vars/redhat.yml b/vars/redhat.yml
index 46a75497..aab795e9 100644
--- a/vars/redhat.yml
+++ b/vars/redhat.yml
@@ -17,13 +17,16 @@ _lxc_cache_core_repos_list:
   centos: "centos-stream-release centos-stream-repos"
   rocky: "rocky-release rocky-repos"
 
-_lxc_cache_core_repos: "{{ _lxc_cache_core_repos_list.get( ansible_facts['distribution'] | lower ) }}"
+_lxc_cache_core_repos: "{{ _lxc_cache_core_repos_list.get(ansible_facts['distribution'] | lower) }}"
 
-_lxc_hosts_container_build_command: "dnf --assumeyes --installroot=/var/lib/machines/{{ lxc_container_base_name }} install --setopt=install_weak_deps=False --nodocs rootfiles coreutils dnf {{ _lxc_cache_core_repos }} --releasever={{ ansible_facts['distribution_major_version'] }}"
+_lxc_hosts_container_build_command: >-
+  dnf --assumeyes --installroot=/var/lib/machines/{{ lxc_container_base_name }} install
+  --setopt=install_weak_deps=False --nodocs rootfiles coreutils dnf {{ _lxc_cache_core_repos }}
+  --releasever={{ ansible_facts['distribution_major_version'] }}
 
 _lxc_cache_map:
   distro: "{{ ansible_facts['distribution'] | lower }}"
-  arch: "{{ lxc_architecture_mapping.get( ansible_facts['architecture'] ) }}"
+  arch: "{{ lxc_architecture_mapping.get(ansible_facts['architecture']) }}"
   release: "{{ ansible_facts['distribution_major_version'] }}"
   copy_from_host:
     - /etc/default/locale