Upgrade ansible (#10190)

* project: update all dependencies including ansible Upgrade to ansible 7.x and ansible-core 2.14.x. There seems to be issue with ansible 8/ansible-core 2.15 so we remain on those versions for now. It's quite a big bump already anyway. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * tests: install aws galaxy collection Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * ansible-lint: disable various rules after ansible upgrade Temporarily disable a bunch of linting action following ansible upgrade. Those should be taken care of separately. Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve deprecated-module ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve no-free-form ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[meta] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[playbook] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve schema[tasks] ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-file-permissions ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve risky-shell-pipe ansible-lint error Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: remove deprecated warn args Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use fqcn for non builtin tasks Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: resolve syntax-check[missing-file] for contrib playbook Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> * project: use arithmetic inside jinja to fix ansible 6 upgrade Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch> --------- Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>
2026-03-11 14:39:39 -02:30 · 2023-06-26 12:15:45 +02:00
parent 3311e0a296
commit 25cb90bc2d
81 changed files with 345 additions and 207 deletions
--- a/roles/bootstrap-os/tasks/bootstrap-centos.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-centos.yml
@@ -5,7 +5,7 @@
    filter: ansible_distribution_*version

 - name: Add proxy to yum.conf or dnf.conf if http_proxy is defined
-  ini_file:
+  community.general.ini_file:
    path: "{{ ( (ansible_distribution_major_version | int) < 8) | ternary('/etc/yum.conf','/etc/dnf/dnf.conf') }}"
    section: main
    option: proxy
@@ -21,6 +21,7 @@
  get_url:
    url: https://yum.oracle.com/public-yum-ol7.repo
    dest: /etc/yum.repos.d/public-yum-ol7.repo
+    mode: 0644
  when:
    - use_oracle_public_repo|default(true)
    - '''ID="ol"'' in os_release.stdout_lines'
@@ -28,7 +29,7 @@
  environment: "{{ proxy_env }}"

 - name: Enable Oracle Linux repo
-  ini_file:
+  community.general.ini_file:
    dest: /etc/yum.repos.d/public-yum-ol7.repo
    section: "{{ item }}"
    option: enabled
@@ -53,7 +54,7 @@
    - (ansible_distribution_version | float) >= 7.6

 - name: Enable Oracle Linux repo
-  ini_file:
+  community.general.ini_file:
    dest: "/etc/yum.repos.d/oracle-linux-ol{{ ansible_distribution_major_version }}.repo"
    section: "ol{{ ansible_distribution_major_version }}_addons"
    option: "{{ item.option }}"
@@ -69,7 +70,7 @@
    - (ansible_distribution_version | float) >= 7.6

 - name: Enable Centos extra repo for Oracle Linux
-  ini_file:
+  community.general.ini_file:
    dest: "/etc/yum.repos.d/centos-extras.repo"
    section: "extras"
    option: "{{ item.option }}"
--- a/roles/bootstrap-os/tasks/bootstrap-fedora.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-fedora.yml
@@ -10,7 +10,7 @@
    - facts

 - name: Add proxy to dnf.conf if http_proxy is defined
-  ini_file:
+  community.general.ini_file:
    path: "/etc/dnf/dnf.conf"
    section: main
    option: proxy
--- a/roles/bootstrap-os/tasks/bootstrap-opensuse.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-opensuse.yml
@@ -58,7 +58,7 @@

 # Without this package, the get_url module fails when trying to handle https
 - name: Install python-cryptography
-  zypper:
+  community.general.zypper:
    name: python-cryptography
    state: present
    update_cache: true
@@ -67,7 +67,7 @@
    - ansible_distribution_version is version('15.4', '<')

 - name: Install python3-cryptography
-  zypper:
+  community.general.zypper:
    name: python3-cryptography
    state: present
    update_cache: true
@@ -77,7 +77,7 @@

 # Nerdctl needs some basic packages to get an environment up
 - name: Install basic dependencies
-  zypper:
+  community.general.zypper:
    name:
      - iptables
      - apparmor-parser
--- a/roles/bootstrap-os/tasks/bootstrap-redhat.yml
+++ b/roles/bootstrap-os/tasks/bootstrap-redhat.yml
@@ -5,7 +5,7 @@
    filter: ansible_distribution_*version

 - name: Add proxy to yum.conf or dnf.conf if http_proxy is defined
-  ini_file:
+  community.general.ini_file:
    path: "{{ ( (ansible_distribution_major_version | int) < 8) | ternary('/etc/yum.conf','/etc/dnf/dnf.conf') }}"
    section: main
    option: proxy
@@ -31,7 +31,7 @@
  become: true

 - name: RHEL subscription Organization ID/Activation Key registration
-  redhat_subscription:
+  community.general.redhat_subscription:
    state: present
    org_id: "{{ rh_subscription_org_id }}"
    activationkey: "{{ rh_subscription_activation_key }}"
@@ -50,7 +50,7 @@

 # this task has no_log set to prevent logging security sensitive information such as subscription passwords
 - name: RHEL subscription Username/Password registration
-  redhat_subscription:
+  community.general.redhat_subscription:
    state: present
    username: "{{ rh_subscription_username }}"
    password: "{{ rh_subscription_password }}"
@@ -70,7 +70,7 @@

 # container-selinux is in extras repo
 - name: Enable RHEL 7 repos
-  rhsm_repository:
+  community.general.rhsm_repository:
    name:
      - "rhel-7-server-rpms"
      - "rhel-7-server-extras-rpms"
@@ -81,7 +81,7 @@

 # container-selinux is in appstream repo
 - name: Enable RHEL 8 repos
-  rhsm_repository:
+  community.general.rhsm_repository:
    name:
      - "rhel-8-for-*-baseos-rpms"
      - "rhel-8-for-*-appstream-rpms"