Add .editorconfig file (#6307)

2026-04-04 17:55:12 -02:30 · 2020-06-29 21:39:59 +02:00
parent 09b23f96d7
commit 4c1e0b188d
67 changed files with 232 additions and 217 deletions
--- a/roles/container-engine/containerd/templates/apt_preferences.d/debian_containerd.j2
+++ b/roles/container-engine/containerd/templates/apt_preferences.d/debian_containerd.j2
@@ -1,3 +1,3 @@
-Package: {{ containerd_package }}
-Pin: version {{ containerd_version }}*
-Pin-Priority: 1001
+Package: {{ containerd_package }}
+Pin: version {{ containerd_version }}*
+Pin-Priority: 1001
--- a/roles/container-engine/containerd/vars/debian.yml
+++ b/roles/container-engine/containerd/vars/debian.yml
@@ -15,8 +15,8 @@ containerd_repo_info:
  pkg_repo: apt_repository
  repos:
    - >
-       deb {{ containerd_debian_repo_base_url }}
-       {{ ansible_distribution_release|lower }}
-       {{ containerd_debian_repo_component }}
+      deb {{ containerd_debian_repo_base_url }}
+      {{ ansible_distribution_release|lower }}
+      {{ containerd_debian_repo_component }}

 runc_binary: /usr/bin/runc
--- a/roles/container-engine/containerd/vars/ubuntu-amd64.yml
+++ b/roles/container-engine/containerd/vars/ubuntu-amd64.yml
@@ -15,8 +15,8 @@ containerd_repo_info:
  pkg_repo: apt_repository
  repos:
    - >
-       deb {{ containerd_ubuntu_repo_base_url }}
-       {{ ansible_distribution_release|lower }}
-       {{ containerd_ubuntu_repo_component }}
+      deb {{ containerd_ubuntu_repo_base_url }}
+      {{ ansible_distribution_release|lower }}
+      {{ containerd_ubuntu_repo_component }}

 runc_binary: /usr/bin/runc
--- a/roles/container-engine/docker/vars/debian.yml
+++ b/roles/container-engine/docker/vars/debian.yml
@@ -41,9 +41,9 @@ docker_repo_info:
  pkg_repo: apt_repository
  repos:
    - >
-       deb {{ docker_debian_repo_base_url }}
-       {{ ansible_distribution_release|lower }}
-       stable
+      deb {{ docker_debian_repo_base_url }}
+      {{ ansible_distribution_release|lower }}
+      stable

 dockerproject_repo_key_info:
  pkg_key: apt_key
@@ -55,6 +55,6 @@ dockerproject_repo_info:
  pkg_repo: apt_repository
  repos:
    - >
-       deb {{ docker_debian_repo_base_url }}
-       {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
-       main
+      deb {{ docker_debian_repo_base_url }}
+      {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
+      main
--- a/roles/container-engine/docker/vars/ubuntu-amd64.yml
+++ b/roles/container-engine/docker/vars/ubuntu-amd64.yml
@@ -41,9 +41,9 @@ docker_repo_info:
  pkg_repo: apt_repository
  repos:
    - >
-       deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
-       {{ ansible_distribution_release|lower }}
-       stable
+      deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
+      {{ ansible_distribution_release|lower }}
+      stable

 dockerproject_repo_key_info:
  pkg_key: apt_key
@@ -55,6 +55,6 @@ dockerproject_repo_info:
  pkg_repo: apt_repository
  repos:
    - >
-       deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
-       {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
-       main
+      deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
+      {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
+      main
--- a/roles/container-engine/docker/vars/ubuntu-arm64.yml
+++ b/roles/container-engine/docker/vars/ubuntu-arm64.yml
@@ -37,9 +37,9 @@ docker_repo_info:
  pkg_repo: apt_repository
  repos:
    - >
-       deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
-       {{ ansible_distribution_release|lower }}
-       stable
+      deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
+      {{ ansible_distribution_release|lower }}
+      stable

 dockerproject_repo_key_info:
  pkg_key: apt_key
@@ -51,6 +51,6 @@ dockerproject_repo_info:
  pkg_repo: apt_repository
  repos:
    - >
-       deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
-       {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
-       main
+      deb [arch={{ host_architecture }}] {{ docker_ubuntu_repo_base_url }}
+      {{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
+      main
--- a/roles/etcd/tasks/check_certs.yml
+++ b/roles/etcd/tasks/check_certs.yml
@@ -30,14 +30,14 @@
  with_items: "{{ expected_files }}"
  vars:
    expected_files: >-
-       ['{{ etcd_cert_dir }}/ca.pem',
-       {% set all_etcd_hosts = groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort %}
-       {% for host in all_etcd_hosts %}
-         '{{ etcd_cert_dir }}/node-{{ host }}-key.pem',
-         '{{ etcd_cert_dir }}/admin-{{ host }}-key.pem',
-         '{{ etcd_cert_dir }}/member-{{ host }}-key.pem'
-         {% if not loop.last %}{{','}}{% endif %}
-       {% endfor %}]
+      ['{{ etcd_cert_dir }}/ca.pem',
+      {% set all_etcd_hosts = groups['k8s-cluster']|union(groups['etcd'])|union(groups['calico-rr']|default([]))|unique|sort %}
+      {% for host in all_etcd_hosts %}
+        '{{ etcd_cert_dir }}/node-{{ host }}-key.pem',
+        '{{ etcd_cert_dir }}/admin-{{ host }}-key.pem',
+        '{{ etcd_cert_dir }}/member-{{ host }}-key.pem'
+        {% if not loop.last %}{{','}}{% endif %}
+      {% endfor %}]

 - name: "Check_certs | Set 'gen_master_certs' to true"
  set_fact:
--- a/roles/etcd/tasks/gen_certs_script.yml
+++ b/roles/etcd/tasks/gen_certs_script.yml
@@ -111,9 +111,9 @@

 - name: Gen_certs | Set cert names per node
  set_fact:
-    my_etcd_node_certs: ['ca.pem',
-                         'node-{{ inventory_hostname }}.pem',
-                         'node-{{ inventory_hostname }}-key.pem']
+    my_etcd_node_certs: [ 'ca.pem',
+                          'node-{{ inventory_hostname }}.pem',
+                          'node-{{ inventory_hostname }}-key.pem']
  tags:
    - facts

--- a/roles/etcd/tasks/install_etcdctl_docker.yml
+++ b/roles/etcd/tasks/install_etcdctl_docker.yml
@@ -1,9 +1,9 @@
 ---
 - name: Install | Copy etcdctl binary from docker container
  command: sh -c "{{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy;
-           {{ docker_bin_dir }}/docker create --name etcdctl-binarycopy {{ etcd_image_repo }}:{{ etcd_image_tag }} &&
-           {{ docker_bin_dir }}/docker cp etcdctl-binarycopy:/usr/local/bin/etcdctl {{ bin_dir }}/etcdctl &&
-           {{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy"
+            {{ docker_bin_dir }}/docker create --name etcdctl-binarycopy {{ etcd_image_repo }}:{{ etcd_image_tag }} &&
+            {{ docker_bin_dir }}/docker cp etcdctl-binarycopy:/usr/local/bin/etcdctl {{ bin_dir }}/etcdctl &&
+            {{ docker_bin_dir }}/docker rm -f etcdctl-binarycopy"
  register: etcdctl_install_result
  until: etcdctl_install_result.rc == 0
  retries: "{{ etcd_retries }}"
--- a/roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2
+++ b/roles/kubernetes-apps/cloud_controller/oci/templates/controller-manager-config.yml.j2
@@ -18,14 +18,14 @@ auth:
  useInstancePrincipals: true
 {% else %}
  useInstancePrincipals: false
-  
+
  region: {{ oci_region_id }}
  tenancy: {{ oci_tenancy_id }}
  user: {{ oci_user_id }}
-  key: | 
+  key: |
    {{ oci_private_key }}

-  {% if oci_private_key_passphrase is defined %}  
+  {% if oci_private_key_passphrase is defined %}
  passphrase: {{ oci_private_key_passphrase }}
  {% endif %}

@@ -75,16 +75,16 @@ loadBalancer:
 # Optional rate limit controls for accessing OCI API
 rateLimiter:
 {% if oci_rate_limit.rate_limit_qps_read %}
-  rateLimitQPSRead: {{ oci_rate_limit.rate_limit_qps_read }} 
+  rateLimitQPSRead: {{ oci_rate_limit.rate_limit_qps_read }}
 {% endif %}
 {% if oci_rate_limit.rate_limit_qps_write %}
-  rateLimitQPSWrite: {{ oci_rate_limit.rate_limit_qps_write }} 
+  rateLimitQPSWrite: {{ oci_rate_limit.rate_limit_qps_write }}
 {% endif %}
 {% if oci_rate_limit.rate_limit_bucket_read %}
-  rateLimitBucketRead: {{ oci_rate_limit.rate_limit_bucket_read }} 
+  rateLimitBucketRead: {{ oci_rate_limit.rate_limit_bucket_read }}
 {% endif %}
 {% if oci_rate_limit.rate_limit_bucket_write %}
-  rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }} 
+  rateLimitBucketWrite: {{ oci_rate_limit.rate_limit_bucket_write }}
 {% endif %}
 {% endif %}

--- a/roles/kubernetes-apps/cluster_roles/templates/node-webhook-cr.yml.j2
+++ b/roles/kubernetes-apps/cluster_roles/templates/node-webhook-cr.yml.j2
@@ -17,4 +17,4 @@ rules:
      - nodes/spec
      - nodes/metrics
    verbs:
-      - "*"
+      - "*"
--- a/roles/kubernetes-apps/csi_driver/cinder/defaults/main.yml
+++ b/roles/kubernetes-apps/csi_driver/cinder/defaults/main.yml
@@ -14,4 +14,4 @@ cinder_cacert: "{{ lookup('env','OS_CACERT') }}"

 # For now, only Cinder v3 is supported in Cinder CSI driver
 cinder_blockstorage_version: "v3"
-cinder_csi_controller_replicas: 1
+cinder_csi_controller_replicas: 1
--- a/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin-rbac.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/cinder/templates/cinder-csi-controllerplugin-rbac.yml.j2
@@ -8,7 +8,7 @@ metadata:
  namespace: kube-system

 ---
-# external attacher 
+# external attacher
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
 metadata:
--- a/roles/kubernetes-apps/csi_driver/gcp_pd/templates/gcp-pd-csi-setup.yml.j2
+++ b/roles/kubernetes-apps/csi_driver/gcp_pd/templates/gcp-pd-csi-setup.yml.j2
@@ -197,4 +197,4 @@ roleRef:
 subjects:
 - kind: ServiceAccount
  name: csi-gce-pd-node-sa
-  namespace: kube-system
+  namespace: kube-system
--- a/roles/kubernetes-apps/external_provisioner/local_path_provisioner/defaults/main.yml
+++ b/roles/kubernetes-apps/external_provisioner/local_path_provisioner/defaults/main.yml
@@ -6,4 +6,4 @@ local_path_provisioner_reclaim_policy: Delete
 local_path_provisioner_claim_root: /opt/local-path-provisioner/
 local_path_provisioner_is_default_storageclass: "true"
 local_path_provisioner_debug: false
-local_path_provisioner_helper_image_tag: "latest"
+local_path_provisioner_helper_image_tag: "latest"
--- a/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-ns.yml.j2
+++ b/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-ns.yml.j2
@@ -2,4 +2,4 @@
 apiVersion: v1
 kind: Namespace
 metadata:
-  name: {{ local_path_provisioner_namespace }}
+  name: {{ local_path_provisioner_namespace }}
--- a/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-sa.yml.j2
+++ b/roles/kubernetes-apps/external_provisioner/local_path_provisioner/templates/local-path-storage-sa.yml.j2
@@ -3,4 +3,4 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
  name: local-path-provisioner-service-account
-  namespace: {{ local_path_provisioner_namespace }}
+  namespace: {{ local_path_provisioner_namespace }}
--- a/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-clusterrole.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-clusterrole.yml.j2
@@ -10,4 +10,4 @@ rules:
    verbs: ["list", "create", "get", "update", "watch", "patch"]
  - apiGroups: ["", "extensions"]
    resources: ["nodes", "pods", "secrets", "services", "namespaces"]
-    verbs: ["get", "list", "watch"]
+    verbs: ["get", "list", "watch"]
--- a/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-deploy.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/alb_ingress_controller/templates/alb-ingress-deploy.yml.j2
@@ -33,7 +33,7 @@ spec:
        # Limit the namespace where this ALB Ingress Controller deployment will
        # resolve ingress resources. If left commented, all namespaces are used.
        #- --watch-namespace=your-k8s-namespace
-        
+
        # Setting the ingress-class flag below will ensure that only ingress resources with the
        # annotation kubernetes.io/ingress.class: "alb" are respected by the controller. You may
        # choose any class you'd like for this controller to respect.
@@ -42,7 +42,7 @@ spec:
        # by the ALB Ingress Controller, providing distinction between
        # clusters.
        - --cluster-name={{ cluster_name }}
-        
+
        # Enables logging on all outbound requests sent to the AWS API.
        # If logging is desired, set to true.
        # - ---aws-api-debug
@@ -71,4 +71,4 @@ spec:
      terminationGracePeriodSeconds: 30
 {% if rbac_enabled %}
      serviceAccountName: alb-ingress
-{% endif %}
+{% endif %}
--- a/roles/kubernetes-apps/ingress_controller/cert_manager/templates/crd-certificate.yml.j2
+++ b/roles/kubernetes-apps/ingress_controller/cert_manager/templates/crd-certificate.yml.j2
@@ -20,4 +20,4 @@ spec:
    shortNames:
      - cert
      - certs
-      
+
--- a/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
+++ b/roles/kubernetes/master/templates/kubeadm-config.v1beta2.yaml.j2
@@ -325,32 +325,32 @@ apiVersion: kubeproxy.config.k8s.io/v1alpha1
 kind: KubeProxyConfiguration
 bindAddress: {{ kube_proxy_bind_address }}
 clientConnection:
- acceptContentTypes: {{ kube_proxy_client_accept_content_types }}
- burst: {{ kube_proxy_client_burst }}
- contentType: {{ kube_proxy_client_content_type }}
- kubeconfig: {{ kube_proxy_client_kubeconfig }}
- qps: {{ kube_proxy_client_qps }}
+  acceptContentTypes: {{ kube_proxy_client_accept_content_types }}
+  burst: {{ kube_proxy_client_burst }}
+  contentType: {{ kube_proxy_client_content_type }}
+  kubeconfig: {{ kube_proxy_client_kubeconfig }}
+  qps: {{ kube_proxy_client_qps }}
 clusterCIDR: {{ kube_pods_subnet }}
 configSyncPeriod: {{ kube_proxy_config_sync_period }}
 conntrack:
- maxPerCore: {{ kube_proxy_conntrack_max_per_core }}
- min: {{ kube_proxy_conntrack_min }}
- tcpCloseWaitTimeout: {{ kube_proxy_conntrack_tcp_close_wait_timeout }}
- tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
+  maxPerCore: {{ kube_proxy_conntrack_max_per_core }}
+  min: {{ kube_proxy_conntrack_min }}
+  tcpCloseWaitTimeout: {{ kube_proxy_conntrack_tcp_close_wait_timeout }}
+  tcpEstablishedTimeout: {{ kube_proxy_conntrack_tcp_established_timeout }}
 enableProfiling: {{ kube_proxy_enable_profiling }}
 healthzBindAddress: {{ kube_proxy_healthz_bind_address }}
 hostnameOverride: {{ kube_override_hostname }}
 iptables:
- masqueradeAll: {{ kube_proxy_masquerade_all }}
- masqueradeBit: {{ kube_proxy_masquerade_bit }}
- minSyncPeriod: {{ kube_proxy_min_sync_period }}
- syncPeriod: {{ kube_proxy_sync_period }}
+  masqueradeAll: {{ kube_proxy_masquerade_all }}
+  masqueradeBit: {{ kube_proxy_masquerade_bit }}
+  minSyncPeriod: {{ kube_proxy_min_sync_period }}
+  syncPeriod: {{ kube_proxy_sync_period }}
 ipvs:
- excludeCIDRs: {{ kube_proxy_exclude_cidrs }}
- minSyncPeriod: {{ kube_proxy_min_sync_period }}
- scheduler: {{ kube_proxy_scheduler }}
- syncPeriod: {{ kube_proxy_sync_period }}
- strictARP: {{ kube_proxy_strict_arp }}
+  excludeCIDRs: {{ kube_proxy_exclude_cidrs }}
+  minSyncPeriod: {{ kube_proxy_min_sync_period }}
+  scheduler: {{ kube_proxy_scheduler }}
+  syncPeriod: {{ kube_proxy_sync_period }}
+  strictARP: {{ kube_proxy_strict_arp }}
 metricsBindAddress: {{ kube_proxy_metrics_bind_address }}
 mode: {{ kube_proxy_mode }}
 nodePortAddresses: {{ kube_proxy_nodeport_addresses }}
--- a/roles/kubernetes/master/templates/webhook-token-auth-config.yaml.j2
+++ b/roles/kubernetes/master/templates/webhook-token-auth-config.yaml.j2
@@ -14,4 +14,4 @@ contexts:
 - context:
    cluster: webhook-token-auth-cluster
    user: webhook-token-auth-user
-  name: webhook-token-auth
+  name: webhook-token-auth
--- a/roles/kubernetes/node-label/tasks/main.yml
+++ b/roles/kubernetes/node-label/tasks/main.yml
@@ -40,7 +40,7 @@

 - name: Set label to node
  command: >-
-     {{ bin_dir }}/kubectl label node {{ inventory_hostname }} {{ item }} --overwrite=true
+      {{ bin_dir }}/kubectl label node {{ inventory_hostname }} {{ item }} --overwrite=true
  loop: "{{ role_node_labels + inventory_node_labels }}"
  delegate_to: "{{ groups['kube-master'][0] }}"
  changed_when: false
--- a/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
+++ b/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
@@ -44,8 +44,8 @@
 - name: Hosts | Extract existing entries for localhost from hosts file
  set_fact:
    etc_hosts_localhosts_dict: >-
-       {%- set splitted = (item | regex_replace('[ \t]+', ' ')|regex_replace('#.*$')|trim).split( ' ') -%}
-       {{ etc_hosts_localhosts_dict|default({}) | combine({splitted[0]: splitted[1::] }) }}
+      {%- set splitted = (item | regex_replace('[ \t]+', ' ')|regex_replace('#.*$')|trim).split( ' ') -%}
+      {{ etc_hosts_localhosts_dict|default({}) | combine({splitted[0]: splitted[1::] }) }}
  with_items: "{{ (etc_hosts_content['content'] | b64decode).splitlines() }}"
  when:
    - etc_hosts_content.content is defined
--- a/roles/kubernetes/tokens/tasks/check-tokens.yml
+++ b/roles/kubernetes/tokens/tasks/check-tokens.yml
@@ -27,9 +27,9 @@
    sync_tokens: >-
      {%- set tokens = {'sync': False} -%}
      {%- for server in groups['kube-master'] | intersect(ansible_play_batch)
-         if (not hostvars[server].known_tokens.stat.exists) or
-         (hostvars[server].known_tokens.stat.checksum|default('') != known_tokens_master.stat.checksum|default('')) -%}
-         {%- set _ = tokens.update({'sync': True}) -%}
+        if (not hostvars[server].known_tokens.stat.exists) or
+        (hostvars[server].known_tokens.stat.checksum|default('') != known_tokens_master.stat.checksum|default('')) -%}
+        {%- set _ = tokens.update({'sync': True}) -%}
      {%- endfor -%}
      {{ tokens.sync }}
  run_once: true
--- a/roles/kubespray-defaults/defaults/main.yaml
+++ b/roles/kubespray-defaults/defaults/main.yaml
@@ -434,13 +434,13 @@ loadbalancer_apiserver_type: "nginx"
 apiserver_loadbalancer_domain_name: "lb-apiserver.kubernetes.local"
 kube_apiserver_endpoint: |-
  {% if loadbalancer_apiserver is defined -%}
-       https://{{ apiserver_loadbalancer_domain_name }}:{{ loadbalancer_apiserver.port|default(kube_apiserver_port) }}
+      https://{{ apiserver_loadbalancer_domain_name }}:{{ loadbalancer_apiserver.port|default(kube_apiserver_port) }}
  {%- elif not is_kube_master and loadbalancer_apiserver_localhost -%}
-       https://localhost:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}
+      https://localhost:{{ loadbalancer_apiserver_port|default(kube_apiserver_port) }}
  {%- elif is_kube_master -%}
-       https://{{ kube_apiserver_bind_address | regex_replace('0\.0\.0\.0','127.0.0.1') }}:{{ kube_apiserver_port }}
+      https://{{ kube_apiserver_bind_address | regex_replace('0\.0\.0\.0','127.0.0.1') }}:{{ kube_apiserver_port }}
  {%- else -%}
-       https://{{ first_kube_master }}:{{ kube_apiserver_port }}
+      https://{{ first_kube_master }}:{{ kube_apiserver_port }}
  {%- endif %}
 kube_apiserver_insecure_endpoint: >-
  http://{{ kube_apiserver_insecure_bind_address | regex_replace('0\.0\.0\.0','127.0.0.1') }}:{{ kube_apiserver_insecure_port }}
--- a/roles/network_plugin/calico/tasks/install.yml
+++ b/roles/network_plugin/calico/tasks/install.yml
@@ -198,11 +198,11 @@
    "apiVersion": "projectcalico.org/v3",
    "kind": "BGPPeer",
    "metadata": {
-       "name": "global-{{ item.router_id }}"
+      "name": "global-{{ item.router_id }}"
    },
    "spec": {
-       "asNumber": "{{ item.as }}",
-       "peerIP": "{{ item.router_id }}"
+      "asNumber": "{{ item.as }}",
+      "peerIP": "{{ item.router_id }}"
    }}' | {{ bin_dir }}/calicoctl.sh apply -f -
  register: output
  retries: 4
@@ -220,11 +220,11 @@
    "apiVersion": "projectcalico.org/v3",
    "kind": "BGPPeer",
    "metadata": {
-       "name": "peer-to-rrs"
+      "name": "peer-to-rrs"
    },
    "spec": {
-       "nodeSelector": "!has(i-am-a-route-reflector)",
-       "peerSelector": "has(i-am-a-route-reflector)"
+      "nodeSelector": "!has(i-am-a-route-reflector)",
+      "peerSelector": "has(i-am-a-route-reflector)"
    }}' | {{ bin_dir }}/calicoctl.sh apply -f -
  register: output
  retries: 4
@@ -242,11 +242,11 @@
    "apiVersion": "projectcalico.org/v3",
    "kind": "BGPPeer",
    "metadata": {
-       "name": "rr-mesh"
+      "name": "rr-mesh"
    },
    "spec": {
-       "nodeSelector": "has(i-am-a-route-reflector)",
-       "peerSelector": "has(i-am-a-route-reflector)"
+      "nodeSelector": "has(i-am-a-route-reflector)",
+      "peerSelector": "has(i-am-a-route-reflector)"
    }}' | {{ bin_dir }}/calicoctl.sh apply -f -
  register: output
  retries: 4
@@ -315,13 +315,13 @@
    "apiVersion": "projectcalico.org/v3",
    "kind": "Node",
    "metadata": {
-       "name": "{{ inventory_hostname }}"
+      "name": "{{ inventory_hostname }}"
    },
    "spec": {
-       "bgp": {
-         "asNumber": "{{ local_as }}"
-       },
-       "orchRefs":[{"nodeName":"{{ inventory_hostname }}","orchestrator":"k8s"}]
+      "bgp": {
+        "asNumber": "{{ local_as }}"
+      },
+      "orchRefs":[{"nodeName":"{{ inventory_hostname }}","orchestrator":"k8s"}]
    }}' | {{ bin_dir }}/calicoctl.sh apply -f -
  register: output
  retries: 4
@@ -339,12 +339,12 @@
    "apiVersion": "projectcalico.org/v3",
    "kind": "BGPPeer",
    "metadata": {
-       "name": "{{ inventory_hostname }}-{{ item.router_id }}"
+      "name": "{{ inventory_hostname }}-{{ item.router_id }}"
    },
    "spec": {
-       "asNumber": "{{ item.as }}",
-       "node": "{{ inventory_hostname }}",
-       "peerIP": "{{ item.router_id }}"
+      "asNumber": "{{ item.as }}",
+      "node": "{{ inventory_hostname }}",
+      "peerIP": "{{ item.router_id }}"
    }}' | {{ bin_dir }}/calicoctl.sh apply -f -
  register: output
  retries: 4
--- a/roles/network_plugin/calico/templates/calico-node.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-node.yml.j2
@@ -368,10 +368,10 @@ spec:
          secret:
            secretName: typha-client
            items:
-               - key: tls.crt
-                 path: typha-client.crt
-               - key: tls.key
-                 path: typha-client.key
+                - key: tls.crt
+                  path: typha-client.crt
+                - key: tls.key
+                  path: typha-client.key
        - name: typha-cacert
          hostPath:
            path: "/etc/kubernetes/ssl/"
--- a/roles/network_plugin/calico/templates/calico-typha.yml.j2
+++ b/roles/network_plugin/calico/templates/calico-typha.yml.j2
@@ -145,17 +145,17 @@ spec:
          periodSeconds: 10
 {% if typha_secure %}
      volumes:
-         - name: typha-server
-           secret:
-             secretName: typha-server
-             items:
-                - key: tls.crt
-                  path: server_certificate.pem
-                - key: tls.key
-                  path: server_key.pem
-         - name: cacert
-           hostPath:
-             path: "{{ kube_cert_dir }}"
+        - name: typha-server
+          secret:
+            secretName: typha-server
+            items:
+              - key: tls.crt
+                path: server_certificate.pem
+              - key: tls.key
+                path: server_key.pem
+        - name: cacert
+          hostPath:
+            path: "{{ kube_cert_dir }}"
 {% endif %}

 ---
--- a/roles/network_plugin/calico/templates/kdd-crds.yml.j2
+++ b/roles/network_plugin/calico/templates/kdd-crds.yml.j2
@@ -3,7 +3,7 @@
 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
-   name: felixconfigurations.crd.projectcalico.org
+  name: felixconfigurations.crd.projectcalico.org
 spec:
  scope: Cluster
  group: crd.projectcalico.org
--- a/roles/network_plugin/contiv/tasks/main.yml
+++ b/roles/network_plugin/contiv/tasks/main.yml
@@ -146,9 +146,9 @@

 - name: Contiv | Copy netctl binary from docker container
  command: sh -c "{{ docker_bin_dir }}/docker rm -f netctl-binarycopy;
-           {{ docker_bin_dir }}/docker create --name netctl-binarycopy {{ contiv_image_repo }}:{{ contiv_image_tag }} &&
-           {{ docker_bin_dir }}/docker cp netctl-binarycopy:/contiv/bin/netctl {{ bin_dir }}/netctl &&
-           {{ docker_bin_dir }}/docker rm -f netctl-binarycopy"
+          {{ docker_bin_dir }}/docker create --name netctl-binarycopy {{ contiv_image_repo }}:{{ contiv_image_tag }} &&
+          {{ docker_bin_dir }}/docker cp netctl-binarycopy:/contiv/bin/netctl {{ bin_dir }}/netctl &&
+          {{ docker_bin_dir }}/docker rm -f netctl-binarycopy"
  register: contiv_task_result
  until: contiv_task_result.rc == 0
  retries: 4
--- a/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-cleanup.yml.j2
@@ -29,15 +29,15 @@ spec:
        securityContext:
          privileged: true
        volumeMounts:
-         - mountPath: /etc/openvswitch
-           name: etc-openvswitch
-           readOnly: false
-         - mountPath: /var/run
-           name: var-run
-           readOnly: false
-         - mountPath: /opt/cni/bin
-           name: cni-bin-dir
-           readOnly: false
+          - mountPath: /etc/openvswitch
+            name: etc-openvswitch
+            readOnly: false
+          - mountPath: /var/run
+            name: var-run
+            readOnly: false
+          - mountPath: /opt/cni/bin
+            name: cni-bin-dir
+            readOnly: false
        readinessProbe:
          exec:
            command:
--- a/roles/network_plugin/contiv/templates/contiv-config.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-config.yml.j2
@@ -22,10 +22,10 @@ data:
    }
  contiv_k8s_config: |-
    {
-       "K8S_API_SERVER": "{{ kube_apiserver_endpoint_for_contiv }}",
-       "K8S_CA": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
-       "K8S_KEY": "",
-       "K8S_CERT": "",
-       "K8S_TOKEN": "",
-       "SVC_SUBNET": "{{ kube_service_addresses }}"
+      "K8S_API_SERVER": "{{ kube_apiserver_endpoint_for_contiv }}",
+      "K8S_CA": "/var/run/secrets/kubernetes.io/serviceaccount/ca.crt",
+      "K8S_KEY": "",
+      "K8S_CERT": "",
+      "K8S_TOKEN": "",
+      "SVC_SUBNET": "{{ kube_service_addresses }}"
    }
--- a/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-etcd-proxy.yml.j2
@@ -20,12 +20,12 @@ spec:
      dnsPolicy: ClusterFirstWithHostNet
      hostPID: true
      affinity:
-       nodeAffinity:
-         requiredDuringSchedulingIgnoredDuringExecution:
-           nodeSelectorTerms:
-           - matchExpressions:
-             - key: node-role.kubernetes.io/master
-               operator: DoesNotExist
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: node-role.kubernetes.io/master
+                operator: DoesNotExist
      containers:
        - name: contiv-etcd-proxy
          image: {{ contiv_etcd_image_repo }}:{{ contiv_etcd_image_tag }}
--- a/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-netplugin.yml.j2
@@ -78,8 +78,8 @@ spec:
              value: kubernetes
            - name: CONTIV_NETPLUGIN_VTEP_IP
              valueFrom:
-                 fieldRef:
-                    fieldPath: status.podIP
+                fieldRef:
+                  fieldPath: status.podIP
            - name: CONTIV_NETPLUGIN_ETCD_ENDPOINTS
              valueFrom:
                configMapKeyRef:
--- a/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
+++ b/roles/network_plugin/contiv/templates/contiv-ovs.yml.j2
@@ -57,15 +57,15 @@ spec:
                name: contiv-config
                key: contiv_ovs_vswitchd_extra_flags
        volumeMounts:
-         - mountPath: /etc/openvswitch
-           name: etc-openvswitch
-           readOnly: false
-         - mountPath: /lib/modules
-           name: lib-modules
-           readOnly: true
-         - mountPath: /var/run
-           name: var-run
-           readOnly: false
+          - mountPath: /etc/openvswitch
+            name: etc-openvswitch
+            readOnly: false
+          - mountPath: /lib/modules
+            name: lib-modules
+            readOnly: true
+          - mountPath: /var/run
+            name: var-run
+            readOnly: false
      volumes:
        # Used by contiv-ovs
        - name: etc-openvswitch
--- a/roles/network_plugin/kube-ovn/defaults/main.yml
+++ b/roles/network_plugin/kube-ovn/defaults/main.yml
@@ -13,4 +13,4 @@ kube_ovn_pinger_cpu_limit: 200m
 kube_ovn_pinger_memory_limit: 400Mi

 traffic_mirror: true
-encap_checksum: true
+encap_checksum: true
--- a/roles/network_plugin/kube-ovn/templates/cni-kube-ovn-crd.yml.j2
+++ b/roles/network_plugin/kube-ovn/templates/cni-kube-ovn-crd.yml.j2
@@ -104,4 +104,4 @@ spec:
      JSONPath: .spec.providerInterfaceName
    - name: Subnet
      type: string
-      JSONPath: .spec.subnet
+      JSONPath: .spec.subnet
--- a/roles/network_plugin/kube-ovn/templates/cni-ovn.yml.j2
+++ b/roles/network_plugin/kube-ovn/templates/cni-ovn.yml.j2
@@ -349,4 +349,4 @@ spec:
            path: /var/log/openvswitch
        - name: host-log-ovn
          hostPath:
-            path: /var/log/ovn
+            path: /var/log/ovn
--- a/roles/network_plugin/kube-router/defaults/main.yml
+++ b/roles/network_plugin/kube-router/defaults/main.yml
@@ -57,4 +57,4 @@ kube_router_enable_metrics: false
 kube_router_metrics_path: /metrics

 # Prometheus metrics port to use
-kube_router_metrics_port: 9255
+kube_router_metrics_port: 9255
--- a/roles/network_plugin/multus/files/multus-clusterrole.yml
+++ b/roles/network_plugin/multus/files/multus-clusterrole.yml
@@ -25,4 +25,4 @@ rules:
    verbs:
      - create
      - patch
-      - update
+      - update
--- a/roles/upgrade/pre-upgrade/tasks/main.yml
+++ b/roles/upgrade/pre-upgrade/tasks/main.yml
@@ -3,8 +3,8 @@
 # Node NotReady: type = ready, status = Unknown
 - name: See if node is in ready state
  shell: >-
-     {{ bin_dir }}/kubectl get node {{ inventory_hostname }}
-     -o jsonpath='{ range .status.conditions[?(@.type == "Ready")].status }{ @ }{ end }'
+    {{ bin_dir }}/kubectl get node {{ inventory_hostname }}
+    -o jsonpath='{ range .status.conditions[?(@.type == "Ready")].status }{ @ }{ end }'
  register: kubectl_node_ready
  delegate_to: "{{ groups['kube-master'][0] }}"
  failed_when: false
@@ -14,8 +14,8 @@
 # else unschedulable key doesn't exist
 - name: See if node is schedulable
  shell: >-
-     {{ bin_dir }}/kubectl get node {{ inventory_hostname }}
-     -o jsonpath='{ .spec.unschedulable }'
+    {{ bin_dir }}/kubectl get node {{ inventory_hostname }}
+    -o jsonpath='{ .spec.unschedulable }'
  register: kubectl_node_schedulable
  delegate_to: "{{ groups['kube-master'][0] }}"
  failed_when: false