refactor: ansible roles

Refactors with:

- fully qualified module names
- properly formed blocks
- named blocks
- corrected indenttion
- moved the when directive to top of blocks
- idempotent commands
- prefixed task_names var with role name
- added some changed when's to silence linter where needed
- suse hard coded values moved to var/main.yml

Signed-off-by: Ryan Johnson <[email protected]>

.vscode/settings.json

@@ -1,4 +1,7 @@
 {
+ // Ansible settings
+ "ansible.python.interpreterPath": "/usr/local/bin/python3",
+
  // Editor settings
  "editor.bracketPairColorization.enabled": true,
  "editor.bracketPairColorization.independentColorPoolPerBracketType": true,

ansible/linux-playbook.yml

@@ -1,9 +1,12 @@
 ---
-- become: true
- become_method: sudo
+- name: Playbook for Linux
+ become: true
+ become_method: ansible.builtin.sudo
  debugger: never
  gather_facts: true
  hosts: all
+ vars:
+ enable_cloudinit: false
  roles:
  - base
  - users

ansible/roles/base/tasks/debian.yml

@@ -2,25 +2,25 @@
 # Debian or derivative specific tasks.
 
 # Tasks for updating the operating system and installing additional packages.
-- block:
- - name: "Getting guest operating system information."
- debug:
- msg: "OS: {{ ansible_distribution }} {{ ansible_distribution_version }}"
+- name: Updating the operating system and installing additional packages.
+ when: enable_cloudinit == 'true' and ansible_distribution_version | int >= 12
+ block:
+ - name: Getting guest operating system information.
+ ansible.builtin.debug:
+ msg: "OS: {{ ansible_distribution }} {{ ansible_distribution_version }}"
 
- - name: "Updating the operating system."
- apt:
- name: "*"
- state: latest  # noqa package-latest
- update_cache: true
+  - name: Updating the operating system.
+  ansible.builtin.apt:
+  name: "*"
+  state: latest # noqa package-latest
+  update_cache: true
 
- - name: "Installing additional packages."
- apt:
- name: "{{ additional_packages[ansible_os_family] }}"
- state: latest # noqa package-latest
-
- - name: "Installing cloud-init."
- apt:
- name: cloud-init
- state: latest
- when: enable_cloudinit == 'true' and ansible_distribution_version | int >= 12
+ - name: Installing additional packages.
+ ansible.builtin.apt:
+ name: "{{ base_base_base_additional_packages[ansible_os_family] }}"
+ state: latest # noqa package-latest
 
+ - name: Installing cloud-init.
+ ansible.builtin.apt:
+ name: cloud-init
+ state: latest # noqa package-latest

ansible/roles/base/tasks/main.yml

@@ -1,12 +1,12 @@
 ---
-- name: "{{ task_name }}"
- include_tasks: "{{ ansible_os_family | lower }}.yml"
+- name: "{{ base_task_name }}"
+ ansible.builtin.include_tasks: "{{ ansible_os_family | lower }}.yml"
  when: ansible_os_family in ['Debian', 'RedHat', 'Suse']
 
-- name: "{{ task_name }}"
- include_tasks: "{{ ansible_lsb.codename | lower }}.yml"
+- name: "{{ base_task_name }}"
+ ansible.builtin.include_tasks: "{{ ansible_lsb.codename | lower }}.yml"
  when: ansible_distribution == 'VMware Photon OS'
 
-- name: "{{ task_name }}"
- include_tasks: windows.yml
+- name: "{{ base_task_name }}"
+ ansible.builtin.include_tasks: windows.yml
  when: ansible_os_family == "Windows"

ansible/roles/base/tasks/photon.yml

@@ -2,37 +2,48 @@
 # VMware Photon OS specific tasks.
 
 # Tasks to update the operating system and install additional packages.
-- block:
- - name: "Getting guest operating system information."
- debug:
- msg: "OS: {{ ansible_distribution }} {{ ansible_distribution_version }}"
-
- - name: "Updating the operating system."
- command: "tdnf -y update"
- when: ansible_distribution_version | int >= 5
-
- - block:
- - name: "Updating the repository URL."
- shell: |
- cd /etc/yum.repos.d/
- sed -i 's/dl.bintray.com\/vmware/packages.vmware.com\/photon\/$releasever/g' photon.repo photon-updates.repo photon-extras.repo photon-debuginfo.repo
-
- - name: "Updating the photon-repos."
- command: tdnf -y update photon-repos
-
- - name: "Cleaning the cache."
- command: tdnf clean all
-
- - name: "Making cache."
- command: tdnf makecache
-
- - name: "Updating the operating system."
- command: tdnf -y update
- when: ansible_distribution_version | int <= 4
-
- - name: "Installing additional packages."
- command: "tdnf -y install {{ additional_packages[ansible_os_family] | join(' ') }}"
-
- - name: "Installing cloud-init."
- command: tdnf -y install cloud-init
- when: enable_cloudinit == 'true'
+- name: Update the operating system and install additional packages.
+ block:
+ - name: Getting guest operating system information.
+ ansible.builtin.debug:
+ msg: "OS: {{ ansible_distribution }} {{ ansible_distribution_version }}"
+
+ - name: Updating the operating system.
+ ansible.builtin.command: tdnf -y update
+ when: ansible_distribution_version | int >= 5
+ changed_when: false
+
+- name: Update Photon OS Repositories and System
+ when: ansible_distribution_version | int <= 4
+ block:
+ - name: Updating the repository URL.
+ ansible.builtin.shell: |
+ cd /etc/yum.repos.d/ && \
+ sed -i 's/dl.bintray.com\/vmware/packages.vmware.com\/photon\/$releasever/g' \
+ photon.repo photon-updates.repo photon-extras.repo photon-debuginfo.repo
+ changed_when: false
+
+ - name: Updating the photon-repos.
+ ansible.builtin.command: tdnf -y update photon-repos
+ changed_when: false
+
+ - name: Cleaning the cache.
+ ansible.builtin.command: tdnf clean all
+ changed_when: false
+
+ - name: Making cache.
+ ansible.builtin.command: tdnf makecache
+ changed_when: false
+
+ - name: Updating the operating system.
+ ansible.builtin.command: tdnf -y update
+ changed_when: false
+
+- name: Installing additional packages.
+ ansible.builtin.command: tdnf -y install {{ base_additional_packages[ansible_os_family] | join(' ') }}
+ changed_when: false
+
+- name: Installing cloud-init.
+ ansible.builtin.command: tdnf -y install cloud-init
+ when: enable_cloudinit == 'true'
+ changed_when: false

ansible/roles/base/tasks/redhat.yml

@@ -1,59 +1,114 @@
----
 # Red Hat Enterprise Linux or derivative specific tasks.
 
 # Tasks for disconnecting from Red Hat Subscription Manager.
-- name: "Getting guest operating system information."
- debug:
+- name: Getting guest operating system information.
+ ansible.builtin.debug:
  msg: "OS: {{ ansible_distribution }} {{ ansible_distribution_version }}"
 
-- name: "Checking the Red Hat Subscription Manager status."
- command:
+- name: Checking the Red Hat Subscription Manager status.
+ when: ansible_distribution == 'RedHat'
+ ansible.builtin.command:
  cmd: subscription-manager status
  register: result
  failed_when: "'ERROR' in result.stderr"
- when: ansible_distribution == 'RedHat'
+ changed_when: false
 
 # Tasks for upgrading the almalinux-release package.
-- name: "Upgrade almalinux-release package."
- dnf:
- name: almalinux-release
- state: latest
- become: true
+- name: Tasks for AlmaLinux
  when: ansible_distribution == 'AlmaLinux'
+ become: true
+ block:
+ - name: Upgrade almalinux-release package.
+ ansible.builtin.dnf:
+ name: almalinux-release
+ state: latest # noqa package-latest
+
+ - name: Installing cloud-init.
+ when: enable_cloudinit == 'true' and ansible_distribution_version | int >= 8
+ ansible.builtin.dnf:
+ name: cloud-init
+ state: latest # noqa package-latest
 
 # Tasks for updating the operating system and installing additional packages.
-- block:
- - name: "Updating the operating system."
- dnf:
- name: "*"
- state: latest # noqa package-latest
- update_cache: true
-
- - name: "Installing additional packages."
- dnf:
- name: "{{ additional_packages[ansible_os_family] }}"
- state: latest # noqa package-latest
-
- - name: "Installing cloud-init."
- become: true
- dnf:
- name: cloud-init
- state: latest
- when: enable_cloudinit == 'true' and ansible_distribution_version | int >= 8
+- name: Updating the operating system and installing additional packages.
  when:
  - ansible_distribution == 'Fedora'
  - ansible_os_family == 'RedHat' and ansible_distribution_major_version | int >= 8
+ block:
+ - name: Updating the operating system.
+ ansible.builtin.dnf:
+ name: "*"
+ state: latest # noqa package-latest
+ update_cache: true
+
+ - name: Installing additional packages.
+ ansible.builtin.dnf:
+ name: "{{ base_additional_packages[ansible_os_family] }}"
+ state: latest # noqa package-latest
+
+ - name: Installing cloud-init.
+ when: enable_cloudinit == 'true' and ansible_distribution_version | int >= 8
+ become: true
+ ansible.builtin.dnf:
+ name: cloud-init
+ state: latest # noqa package-latest
+
+# Tasks for Rocky Cloud Install.
+- name: Tasks for Rocky Linux Cloud-init
+ when: ansible_distribution == 'Rocky'
+ become: true
+ block:
+ - name: Installing cloud-init.
+ when: enable_cloudinit == 'true' and ansible_distribution_version | int >= 8
+ ansible.builtin.dnf:
+ name: cloud-init
+ state: latest # noqa package-latest
+
+# Tasks for Oracle Cloud Install.
+- name: Tasks for Oracle Linux Cloud-init
+ when: ansible_distribution == 'OracleLinux'
+ become: true
+ block:
+ - name: Installing cloud-init.
+ when: enable_cloudinit == 'true' and ansible_distribution_version | int >= 8
+ ansible.builtin.dnf:
+ name: cloud-init
+ state: latest # noqa package-latest
+
+# Tasks for CentOS Cloud Install.
+- name: Tasks for Centos Linux Cloud-init
+ when: ansible_distribution == 'CentOS'
+ become: true
+ block:
+ - name: Installing cloud-init.
+ when: enable_cloudinit == 'true' and ansible_distribution_version | int >= 8
+ ansible.builtin.dnf:
+ name: cloud-init
+ state: latest # noqa package-latest
 
 # Tasks for updating the operating system and installing additional packages.
-- block:
- - name: "Updating the operating system."
- yum:
- name: "*"
- state: latest # noqa package-latest
- update_cache: true
-
- - name: "Installing additional packages."
- yum:
- name: "{{ additional_packages[ansible_os_family] }}"
- state: latest # noqa package-latest
+- name: Updating the operating system and installing additional packages.
  when: ansible_os_family == 'RedHat' and ansible_distribution_major_version | int < 8
+ block:
+ - name: Updating the operating system.
+ ansible.builtin.yum: # noqa fqcn[action-core]
+ name: "*"
+ state: latest # noqa package-latest
+ update_cache: true
+
+ - name: Installing additional packages.
+ ansible.builtin.yum: # noqa fqcn[action-core]
+ name: "{{ base_additional_packages[ansible_os_family] }}"
+ state: latest # noqa package-latest
+
+# Tasks for CentOS Cloud Install.
+- name: Tasks for Centos Linux Cloud-init
+ when: ansible_distribution == 'CentOS'
+ become: true
+ block:
+ - name: Installing cloud-init.
+ when: enable_cloudinit == 'true' and ansible_distribution_version | int < 8
+ ansible.builtin.yum:
+ name: cloud-init
+ state: latest # noqa package-latest
+```