From 89f6f1fc32440ebeae8a53ae387d60ddf80a828f Mon Sep 17 00:00:00 2001 From: Ryan Lerch Date: Wed, 27 Nov 2024 13:48:08 +1000 Subject: [PATCH] Fix majority of remaining yamllint warnings and errors Signed-off-by: Ryan Lerch --- .yamllint.yaml | 7 +- files/communishift/objects/oidc_cm.yml | 1 + handlers/restart_services.yml | 10 +- main.yml | 2 +- playbooks/groups/pkgs.yml | 6 +- roles/abrt/faf-post/tasks/main.yml | 2 +- roles/abrt/faf-pre/tasks/main.yml | 10 +- roles/abrt/faf-pre/tasks/ssl.yml | 4 +- .../faf/.github/workflows/ansible-lint.yml | 9 +- roles/abrt/faf/defaults/main.yml | 6 +- roles/abrt/faf/meta/main.yml | 16 +- roles/abrt/faf/tasks/celery.yml | 1 + roles/abrt/faf/tasks/check_web.yml | 2 +- roles/abrt/faf/tasks/config.yml | 2 +- roles/abrt/faf/tasks/main.yml | 1 + roles/abrt/faf/tasks/web.yml | 2 +- roles/abrt/requirements.yml | 1 + .../abrt/retrace-post/tasks/retrace_setup.yml | 8 +- roles/abrt/retrace-pre/tasks/main.yml | 6 +- .../.github/workflows/ansible-lint.yml | 9 +- roles/abrt/retrace/meta/main.yml | 20 +- roles/abrt/retrace/tasks/config.yml | 6 +- roles/ansible-osbuild-worker/meta/main.yml | 1 + roles/apache/handlers/main.yml | 1 + roles/apache/tasks/main.yml | 2 +- roles/apps-fp-o/files/apps.yaml | 766 +++++++++--------- roles/apps-fp-o/handlers/main.yml | 1 + roles/apps-fp-o/tasks/main.yml | 1 + roles/awx/podman/tasks/main.yml | 10 +- roles/base/meta/main.yml | 8 +- roles/base/tasks/crypto-policies.yml | 1 + roles/base/tasks/postfix.yml | 7 +- roles/base/tasks/watchdog.yml | 1 + roles/basessh/tasks/main.yml | 14 +- roles/batcave/tasks/main.yml | 9 +- roles/bkernel/tasks/main.yml | 2 +- roles/blockerbugs/tasks/main.yml | 8 +- roles/bodhi2/backend/tasks/main.yml | 2 +- roles/btrfs/tasks/main.yml | 4 +- roles/builder_repo/tasks/main.yml | 1 + roles/centosci-keytab/tasks/main.yml | 2 +- roles/cgit/base/tasks/main.yml | 2 +- roles/check-compose/defaults/main.yml | 1 + roles/check-compose/handlers/main.yml | 1 + roles/check-compose/tasks/main.yml | 9 +- roles/chrony/tasks/main.yml | 1 + roles/cloudstats/tasks/main.yml | 1 + roles/collectd/base/tasks/main.yml | 7 +- .../collectd/fedmsg-activation/tasks/main.yml | 1 + roles/collectd/fedmsg-service/vars/main.yml | 1 + roles/collectd/rabbitmq/tasks/main.yml | 3 +- roles/collectd/web-service/tasks/main.yml | 2 +- roles/communishift/default/main.yml | 2 +- .../tasks/cleanup-administration-tasks.yml | 2 +- .../files/provision/create_swap_file.yml | 1 + ...ybook-prepare-builder-to-create-images.yml | 2 +- .../provision/provision_builder_tasks.yml | 4 +- roles/copr/backend/handlers/main.yml | 1 + roles/copr/backend/tasks/copr-ping.yml | 8 +- .../copr/backend/tasks/install_cloud_cert.yml | 1 + roles/copr/backend/tasks/main.yml | 20 +- roles/copr/backend/tasks/network.yml | 1 + roles/copr/backend/tasks/pulp.yml | 6 +- roles/copr/backend/tasks/resalloc.yml | 14 +- .../tasks/setup_provisioning_environment.yml | 6 +- .../templates/provision/aws_cloud_vars.yml | 1 + .../backend/templates/resalloc/server.yaml | 5 +- roles/copr/base/tasks/main.yml | 4 +- roles/copr/certbot/tasks/letsencrypt.yml | 2 +- roles/copr/certbot/tasks/main.yml | 1 + roles/copr/dist_git/handlers/main.yml | 1 + roles/copr/dist_git/tasks/main.yml | 1 + roles/copr/dist_git/tasks/mount_fs.yml | 1 + roles/copr/frontend/handlers/main.yml | 1 + roles/copr/frontend/tasks/main.yml | 12 +- roles/copr/frontend/tasks/mount_fs.yml | 2 +- roles/copr/frontend/tasks/psql_setup.yml | 5 +- roles/copr/hypervisor/tasks/main.yml | 2 +- roles/copr/keygen/tasks/setup_backup.yml | 1 + roles/debug_env/tasks/main.yml | 1 + roles/developer/build/tasks/main.yml | 1 + roles/developer/website/tasks/main.yml | 1 + roles/distgit/templates/repospanner-admin.yml | 1 - roles/dns/tasks/main.yml | 2 +- roles/docker-distribution/defaults/main.yml | 3 +- roles/docker-distribution/meta/main.yml | 61 +- roles/download/tasks/main.yml | 12 +- roles/easyfix/proxy/tasks/main.yml | 1 + roles/fas2discourse/default/main.yml | 1 + .../tasks/administration-tasks.yml | 3 +- .../tasks/create-discourse-apikey-secret.yml | 3 +- .../tasks/create-keytab-secret.yml | 7 +- roles/fas2discourse/tasks/create-keytab.yml | 3 +- .../tasks/create-operator-namespace.yml | 2 +- .../tasks/deploy-fas2discourse-operator.yml | 1 - roles/fas2discourse/templates/namespace.yml | 1 - .../templates/secret-discourse-apikey.yml | 2 +- .../fas2discourse/templates/secret-keytab.yml | 2 +- roles/fasjson/tasks/main.yml | 1 - roles/fedmsg/crl/tasks/main.yml | 1 + roles/fedmsg/gateway/slave/tasks/main.yml | 3 +- roles/fedmsg/gateway/tasks/main.yml | 1 + roles/fedmsg/hub/defaults/main.yml | 5 +- roles/fedmsg/irc/tasks/main.yml | 2 +- roles/fedmsg/relay/tasks/main.yml | 1 + roles/fedora-budget/build/tasks/main.yml | 1 + roles/fedora-budget/proxy/tasks/main.yml | 1 + roles/fedora-docs/build/tasks/main.yml | 1 + roles/fedora-docs/proxy/tasks/main.yml | 1 + roles/fedora-docs/translation/tasks/main.yml | 6 +- .../tasks/crontab_path.yml | 1 + roles/fedora-messaging-utils/tasks/main.yml | 1 + roles/fedora-web/alt/tasks/main.yml | 1 + .../candidate-registry/tasks/main.yml | 1 + roles/fedora-web/codecs/tasks/main.yml | 1 + roles/fedora-web/community/tasks/main.yml | 1 + roles/fedora-web/fedora.im/tasks/main.yml | 1 + roles/fedora-web/flocktofedora/tasks/main.yml | 1 + roles/fedora-web/getfedora/tasks/main.yml | 1 + roles/fedora-web/iot/tasks/main.yml | 1 + roles/fedora-web/labs/tasks/main.yml | 1 + roles/fedora-web/main/tasks/main.yml | 5 +- roles/fedora-web/mirrors/tasks/main.yml | 1 + roles/fedora-web/ols/tasks/main.yml | 1 + roles/fedora-web/ostree/tasks/main.yml | 1 + roles/fedora-web/registry/tasks/main.yml | 1 + roles/fedora-web/src/tasks/main.yml | 1 + roles/fedora-web/start/tasks/main.yml | 1 + roles/fedora-web/translation/tasks/main.yml | 11 +- roles/fedora_nightlies/defaults/main.yml | 1 + roles/fedora_nightlies/handlers/main.yml | 1 + roles/fedora_nightlies/tasks/main.yml | 7 +- roles/fedoraloveskde/build/tasks/main.yml | 9 +- roles/fedoraloveskde/website/tasks/main.yml | 3 +- roles/flatpak-cache/tasks/main.yml | 7 +- roles/geoip-city-wsgi/proxy/tasks/main.yml | 1 + roles/geoip/tasks/main.yml | 8 +- roles/git/checks/tasks/main.yml | 1 - roles/git/hooks/tasks/main.yml | 2 +- roles/haproxy/rewrite/tasks/main.yml | 1 + roles/haproxy/tasks/main.yml | 1 - roles/httpd/certificate/tasks/main.yml | 1 + roles/httpd/certificate/vars/main.yml | 1 + roles/httpd/domainrewrite/tasks/main.yml | 1 + roles/httpd/domainrewrite/vars/main.yml | 1 + roles/httpd/fingerprints/tasks/main.yml | 1 + roles/httpd/mime-type/tasks/main.yml | 1 + roles/httpd/mod_ssl/tasks/main.yml | 1 + roles/httpd/proxy/tasks/main.yml | 1 + roles/httpd/redirect/tasks/main.yml | 1 + roles/httpd/redirect/vars/main.yml | 1 + roles/httpd/redirectmatch/tasks/main.yml | 1 + roles/httpd/redirectmatch/vars/main.yml | 1 + roles/httpd/reverseproxy/tasks/main.yml | 1 + roles/httpd/reverseproxy/vars/main.yml | 1 + roles/httpd/website/defaults/main.yml | 5 +- roles/httpd/website/tasks/main.yml | 1 + roles/ipa/client/tasks/common.yml | 1 - roles/ipa/client/tasks/main.yml | 2 +- roles/ipsilon/defaults/main.yml | 1 + roles/ipsilon/handlers/main.yml | 2 +- roles/ipsilon/tasks/main.yml | 20 +- roles/ipsilon/tasks/patches.yml | 1 + roles/iscsi_client/tasks/main.yml | 2 +- roles/iscsi_client/vars/main.yml | 1 + roles/keepalived/handlers/main.yml | 1 + roles/keepalived/tasks/main.yml | 1 + roles/kerneltest/tasks/main.yml | 2 +- roles/keytab/service/defaults/main.yml | 1 + roles/koji_builder/defaults/main.yaml | 1 + roles/koji_builder/tasks/main.yml | 15 +- roles/koji_db/tasks/main.yml | 1 - roles/koji_hub/tasks/main.yml | 8 +- roles/kojipkgs/tasks/main.yml | 1 + roles/letsencrypt/tasks/main.yml | 1 + roles/logging/tasks/main.yml | 10 +- roles/mariadb_server/tasks/main.yml | 5 +- roles/mediawiki/tasks/main.yml | 18 +- roles/messaging/base/tasks/main.yml | 1 + roles/mirror_pagure_ansible/tasks/main.yml | 22 +- .../mirrorlist_proxy/tasks/main.yml | 4 +- .../mirrorlist_proxy/vars/main.yml | 1 + roles/mod_wsgi/meta/main.yml | 1 + roles/mote/handlers/main.yml | 1 + roles/mote/tasks/main.yml | 2 +- roles/nagios_client/tasks/main.yml | 4 +- roles/nagios_server/tasks/main.yml | 1 + roles/nfs/client/tasks/main.yml | 1 + roles/nfs/server/tasks/main.yml | 2 +- roles/nfs/server/tasks/storinator-cloud.yml | 13 +- roles/opendkim/tasks/main.yml | 1 + roles/openqa/dispatcher/defaults/main.yml | 1 + roles/openqa/dispatcher/handlers/main.yml | 1 + roles/openqa/dispatcher/tasks/main.yml | 13 +- roles/openqa/server/defaults/main.yml | 1 + roles/openqa/server/tasks/main.yml | 1 + roles/openqa/worker/defaults/main.yml | 1 + roles/openqa/worker/handlers/main.yml | 1 + roles/openqa/worker/tasks/createhdds.yml | 1 + roles/openqa/worker/tasks/main.yml | 1 + roles/openqa/worker/tasks/nfs-client.yml | 2 +- roles/openqa/worker/tasks/tap-setup.yml | 1 + .../monitoring.coreos.com_alertmanagers.yaml | 1 - .../monitoring.coreos.com_podmonitors.yaml | 1 - .../monitoring.coreos.com_prometheuses.yaml | 1 - ...monitoring.coreos.com_prometheusrules.yaml | 1 - ...monitoring.coreos.com_servicemonitors.yaml | 1 - .../monitoring.coreos.com_thanosrulers.yaml | 1 - ...prometheus-operator-crd-cluster-roles.yaml | 1 + ...metheus-operator-cluster-role-binding.yaml | 1 + .../prometheus-operator-cluster-role.yaml | 1 + .../prometheus-operator-deployment.yaml | 1 + .../prometheus-operator-service-account.yaml | 1 + .../prometheus-operator-service-monitor.yaml | 1 + .../prometheus-operator-service.yaml | 1 + .../prometheus-cluster-role-binding.yaml | 1 + .../prometheus/prometheus-cluster-role.yaml | 1 + .../prometheus-service-account.yaml | 1 + .../example/rbac/prometheus/prometheus.yaml | 1 + roles/openshift-apps/asknot/files/service.yml | 2 +- .../asknot/templates/buildconfig.yml | 1 + .../asknot/templates/imagestream.yml | 3 +- .../badges/files/imagestream.yml | 1 + .../blockerbugs/templates/cron.yml | 1 + .../templates/deploymentconfig.yml | 2 +- .../blockerbugs/templates/imagestream.yml | 2 +- .../bodhi/files/imagestream.yml | 1 + .../openshift-apps/bodhi/files/podmonitor.yml | 1 + roles/openshift-apps/bodhi/files/pvc.yml | 1 + roles/openshift-apps/bodhi/files/service.yml | 1 + .../bodhi/files/servicemonitor.yml | 3 +- .../bodhi/templates/critpathcron.yml | 1 + .../bodhi/templates/deploymentconfig.yml | 29 +- .../bodhi/templates/imagestreams-tagged.yml | 1 + .../bugzilla2fedmsg/templates/buildconfig.yml | 1 + .../bugzilla2fedmsg/templates/configmap.yml | 1 - .../templates/aws-secrets.yml | 1 + .../templates/buildconfig.yml | 1 + .../templates/container-secrets.yml | 1 + .../templates/deployment.yml | 1 + .../cloud-image-uploader/templates/secret.yml | 1 + .../compose-tracker/templates/buildconfig.yml | 1 + .../templates/deploymentconfig.yml | 1 + .../compose-tracker/templates/imagestream.yml | 3 +- .../compose-tracker/templates/secret.yml | 1 + .../openshift-apps/coreos-ci/tasks/main.yaml | 4 +- .../datagrepper/files/imagestream.yml | 1 - .../datagrepper/templates/buildconfig.yml | 1 + .../templates/deploymentconfig.yml | 7 +- .../datagrepper/templates/secret-webhook.yml | 1 + .../datagrepper/templates/service.yml | 1 + .../datanommer/files/imagestream.yml | 1 - .../datanommer/templates/buildconfig.yml | 1 + .../datanommer/templates/deploymentconfig.yml | 1 + .../datanommer/templates/job.yml | 1 + .../discourse2fedmsg/files/service.yml | 1 + .../templates/buildconfig.yml | 1 + .../openshift-apps/docsbuilding/files/pvc.yml | 1 + .../docsbuilding/templates/buildconfig.yml | 1 + .../templates/cron-translated.yml | 1 + .../docsbuilding/templates/cron.yml | 1 + .../docstranslation/templates/buildconfig.yml | 2 +- .../docstranslation/templates/configmap.yml | 1 + .../docstranslation/templates/cron.yml | 7 +- .../easyfix/files/imagestream.yml | 1 + .../openshift-apps/easyfix/files/storage.yml | 1 + .../openshift-apps/easyfix/templates/cron.yml | 2 +- .../elections/files/deploymentconfig.yml | 2 +- .../elections/files/service.yml | 1 + .../elections/templates/buildconfig.yml | 1 + .../elections/templates/configmap.yml | 1 - .../openshift-apps/fasjson/files/service.yml | 1 + .../fasjson/templates/deploymentconfig.yml | 1 + .../fasjson/templates/secret-webhook.yml | 1 + roles/openshift-apps/fedocal/files/cron.yml | 1 - .../openshift-apps/fedocal/files/service.yml | 1 + .../fedocal/templates/buildconfig.yml | 1 + .../fedocal/templates/configmap.yml | 1 - .../fedocal/templates/secret.yml | 1 - .../fedora-coreos-pipeline/tasks/main.yaml | 4 +- .../files/imagestream.yml | 2 +- .../templates/deploymentconfig.yml | 2 +- .../openshift-apps/firmitas/default/main.yml | 1 + .../firmitas/tasks/create-buildconfig.yml | 2 +- .../firmitas/tasks/create-cronjob.yml | 2 +- .../firmitas/tasks/create-deployment.yml | 2 +- .../create-firmitas-configuration-secret.yml | 6 +- .../firmitas/tasks/create-imagestream.yml | 2 +- .../firmitas/tasks/create-namespace.yml | 2 +- .../tasks/create-pagure-apikey-secret.yml | 2 +- .../tasks/create-persistent-volume-claim.yml | 2 +- .../firmitas/templates/deployment.yml | 1 - .../firmitas/templates/imagestream.yml | 1 - .../firmitas/templates/namespace.yml | 2 +- .../templates/persistent-volume-claim.yml | 2 +- .../templates/secret-configuration.yml | 1 + .../templates/secret-pagure-apikey.yml | 2 +- .../flask-oidc-dev/files/service.yml | 1 + .../flask-oidc-dev/templates/buildconfig.yml | 1 + .../templates/deploymentconfig.yml | 9 +- .../templates/secret-webhook.yml | 1 + .../flatpak-indexer/files/imagestream.yml | 66 +- .../openshift-apps/fmn/files/imagestream.yml | 1 + .../fmn/templates/deploymentconfig.yml | 2 +- .../fmn/templates/secret-webhook.yml | 1 + .../openshift-apps/greenwave/files/route.yml | 3 +- .../greenwave/templates/fedora.yaml | 1 - .../ipsilon-website/files/service.yml | 1 + .../ipsilon-website/templates/buildconfig.yml | 1 + .../templates/deploymentconfig.yml | 9 +- .../kanban/templates/buildconfig.yml | 2 +- .../kerneltest/files/deploymentconfig.yml | 2 +- .../kerneltest/files/service.yml | 1 + .../kerneltest/files/storage.yml | 3 +- .../kerneltest/templates/buildconfig.yml | 1 + .../kerneltest/templates/configmap.yml | 1 - .../openshift-apps/koschei/job/tasks/main.yml | 1 + .../koschei/templates/admin-config.yml | 1 + .../koschei/templates/admin-deployment.yml | 1 + .../koschei/templates/backend-config.yml | 1 + .../koschei/templates/backend-deployment.yml | 3 +- .../koschei/templates/cronjob.yml | 1 + .../koschei/templates/frontend-config.yml | 1 + .../koschei/templates/frontend-deployment.yml | 1 + .../koschei/templates/frontend-service.yml | 1 + .../koschei/templates/imagestream.yml | 3 +- .../openshift-apps/koschei/templates/job.yml | 1 + roles/openshift-apps/koschei/vars/main.yml | 1 + .../koschei/vars/production.yml | 11 +- roles/openshift-apps/koschei/vars/staging.yml | 15 +- .../languages/templates/buildconfig.yml | 3 +- .../languages/templates/cron_template.yml | 2 +- .../languages/templates/deployment.yml | 1 + .../languages/templates/pvc.yml | 1 + .../languages/templates/service.yml | 1 + .../maubot/files/deployment.yml | 6 +- .../maubot/files/deploymentconfig.yml | 6 +- .../maubot/files/imagestream.yml | 1 + roles/openshift-apps/maubot/files/service.yml | 2 +- .../maubot/templates/config.yml | 108 +-- .../maubot/templates/meetbot-logs-volume.yml | 1 + roles/openshift-apps/mdapi/files/cron.yml | 17 +- .../mdapi/files/deploymentconfig.yml | 18 +- roles/openshift-apps/mdapi/files/service.yml | 2 +- roles/openshift-apps/mdapi/files/storage.yml | 1 + .../mdapi/templates/buildconfig.yml | 1 + .../mdapi/templates/imagestream.yml | 3 +- .../messaging-bridges/files/imagestream.yml | 2 +- .../messaging-bridges/files/service.yml | 1 + .../templates/buildconfig.yml | 1 + .../mirrormanager/files/service.yml | 1 + .../templates/cron-primary-mirror.yml | 1 - .../templates/secret-webhook.yml | 1 + .../files/dashboard_provision_config.yml | 5 +- .../monitor-dashboard/files/dashboards.yaml | 1 + .../files/datagrepper_route.yml | 3 +- .../files/datagrepper_service.yml | 1 + .../monitor-dashboard/files/imagestream.yml | 1 + .../monitor-dashboard/files/notifiers.yaml | 2 +- .../files/postgrest_route.yml | 3 +- .../files/postgrest_service.yml | 1 + .../monitor-dashboard/files/prest_route.yml | 3 +- .../monitor-dashboard/files/prest_service.yml | 1 + .../monitor-dashboard/files/route.yml | 3 +- .../files/route_serviceaccount.yml | 2 +- .../monitor-dashboard/files/service.yml | 1 + .../datagrepper_deploymentconfig.yml | 6 +- .../monitor-gating/templates/buildconfig.yml | 1 + .../templates/dashboard_deploymentconfig.yml | 3 +- .../templates/dashboard_provision_config.yml | 5 +- .../templates/dashboard_route.yml | 3 +- .../templates/dashboard_service.yml | 3 +- .../templates/dashboard_serviceaccount.yml | 1 + .../monitor-gating/templates/imagestream.yml | 3 +- .../monitor-gating/templates/secret.yml | 1 - .../mote/templates/buildconfig.yml | 1 + .../mote/templates/fedmsg-cm.yml | 1 + .../mote/templates/fedmsg-dc.yml | 1 + .../openshift-apps/mote/templates/mote-cm.yml | 1 + .../openshift-apps/mote/templates/mote-dc.yml | 1 + .../mote/templates/mote-svc.yml | 2 +- .../mote/templates/mote-worker-dc.yml | 1 + roles/openshift-apps/mote/templates/pvc.yml | 1 + .../mote/templates/redis-dc.yml | 1 + .../mote/templates/redis-is.yml | 2 +- .../mote/templates/redis-svc.yml | 2 +- .../noggin/templates/buildconfig.yml | 1 + .../noggin/templates/deploymentconfig.yml | 9 +- .../noggin/templates/secret-webhook.yml | 1 + .../noggin/templates/secrets.yml | 1 + .../noggin/templates/service.yml | 1 + .../openscanhub/files/deployment-redis.yml | 1 + .../openscanhub/files/route-redis.yml | 1 + .../files/service-fedora-osh-hub.yml | 1 + .../openscanhub/files/service-redis.yml | 1 + .../templates/deployment-fedora-osh-hub.yml | 1 + .../templates/deployment-resalloc-server.yml | 1 + .../openscanhub/templates/pvc-var-lib-osh.yml | 1 + .../templates/pvc-var-lib-redis-data.yml | 1 + .../templates/route-fedora-osh-hub.yml | 1 + .../templates/route-resalloc-server.yml | 1 + .../templates/service-resalloc-server.yml | 1 + .../openvpn/templates/buildconfig.yml | 1 + .../openvpn/templates/deployment.yml | 6 +- .../openvpn/templates/imagestream.yml | 1 + .../openshift-apps/openvpn/templates/scc.yml | 2 +- .../openvpn/templates/scc_role.yml | 1 + .../openvpn/templates/scc_rolebinding.yml | 1 + .../openvpn/templates/serviceaccount.yml | 1 + .../oraculum/templates/deploymentconfig.yml | 2 +- .../oraculum/templates/imagestream.yml | 6 +- .../planet/files/imagestream.yml | 1 + .../planet/files/podmonitor.yml | 2 +- roles/openshift-apps/planet/files/pvc.yml | 1 + roles/openshift-apps/planet/files/service.yml | 3 +- .../planet/files/servicemonitor.yml | 1 + .../planet/templates/buildconfig.yml | 5 +- .../planet/templates/cronjob.yml | 1 + .../planet/templates/deployment.yml | 1 + .../poddlers/templates/secret-webhook.yml | 1 + .../files/deploymentconfig.yml | 1 + .../release-monitoring/files/imagestream.yml | 1 + .../release-monitoring/files/service.yml | 1 + .../release-monitoring/templates/route.yml | 1 + .../templates/configmaps.yml | 1 + .../templates/deploymentconfigs.yml | 1 + .../templates/secrets.yml | 1 + .../templates/backend/configmaps.yml | 1 + .../templates/backend/deploymentconfigs.yml | 2 +- .../resultsdb/templates/backend/secrets.yml | 1 + .../resultsdb/templates/backend/services.yml | 5 +- .../templates/frontend/configmaps.yml | 11 +- .../templates/frontend/deploymentconfigs.yml | 1 + .../resultsdb/templates/frontend/secrets.yml | 2 +- .../resultsdb/templates/frontend/services.yml | 3 +- roles/openshift-apps/resultsdb/vars/main.yml | 1 + .../review-stats/templates/buildconfig.yml | 1 + .../review-stats/templates/cron.yml | 1 + .../review-stats/templates/pvc.yml | 1 + .../openshift-apps/testdays/files/service.yml | 1 + .../testdays/templates/buildconfig.yml | 1 + .../testdays/templates/imagestream.yml | 1 - .../the-new-hotness/templates/buildconfig.yml | 1 + .../templates/deploymentconfig.yml | 1 + .../toddlers/templates/secret.yml | 1 - .../transtats/files/deploymentconfig.yml | 1 + .../transtats/files/imagestream.yml | 1 + .../transtats/files/service.yml | 1 + .../transtats/templates/buildconfig.yml | 1 + .../transtats/templates/secret.yml | 1 + roles/openshift-apps/waiverdb/files/route.yml | 3 +- .../openshift-apps/waiverdb/files/service.yml | 1 + .../waiverdb/templates/buildconfig.yml | 3 +- .../waiverdb/templates/imagestream.yml | 3 +- .../waiverdb/templates/secret.yml | 1 + .../webhook2fedmsg/files/service.yml | 1 + .../webhook2fedmsg/templates/buildconfig.yml | 1 + .../webhook2fedmsg/templates/logging.yaml | 1 + roles/openshift-apps/websites/files/obc.yml | 1 + roles/openshift-apps/websites/files/pvc.yml | 1 + .../websites/templates/buildconfig.yml | 1 + .../websites/templates/deployment.yml | 1 + .../websites/templates/fedora-websites-bc.yml | 1 + .../templates/fedora-websites-cron.yml | 1 + .../zezere/files/buildconfig.yml | 1 + roles/openshift-apps/zezere/files/service.yml | 1 + .../zezere/templates/deploymentconfig.yml | 1 + .../zezere/templates/secret.yml | 1 + .../imagestream/templates/imagestream.yml | 1 + roles/openshift/import-image/tasks/main.yml | 1 + roles/openshift/ipa-client/defaults/main.yml | 1 + roles/openshift/ipa-client/tasks/main.yml | 1 + roles/openshift/job/defaults/main.yml | 1 + roles/openshift/job/tasks/main.yml | 1 + roles/openshift/keytab/defaults/main.yml | 1 + roles/openshift/keytab/tasks/main.yml | 1 + roles/openshift/object-delete/tasks/main.yml | 1 + roles/openshift/object/defaults/main.yml | 1 + roles/openshift/object/tasks/main.yml | 1 + roles/openshift/project/tasks/main.yml | 2 +- .../project/templates/alertmanager.yml | 1 + .../openshift/project/templates/appowners.yml | 1 + .../openshift/project/templates/deployer.yml | 1 + .../project/templates/imagebuilder.yml | 1 + .../project/templates/imagepuller.yml | 1 + roles/openshift/project/templates/project.yml | 1 + .../project/templates/prometheusRules.yml | 2 +- .../project/templates/role-appowners.yml | 1 + roles/openshift/rollout/tasks/main.yml | 1 + roles/openshift/route/templates/route.yml | 1 + roles/openshift/secret-file/defaults/main.yml | 1 + roles/openshift/secret-file/tasks/main.yml | 1 + roles/openshift/secret-tls/tasks/main.yml | 1 + roles/openshift/start-build/tasks/main.yml | 1 + .../sysadmin-openshift/defaults/main.yaml | 1 + .../sysadmin-openshift/tasks/main.yaml | 2 +- .../sysadmin-openshift/tasks/resources.yaml | 6 +- .../sysadmin-openshift/tasks/upgrade.yaml | 5 +- .../sysadmin-openshift/templates/group.yaml | 1 + .../templates/rolebinding.yaml | 1 + roles/openvpn/base/tasks/main.yml | 8 +- roles/openvpn/server/tasks/main.yml | 4 +- roles/packager_alias/tasks/main.yml | 4 +- roles/packages3/bugz.fp.o/tasks/main.yml | 1 + roles/packages3/web/tasks/main.yml | 10 +- roles/pagure/tasks/main.yml | 18 +- roles/people/tasks/main.yml | 2 +- roles/planet/tasks/main.yml | 12 +- roles/postgresql_server/tasks/datanommer.yml | 1 + roles/push-container-registry/tasks/main.yml | 4 +- roles/rabbit/queue/defaults/main.yml | 3 +- roles/rabbit/queue/handlers/main.yml | 3 +- roles/rabbit/queue/tasks/main.yml | 2 +- roles/rabbit/user/defaults/main.yml | 1 + roles/rabbit/vhost/defaults/main.yml | 1 + roles/rabbitmq/tasks/main.yml | 1 + roles/rabbitmq_cluster/defaults/main.yml | 1 + roles/rabbitmq_cluster/tasks/apps.yml | 9 +- roles/rabbitmq_cluster/tasks/main.yml | 5 +- .../tasks/vhost-centos-odcs.yml | 4 +- roles/redis/tasks/main.yml | 1 + roles/relvalconsumer/defaults/main.yml | 5 +- roles/relvalconsumer/handlers/main.yml | 1 + roles/relvalconsumer/tasks/main.yml | 13 +- roles/review-stats/proxy/tasks/main.yml | 1 + roles/robosignatory/handlers/main.yml | 1 - roles/robosignatory/tasks/main.yml | 31 +- roles/rsnapshot-push/tasks/main.yml | 8 +- roles/rsyncd/tasks/main.yml | 2 +- roles/selinux/module/tasks/main.yml | 2 - roles/serial-console/tasks/main.yml | 1 + roles/sigul/bridge/tasks/main.yml | 1 + roles/sigul/server/tasks/main.yml | 3 +- roles/smtp-auth-relay/tasks/main.yml | 2 +- roles/spamassassin/handlers/main.yml | 2 +- roles/supybot/tasks/main.yml | 17 +- roles/supybot/vars/main.yml | 1 + roles/tang/tasks/main.yml | 1 + roles/testcase_stats/tasks/main.yml | 1 + roles/testdays/tasks/main.yml | 1 - roles/tftp_server/tasks/main.yml | 6 +- roles/torrent/tasks/main.yml | 1 - roles/varnish/handlers/main.yml | 1 + roles/virthost/tasks/main.yml | 2 +- roles/web-data-analysis/tasks/main.yml | 4 +- .../templates/sync-http-logs.yaml.j2 | 2 +- roles/weblate-backup/tasks/main.yml | 15 +- roles/yubikey/tasks/main.yml | 1 - roles/zabbix/zabbix_agent/defaults/main.yml | 2 +- roles/zabbix/zabbix_agent/handlers/main.yml | 1 + roles/zabbix/zabbix_agent/tasks/main.yml | 11 +- roles/zabbix/zabbix_agent/tasks/tools.yml | 4 +- roles/zabbix/zabbix_agent/vars/CentOS-7.yml | 1 + roles/zabbix/zabbix_agent/vars/CentOS-8.yml | 1 + roles/zabbix/zabbix_agent/vars/CentOS-9.yml | 1 + roles/zabbix/zabbix_agent/vars/Fedora.yml | 1 + roles/zabbix/zabbix_agent/vars/common.yml | 1 + roles/zabbix/zabbix_server/defaults/main.yml | 1 - .../zabbix_server/tasks/create_keytab.yml | 3 +- roles/zabbix/zabbix_server/tasks/db.yml | 11 +- roles/zabbix/zabbix_server/tasks/install.yml | 18 +- roles/zabbix/zabbix_server/tasks/main.yml | 1 - roles/zabbix/zabbix_server/tasks/plugins.yml | 3 +- .../zabbix_server/tasks/start_services.yml | 11 +- .../zabbix_templates/tasks/templates.yml | 4 +- roles/zanata/tasks/main.yml | 1 + tasks/cloud_setup_basic.yml | 6 +- tasks/happy_birthday.yml | 3 +- tasks/openvpn_client.yml | 2 +- tasks/openvpn_client_7.yml | 2 +- tasks/persistent_cloud.yml | 50 +- tasks/postfix_basic.yml | 1 + tasks/reg-server.yml | 1 + tasks/swap.yml | 5 +- tasks/virt_instance_create.yml | 9 +- vars/CentOS.yml | 4 +- vars/Fedora.yml | 2 +- vars/RedHat.yml | 4 +- vars/all/00-EPELCycleNumber.yaml | 1 + vars/all/00-FedoraCycleNumber.yaml | 1 + vars/all/EPELBootstrapNumber.yaml | 1 + vars/all/FedoraBranched.yaml | 3 +- vars/all/FedoraBranchedBodhi.yaml | 1 + vars/all/FedoraBranchedNumber.yaml | 1 + vars/all/FedoraPreviousCycleNumber.yaml | 1 + vars/all/FedoraPreviousPrevious.yaml | 3 +- .../FedoraPreviousPreviousCycleNumber.yaml | 1 + vars/all/FedoraRawhideNumber.yaml | 1 + vars/all/Frozen.yaml | 3 +- vars/all/RelEngFrozen.yaml | 3 +- vars/newcloud.yml | 1 + 591 files changed, 1491 insertions(+), 1168 deletions(-) diff --git a/.yamllint.yaml b/.yamllint.yaml index ea33622879..f740306803 100644 --- a/.yamllint.yaml +++ b/.yamllint.yaml @@ -14,9 +14,10 @@ rules: spaces: 2 indent-sequences: whatever level: warning - line-length: - max: 100 - level: warning + line-length: disable + # line-length: + # max: 100 + # level: warning truthy: allowed-values: ['true', 'false', 'yes', 'no'] ... diff --git a/files/communishift/objects/oidc_cm.yml b/files/communishift/objects/oidc_cm.yml index b22a2dd35d..d4d7c5e06b 100644 --- a/files/communishift/objects/oidc_cm.yml +++ b/files/communishift/objects/oidc_cm.yml @@ -1,3 +1,4 @@ +--- apiVersion: config.openshift.io/v1 kind: OAuth metadata: diff --git a/handlers/restart_services.yml b/handlers/restart_services.yml index f07394dfc7..4a50e693de 100644 --- a/handlers/restart_services.yml +++ b/handlers/restart_services.yml @@ -1,7 +1,7 @@ ######################################## # Handlers for restarting services # - +--- - name: reload systemd command: systemctl daemon-reload @@ -75,14 +75,14 @@ - name: restart openvpn (Fedora) when: ansible_distribution == "Fedora" action: service name=openvpn-client@openvpn state=restarted - #notify: - #- fix openvpn routing + # notify: + # - fix openvpn routing - name: restart openvpn (RHEL7+) when: ansible_distribution == "RedHat" and ansible_distribution_major_version|int >= 7 action: service name=openvpn-client@openvpn state=restarted - #notify: - #- fix openvpn routing + # notify: + # - fix openvpn routing - name: fix openvpn routing action: shell /etc/openvpn/fix-routes.sh diff --git a/main.yml b/main.yml index 7955dcb7d2..1f01b56e3e 100644 --- a/main.yml +++ b/main.yml @@ -21,7 +21,7 @@ - import_playbook: /srv/web/infra/ansible/playbooks/groups/busgateway.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/certgetter.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-backend.yml -#- import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-db.yml +# - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-db.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-dist-git.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-frontend.yml - import_playbook: /srv/web/infra/ansible/playbooks/groups/copr-hypervisor.yml diff --git a/playbooks/groups/pkgs.yml b/playbooks/groups/pkgs.yml index bfe6029f8e..c77fdcd04c 100644 --- a/playbooks/groups/pkgs.yml +++ b/playbooks/groups/pkgs.yml @@ -76,8 +76,7 @@ mnt_dir: '/srv/cache/lookaside', nfs_src_dir: 'fedora_sourcecache', - # yamllint disable rule:commas - nfs_mount_opts='rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3' + nfs_mount_opts='rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3' # yamllint disable-line rule:commas rule:indentation } - { role: nfs/client, @@ -86,8 +85,7 @@ mnt_dir: '/srv/cache/lookaside_prod', nfs_src_dir: 'fedora_sourcecache', - # yamllint disable rule:commas - nfs_mount_opts='ro,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3' + nfs_mount_opts='ro,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3' # yamllint disable-line rule:commas rule:indentation } - role: distgit/pagure - role: distgit diff --git a/roles/abrt/faf-post/tasks/main.yml b/roles/abrt/faf-post/tasks/main.yml index 8b9c901b15..57d52be3bc 100644 --- a/roles/abrt/faf-post/tasks/main.yml +++ b/roles/abrt/faf-post/tasks/main.yml @@ -9,7 +9,7 @@ state: directory owner: faf group: faf - mode: 0750 + mode: "0750" when: env != 'staging' - import_tasks: cron.yml diff --git a/roles/abrt/faf-pre/tasks/main.yml b/roles/abrt/faf-pre/tasks/main.yml index 0c95576dfd..68af866df9 100644 --- a/roles/abrt/faf-pre/tasks/main.yml +++ b/roles/abrt/faf-pre/tasks/main.yml @@ -28,18 +28,18 @@ - { src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt", dest: "ca.crt", owner: faf, - mode: 0644 - } + mode: "0644" + } - { src: "{{private}}/files/rabbitmq/{{env}}/pki/private/faf{{env_suffix}}.key", dest: "faf.key", owner: faf, mode: "600" - } + } - { src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/faf{{env_suffix}}.crt", dest: "faf.crt", owner: faf, - mode: 0644 - } + mode: "0644" + } # landing page - name: install abrt-server-info-page diff --git a/roles/abrt/faf-pre/tasks/ssl.yml b/roles/abrt/faf-pre/tasks/ssl.yml index 70aa1179c7..49803e9813 100644 --- a/roles/abrt/faf-pre/tasks/ssl.yml +++ b/roles/abrt/faf-pre/tasks/ssl.yml @@ -7,14 +7,14 @@ - letsencrypt is defined - name: stop httpd when letsencrypt has not been run - service: + service: name: httpd state: stopped when: - letsencrypt is defined - not item.stat.exists with_items: "{{ le_stat_checks.results }}" - + - name: install letsencrypt ssl certificates for dev include_role: name=copr/certbot diff --git a/roles/abrt/faf/.github/workflows/ansible-lint.yml b/roles/abrt/faf/.github/workflows/ansible-lint.yml index 24efef3550..274f858610 100644 --- a/roles/abrt/faf/.github/workflows/ansible-lint.yml +++ b/roles/abrt/faf/.github/workflows/ansible-lint.yml @@ -1,10 +1,11 @@ +--- name: Check Ansible Role -on: +on: # yamllint disable-line rule:truthy push: - branches: [ master ] + branches: [master] pull_request: - branches: [ master ] + branches: [master] jobs: lint: @@ -17,7 +18,7 @@ jobs: # This can be pinned to a specific tag after something newer than v4.1.0.post0 materializes. # https://github.com/ansible/ansible-lint-action/commit/91db49755c0e720d9eac9d3a481c227d3d14faf6 - - name: Lint + - name: Lint uses: ansible/ansible-lint-action@master with: targets: ./ diff --git a/roles/abrt/faf/defaults/main.yml b/roles/abrt/faf/defaults/main.yml index 8c1af26c36..a9b2bbec64 100644 --- a/roles/abrt/faf/defaults/main.yml +++ b/roles/abrt/faf/defaults/main.yml @@ -39,7 +39,7 @@ faf_web_on_root: false # [MAIN] faf_plugins_dir: /etc/faf/plugins/ faf_templates_dir: /etc/faf/templates/ -faf_autoenableplugins: False +faf_autoenableplugins: false # [STORAGE] # variables used to automatically create a connectstring @@ -62,11 +62,11 @@ faf_from: no-reply@localhost # [uREPORT] faf_spool_dir: /var/spool/faf -faf_create_components: False +faf_create_components: false # Allow uReports without affected package - meaning that crashing code was # not packaged -faf_allow_unpackaged: False +faf_allow_unpackaged: false ########################### # faf-webui configuration # diff --git a/roles/abrt/faf/meta/main.yml b/roles/abrt/faf/meta/main.yml index 328b2e64bc..0f16bf1bcd 100644 --- a/roles/abrt/faf/meta/main.yml +++ b/roles/abrt/faf/meta/main.yml @@ -6,13 +6,13 @@ galaxy_info: license: BSD min_ansible_version: 2.5 platforms: - - name: EL - versions: - - 8 - - name: Fedora - versions: - - 29 - - 30 + - name: EL + versions: + - 8 + - name: Fedora + versions: + - 29 + - 30 galaxy_tags: - - web + - web dependencies: [] diff --git a/roles/abrt/faf/tasks/celery.yml b/roles/abrt/faf/tasks/celery.yml index c66a1e3435..09f03a0e19 100644 --- a/roles/abrt/faf/tasks/celery.yml +++ b/roles/abrt/faf/tasks/celery.yml @@ -1,3 +1,4 @@ +--- - name: install faf web celery packages package: name: "{{ faf_web_celery_packages }}" diff --git a/roles/abrt/faf/tasks/check_web.yml b/roles/abrt/faf/tasks/check_web.yml index caaf041e09..867ad5f4ee 100644 --- a/roles/abrt/faf/tasks/check_web.yml +++ b/roles/abrt/faf/tasks/check_web.yml @@ -1,6 +1,6 @@ - # check web functionality # +--- - name: Set URL facts set_fact: main_url: "https://{{ ansible_default_ipv4.address }}{{ url_suffix }}" diff --git a/roles/abrt/faf/tasks/config.yml b/roles/abrt/faf/tasks/config.yml index 760c153720..60c84ee018 100644 --- a/roles/abrt/faf/tasks/config.yml +++ b/roles/abrt/faf/tasks/config.yml @@ -11,7 +11,7 @@ path: /etc/fedora-messaging/ owner: root group: root - mode: 0755 + mode: "0755" state: directory when: faf_with_fedmsg|bool diff --git a/roles/abrt/faf/tasks/main.yml b/roles/abrt/faf/tasks/main.yml index 069d95686c..0255a54074 100644 --- a/roles/abrt/faf/tasks/main.yml +++ b/roles/abrt/faf/tasks/main.yml @@ -1,3 +1,4 @@ +--- - import_tasks: install.yml tags: [faf, faf_install, packages] diff --git a/roles/abrt/faf/tasks/web.yml b/roles/abrt/faf/tasks/web.yml index b08d56453c..056cde4266 100644 --- a/roles/abrt/faf/tasks/web.yml +++ b/roles/abrt/faf/tasks/web.yml @@ -1,4 +1,4 @@ - +--- - name: Set url_suffix fact set_fact: url_suffix: "" diff --git a/roles/abrt/requirements.yml b/roles/abrt/requirements.yml index bde7bf9f1b..a2d6f8bb51 100644 --- a/roles/abrt/requirements.yml +++ b/roles/abrt/requirements.yml @@ -1,4 +1,5 @@ # Install a role from GitHub +--- - name: faf src: https://github.com/abrt/ansible-role-faf.git version: master diff --git a/roles/abrt/retrace-post/tasks/retrace_setup.yml b/roles/abrt/retrace-post/tasks/retrace_setup.yml index 56f5e886b7..0bf82b1396 100644 --- a/roles/abrt/retrace-post/tasks/retrace_setup.yml +++ b/roles/abrt/retrace-post/tasks/retrace_setup.yml @@ -1,6 +1,6 @@ --- -#long running tasks - run them in background - we do not actually care about the results +# long running tasks - run them in background - we do not actually care about the results - name: reposync for fedora shell: nohup retrace-server-reposync fedora {{ item[0] }} {{ item[1] }} $(mktemp /tmp/ansible.reposync_for_fedoraXXXXXX.log) & loop: "{{ rs_internal_fedora_vers | product(rs_internal_arch_list) | list }}" @@ -20,20 +20,20 @@ - file: path: /srv/retrace/repos state: directory - mode: 0755 + mode: "0755" owner: retrace group: retrace - file: path: /srv/retrace/tasks state: directory - mode: 0755 + mode: "0755" owner: retrace group: retrace - file: path: /srv/retrace/hardlink-local state: directory - mode: 0755 + mode: "0755" owner: retrace group: retrace diff --git a/roles/abrt/retrace-pre/tasks/main.yml b/roles/abrt/retrace-pre/tasks/main.yml index 0a4d8466f3..0fdc685a48 100644 --- a/roles/abrt/retrace-pre/tasks/main.yml +++ b/roles/abrt/retrace-pre/tasks/main.yml @@ -47,7 +47,7 @@ file: path: /srv/retrace/repos state: directory - mode: 0755 + mode: "0755" owner: retrace group: retrace @@ -55,13 +55,13 @@ file: path: /srv/retrace/tasks state: directory - mode: 0755 + mode: "0755" owner: retrace group: retrace - file: path: /srv/retrace/hardlink-local state: directory - mode: 0755 + mode: "0755" owner: retrace group: retrace diff --git a/roles/abrt/retrace/.github/workflows/ansible-lint.yml b/roles/abrt/retrace/.github/workflows/ansible-lint.yml index 0831cdaf45..a4860216e1 100644 --- a/roles/abrt/retrace/.github/workflows/ansible-lint.yml +++ b/roles/abrt/retrace/.github/workflows/ansible-lint.yml @@ -1,10 +1,11 @@ +--- name: Check Ansible Role -on: +on: # yamllint disable-line rule:truthy push: - branches: [ master ] + branches: [master] pull_request: - branches: [ master ] + branches: [master] jobs: lint: @@ -15,7 +16,7 @@ jobs: - name: Check out sources uses: actions/checkout@v2 - - name: Lint + - name: Lint uses: ansible/ansible-lint-action@master with: targets: ./ diff --git a/roles/abrt/retrace/meta/main.yml b/roles/abrt/retrace/meta/main.yml index 48a9303dfe..6674d7862e 100644 --- a/roles/abrt/retrace/meta/main.yml +++ b/roles/abrt/retrace/meta/main.yml @@ -5,14 +5,14 @@ galaxy_info: license: BSD min_ansible_version: 2.8 platforms: - - name: EL - versions: - - 7 - - 8 - - name: Fedora - versions: - - 33 - - 34 - - 35 + - name: EL + versions: + - 7 + - 8 + - name: Fedora + versions: + - 33 + - 34 + - 35 galaxy_tags: - - system + - system diff --git a/roles/abrt/retrace/tasks/config.yml b/roles/abrt/retrace/tasks/config.yml index 72f0136cf3..6bfde4d5a5 100644 --- a/roles/abrt/retrace/tasks/config.yml +++ b/roles/abrt/retrace/tasks/config.yml @@ -3,19 +3,19 @@ template: src: etc-retrace-server.conf.j2 dest: /etc/retrace-server/retrace-server.conf - mode: 0644 + mode: "0644" notify: restart httpd - name: retrace-server http config template: src: retrace-server-httpd.conf.j2 dest: /etc/httpd/conf.d/retrace-server-httpd.conf - mode: 0644 + mode: "0644" notify: restart httpd - name: configure retrace-server hooks config template: src: etc-retrace-server-hooks.conf.j2 dest: /etc/retrace-server/retrace-server-hooks.conf - mode: 0644 + mode: "0644" notify: restart httpd diff --git a/roles/ansible-osbuild-worker/meta/main.yml b/roles/ansible-osbuild-worker/meta/main.yml index 8b2b5ee005..c7028fd16b 100644 --- a/roles/ansible-osbuild-worker/meta/main.yml +++ b/roles/ansible-osbuild-worker/meta/main.yml @@ -1,3 +1,4 @@ +--- galaxy_info: role_name: osbuild_worker namespace: osbuild diff --git a/roles/apache/handlers/main.yml b/roles/apache/handlers/main.yml index f599732052..edb2f0fd42 100644 --- a/roles/apache/handlers/main.yml +++ b/roles/apache/handlers/main.yml @@ -1,2 +1,3 @@ +--- - name: restart apache command: /usr/local/bin/conditional-restart.sh httpd httpd diff --git a/roles/apache/tasks/main.yml b/roles/apache/tasks/main.yml index 9b68cfe0ed..3dea2d4b79 100644 --- a/roles/apache/tasks/main.yml +++ b/roles/apache/tasks/main.yml @@ -15,7 +15,7 @@ package: state: present name: - - mod_http2 + - mod_http2 tags: - packages - apache diff --git a/roles/apps-fp-o/files/apps.yaml b/roles/apps-fp-o/files/apps.yaml index cb5fa12226..65f8d027c5 100644 --- a/roles/apps-fp-o/files/apps.yaml +++ b/roles/apps-fp-o/files/apps.yaml @@ -1,7 +1,4 @@ %YAML 1.2 -# This file is managed in two places, please keep them synchronised: -# - https://pagure.io/fedora-infra/ansible/blob/main/f/roles/apps-fp-o/files/apps.yaml -# - https://github.com/fedora-infra/apps.fp.o/blob/develop/data/apps.yaml --- name: Fedora Apps data: @@ -13,59 +10,57 @@ children: - name: Accounts data: description: > - Tools for everybody -- use these things to manage your Fedora - Account. + Tools for everybody -- use these things to manage your Fedora + Account. children: - - name: FedoraPeople - data: - url: https://fedorapeople.org - user_url: https://{user}.fedorapeople.org - status_mappings: ['people'] - description: > + - name: FedoraPeople + data: + url: https://fedorapeople.org + user_url: https://{user}.fedorapeople.org + status_mappings: [people] + description: > Being a community member you gain access to fedorapeople which provides you with a space on the web where you can upload files to share them with the community. - - name: Fedora Accounts - data: - url: https://accounts.fedoraproject.org/ - user_url: https://accounts.fedoraproject.org/user/{user} - source_url: https://github.com/fedora-infra/noggin/ - bugs_url: https://github.com/fedora-infra/noggin/issues/ - docs_url: https://noggin-aaa.readthedocs.io/en/latest/ - sops: - - https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/fas-notes.html - - https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/fas-openid.html - - https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/accountdeletion.html - - https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/nonhumanaccounts.html - status_mappings: ['fas'] - description: > + - name: Fedora Accounts + data: + url: https://accounts.fedoraproject.org/ + user_url: https://accounts.fedoraproject.org/user/{user} + source_url: https://github.com/fedora-infra/noggin/ + bugs_url: https://github.com/fedora-infra/noggin/issues/ + docs_url: https://noggin-aaa.readthedocs.io/en/latest/ + sops: + - https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/fas-notes.html + - https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/fas-openid.html + - https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/accountdeletion.html + - https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/nonhumanaccounts.html + status_mappings: [fas] + description: > Fedora Accounts. Update your profile information and apply for membership in groups. - - name: Notifications - data: - icon: fedmsg.png - url: https://notifications.fedoraproject.org/ - source_url: https://github.com/fedora-infra/fmn/ - bugs_url: https://github.com/fedora-infra/fmn/issues/ - docs_url: https://fmn.readthedocs.io/ - sops: - - https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/fmn/ - status_mappings: ['fedmsg'] - description: > + - name: Notifications + data: + icon: fedmsg.png + url: https://notifications.fedoraproject.org/ + source_url: https://github.com/fedora-infra/fmn/ + bugs_url: https://github.com/fedora-infra/fmn/issues/ + docs_url: https://fmn.readthedocs.io/ + sops: [https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/fmn/] + status_mappings: [fedmsg] + description: > Centrally managed preferences for Fedora Infrastructure notifications to your inbox, irc client, and mobile device. - - name: Badges - status_mappings: ['badges'] - data: - icon: badges.png - url: https://badges.fedoraproject.org - user_url: https://badges.fedoraproject.org/user/{user} - source_url: https://github.com/fedora-infra/tahrir/ - bugs_url: https://github.com/fedora-infra/tahrir/issues/ - docs_url: https://tahrir.readthedocs.org/en/latest/ - sops: - - https://infrastructure.fedoraproject.org/infra/docs/badges.rst - description: > + - name: Badges + status_mappings: [badges] + data: + icon: badges.png + url: https://badges.fedoraproject.org + user_url: https://badges.fedoraproject.org/user/{user} + source_url: https://github.com/fedora-infra/tahrir/ + bugs_url: https://github.com/fedora-infra/tahrir/issues/ + docs_url: https://tahrir.readthedocs.org/en/latest/ + sops: [https://infrastructure.fedoraproject.org/infra/docs/badges.rst] + description: > An achievements system for Fedora Contributors! "Badges" are awarded based on activity in the community. Can you unlock them all? @@ -75,71 +70,69 @@ children: - name: Content data: description: > - Tools for wordsmiths -- the apps that store and archive the troves - of content that Fedora authors produce. Blog posts, the wiki, and - more.. + Tools for wordsmiths -- the apps that store and archive the troves + of content that Fedora authors produce. Blog posts, the wiki, and + more.. children: - - name: Ask Fedora - data: - icon: ask_fedora.png - url: https://ask.fedoraproject.org/ - source_url: https://github.com/askbot/askbot-devel - bugs_url: https://github.com/askbot/askbot-devel/issues/ - docs_url: http://askbot.org/doc/index.html - sops: - - https://infrastructure.fedoraproject.org/infra/docs/askbot.rst - status_mappings: ['ask'] - description: > + - name: Ask Fedora + data: + icon: ask_fedora.png + url: https://ask.fedoraproject.org/ + source_url: https://github.com/askbot/askbot-devel + bugs_url: https://github.com/askbot/askbot-devel/issues/ + docs_url: http://askbot.org/doc/index.html + sops: [https://infrastructure.fedoraproject.org/infra/docs/askbot.rst] + status_mappings: [ask] + description: > Any question at all about Fedora? Ask it here. - - name: The Wiki - data: - icon: mediawiki.png - url: https://fedoraproject.org/wiki - user_url: https://fedoraproject.org/wiki/User:{user} - source_url: https://www.mediawiki.org/ - bugs_url: https://www.mediawiki.org/wiki/Phabricator#Get_started - docs_url: https://www.mediawiki.org/wiki/Sysadmin_hub - sops: - - https://infrastructure.fedoraproject.org/infra/docs/wiki.rst - status_mappings: ['wiki'] - description: > + - name: The Wiki + data: + icon: mediawiki.png + url: https://fedoraproject.org/wiki + user_url: https://fedoraproject.org/wiki/User:{user} + source_url: https://www.mediawiki.org/ + bugs_url: https://www.mediawiki.org/wiki/Phabricator#Get_started + docs_url: https://www.mediawiki.org/wiki/Sysadmin_hub + sops: [https://infrastructure.fedoraproject.org/infra/docs/wiki.rst] + status_mappings: [wiki] + description: > Maintain your own user profile page, contribute to documents about features, process, and governance. - - name: Fedora Magazine - data: - icon: magazine.png - url: https://fedoramagazine.org - docs_url: https://codex.wordpress.org/ + - name: Fedora Magazine + data: + icon: magazine.png + url: https://fedoramagazine.org + docs_url: https://codex.wordpress.org/ # We don't have a SOP for the magazine yet. # https://pagure.io/fedora-infrastructure/issue/5149 # sops: # - put the url here - description: > + description: > Fedora Magazine is a WordPress-based site which delivers all the news of the Fedora Community. (It replaces the previous Fedora Weekly News.) - - name: The Planet - data: - icon: planet_logo.png - url: http://fedoraplanet.org - docs_url: https://www.intertwingly.net/code/venus/ - sops: - - https://infrastructure.fedoraproject.org/infra/docs/planetsubgroup.rst - description: > + - name: The Planet + data: + icon: planet_logo.png + url: http://fedoraplanet.org + docs_url: https://www.intertwingly.net/code/venus/ + sops: + - https://infrastructure.fedoraproject.org/infra/docs/planetsubgroup.rst + description: > The planet is a blog aggregator, a space accessible to you as a community member where you can express your opinion and talk about what you are doing for Fedora. - - name: Docs - data: - url: https://docs.fedoraproject.org - status_mappings: ['docs'] + - name: Docs + data: + url: https://docs.fedoraproject.org + status_mappings: [docs] # TODO - add the docs_url. I asked pete travis for info on this # docs_url: put the url here # TODO - add a sop. # https://pagure.io/fedora-infrastructure/issue/5150 # sops: # - add the sop url here. - description: > + description: > RTFM! Everything you could ever want to know. Probably the best place to find documentation about Fedora, including the changes between releases (and a big kudos to @@ -148,92 +141,91 @@ children: - name: QA data: description: > - Tools for testers -- the people who tell us its broken so we can - fix it. + Tools for testers -- the people who tell us its broken so we can + fix it. children: - - name: Problem Tracker - data: - url: https://retrace.fedoraproject.org - package_url: https://retrace.fedoraproject.org/faf/reports/?component_names={package} - source_url: https://github.com/abrt/retrace-server/ - bugs_url: https://github.com/abrt/retrace-server/issues - docs_url: https://abrt.readthedocs.org/en/latest/howitworks.html#faf + - name: Problem Tracker + data: + url: https://retrace.fedoraproject.org + package_url: https://retrace.fedoraproject.org/faf/reports/?component_names={package} + source_url: https://github.com/abrt/retrace-server/ + bugs_url: https://github.com/abrt/retrace-server/issues + docs_url: https://abrt.readthedocs.org/en/latest/howitworks.html#faf # TODO - write SOPs for this # https://pagure.io/fedora-infrastructure/issue/5151 # sops: # - url goes here # - and another one goes here - description: > + description: > The Problem Tracker is a platform for collecting and analyzing package crashes reported via ABRT (Automatic Bug Reporting Tool). It makes it easy to see what problems users are hitting the most, and allows you to filter them by Fedora release, associate, or component. - - name: Blocker Bugs - data: - url: https://qa.fedoraproject.org/blockerbugs - source_url: https://pagure.io/fedora-qa/blockerbugs - bugs_url: https://pagure.io/fedora-qa/blockerbugs - docs_url: https://tflink.fedorapeople.org/blockerbugs/docs/ - sops: - - https://infrastructure.fedoraproject.org/infra/docs/blockerbugs.rst - status_mappings: ['blockerbugs'] - description: > + - name: Blocker Bugs + data: + url: https://qa.fedoraproject.org/blockerbugs + source_url: https://pagure.io/fedora-qa/blockerbugs + bugs_url: https://pagure.io/fedora-qa/blockerbugs + docs_url: https://tflink.fedorapeople.org/blockerbugs/docs/ + sops: + - https://infrastructure.fedoraproject.org/infra/docs/blockerbugs.rst + status_mappings: [blockerbugs] + description: > The Fedora Blocker Bug Tracker tracks release blocking bugs and related updates in Fedora releases currently under development. - - name: Bugzilla - data: - icon: bugzilla.png - url: https://bugzilla.redhat.com - package_url: > + - name: Bugzilla + data: + icon: bugzilla.png + url: https://bugzilla.redhat.com + package_url: > https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&product=Fedora&product=Fedora%20EPEL&query_format=advanced&component={package} - description: > + description: > The Fedora Community makes use of a bugzilla instance run by Red Hat. Notice something wrong with a Fedora package? You can file an official bug here. - - name: Review Status - data: - url: https://fedoraproject.org/PackageReviewStatus/ - package_url: > + - name: Review Status + data: + url: https://fedoraproject.org/PackageReviewStatus/ + package_url: > https://bugzilla.redhat.com/buglist.cgi?component=Package%20Review&query_format=advanced&short_desc_type=allwordssubstr&short_desc={package} # TODO - write the SOP for this # https://pagure.io/fedora-infrastructure/issue/5152 # sops: # - url goes here - description: > + description: > These pages contain periodically generated reports with information on the current state of all Fedora package review tickets -- a super useful window on bugzilla. - - name: Kerneltest - data: - icon: tux.png - url: https://apps.fedoraproject.org/kerneltest - source_url: https://github.com/jmflinuxtx/kerneltest-harness - bugs_url: https://github.com/jmflinuxtx/kerneltest-harness/issues - docs_url: https://fedoraproject.org/wiki/KernelTestingInitiative - sops: - - https://infrastructure.fedoraproject.org/infra/docs/kerneltest-harness.rst - description: > + - name: Kerneltest + data: + icon: tux.png + url: https://apps.fedoraproject.org/kerneltest + source_url: https://github.com/jmflinuxtx/kerneltest-harness + bugs_url: https://github.com/jmflinuxtx/kerneltest-harness/issues + docs_url: https://fedoraproject.org/wiki/KernelTestingInitiative + sops: + - https://infrastructure.fedoraproject.org/infra/docs/kerneltest-harness.rst + description: > As part of the kernel testing initiative we provide a webapp where users and automated systems can upload test results. If you have access to hardware where we could catch tricky driver issues, your assistance here would be much appreciated. - - name: Koschei - data: - icon: koschei.png - url: https://koschei.fedoraproject.org/ - user_url: https://koschei.fedoraproject.org/user/{user} - package_url: https://koschei.fedoraproject.org/package/{package} - source_url: https://github.com/fedora-infra/koschei - bugs_url: https://github.com/fedora-infra/koschei/issues - docs_url: https://fedoraproject.org/wiki/Koschei - sops: - - https://infrastructure.fedoraproject.org/infra/docs/koschei.rst - status_mappings: ['koschei'] - description: > + - name: Koschei + data: + icon: koschei.png + url: https://koschei.fedoraproject.org/ + user_url: https://koschei.fedoraproject.org/user/{user} + package_url: https://koschei.fedoraproject.org/package/{package} + source_url: https://github.com/fedora-infra/koschei + bugs_url: https://github.com/fedora-infra/koschei/issues + docs_url: https://fedoraproject.org/wiki/Koschei + sops: [https://infrastructure.fedoraproject.org/infra/docs/koschei.rst] + status_mappings: [koschei] + description: > Koschei is a continuous integration system for RPM packages. It tracks dependency changes done in Koji repositories and rebuilds packages whose dependencies change. It can help packagers to @@ -242,106 +234,101 @@ children: - name: Coordination data: description: > - Tools for people -- so we can talk to each other and share content - and ideas. + Tools for people -- so we can talk to each other and share content + and ideas. children: - - name: Asknot - data: - url: https://whatcanidoforfedora.org - source_url: https://github.com/fedora-infra/asknot-ng - bugs_url: https://github.com/fedora-infra/asknot-ng/issues - docs_url: https://github.com/fedora-infra/asknot-ng/blob/develop/README.md + - name: Asknot + data: + url: https://whatcanidoforfedora.org + source_url: https://github.com/fedora-infra/asknot-ng + bugs_url: https://github.com/fedora-infra/asknot-ng/issues + docs_url: https://github.com/fedora-infra/asknot-ng/blob/develop/README.md # TODO - write SOP for asknot-ng # https://pagure.io/fedora-infrastructure/issue/5154 # sops: # - url goes here - status_mappings: [] - description: > + status_mappings: [] + description: > Ask not what Fedora can do for you, but what you can do for Fedora? This site is a starting place for brand new contributors to help them figure out where they can hop on board! - - name: Elections - data: - url: https://elections.fedoraproject.org/ - source_url: https://github.com/fedora-infra/elections - bugs_url: https://github.com/fedora-infra/elections/issues - docs_url: https://github.com/fedora-infra/elections/blob/develop/README.md - sops: - - https://infrastructure.fedoraproject.org/infra/docs/voting.rst - status_mappings: ['elections'] - description: > + - name: Elections + data: + url: https://elections.fedoraproject.org/ + source_url: https://github.com/fedora-infra/elections + bugs_url: https://github.com/fedora-infra/elections/issues + docs_url: https://github.com/fedora-infra/elections/blob/develop/README.md + sops: [https://infrastructure.fedoraproject.org/infra/docs/voting.rst] + status_mappings: [elections] + description: > As a member of the community, you can now vote for the different steering committees and for this you will use the Election application. Voting is a right and a duty as a member of the community; it is one of the things you can do to influence the development of Fedora. - - name: The Mailing lists - data: - icon: hyperkitty.png - url: https://lists.fedoraproject.org - source_url: https://gitlab.com/mailman/hyperkitty - bugs_url: https://gitlab.com/mailman/hyperkitty/issues - docs_url: https://hyperkitty.readthedocs.org/en/latest/ - sops: - - https://infrastructure.fedoraproject.org/infra/docs/mailman.rst - status_mappings: ['mailinglists'] - description: > + - name: The Mailing lists + data: + icon: hyperkitty.png + url: https://lists.fedoraproject.org + source_url: https://gitlab.com/mailman/hyperkitty + bugs_url: https://gitlab.com/mailman/hyperkitty/issues + docs_url: https://hyperkitty.readthedocs.org/en/latest/ + sops: [https://infrastructure.fedoraproject.org/infra/docs/mailman.rst] + status_mappings: [mailinglists] + description: > Mailing lists are used for communication within the community. There are lists for generic topics and lists more dedicated to a specific topic, there is for sure one for you. - - name: FedoCal - data: - icon: fedocal.png - url: https://calendar.fedoraproject.org/ - source_url: https://github.com/fedora-infra/fedocal - bugs_url: https://github.com/fedora-infra/fedocal/issues - docs_url: https://fedocal.readthedocs.org/en/latest/ - sops: - - https://infrastructure.fedoraproject.org/infra/docs/fedocal.rst - status_mappings: ['fedocal'] - description: > + - name: FedoCal + data: + icon: fedocal.png + url: https://calendar.fedoraproject.org/ + source_url: https://github.com/fedora-infra/fedocal + bugs_url: https://github.com/fedora-infra/fedocal/issues + docs_url: https://fedocal.readthedocs.org/en/latest/ + sops: [https://infrastructure.fedoraproject.org/infra/docs/fedocal.rst] + status_mappings: [fedocal] + description: > The Fedora Calendar (or fedocal), you might have already guessed, is a public calendar service. You can create your own calendar, or subscribe to others. Want to be kept abrest of releases, freezes, and events? This is the tool for you. - - name: Meetbot - data: - icon: meetbot.png - url: https://meetbot.fedoraproject.org - source_url: https://github.com/fedora-infra/mote - bugs_url: https://github.com/fedora-infra/mote/issues - docs_url: https://github.com/fedora-infra/mote/blob/master/README.md - sops: - - https://infrastructure.fedoraproject.org/infra/docs/mote.rst - - https://infrastructure.fedoraproject.org/infra/docs/zodbot.rst - status_mappings: ['zodbot'] - description: > + - name: Meetbot + data: + icon: meetbot.png + url: https://meetbot.fedoraproject.org + source_url: https://github.com/fedora-infra/mote + bugs_url: https://github.com/fedora-infra/mote/issues + docs_url: https://github.com/fedora-infra/mote/blob/master/README.md + sops: + - https://infrastructure.fedoraproject.org/infra/docs/mote.rst + - https://infrastructure.fedoraproject.org/infra/docs/zodbot.rst + status_mappings: [zodbot] + description: > Fedora Infrastructure runs a friendly IRC bot that you may know named zodbot. Among its many and varied functions is logging IRC meetings, the archives of which you can find here. - - name: Packaging data: description: > - Tools for packagers -- where the pieces of the distribution get - built. - + Tools for packagers -- where the pieces of the distribution get + built. children: - - name: Packages - data: - url: https://packages.fedoraproject.org/ - package_url: https://apps.fedoraproject.org/packages/{package} - source_url: https://pagure.io/fedora-packages-static - bugs_url: https://pagure.io/fedora-packages-static/issues - docs_url: http://threebean.org/blog/history-of-fedora-packages/ - sops: - - https://infrastructure.fedoraproject.org/infra/docs/fedorapackages.rst - status_mappings: ['packages'] - description: > + - name: Packages + data: + url: https://packages.fedoraproject.org/ + package_url: https://apps.fedoraproject.org/packages/{package} + source_url: https://pagure.io/fedora-packages-static + bugs_url: https://pagure.io/fedora-packages-static/issues + docs_url: http://threebean.org/blog/history-of-fedora-packages/ + sops: + - https://infrastructure.fedoraproject.org/infra/docs/fedorapackages.rst + status_mappings: [packages] + description: > A meta-app over the other packaging apps; the best place to find out what is in the Fedora repositories. Which packages are present in which version, who is maintaining @@ -349,104 +336,101 @@ children: reported against them. All these kind of questions can be answered here. It is sometimes called "Fedora Community v2" after the old - Fedora Community site. - - name: COPR - data: - icon: copr.png - url: https://copr.fedoraproject.org - user_url: https://copr.fedoraproject.org/coprs/{user}/ - source_url: https://github.com/fedora-copr/copr - bugs_url: > + Fedora Community + site. + - name: COPR + data: + icon: copr.png + url: https://copr.fedoraproject.org + user_url: https://copr.fedoraproject.org/coprs/{user}/ + source_url: https://github.com/fedora-copr/copr + bugs_url: > https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=POST&bug_status=MODIFIED&bug_status=ON_DEV&bug_status=ON_QA&bug_status=VERIFIED&bug_status=RELEASE_PENDING&classification=Community&list_id=4767864&product=Copr&query_format=advanced - docs_url: https://copr-backend.readthedocs.org/ + docs_url: https://copr-backend.readthedocs.org/ # Also: # - https://copr-keygen.readthedocs.org/ # - https://copr-rest-api.readthedocs.org/ - sops: - - https://infrastructure.fedoraproject.org/infra/docs/copr.rst - status_mappings: ['copr'] - description: > + sops: [https://infrastructure.fedoraproject.org/infra/docs/copr.rst] + status_mappings: [copr] + description: > Copr is an easy-to-use automatic build system providing a package repository as its output. You can make your **own** repositories! - - name: Koji - data: - icon: koji.png - url: https://koji.fedoraproject.org/koji - package_url: > + - name: Koji + data: + icon: koji.png + url: https://koji.fedoraproject.org/koji + package_url: > https://koji.fedoraproject.org/koji/search?match=glob&type=package&terms={package} - user_url: https://koji.fedoraproject.org/koji/userinfo?userID={user} - source_url: https://pagure.io/koji - bugs_url: https://pagure.io/koji/issues - docs_url: https://koji.build/ - sops: - - https://infrastructure.fedoraproject.org/infra/docs/koji.rst - - https://infrastructure.fedoraproject.org/infra/docs/koji-builder-setup.rst - status_mappings: ['koji'] - description: > + user_url: https://koji.fedoraproject.org/koji/userinfo?userID={user} + source_url: https://pagure.io/koji + bugs_url: https://pagure.io/koji/issues + docs_url: https://koji.build/ + sops: + - https://infrastructure.fedoraproject.org/infra/docs/koji.rst + - https://infrastructure.fedoraproject.org/infra/docs/koji-builder-setup.rst + status_mappings: [koji] + description: > Koji is the software that builds RPM packages for the Fedora project. It uses Mock to create chroot environments to perform builds that are both safe and trusted. - - name: Bodhi - data: - icon: bodhi.png - url: https://admin.fedoraproject.org/updates - package_url: https://admin.fedoraproject.org/updates/{package} - user_url: https://admin.fedoraproject.org/updates/user/{user} - source_url: https://github.com/fedora-infra/bodhi - bugs_url: https://github.com/fedora-infra/bodhi/issues - docs_url: https://bodhi.fedoraproject.org/docs - sops: - - https://infrastructure.fedoraproject.org/infra/docs/bodhi.rst - status_mappings: ['bodhi'] - description: > + - name: Bodhi + data: + icon: bodhi.png + url: https://admin.fedoraproject.org/updates + package_url: https://admin.fedoraproject.org/updates/{package} + user_url: https://admin.fedoraproject.org/updates/user/{user} + source_url: https://github.com/fedora-infra/bodhi + bugs_url: https://github.com/fedora-infra/bodhi/issues + docs_url: https://bodhi.fedoraproject.org/docs + sops: [https://infrastructure.fedoraproject.org/infra/docs/bodhi.rst] + status_mappings: [bodhi] + description: > The tool you will use to push your packages to the Fedora repositories as an update, first an update to be tested (repository: updates-testing) then a stable update (repository: updates). Behold -- the Magic Cabbage. - - name: Package Sources - data: - icon: package-sources.png - url: https://src.fedoraproject.org/ - package_url: https://src.fedoraproject.org/rpms/{package} - source_url: https://pagure.io/pagure - bugs_url: https://pagure.io/pagure/issues - docs_url: https://pagure.io/docs/pagure/ - status_mappings: ['pkgs'] - description: > + - name: Package Sources + data: + icon: package-sources.png + url: https://src.fedoraproject.org/ + package_url: https://src.fedoraproject.org/rpms/{package} + source_url: https://pagure.io/pagure + bugs_url: https://pagure.io/pagure/issues + docs_url: https://pagure.io/docs/pagure/ + status_mappings: [pkgs] + description: > Ever wonder exactly what is in the new release of a Fedora package? This is where the change histories of all the packages in Fedora for every release of Fedora (and EPEL) are kept.. forever! A gold mine. - - name: Mdapi - data: - url: https://apps.fedoraproject.org/mdapi - description: > - mdapi is a small API exposing the metadata contained in - different RPM repositories. - + - name: Mdapi + data: + url: https://apps.fedoraproject.org/mdapi + description: > + mdapi is a small API exposing the metadata contained in + different RPM repositories. - name: Upstream data: description: > - Tools for upstream - developers -- because we love you. - + Tools for upstream + developers -- because we love you. children: - - name: Release Monitoring - data: - url: https://release-monitoring.org - package_url: https://release-monitoring.org/projects/search/?pattern={package} - source_url: https://github.com/fedora-infra/anitya - bugs_url: https://github.com/fedora-infra/anitya/issues - docs_url: https://fedoraproject.org/wiki/Upstream_release_monitoring + - name: Release Monitoring + data: + url: https://release-monitoring.org + package_url: https://release-monitoring.org/projects/search/?pattern={package} + source_url: https://github.com/fedora-infra/anitya + bugs_url: https://github.com/fedora-infra/anitya/issues + docs_url: https://fedoraproject.org/wiki/Upstream_release_monitoring # TODO - write sops for anitya and the-new-hotness # https://pagure.io/fedora-infrastructure/issue/5157 # sops: # - https://infrastructure.fedoraproject.org/infra/docs/anitya.rst # - https://infrastructure.fedoraproject.org/infra/docs/hotness.rst - description: > + description: > Code named anitya, this project is slated to replace + - name: Webhook to Fedora Messaging + data: + url: https://webhook.fedoraproject.org/ + source_url: https://github.com/fedora-infra/webhook-to-fedora-messaging + bugs_url: https://github.com/fedora-infra/webhook-to-fedora-messaging/issues + docs_url: > https://github.com/fedora-infra/webhook-to-fedora-messaging/ - sops: - - https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/webhook2fedmsg/ - description: > + sops: + - https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/webhook2fedmsg/ + description: > Webhook to Fedora Messaging is a web service that bridges upstream activity into the Fedora Infrastructure message bus. Visit the self-service dashboard to add your application. - - name: Pagure - data: - icon: pagure.png - url: https://pagure.io/ - status_mappings: ['pagure'] - description: > + - name: Pagure + data: + icon: pagure.png + url: https://pagure.io/ + status_mappings: [pagure] + description: > Pagure is a git-centered forge, python based using pygit2. With pagure you can host your project with its documentation, let your users report issues or request enhancements using the ticketing system and build your community of contributors by allowing them to fork your projects and contribute to it via the now-popular pull-request mechanism. - - name: Infrastructure data: description: > - Tools for sysadmins -- the people who run the servers that run - Fedora (and otherwise). + Tools for sysadmins -- the people who run the servers that run + Fedora (and otherwise). children: - - name: GeoIP - data: - url: https://geoip.fedoraproject.org - source_url: https://github.com/fedora-infra/geoip-city-wsgi - bugs_url: https://github.com/fedora-infra/geoip-city-wsgi/issues - docs_url: https://github.com/fedora-infra/geoip-city-wsgi/blob/master/geoip-city.wsgi + - name: GeoIP + data: + url: https://geoip.fedoraproject.org + source_url: https://github.com/fedora-infra/geoip-city-wsgi + bugs_url: https://github.com/fedora-infra/geoip-city-wsgi/issues + docs_url: https://github.com/fedora-infra/geoip-city-wsgi/blob/master/geoip-city.wsgi # TODO - write a sop for this thing # https://pagure.io/fedora-infrastructure/issue/5159 # sops: # - https://infrastructure.fedoraproject.org/infra/docs/geoip.rst - description: > + description: > A simple web service running geoip-city-wsgi that will return geoip information to you. - - name: Easyfix - data: - url: https://fedoraproject.org/easyfix - source_url: https://github.com/fedora-infra/fedora-gather-easyfix - bugs_url: https://github.com/fedora-infra/fedora-gather-easyfix/issues - docs_url: https://github.com/fedora-infra/fedora-gather-easyfix/blob/master/README - sops: - - https://infrastructure.fedoraproject.org/infra/docs/gather-easyfix.rst - description: > + - name: Easyfix + data: + url: https://fedoraproject.org/easyfix + source_url: https://github.com/fedora-infra/fedora-gather-easyfix + bugs_url: https://github.com/fedora-infra/fedora-gather-easyfix/issues + docs_url: https://github.com/fedora-infra/fedora-gather-easyfix/blob/master/README + sops: + - https://infrastructure.fedoraproject.org/infra/docs/gather-easyfix.rst + description: > A list of easy-to-fix problems for the different projects in Fedora. Interested in getting into helping out with sysadmin work or web application development? This should be useful to you. - - name: DataGrepper - data: - icon: fedmsg.png - url: https://apps.fedoraproject.org/datagrepper - package_url: https://apps.fedoraproject.org/datagrepper/raw?package={package} - user_url: https://apps.fedoraproject.org/datagrepper/raw?user={user} - source_url: https://github.com/fedora-infra/datagrepper - bugs_url: https://github.com/fedora-infra/datagrepper/issues - docs_url: https://github.com/fedora-infra/datagrepper/blob/develop/README.rst - sops: - - https://infrastructure.fedoraproject.org/infra/docs/datanommer.rst - status_mappings: ['fedmsg'] - description: > + - name: DataGrepper + data: + icon: fedmsg.png + url: https://apps.fedoraproject.org/datagrepper + package_url: https://apps.fedoraproject.org/datagrepper/raw?package={package} + user_url: https://apps.fedoraproject.org/datagrepper/raw?user={user} + source_url: https://github.com/fedora-infra/datagrepper + bugs_url: https://github.com/fedora-infra/datagrepper/issues + docs_url: https://github.com/fedora-infra/datagrepper/blob/develop/README.rst + sops: [https://infrastructure.fedoraproject.org/infra/docs/datanommer.rst] + status_mappings: [fedmsg] + description: > DataGrepper is an HTTP API for querying the datanommer database. You can use it to dig into the history of the fedmsg message bus. You can grab events by username, by package, by message source, by topic... you name it. - - - name: Status - data: - icon: status-good.png - url: http://www.fedorastatus.org - source_url: https://github.com/fedora-infra/statusfpo/ - bugs_url: https://github.com/fedora-infra/statusfpo/issues - docs_url: https://github.com/fedora-infra/statusfpo/README - sops: - - https://infrastructure.fedoraproject.org/infra/docs/status-fedora.rst - description: > + - name: Status + data: + icon: status-good.png + url: http://www.fedorastatus.org + source_url: https://github.com/fedora-infra/statusfpo/ + bugs_url: https://github.com/fedora-infra/statusfpo/issues + docs_url: https://github.com/fedora-infra/statusfpo/README + sops: + - https://infrastructure.fedoraproject.org/infra/docs/status-fedora.rst + description: > Sometimes the Fedora Infrastructure team messes up (or lightning strikes our datacenter(s)). Sorry about that. You can use this website to check the status. Is it @@ -553,20 +534,20 @@ children: in your browser tab. It changes based on the status, so if you keep this open you can check back to it at a glance. - - name: MirrorManager - data: - icon: downloads.png - url: https://mirrors.fedoraproject.org - source_url: https://github.com/fedora-infra/mirrormanager2 - bugs_url: https://github.com/fedora-infra/mirrormanager2/issues - docs_url: https://mirrormanager.readthedocs.org/en/latest/ - sops: - - https://infrastructure.fedoraproject.org/infra/docs/mirrormanager.rst - - https://infrastructure.fedoraproject.org/infra/docs/mastermirror.rst - - https://infrastructure.fedoraproject.org/infra/docs/mirrorhiding.rst - - https://infrastructure.fedoraproject.org/infra/docs/mirrormanager-S3-EC2-netblocks.rst - status_mappings: ['mirrormanager', 'mirrorlist'] - description: > + - name: MirrorManager + data: + icon: downloads.png + url: https://mirrors.fedoraproject.org + source_url: https://github.com/fedora-infra/mirrormanager2 + bugs_url: https://github.com/fedora-infra/mirrormanager2/issues + docs_url: https://mirrormanager.readthedocs.org/en/latest/ + sops: + - https://infrastructure.fedoraproject.org/infra/docs/mirrormanager.rst + - https://infrastructure.fedoraproject.org/infra/docs/mastermirror.rst + - https://infrastructure.fedoraproject.org/infra/docs/mirrorhiding.rst + - https://infrastructure.fedoraproject.org/infra/docs/mirrormanager-S3-EC2-netblocks.rst + status_mappings: [mirrormanager, mirrorlist] + description: > Fedora is distributed to millions of systems globally. This would not be possible without the donations of time, disk space, and bandwidth by hundreds of volunteer system @@ -575,57 +556,54 @@ children: donations. The list on the MirrorManager site is dynamically generated every hour, listing only up-to-date mirrors. - - name: Nagios - data: - icon: nagios-logo.png - url: https://admin.fedoraproject.org/nagios - source_url: https://github.com/NagiosEnterprises/nagioscore - bugs_url: https://pagure.io/fedora-infrastructure/issues - docs_url: https://www.nagios.org/documentation/ - sops: - - https://infrastructure.fedoraproject.org/infra/docs/nagios.rst - description: > + - name: Nagios + data: + icon: nagios-logo.png + url: https://admin.fedoraproject.org/nagios + source_url: https://github.com/NagiosEnterprises/nagioscore + bugs_url: https://pagure.io/fedora-infrastructure/issues + docs_url: https://www.nagios.org/documentation/ + sops: [https://infrastructure.fedoraproject.org/infra/docs/nagios.rst] + description: > "Is telia down?" The answer can most definitively be found here (and in detail). The Fedora Infrastructure team uses Nagios to monitor the servers that serve Fedora. Accessing most details requires membership in the sysadmin group. - - name: Collectd - data: - icon: collectd.png - url: https://admin.fedoraproject.org/collectd/ - source_url: https://github.com/collectd/collectd - bugs_url: https://github.com/collectd/collectd/issues - docs_url: https://collectd.org/documentation.shtml - sops: - - https://infrastructure.fedoraproject.org/infra/docs/collectd.rst - description: > + - name: Collectd + data: + icon: collectd.png + url: https://admin.fedoraproject.org/collectd/ + source_url: https://github.com/collectd/collectd + bugs_url: https://github.com/collectd/collectd/issues + docs_url: https://collectd.org/documentation.shtml + sops: [https://infrastructure.fedoraproject.org/infra/docs/collectd.rst] + description: > Tracks and displays statistics on the Fedora Infrastructure machines over time. Useful for debugging ineffeciencies and problems. - - name: HAProxy - data: - url: https://admin.fedoraproject.org/haproxy/proxy1 - source_url: https://git.haproxy.org/ - bugs_url: https://www.haproxy.org/knownbugs-1.3.html - docs_url: https://www.haproxy.org/#docs - sops: - - https://infrastructure.fedoraproject.org/infra/docs/haproxy.rst - description: > + - name: HAProxy + data: + url: https://admin.fedoraproject.org/haproxy/proxy1 + source_url: https://git.haproxy.org/ + bugs_url: https://www.haproxy.org/knownbugs-1.3.html + docs_url: https://www.haproxy.org/#docs + sops: [https://infrastructure.fedoraproject.org/infra/docs/haproxy.rst] + description: > Shows the health of our proxies. How many bytes? Concurrent sessions? Health checks? - name: In Development data: description: > - These are the apps that we're working on, but that aren't quite - ready for prime-time yet. Try and use them, and report bugs when - they're broken -- it's a big help!. - Check back here from time to time, as this section will change. + These are the apps that we're working on, but that aren't quite + ready for prime-time yet. Try and use them, and report bugs when + they're broken -- it's a big help!. + Check back here from time to time, as this section will change. children: - - name: Ipsilon - data: - url: https://pagure.io/ipsilon - description: > + - name: Ipsilon + data: + url: https://pagure.io/ipsilon + description: >- Ipsilon is our central authentication agent that is used to authenticate users agains FAS. It is seperate from FAS. The only service that is not using this currently is the wiki. diff --git a/roles/apps-fp-o/handlers/main.yml b/roles/apps-fp-o/handlers/main.yml index 0b2c80f86a..a7bdf5dd6b 100644 --- a/roles/apps-fp-o/handlers/main.yml +++ b/roles/apps-fp-o/handlers/main.yml @@ -1,3 +1,4 @@ +--- - name: rebuild apps-fp-o html shell: /usr/bin/apps-fp-o-yaml2html.py > /srv/web/apps-fp-o/apps-yaml.html diff --git a/roles/apps-fp-o/tasks/main.yml b/roles/apps-fp-o/tasks/main.yml index 1a3857c940..278e856d96 100644 --- a/roles/apps-fp-o/tasks/main.yml +++ b/roles/apps-fp-o/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Install that apps-fp-o rpm package package: name=apps-fp-o state=present tags: diff --git a/roles/awx/podman/tasks/main.yml b/roles/awx/podman/tasks/main.yml index cd87f048a0..33e74eef05 100644 --- a/roles/awx/podman/tasks/main.yml +++ b/roles/awx/podman/tasks/main.yml @@ -10,7 +10,7 @@ ansible.builtin.file: path: "~{{ podman_user }}/.config/containers" state: directory - mode: 0700 + mode: "0700" owner: "{{ podman_user }}" group: "{{ podman_group }}" @@ -23,7 +23,7 @@ dest: "~{{ podman_user }}/.config/containers/containers.conf" owner: "{{ podman_user }}" group: "{{ podman_group }}" - mode: 0600 + mode: "0600" - name: Create empty mounts config file to avoid permissions error message ansible.builtin.copy: @@ -32,17 +32,17 @@ force: false owner: "{{ podman_user }}" group: "{{ podman_group }}" - mode: 0600 + mode: "0600" - name: Ensure registries.conf.d exists ansible.builtin.file: path: /etc/containers/registries.conf.d/ state: directory - mode: 0755 + mode: "0755" - name: Force fully qualified image names to be provided to podman pull ansible.builtin.copy: content: | unqualified-search-registries = [] dest: /etc/containers/registries.conf.d/force-fully-qualified-images.conf - mode: 0644 + mode: "0644" diff --git a/roles/base/meta/main.yml b/roles/base/meta/main.yml index 01b0a519e6..d04d5975af 100644 --- a/roles/base/meta/main.yml +++ b/roles/base/meta/main.yml @@ -1,6 +1,6 @@ --- dependencies: - - { role: linux-system-roles.network, when: "'no_linux_system_roles' not in group_names", tags: ['linux-system-roles.network'] } - - { role: basessh, tags: ['basessh'] } - - { role: chrony } - - { role: dnf-automatic, tags: ['dnf-automatic'] } + - { role: linux-system-roles.network, when: "'no_linux_system_roles' not in group_names", tags: ['linux-system-roles.network'] } + - { role: basessh, tags: ['basessh'] } + - { role: chrony } + - { role: dnf-automatic, tags: ['dnf-automatic'] } diff --git a/roles/base/tasks/crypto-policies.yml b/roles/base/tasks/crypto-policies.yml index 6324a0d102..ab9bc86036 100644 --- a/roles/base/tasks/crypto-policies.yml +++ b/roles/base/tasks/crypto-policies.yml @@ -1,3 +1,4 @@ +--- - name: Check current crypto-policy command: "update-crypto-policies --show" register: currentcryptopolicy diff --git a/roles/base/tasks/postfix.yml b/roles/base/tasks/postfix.yml index e18510ee1f..ee3e048457 100644 --- a/roles/base/tasks/postfix.yml +++ b/roles/base/tasks/postfix.yml @@ -1,3 +1,4 @@ +--- - name: /etc/postfix/main.cf copy: src={{ item }} dest=/etc/postfix/main.cf with_first_found: @@ -91,12 +92,12 @@ - restart postfix tags: - postfix - -# Install gateway tls cert as a pem file. + +# Install gateway tls cert as a pem file. # This has: private key, then cert, then intermediate cert # This cert is a digicert one, renew it there. - name: install /etc/pki/tls/private/gateway-chain.pem - copy: + copy: src="{{private}}/files/smtpd/gateway-chain.pem" dest=/etc/pki/tls/private/gateway-chain.pem owner=root diff --git a/roles/base/tasks/watchdog.yml b/roles/base/tasks/watchdog.yml index a610d2f912..60f3370a12 100644 --- a/roles/base/tasks/watchdog.yml +++ b/roles/base/tasks/watchdog.yml @@ -1,3 +1,4 @@ +--- - name: See if theres a watchdog device stat: path=/dev/watchdog when: ansible_virtualization_role is defined and ansible_virtualization_role == 'guest' diff --git a/roles/basessh/tasks/main.yml b/roles/basessh/tasks/main.yml index e16dae976f..b61ea24a6b 100644 --- a/roles/basessh/tasks/main.yml +++ b/roles/basessh/tasks/main.yml @@ -1,26 +1,26 @@ --- # # We have some tasks here in case this is a bare metal machine -# and we are provisioning it for the first time. +# and we are provisioning it for the first time. # virtual machines are handled in tasks/virt-instance-create # - name: make sure there is no old ssh host key for the host still around local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent - ignore_errors: True + ignore_errors: true with_items: - /root/.ssh/known_hosts when: birthday is defined - name: gather ssh host key from new instance local_action: command ssh-keyscan -t rsa {{ inventory_hostname }} - ignore_errors: True + ignore_errors: true register: hostkey when: birthday is defined - name: add new ssh host key (until we can sign it) local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}" host={{ inventory_hostname }} state=present - ignore_errors: True + ignore_errors: true with_items: - /root/.ssh/known_hosts when: birthday is defined @@ -33,7 +33,7 @@ - config - sshd - selinux - when: ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 8 + when: ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 8 - name: make sure python3-libselinux is installed package: name=python3-libselinux state=present @@ -163,7 +163,7 @@ state=directory delegate_to: localhost run_once: true - changed_when: False + changed_when: false tags: - basessh - sshd_cert @@ -249,6 +249,6 @@ - name: make sure there is no old ssh host key for the host still around local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent - ignore_errors: True + ignore_errors: true with_items: - /root/.ssh/known_hosts diff --git a/roles/batcave/tasks/main.yml b/roles/batcave/tasks/main.yml index 411b122fb5..30defb5770 100644 --- a/roles/batcave/tasks/main.yml +++ b/roles/batcave/tasks/main.yml @@ -6,6 +6,7 @@ # make directory for nfs mounts to live in # +--- - name: create /srv/web/pub for nfs mounts file: dest=/srv/web/pub state=directory mode=0755 tags: @@ -38,7 +39,7 @@ - fedora-messaging # To send/receive messages on the amqp bus - ansible-freeipa # For the IPA server configuration tasks - moreutils # needed for pee command for dns repo hook - #- python39-jmespath # for the copr playbooks + # - python39-jmespath # for the copr playbooks - rhel-system-roles # for networking - python3-requests-kerberos # for authentication via kinit inside ansible tags: @@ -94,7 +95,7 @@ copy: src: make-rabbitmq-certs-public.sh dest: /etc/cron.daily/make-rabbitmq-certs-public - mode: 0755 + mode: "0755" tags: - batcave - config @@ -404,7 +405,7 @@ template: src: geoip-download-databases dest: /usr/local/bin/geoip-download-databases - mode: 0700 + mode: "0700" tags: - batcave - config @@ -413,7 +414,7 @@ copy: src: geoip-download-databases.cron dest: /etc/cron.d/geoip-download-databases.cron - mode: 0644 + mode: "0644" tags: - batcave - config diff --git a/roles/bkernel/tasks/main.yml b/roles/bkernel/tasks/main.yml index b4ade2eadd..dcf5a1cd1c 100644 --- a/roles/bkernel/tasks/main.yml +++ b/roles/bkernel/tasks/main.yml @@ -63,7 +63,7 @@ template: src: bkernel-site-defaults.cfg dest: /etc/mock/site-defaults.cfg - mode: 0644 + mode: "0644" owner: root group: mock tags: diff --git a/roles/blockerbugs/tasks/main.yml b/roles/blockerbugs/tasks/main.yml index 857edf34b2..1a6c1672d6 100644 --- a/roles/blockerbugs/tasks/main.yml +++ b/roles/blockerbugs/tasks/main.yml @@ -30,10 +30,10 @@ - name: create the `blockerbugs` user user: - name: blockerbugs - group: blockerbugs - shell: /bin/nologin - home: /usr/share/blockerbugs + name: blockerbugs + group: blockerbugs + shell: /bin/nologin + home: /usr/share/blockerbugs tags: - blockerbugs - config diff --git a/roles/bodhi2/backend/tasks/main.yml b/roles/bodhi2/backend/tasks/main.yml index 32597553e2..53972ee6b9 100644 --- a/roles/bodhi2/backend/tasks/main.yml +++ b/roles/bodhi2/backend/tasks/main.yml @@ -131,7 +131,7 @@ - -c - "from sys import version_info as vi; print(f'{vi[0]}.{vi[1]}')" register: _python3_version_result - changed_when: False + changed_when: false - name: Set Python version fact set_fact: diff --git a/roles/btrfs/tasks/main.yml b/roles/btrfs/tasks/main.yml index 41a59bafb4..17fe8b2cfa 100644 --- a/roles/btrfs/tasks/main.yml +++ b/roles/btrfs/tasks/main.yml @@ -12,7 +12,7 @@ path: /etc/systemd/system/btrfs-balance.timer.d owner: root group: root - mode: 0755 + mode: "0755" - name: Configure btrfs-balance timer @@ -21,7 +21,7 @@ dest: /etc/systemd/system/btrfs-balance.timer.d/schedule.conf owner: root group: root - mode: 0644 + mode: "0644" notify: - reload systemd - restart btrfs-balance diff --git a/roles/builder_repo/tasks/main.yml b/roles/builder_repo/tasks/main.yml index c8565c3274..806ebd6949 100644 --- a/roles/builder_repo/tasks/main.yml +++ b/roles/builder_repo/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: add builder infra yum repo file: dest=/etc/yum.repos.d/builder-infrastructure.repo state=absent tags: diff --git a/roles/centosci-keytab/tasks/main.yml b/roles/centosci-keytab/tasks/main.yml index bdb46b934b..ec3bd4f088 100644 --- a/roles/centosci-keytab/tasks/main.yml +++ b/roles/centosci-keytab/tasks/main.yml @@ -5,7 +5,7 @@ state: directory owner: root group: root - mode: 0750 + mode: "0750" - name: Acquire a keytab for staging include_role: diff --git a/roles/cgit/base/tasks/main.yml b/roles/cgit/base/tasks/main.yml index d6bcff73b6..6bbc9150a3 100644 --- a/roles/cgit/base/tasks/main.yml +++ b/roles/cgit/base/tasks/main.yml @@ -43,6 +43,6 @@ when: inventory_hostname.startswith('batcave') tags: cgit -#- name: install the libravatar filter +# - name: install the libravatar filter # copy: src=email-libravatar-korg.lua dest=/usr/libexec/cgit/filters/email-libravatar-korg.lua owner=root group=root mode=0755 # tags: cgit diff --git a/roles/check-compose/defaults/main.yml b/roles/check-compose/defaults/main.yml index 36dc362fed..0c28b0d7dc 100644 --- a/roles/check-compose/defaults/main.yml +++ b/roles/check-compose/defaults/main.yml @@ -1,3 +1,4 @@ +--- checkcompose_prod: false checkcompose_amqp_passive: false checkcompose_amqp_url: "amqps://fedora:@rabbitmq.fedoraproject.org/%2Fpublic_pubsub" diff --git a/roles/check-compose/handlers/main.yml b/roles/check-compose/handlers/main.yml index f5b6e2de18..f412296f85 100644 --- a/roles/check-compose/handlers/main.yml +++ b/roles/check-compose/handlers/main.yml @@ -1,4 +1,5 @@ # Restart handler for our fedora-messaging consumer +--- - name: Conditionally restart check-compose consumer service command: /usr/local/bin/conditional-restart.sh fm-consumer@check-compose listen: diff --git a/roles/check-compose/tasks/main.yml b/roles/check-compose/tasks/main.yml index 34f432ae6a..e53c23226c 100644 --- a/roles/check-compose/tasks/main.yml +++ b/roles/check-compose/tasks/main.yml @@ -101,13 +101,14 @@ # by openqa/dispatcher role; ideally we should factor this out into a # shared task or something. -#- name: Install required packages (testing) +# - name: Install required packages (testing) # dnf: name={{ item }} state=present enablerepo="updates-testing" # with_items: # - python3-fedfind # tags: # - packages +--- - name: Install required packages package: name: ['fedora-messaging', 'python3-fedfind', 'python3-openqa_client', 'python3-pip', @@ -138,7 +139,7 @@ - name: Create /etc/pki/fedora-messaging file: dest: /etc/pki/fedora-messaging - mode: 0775 + mode: "0775" owner: root group: root state: directory @@ -153,7 +154,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{ checkcompose_env }}/pki/issued/{{ openqa_amqp_this_username }}.crt" dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_this_username }}-cert.pem" - mode: 0644 + mode: "0644" owner: root group: root when: "deployment_type is defined" @@ -168,7 +169,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{ checkcompose_env }}/pki/private/{{ openqa_amqp_this_username }}.key" dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_this_username }}-key.pem" - mode: 0640 + mode: "0640" owner: root group: geekotest when: "deployment_type is defined" diff --git a/roles/chrony/tasks/main.yml b/roles/chrony/tasks/main.yml index a3a519c0e6..67d4a4677f 100644 --- a/roles/chrony/tasks/main.yml +++ b/roles/chrony/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: install chrony package: name=chrony state=present tags: diff --git a/roles/cloudstats/tasks/main.yml b/roles/cloudstats/tasks/main.yml index d7c0c38e67..efab52aeda 100644 --- a/roles/cloudstats/tasks/main.yml +++ b/roles/cloudstats/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Install the cloud-image-stat script copy: > src=cloud-image-stat.py dest=/usr/local/bin/cloud-image-stat.py diff --git a/roles/collectd/base/tasks/main.yml b/roles/collectd/base/tasks/main.yml index 3fe1e4f1bb..ce0b303504 100644 --- a/roles/collectd/base/tasks/main.yml +++ b/roles/collectd/base/tasks/main.yml @@ -1,8 +1,7 @@ - - # collectd client setup # install pkg +--- - name: install collectd package: name=collectd state=present tags: @@ -106,7 +105,7 @@ seboolean: name=collectd_tcp_network_connect state=yes persistent=yes tags: - collectd - ignore_errors: True + ignore_errors: true notify: - restart collectd when: ( collectd_apache is defined ) and ansible_selinux.status != "disabled" @@ -182,8 +181,6 @@ - collectd - selinux - - # each of the below should move to a separate task list # since they are odd-balls and one-offs diff --git a/roles/collectd/fedmsg-activation/tasks/main.yml b/roles/collectd/fedmsg-activation/tasks/main.yml index 583e1ecc35..f8e130fe2e 100644 --- a/roles/collectd/fedmsg-activation/tasks/main.yml +++ b/roles/collectd/fedmsg-activation/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in /usr/local/bin/fedmsg-map copy: src=fedmsg-map.py dest=/usr/local/bin/fedmsg-map mode=0755 tags: diff --git a/roles/collectd/fedmsg-service/vars/main.yml b/roles/collectd/fedmsg-service/vars/main.yml index 4d356ab77c..4b1eb32f26 100644 --- a/roles/collectd/fedmsg-service/vars/main.yml +++ b/roles/collectd/fedmsg-service/vars/main.yml @@ -1,2 +1,3 @@ +--- user: fedmsg process: fedmsg-hub diff --git a/roles/collectd/rabbitmq/tasks/main.yml b/roles/collectd/rabbitmq/tasks/main.yml index 44277b25e0..9f514ee968 100644 --- a/roles/collectd/rabbitmq/tasks/main.yml +++ b/roles/collectd/rabbitmq/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: install collectd-rabbitmq package: state: present @@ -20,7 +21,7 @@ dest: "/etc/collectd.d/rabbitmq.conf" owner: root group: root - mode: 0640 + mode: "0640" tags: - collectd - config diff --git a/roles/collectd/web-service/tasks/main.yml b/roles/collectd/web-service/tasks/main.yml index c7834f10bb..f97b7bdddd 100644 --- a/roles/collectd/web-service/tasks/main.yml +++ b/roles/collectd/web-service/tasks/main.yml @@ -21,4 +21,4 @@ seboolean: name=collectd_tcp_network_connect state=yes persistent=yes tags: - collectd - ignore_errors: True + ignore_errors: true diff --git a/roles/communishift/default/main.yml b/roles/communishift/default/main.yml index 931b6c391e..33ab95f8d8 100644 --- a/roles/communishift/default/main.yml +++ b/roles/communishift/default/main.yml @@ -1,7 +1,7 @@ +--- communishift_efs_access_key: "OVERRIDEME" communishift_efs_secret_key: "OVERRIDEME" communishift_project_name: "OVERRIDEME" communishift_region: "OVERRIDEME" communishift_subnet_id: "OVERRIDEME" communishift_security_group: "OVERRIDEME" - diff --git a/roles/communishift/tasks/cleanup-administration-tasks.yml b/roles/communishift/tasks/cleanup-administration-tasks.yml index aa8357543b..9c96d60834 100644 --- a/roles/communishift/tasks/cleanup-administration-tasks.yml +++ b/roles/communishift/tasks/cleanup-administration-tasks.yml @@ -1,3 +1,3 @@ --- -#- include_tasks: retrieve-communishift-admin-data.yml +# - include_tasks: retrieve-communishift-admin-data.yml - include_tasks: send-tenant-deletion-notifications.yml diff --git a/roles/copr/backend/files/provision/create_swap_file.yml b/roles/copr/backend/files/provision/create_swap_file.yml index 100c78c846..0573d5b65a 100644 --- a/roles/copr/backend/files/provision/create_swap_file.yml +++ b/roles/copr/backend/files/provision/create_swap_file.yml @@ -1,3 +1,4 @@ +--- - name: install enable-swap.service copy: src: files/enable-swap.service diff --git a/roles/copr/backend/files/provision/playbook-prepare-builder-to-create-images.yml b/roles/copr/backend/files/provision/playbook-prepare-builder-to-create-images.yml index c49315500f..03e5f4b5e2 100644 --- a/roles/copr/backend/files/provision/playbook-prepare-builder-to-create-images.yml +++ b/roles/copr/backend/files/provision/playbook-prepare-builder-to-create-images.yml @@ -96,7 +96,7 @@ --run-command "chcon -v -R -h system_u:object_r:ssh_home_t:s0 /root/.ssh" ) EIMG_DOUBLECHECK_WAITING_FOR_IPV4=true dest: /etc/eimg/eimg.sh - mode: 0644 + mode: "0644" - stat: path={{ private_key_file }} register: key_stat diff --git a/roles/copr/backend/files/provision/provision_builder_tasks.yml b/roles/copr/backend/files/provision/provision_builder_tasks.yml index 88c5a1edfd..37991bcb10 100644 --- a/roles/copr/backend/files/provision/provision_builder_tasks.yml +++ b/roles/copr/backend/files/provision/provision_builder_tasks.yml @@ -209,7 +209,7 @@ - name: run /bin/copr-update-builder from copr-builder package shell: /usr/bin/copr-update-builder -#- name: install the latest mock and mock-core-configs from updates-testing +# - name: install the latest mock and mock-core-configs from updates-testing # package: state=latest name={{ packages }} # register: mock_updated # vars: @@ -259,7 +259,7 @@ dest: /etc/security/limits.d/50-copr-fds.conf owner: root group: root - mode: 0644 + mode: "0644" when: - preparing_image diff --git a/roles/copr/backend/handlers/main.yml b/roles/copr/backend/handlers/main.yml index 1dd16fcf41..6d01b64c64 100644 --- a/roles/copr/backend/handlers/main.yml +++ b/roles/copr/backend/handlers/main.yml @@ -1,3 +1,4 @@ +--- - name: chmod_key file: path=/etc/lighttpd/copr-be.fedoraproject.org.pem owner=root group=root mode=0600 diff --git a/roles/copr/backend/tasks/copr-ping.yml b/roles/copr/backend/tasks/copr-ping.yml index 8e2df53d2a..523ff4d634 100644 --- a/roles/copr/backend/tasks/copr-ping.yml +++ b/roles/copr/backend/tasks/copr-ping.yml @@ -35,7 +35,7 @@ src: "{{ ping_script }}.j2" owner: "{{ ping_user }}" group: "{{ ping_user }}" - mode: 0700 + mode: "0700" tags: copr_ping - name: install the check script @@ -44,7 +44,7 @@ src: "copr-ping-check.py.j2" owner: "{{ ping_user }}" group: "nagios" - mode: 0750 + mode: "0750" tags: copr_ping - name: selinux - allow nrpe_t to read ping_log @@ -65,7 +65,7 @@ path: "{{ ping_homedir }}/.config" owner: "{{ ping_user }}" group: "{{ ping_user }}" - mode: 0755 + mode: "0755" state: directory tags: copr_ping @@ -78,7 +78,7 @@ token = {{ copr_ping_bot_token }} copr_url = https://copr.fedorainfracloud.org dest: "{{ ping_homedir }}/.config/copr" - mode: 0600 + mode: "0600" owner: "{{ ping_user }}" group: "{{ ping_user }}" tags: copr_ping diff --git a/roles/copr/backend/tasks/install_cloud_cert.yml b/roles/copr/backend/tasks/install_cloud_cert.yml index 4626cf7a97..461be9f73a 100644 --- a/roles/copr/backend/tasks/install_cloud_cert.yml +++ b/roles/copr/backend/tasks/install_cloud_cert.yml @@ -1,3 +1,4 @@ +--- - name: copy .pem copy: src=../../files/fedora-cloud/fed-cloud09.pem dest=/etc/pki/ca-trust/source/anchors/ register: cloud_pem_copied diff --git a/roles/copr/backend/tasks/main.yml b/roles/copr/backend/tasks/main.yml index 7388b81eef..20f9fca97e 100644 --- a/roles/copr/backend/tasks/main.yml +++ b/roles/copr/backend/tasks/main.yml @@ -34,7 +34,7 @@ tags: - packages -#- name: patch for prunerepo, issue 1090 +# - name: patch for prunerepo, issue 1090 # patch: src=patches/prunerepo-dataloss.patch # dest=/usr/bin/prunerepo # tags: patches @@ -64,7 +64,7 @@ dest: /home/copr/.ssh/config owner: copr group: copr - mode: 0600 + mode: "0600" tags: - backend_to_hv_ssh_config - provision_config @@ -85,7 +85,7 @@ - name: auth_key so we can login to localhost as the copr user from the copr user authorized_key: user=copr key="{{ item }}" - no_log: True + no_log: true with_file: - "provision/files/buildsys.pub" @@ -139,13 +139,13 @@ src: cgi-resalloc dest: /var/www/ setype: httpd_sys_script_exec_t - mode: 0755 + mode: "0755" - name: install the helper scripts for lighttpd log rotation copy: src: "{{ item }}" dest: /usr/local/bin/{{ item }} - mode: 0755 + mode: "0755" owner: root group: root with_items: @@ -167,7 +167,7 @@ service: state=started enabled=yes name=lighttpd # setup dirs for the ansible execution off of provisioning -#- name: dirs from provision +# - name: dirs from provision # file: state=directory path="/home/copr/provision/{{ item }}" owner=copr group=copr # with_items: # - action_plugins @@ -227,7 +227,7 @@ copy: src="{{ item }}" dest=/usr/local/bin/ owner=root mode=755 with_fileglob: - - copr-builder-image-*.sh + - copr-builder-image-*.sh when: devel|bool tags: - provision_config @@ -278,7 +278,7 @@ - command: "ls -dZ /var/lib/copr/public_html/" register: public_html_ls check_mode: no - changed_when: False + changed_when: false - name: update selinux context for results if root folder does not have proper type command: "restorecon -vvRF /var/lib/copr/public_html/" @@ -304,7 +304,7 @@ copy: content: "{{ copr_red_hat_subscription_offline_token }}" dest: "{{ rhn_offline_token_file }}" - mode: 0600 + mode: "0600" owner: resalloc group: resalloc tags: @@ -314,7 +314,7 @@ template: src: "{{ item }}" dest: /usr/local/bin/{{ item }} - mode: 0755 + mode: "0755" loop: - cleanup-unused-vms-from-redis - cleanup-unused-redhat-subscriptions diff --git a/roles/copr/backend/tasks/network.yml b/roles/copr/backend/tasks/network.yml index 1203846267..f19a678dec 100644 --- a/roles/copr/backend/tasks/network.yml +++ b/roles/copr/backend/tasks/network.yml @@ -1,3 +1,4 @@ +--- - name: copy ifcfg-eth1 copy: src="ifcfg-eth1" dest=/etc/sysconfig/network-scripts/ owner=root group=root mode=644 diff --git a/roles/copr/backend/tasks/pulp.yml b/roles/copr/backend/tasks/pulp.yml index efeb8df4c6..84a4ce2711 100644 --- a/roles/copr/backend/tasks/pulp.yml +++ b/roles/copr/backend/tasks/pulp.yml @@ -10,7 +10,7 @@ path: /home/copr/.config/pulp/ owner: copr group: copr - mode: 0700 + mode: "0700" - name: Install Pulp auth certificates copy: @@ -18,7 +18,7 @@ dest: "/home/copr/.config/pulp/" owner: copr group: copr - mode: 0600 + mode: "0600" with_items: - copr-pulp-prod.crt - copr-pulp-prod.key @@ -30,4 +30,4 @@ dest: "/home/copr/.config/pulp/cli.toml" owner: copr group: copr - mode: 0600 + mode: "0600" diff --git a/roles/copr/backend/tasks/resalloc.yml b/roles/copr/backend/tasks/resalloc.yml index d1f82c4f3a..41d71c387f 100644 --- a/roles/copr/backend/tasks/resalloc.yml +++ b/roles/copr/backend/tasks/resalloc.yml @@ -33,7 +33,7 @@ line: "{{ item }}" owner: postgres group: postgres - mode: 0600 + mode: "0600" with_items: - "all postgres postgres" - "all resalloc resalloc" @@ -101,7 +101,7 @@ file: path: /var/lib/resallocserver/.ssh state: directory - mode: 0700 + mode: "0700" owner: resalloc group: resalloc @@ -111,7 +111,7 @@ dest: /var/lib/resallocserver/.ssh/id_rsa owner: resalloc group: resalloc - mode: 0600 + mode: "0600" - name: resalloc, ssh config file template: @@ -119,7 +119,7 @@ dest: /var/lib/resallocserver/.ssh/config owner: resalloc group: resalloc - mode: 0600 + mode: "0600" tags: - backend_to_hv_ssh_config - provision_config @@ -128,7 +128,7 @@ template: src: "resalloc/{{ item }}" dest: "/etc/resallocserver/{{ item }}" - mode: 0640 + mode: "0640" owner: resalloc group: resalloc with_items: @@ -160,7 +160,7 @@ copy: src: copr-prepare-s390x-image-builder dest: /usr/local/bin/copr-prepare-s390x-image-builder - mode: 0755 + mode: "0755" tags: - images_s390x @@ -173,6 +173,6 @@ dest: "{{ ibmcloud_token_file }}" owner: resalloc group: resalloc - mode: 0600 + mode: "0600" tags: - provision_config diff --git a/roles/copr/backend/tasks/setup_provisioning_environment.yml b/roles/copr/backend/tasks/setup_provisioning_environment.yml index 06c08d67fa..afcc385aff 100644 --- a/roles/copr/backend/tasks/setup_provisioning_environment.yml +++ b/roles/copr/backend/tasks/setup_provisioning_environment.yml @@ -35,7 +35,7 @@ template: src: "{{ roles_path }}/copr/backend/templates/provision/{{ item }}" dest: "{{ provision_directory }}/{{ item }}" - mode: 0755 + mode: "0755" with_items: - upload-qcow2-images tags: @@ -48,7 +48,7 @@ template: src: "{{ roles_path }}/copr/backend/templates/provision/{{ item }}" dest: "{{ provision_directory }}/{{ item }}" - mode: 0755 + mode: "0755" with_items: - libvirt-new tags: @@ -93,6 +93,6 @@ dest: "{{ provision_directory }}/.rc-osuosl.sh" owner: "{{ provision_user }}" group: "{{ provision_user }}" - mode: 0600 + mode: "0600" tags: - provision_config diff --git a/roles/copr/backend/templates/provision/aws_cloud_vars.yml b/roles/copr/backend/templates/provision/aws_cloud_vars.yml index 4dc4ec08a2..14a3e7b578 100644 --- a/roles/copr/backend/templates/provision/aws_cloud_vars.yml +++ b/roles/copr/backend/templates/provision/aws_cloud_vars.yml @@ -1,3 +1,4 @@ +--- aws_access_key: {{ copr_aws_access_key_id }} aws_secret_key: {{ copr_aws_secret_access_key }} diff --git a/roles/copr/backend/templates/resalloc/server.yaml b/roles/copr/backend/templates/resalloc/server.yaml index 5c74c918d6..ce9203541c 100644 --- a/roles/copr/backend/templates/resalloc/server.yaml +++ b/roles/copr/backend/templates/resalloc/server.yaml @@ -1,6 +1,7 @@ +--- db_url: 'postgresql://resalloc@/resalloc' logdir: '/var/log/resallocserver' # Listen only on localhost! hostname: 'localhost' -#port: 49100 -#loglevel: info +# port: 49100 +# loglevel: info diff --git a/roles/copr/base/tasks/main.yml b/roles/copr/base/tasks/main.yml index 92c225d419..8eaedbacfc 100644 --- a/roles/copr/base/tasks/main.yml +++ b/roles/copr/base/tasks/main.yml @@ -6,10 +6,10 @@ # again to late to do it here # - import_tasks: "{{ tasks_path }}/cloud_setup_basic.yml" # already included into the `base` role -#- import_tasks: "{{ tasks_path }}/postfix_basic.yml" +# - import_tasks: "{{ tasks_path }}/postfix_basic.yml" # To late to do it here ( -#- name: setup correct hostname for copr machine +# - name: setup correct hostname for copr machine # hostname: name="{{ copr_hostbase }}.cloud.fedoraproject.org" # # hostname: name="{{ hostbase|regex_replace('.*-$', '')}}.cloud.fedoraproject.org" # tags: diff --git a/roles/copr/certbot/tasks/letsencrypt.yml b/roles/copr/certbot/tasks/letsencrypt.yml index 9f938db43d..fcd1fdd65f 100644 --- a/roles/copr/certbot/tasks/letsencrypt.yml +++ b/roles/copr/certbot/tasks/letsencrypt.yml @@ -133,7 +133,7 @@ file: path: "{{ le_backup_path }}" # nobody, except for root, can step into this directory (on batcave) - mode: 0700 + mode: "0700" owner: root group: root state: directory diff --git a/roles/copr/certbot/tasks/main.yml b/roles/copr/certbot/tasks/main.yml index d25ced2407..b010b5d564 100644 --- a/roles/copr/certbot/tasks/main.yml +++ b/roles/copr/certbot/tasks/main.yml @@ -1,3 +1,4 @@ +--- - include_tasks: letsencrypt.yml when: - letsencrypt is defined diff --git a/roles/copr/dist_git/handlers/main.yml b/roles/copr/dist_git/handlers/main.yml index 59fb49c732..6ee64e7f0b 100644 --- a/roles/copr/dist_git/handlers/main.yml +++ b/roles/copr/dist_git/handlers/main.yml @@ -1,3 +1,4 @@ +--- - name: reload httpd service: name="httpd" state="restarted" diff --git a/roles/copr/dist_git/tasks/main.yml b/roles/copr/dist_git/tasks/main.yml index 7f029a2409..3177bad6ef 100644 --- a/roles/copr/dist_git/tasks/main.yml +++ b/roles/copr/dist_git/tasks/main.yml @@ -1,3 +1,4 @@ +--- - import_tasks: "mount_fs.yml" # pre-create users/groups and copy uids/gids from the current prod copr-dist-git diff --git a/roles/copr/dist_git/tasks/mount_fs.yml b/roles/copr/dist_git/tasks/mount_fs.yml index d04b0dd01a..f6fe458cb1 100644 --- a/roles/copr/dist_git/tasks/mount_fs.yml +++ b/roles/copr/dist_git/tasks/mount_fs.yml @@ -1,3 +1,4 @@ +--- - name: prepare mount point file: state=directory path=/var/lib/dist-git diff --git a/roles/copr/frontend/handlers/main.yml b/roles/copr/frontend/handlers/main.yml index 61f2f4a4a0..493a6b18e2 100644 --- a/roles/copr/frontend/handlers/main.yml +++ b/roles/copr/frontend/handlers/main.yml @@ -1,3 +1,4 @@ +--- - import_tasks: "{{ handlers_path }}/restart_services.yml" - name: restart postgresql diff --git a/roles/copr/frontend/tasks/main.yml b/roles/copr/frontend/tasks/main.yml index e7500519df..cdeb1470e3 100644 --- a/roles/copr/frontend/tasks/main.yml +++ b/roles/copr/frontend/tasks/main.yml @@ -4,7 +4,7 @@ - name: register security context for pgsql directory command: "ls -dZ /var/lib/pgsql" register: pgsql_ls - changed_when: False # `ls' command is not changing anything + changed_when: false # `ls' command is not changing anything - name: update selinux context for postgress db dir if it's wrong command: "restorecon -vvRF /var/lib/pgsql" @@ -47,7 +47,7 @@ copy: src: copr-frontend-prometheus-monitoring.py dest: /usr/bin/copr-frontend-prometheus-monitoring.py - mode: 0750 + mode: "0750" owner: root group: root tags: @@ -70,7 +70,7 @@ tags: - packages -#- name: patch for issue XXX +# - name: patch for issue XXX # patch: src=patches/xxx.patch # dest=/the/patched/file.py # tags: patches @@ -164,8 +164,8 @@ become: yes become_user: copr-fe register: update_indexes_required_result - changed_when: False - failed_when: False + changed_when: false + failed_when: false - name: rebuild indexes command: ./manage.py update_indexes @@ -229,7 +229,7 @@ dest: "/usr/bin/copr-cdn-check.py" src: "copr-cdn-check.py.j2" group: "nagios" - mode: 0750 + mode: "0750" vars: api_key: "{{ copr_uptimerobot_api_key_ro | default('not-configured') }}" tags: copr_cdn diff --git a/roles/copr/frontend/tasks/mount_fs.yml b/roles/copr/frontend/tasks/mount_fs.yml index e355d38ff6..7d9f2991ca 100644 --- a/roles/copr/frontend/tasks/mount_fs.yml +++ b/roles/copr/frontend/tasks/mount_fs.yml @@ -1,6 +1,6 @@ +--- - name: mount up disk of copr fe mount: name=/srv/copr-fe src='LABEL=copr-fe' fstype=ext4 state=mounted - name: mount up bind mount for postgres mount: src=/srv/copr-fe/pgsqldb name=/var/lib/pgsql fstype=auto opts=bind state=mounted - diff --git a/roles/copr/frontend/tasks/psql_setup.yml b/roles/copr/frontend/tasks/psql_setup.yml index d80a8fd06d..a866782299 100644 --- a/roles/copr/frontend/tasks/psql_setup.yml +++ b/roles/copr/frontend/tasks/psql_setup.yml @@ -1,3 +1,4 @@ +--- - name: install postresql package: state=present pkg={{ item }} with_items: @@ -131,7 +132,7 @@ dest: "{{ copr_fe_homedir }}/.psqlrc" owner: copr-fe group: copr-fe - mode: 0600 + mode: "0600" - name: install pgpass file copy: @@ -140,7 +141,7 @@ dest: "{{ copr_fe_homedir }}/.pgpass" owner: copr-fe group: copr-fe - mode: 0400 + mode: "0400" - stat: path="{{ copr_fe_homedir }}/.psql_history" register: history_file diff --git a/roles/copr/hypervisor/tasks/main.yml b/roles/copr/hypervisor/tasks/main.yml index 08c681deff..3cd9b44dcd 100644 --- a/roles/copr/hypervisor/tasks/main.yml +++ b/roles/copr/hypervisor/tasks/main.yml @@ -159,7 +159,7 @@ src: "{{ private }}/files/copr/buildsys.priv" dest: /home/copr/.ssh/id_rsa owner: copr - mode: 0600 + mode: "0600" - name: provide pub key, too, so we can install them to generated builder images copy: src=buildsys.pub dest=/home/copr/.ssh/id_rsa.pub diff --git a/roles/copr/keygen/tasks/setup_backup.yml b/roles/copr/keygen/tasks/setup_backup.yml index 7ac855dd74..69a03a0d58 100644 --- a/roles/copr/keygen/tasks/setup_backup.yml +++ b/roles/copr/keygen/tasks/setup_backup.yml @@ -1,3 +1,4 @@ +--- - name: ensure /backup dir file: path=/backup state=directory diff --git a/roles/debug_env/tasks/main.yml b/roles/debug_env/tasks/main.yml index 62d2efecd1..725017c2a0 100644 --- a/roles/debug_env/tasks/main.yml +++ b/roles/debug_env/tasks/main.yml @@ -3,5 +3,6 @@ # the env from ansible to see what variables and facts are. # Taken from https://coderwall.com/p/13lh6w # +--- - name: Dump all ansible vars template: src=dumpall.j2 dest=/tmp/debug_env.out diff --git a/roles/developer/build/tasks/main.yml b/roles/developer/build/tasks/main.yml index eb46bbf0ca..e76417be84 100644 --- a/roles/developer/build/tasks/main.yml +++ b/roles/developer/build/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Create directories file: state=directory path=/srv/web/{{item}} diff --git a/roles/developer/website/tasks/main.yml b/roles/developer/website/tasks/main.yml index 2e44d6cf7f..98a1d93af2 100644 --- a/roles/developer/website/tasks/main.yml +++ b/roles/developer/website/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-developer cronjob copy: src=cron-sync-developer dest=/etc/cron.d/sync-developer tags: diff --git a/roles/distgit/templates/repospanner-admin.yml b/roles/distgit/templates/repospanner-admin.yml index 460bc30c55..5a2744761b 100644 --- a/roles/distgit/templates/repospanner-admin.yml +++ b/roles/distgit/templates/repospanner-admin.yml @@ -4,4 +4,3 @@ admin: ca: /etc/pagure/ca.crt cert: /etc/pagure/fedora_rpms_admin.crt key: /etc/pagure/fedora_rpms_admin.key - diff --git a/roles/dns/tasks/main.yml b/roles/dns/tasks/main.yml index 1665d5f065..16e880d7d0 100644 --- a/roles/dns/tasks/main.yml +++ b/roles/dns/tasks/main.yml @@ -49,7 +49,7 @@ - config - dns -#- name: create GeoIP acl +# - name: create GeoIP acl # command: /var/named/GeoIP.sh # changed_when: "1 != 1" # notify: diff --git a/roles/docker-distribution/defaults/main.yml b/roles/docker-distribution/defaults/main.yml index db9b6fc09b..4bb6ff249e 100644 --- a/roles/docker-distribution/defaults/main.yml +++ b/roles/docker-distribution/defaults/main.yml @@ -7,7 +7,7 @@ conf_path: "/etc/docker-distribution/registry/config.yml" # Config directives tls: - enabled: False + enabled: false certificate: "PATH_TO_CERT" key: "PATH_TO_KEY" log: @@ -28,4 +28,3 @@ cert: cert_dest: "ca.crt" key_src: "ca.key" key_dest: "ca.key" - diff --git a/roles/docker-distribution/meta/main.yml b/roles/docker-distribution/meta/main.yml index dd81a88341..b84ee60bae 100644 --- a/roles/docker-distribution/meta/main.yml +++ b/roles/docker-distribution/meta/main.yml @@ -20,18 +20,18 @@ galaxy_info: # the ones that apply to your role. If you don't see your # platform on this list, let us know and we'll get it added! # - #platforms: - #- name: EL + # platforms: + # - name: EL # versions: # - all # - 5 # - 6 # - 7 - #- name: GenericUNIX + # - name: GenericUNIX # versions: # - all # - any - #- name: Solaris + # - name: Solaris # versions: # - all # - 10 @@ -39,7 +39,7 @@ galaxy_info: # - 11.1 # - 11.2 # - 11.3 - #- name: Fedora + # - name: Fedora # versions: # - all # - 16 @@ -49,15 +49,15 @@ galaxy_info: # - 20 # - 21 # - 22 - #- name: Windows + # - name: Windows # versions: # - all # - 2012R2 - #- name: SmartOS + # - name: SmartOS # versions: # - all # - any - #- name: opensuse + # - name: opensuse # versions: # - all # - 12.1 @@ -65,16 +65,16 @@ galaxy_info: # - 12.3 # - 13.1 # - 13.2 - #- name: Amazon + # - name: Amazon # versions: # - all # - 2013.03 # - 2013.09 - #- name: GenericBSD + # - name: GenericBSD # versions: # - all # - any - #- name: FreeBSD + # - name: FreeBSD # versions: # - all # - 8.0 @@ -86,7 +86,7 @@ galaxy_info: # - 9.1 # - 9.1 # - 9.2 - #- name: Ubuntu + # - name: Ubuntu # versions: # - all # - lucid @@ -100,7 +100,7 @@ galaxy_info: # - trusty # - utopic # - vivid - #- name: SLES + # - name: SLES # versions: # - all # - 10SP3 @@ -109,11 +109,11 @@ galaxy_info: # - 11SP1 # - 11SP2 # - 11SP3 - #- name: GenericLinux + # - name: GenericLinux # versions: # - all # - any - #- name: Debian + # - name: Debian # versions: # - all # - etch @@ -125,23 +125,22 @@ galaxy_info: # Below are all categories currently available. Just as with # the platforms above, uncomment those that apply to your role. # - #categories: - #- cloud - #- cloud:ec2 - #- cloud:gce - #- cloud:rax - #- clustering - #- database - #- database:nosql - #- database:sql - #- development - #- monitoring - #- networking - #- packaging - #- system - #- web + # categories: + # - cloud + # - cloud:ec2 + # - cloud:gce + # - cloud:rax + # - clustering + # - database + # - database:nosql + # - database:sql + # - development + # - monitoring + # - networking + # - packaging + # - system + # - web dependencies: [] # List your role dependencies here, one per line. # Be sure to remove the '[]' above if you add dependencies # to this list. - diff --git a/roles/download/tasks/main.yml b/roles/download/tasks/main.yml index a5857c1660..206f5c91bb 100644 --- a/roles/download/tasks/main.yml +++ b/roles/download/tasks/main.yml @@ -104,18 +104,18 @@ - name: Set tcp read buffers higher for download improvements sysctl: - name: net.ipv4.tcp_rmem - value: "4096 131072 67108864" - sysctl_file: /etc/sysctl.d/10-tcp-socket-buffers.conf + name: net.ipv4.tcp_rmem + value: "4096 131072 67108864" + sysctl_file: /etc/sysctl.d/10-tcp-socket-buffers.conf tags: - service - config - name: Set tcp write buffers higher for download improvements sysctl: - name: net.ipv4.tcp_wmem - value: "4096 16384 67108864" - sysctl_file: /etc/sysctl.d/10-tcp-socket-buffers.conf + name: net.ipv4.tcp_wmem + value: "4096 16384 67108864" + sysctl_file: /etc/sysctl.d/10-tcp-socket-buffers.conf tags: - service - config diff --git a/roles/easyfix/proxy/tasks/main.yml b/roles/easyfix/proxy/tasks/main.yml index 203597ccbb..c64b023df8 100644 --- a/roles/easyfix/proxy/tasks/main.yml +++ b/roles/easyfix/proxy/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Ensure dir for content exists file: dest=/srv/web/gather-easyfix owner=root group=root mode=0755 state=directory tags: diff --git a/roles/fas2discourse/default/main.yml b/roles/fas2discourse/default/main.yml index 27c52dd15e..41a9db6211 100644 --- a/roles/fas2discourse/default/main.yml +++ b/roles/fas2discourse/default/main.yml @@ -1,3 +1,4 @@ +--- fas2discourse_hostname: "fas2discourse.hostna.me" fas2discourse_namespace: "fas2discourse-operator" fas2discourse_project_description: "The fas2discourse-operator is responsible for synchronising group membership for users between Discourse and IPA." diff --git a/roles/fas2discourse/tasks/administration-tasks.yml b/roles/fas2discourse/tasks/administration-tasks.yml index 0d42ecf4af..6b0411e7a2 100644 --- a/roles/fas2discourse/tasks/administration-tasks.yml +++ b/roles/fas2discourse/tasks/administration-tasks.yml @@ -5,11 +5,10 @@ state: directory owner: root group: root - mode: 0770 + mode: "0770" recurse: yes - include_tasks: create-operator-namespace.yml - include_tasks: create-keytab-secret.yml - include_tasks: create-discourse-apikey-secret.yml - include_tasks: deploy-fas2discourse-operator.yml - diff --git a/roles/fas2discourse/tasks/create-discourse-apikey-secret.yml b/roles/fas2discourse/tasks/create-discourse-apikey-secret.yml index b1edf28634..dd0c4edfa7 100644 --- a/roles/fas2discourse/tasks/create-discourse-apikey-secret.yml +++ b/roles/fas2discourse/tasks/create-discourse-apikey-secret.yml @@ -4,9 +4,8 @@ template: src: "secret-discourse-apikey.yml" dest: "/root/ocp4/openshift-apps/fas2discourse-operator/secret-discourse-apikey.yml" - mode: 0770 + mode: "0770" # apply created openshift resources - name: oc apply resources command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/secret-discourse-apikey.yml" - diff --git a/roles/fas2discourse/tasks/create-keytab-secret.yml b/roles/fas2discourse/tasks/create-keytab-secret.yml index 0c5bb505d9..5fc7366083 100644 --- a/roles/fas2discourse/tasks/create-keytab-secret.yml +++ b/roles/fas2discourse/tasks/create-keytab-secret.yml @@ -4,15 +4,15 @@ ansible.builtin.fetch: src: "/etc/openshift_apps/fas2discourse/fas2discourse{{ env_suffix }}-keytab.kt" dest: "/etc/openshift_apps/fas2discourse/fas2discourse{{ env_suffix }}-keytab.kt" - flat: True - mode: 0600 + flat: true + mode: "0600" # generate the templates for project to be created - name: copy the templates to the host template: src: "secret-keytab.yml" dest: "/root/ocp4/openshift-apps/fas2discourse-operator/secret-keytab.yml" - mode: 0770 + mode: "0770" vars: fas2discourse_keytab_file: "{{ lookup('file', @@ -22,4 +22,3 @@ # apply created openshift resources - name: oc apply resources command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/secret-keytab.yml" - diff --git a/roles/fas2discourse/tasks/create-keytab.yml b/roles/fas2discourse/tasks/create-keytab.yml index d45c1b65b8..ba0a44383d 100644 --- a/roles/fas2discourse/tasks/create-keytab.yml +++ b/roles/fas2discourse/tasks/create-keytab.yml @@ -6,7 +6,7 @@ state: directory owner: root group: root - mode: 0750 + mode: "0750" tags: - create-keytab @@ -21,4 +21,3 @@ host: "{{ fas2discourse_hostname }}" tags: - create-keytab - diff --git a/roles/fas2discourse/tasks/create-operator-namespace.yml b/roles/fas2discourse/tasks/create-operator-namespace.yml index 3901a115de..e94fcf6088 100644 --- a/roles/fas2discourse/tasks/create-operator-namespace.yml +++ b/roles/fas2discourse/tasks/create-operator-namespace.yml @@ -4,7 +4,7 @@ template: src: "namespace.yml" dest: "/root/ocp4/openshift-apps/fas2discourse-operator/namespace.yml" - mode: 0770 + mode: "0770" # apply created openshift resources - name: oc apply resources diff --git a/roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml b/roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml index 471b8a7ffd..ef06f10504 100644 --- a/roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml +++ b/roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml @@ -15,4 +15,3 @@ make: chdir: "/root/ocp4/openshift-apps/fas2discourse-operator/fas2discourse-operator/" target: "deploy" - diff --git a/roles/fas2discourse/templates/namespace.yml b/roles/fas2discourse/templates/namespace.yml index 5c19265736..e7a2e66144 100644 --- a/roles/fas2discourse/templates/namespace.yml +++ b/roles/fas2discourse/templates/namespace.yml @@ -6,4 +6,3 @@ metadata: annotations: openshift.io/description: "{{ fas2discourse_project_description }}" openshift.io/display-name: "{{ fas2discourse_namespace }}" - diff --git a/roles/fas2discourse/templates/secret-discourse-apikey.yml b/roles/fas2discourse/templates/secret-discourse-apikey.yml index 9bc0a861d4..b7f47ecd1d 100644 --- a/roles/fas2discourse/templates/secret-discourse-apikey.yml +++ b/roles/fas2discourse/templates/secret-discourse-apikey.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: @@ -12,4 +13,3 @@ data: "{{ (env == 'production')|ternary(fas2discourse_fasjson_hostname, fas2discourse_stg_fasjson_hostname) | b64encode }}" fas2discourse-principal: "{{ (env == 'production')|ternary(fas2discourse_principal, fas2discourse_stg_principal) | b64encode }}" - diff --git a/roles/fas2discourse/templates/secret-keytab.yml b/roles/fas2discourse/templates/secret-keytab.yml index af56bb3727..a4b426668e 100644 --- a/roles/fas2discourse/templates/secret-keytab.yml +++ b/roles/fas2discourse/templates/secret-keytab.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: @@ -6,4 +7,3 @@ metadata: data: fas2discourse-keytab: "{{ fas2discourse_keytab_file | b64encode }}" - diff --git a/roles/fasjson/tasks/main.yml b/roles/fasjson/tasks/main.yml index 17a282bbd7..6f5af41058 100644 --- a/roles/fasjson/tasks/main.yml +++ b/roles/fasjson/tasks/main.yml @@ -33,4 +33,3 @@ - config - fasjson when: fasjson_aliases is defined - diff --git a/roles/fedmsg/crl/tasks/main.yml b/roles/fedmsg/crl/tasks/main.yml index 8efd0219ce..6194ea6881 100644 --- a/roles/fedmsg/crl/tasks/main.yml +++ b/roles/fedmsg/crl/tasks/main.yml @@ -3,6 +3,7 @@ # repo and throw it into fedoraproject.org/fedmsg/crl.pem # See https://infrastructure.fedoraproject.org/infra/docs/fedmsg-certs.txt +--- - name: Ensure dir for content exists file: dest=/srv/web/fedmsg owner=apache group=apache mode=0755 state=directory tags: diff --git a/roles/fedmsg/gateway/slave/tasks/main.yml b/roles/fedmsg/gateway/slave/tasks/main.yml index be5a0551c4..c1c9d57b05 100644 --- a/roles/fedmsg/gateway/slave/tasks/main.yml +++ b/roles/fedmsg/gateway/slave/tasks/main.yml @@ -27,7 +27,7 @@ when: (ansible_distribution_major_version|int >= 30 and ansible_distribution == 'Fedora') or (ansible_distribution == 'RedHat' and ansible_distribution_major_version|int >= 8) -#- name: Apply fixing patch +# - name: Apply fixing patch # patch: src=fixup.patch dest=/usr/lib/python2.7/site-packages/fedmsg/consumers/__init__.py # tags: # - packages @@ -135,4 +135,3 @@ ignore_errors: true tags: - fedmsgmonitor - diff --git a/roles/fedmsg/gateway/tasks/main.yml b/roles/fedmsg/gateway/tasks/main.yml index 131f70e21f..361a40f946 100644 --- a/roles/fedmsg/gateway/tasks/main.yml +++ b/roles/fedmsg/gateway/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: install fedmsg-gateway package: name=fedmsg-gateway state=present tags: diff --git a/roles/fedmsg/hub/defaults/main.yml b/roles/fedmsg/hub/defaults/main.yml index baf63f63e1..8b9baeb527 100644 --- a/roles/fedmsg/hub/defaults/main.yml +++ b/roles/fedmsg/hub/defaults/main.yml @@ -1,9 +1,10 @@ # This is false by default. You have to override it when including the role. -enable_websocket_server: False +--- +enable_websocket_server: false # Absolute memory limit in megabytes for fedmsg-hub and fedmsg-bub-3 # services. Zero means infinity (no limit). fedmsg_hub_memory_limit_mb: 0 # Restart fedmsg-hub.service on failure. -fedmsg_hub_auto_restart: False +fedmsg_hub_auto_restart: false diff --git a/roles/fedmsg/irc/tasks/main.yml b/roles/fedmsg/irc/tasks/main.yml index 602d25eac9..c8203e150f 100644 --- a/roles/fedmsg/irc/tasks/main.yml +++ b/roles/fedmsg/irc/tasks/main.yml @@ -1,4 +1,4 @@ - +--- - name: install package for fedmsg-irc package: state: present diff --git a/roles/fedmsg/relay/tasks/main.yml b/roles/fedmsg/relay/tasks/main.yml index b9be02d76e..39b0c2dd72 100644 --- a/roles/fedmsg/relay/tasks/main.yml +++ b/roles/fedmsg/relay/tasks/main.yml @@ -1,6 +1,7 @@ # This is a *very* simple role. The config needed for fedmsg-relay to operate # correctly is actually included as part of the fedmsg/base role. +--- - name: install fedmsg-relay (yum) package: name=fedmsg-relay state=present tags: diff --git a/roles/fedora-budget/build/tasks/main.yml b/roles/fedora-budget/build/tasks/main.yml index 48bd99e3b5..55bf06de4e 100644 --- a/roles/fedora-budget/build/tasks/main.yml +++ b/roles/fedora-budget/build/tasks/main.yml @@ -1,3 +1,4 @@ +--- - file: dest=/srv/web/budget.fedoraproject.org state=directory - template: > diff --git a/roles/fedora-budget/proxy/tasks/main.yml b/roles/fedora-budget/proxy/tasks/main.yml index 6296c7e20d..d9add06158 100644 --- a/roles/fedora-budget/proxy/tasks/main.yml +++ b/roles/fedora-budget/proxy/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-budget cronjob copy: src=cron-sync-budget dest=/etc/cron.d/sync-budget tags: diff --git a/roles/fedora-docs/build/tasks/main.yml b/roles/fedora-docs/build/tasks/main.yml index d13bd20ea0..11e51cb073 100644 --- a/roles/fedora-docs/build/tasks/main.yml +++ b/roles/fedora-docs/build/tasks/main.yml @@ -1,3 +1,4 @@ +--- - template: > src=docs-sync.j2 dest=/usr/local/bin/docs-sync owner=root group=root mode=0755 diff --git a/roles/fedora-docs/proxy/tasks/main.yml b/roles/fedora-docs/proxy/tasks/main.yml index c82925152c..42ecb66f25 100644 --- a/roles/fedora-docs/proxy/tasks/main.yml +++ b/roles/fedora-docs/proxy/tasks/main.yml @@ -1,3 +1,4 @@ +--- - copy: > src=docs-rsync.stg dest=/usr/local/bin/docs-rsync owner=root group=root mode=0755 diff --git a/roles/fedora-docs/translation/tasks/main.yml b/roles/fedora-docs/translation/tasks/main.yml index d8e5f3a530..e7834084d5 100644 --- a/roles/fedora-docs/translation/tasks/main.yml +++ b/roles/fedora-docs/translation/tasks/main.yml @@ -54,7 +54,7 @@ dest: ~_update_docs_trans/.ssh/config owner: _update_docs_trans group: _update_docs_trans - mode: 0644 + mode: "0644" tags: - fedora-docs-translation @@ -63,7 +63,7 @@ dest: /usr/local/bin/docs-translation-update owner: root group: root - mode: 0755 + mode: "0755" tags: - fedora-docs-translation @@ -72,7 +72,7 @@ dest: /etc/cron.d/cron-docs-translation-update owner: root group: root - mode: 0644 + mode: "0644" tags: - fedora-docs-translation when: env == "production" and inventory_hostname.startswith('sundries01') diff --git a/roles/fedora-messaging-utils/tasks/crontab_path.yml b/roles/fedora-messaging-utils/tasks/crontab_path.yml index b7e3cd62c2..ae05755933 100644 --- a/roles/fedora-messaging-utils/tasks/crontab_path.yml +++ b/roles/fedora-messaging-utils/tasks/crontab_path.yml @@ -2,6 +2,7 @@ # Ensure PATH in /etc/crontab contains /usr/local/bin ##################################################### +--- - name: check if PATH is set in crontab lineinfile: path: /etc/crontab diff --git a/roles/fedora-messaging-utils/tasks/main.yml b/roles/fedora-messaging-utils/tasks/main.yml index 33575f31f5..06474d3517 100644 --- a/roles/fedora-messaging-utils/tasks/main.yml +++ b/roles/fedora-messaging-utils/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: install messaging script for our improvized tracing copy: src=simple_message_to_bus dest=/usr/local/bin/ mode=0755 tags: diff --git a/roles/fedora-web/alt/tasks/main.yml b/roles/fedora-web/alt/tasks/main.yml index c64d4ed503..3a6c748195 100644 --- a/roles/fedora-web/alt/tasks/main.yml +++ b/roles/fedora-web/alt/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-alt cronjob copy: src=cron-sync-alt dest=/etc/cron.d/sync-alt tags: diff --git a/roles/fedora-web/candidate-registry/tasks/main.yml b/roles/fedora-web/candidate-registry/tasks/main.yml index 60621934cc..1c987717cf 100644 --- a/roles/fedora-web/candidate-registry/tasks/main.yml +++ b/roles/fedora-web/candidate-registry/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy over the registry passwd copy: src="{{private}}/files/docker-registry/{{env}}/candidate-htpasswd" dest=/etc/httpd/conf.d/candidate-registry.fedoraproject.org/passwd owner=root group=root mode=0644 diff --git a/roles/fedora-web/codecs/tasks/main.yml b/roles/fedora-web/codecs/tasks/main.yml index 571f8bb8d0..ff446f78a6 100644 --- a/roles/fedora-web/codecs/tasks/main.yml +++ b/roles/fedora-web/codecs/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-labs cronjob copy: src=cron-sync-codecs dest=/etc/cron.d/sync-codecs tags: diff --git a/roles/fedora-web/community/tasks/main.yml b/roles/fedora-web/community/tasks/main.yml index 766c1b1491..f0dec4bc9c 100644 --- a/roles/fedora-web/community/tasks/main.yml +++ b/roles/fedora-web/community/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-community cronjob copy: src=cron-sync-community dest=/etc/cron.d/sync-community tags: diff --git a/roles/fedora-web/fedora.im/tasks/main.yml b/roles/fedora-web/fedora.im/tasks/main.yml index f60fec9b2d..e589b7b80b 100644 --- a/roles/fedora-web/fedora.im/tasks/main.yml +++ b/roles/fedora-web/fedora.im/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: make /srv/web/fedora.im dir file: state=directory path=/srv/web/fedora.im diff --git a/roles/fedora-web/flocktofedora/tasks/main.yml b/roles/fedora-web/flocktofedora/tasks/main.yml index 38bcc70102..87ee4e16aa 100644 --- a/roles/fedora-web/flocktofedora/tasks/main.yml +++ b/roles/fedora-web/flocktofedora/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-flocktofedora cronjob copy: src=cron-sync-flocktofedora dest=/etc/cron.d/sync-flocktofedora tags: diff --git a/roles/fedora-web/getfedora/tasks/main.yml b/roles/fedora-web/getfedora/tasks/main.yml index e73b75ce3b..c887f87f0a 100644 --- a/roles/fedora-web/getfedora/tasks/main.yml +++ b/roles/fedora-web/getfedora/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-getfedora cronjob copy: src=cron-sync-getfedora dest=/etc/cron.d/sync-getfedora tags: diff --git a/roles/fedora-web/iot/tasks/main.yml b/roles/fedora-web/iot/tasks/main.yml index db6551e53f..345b8206f0 100644 --- a/roles/fedora-web/iot/tasks/main.yml +++ b/roles/fedora-web/iot/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-iot cronjob copy: src=cron-sync-iot dest=/etc/cron.d/sync-iot tags: diff --git a/roles/fedora-web/labs/tasks/main.yml b/roles/fedora-web/labs/tasks/main.yml index 0a8b4abd47..a39e74bcb7 100644 --- a/roles/fedora-web/labs/tasks/main.yml +++ b/roles/fedora-web/labs/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-labs cronjob copy: src=cron-sync-labs dest=/etc/cron.d/sync-labs tags: diff --git a/roles/fedora-web/main/tasks/main.yml b/roles/fedora-web/main/tasks/main.yml index 920913ad95..82b8cf2ba1 100644 --- a/roles/fedora-web/main/tasks/main.yml +++ b/roles/fedora-web/main/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Install needed packages package: state: present @@ -29,7 +30,7 @@ template: src: fedoraproject-sync dest: /usr/local/sbin/fedoraproject-sync - mode: 0700 + mode: "0700" tags: - fedora-web - fedora-web/main @@ -166,7 +167,7 @@ src: .well-known-org.flathub.VerifiedApps.txt owner: root group: root - mode: 0644 + mode: "0644" setype: httpd_sys_content_t tags: - fedora-web diff --git a/roles/fedora-web/mirrors/tasks/main.yml b/roles/fedora-web/mirrors/tasks/main.yml index a0ae332d72..eef555b68b 100644 --- a/roles/fedora-web/mirrors/tasks/main.yml +++ b/roles/fedora-web/mirrors/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-mirrors cronjob copy: src=cron-sync-mirrors dest=/etc/cron.d/sync-mirrors tags: diff --git a/roles/fedora-web/ols/tasks/main.yml b/roles/fedora-web/ols/tasks/main.yml index 7c9aa60348..57db90038f 100644 --- a/roles/fedora-web/ols/tasks/main.yml +++ b/roles/fedora-web/ols/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy some config files for {{website}} copy: > src={{item}} dest=/etc/httpd/conf.d/{{website}}/{{item}} diff --git a/roles/fedora-web/ostree/tasks/main.yml b/roles/fedora-web/ostree/tasks/main.yml index 860844d64a..e1b76f6b1f 100644 --- a/roles/fedora-web/ostree/tasks/main.yml +++ b/roles/fedora-web/ostree/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy ostree config file copy: src=ostree.conf dest=/etc/httpd/conf.d/ostree.fedoraproject.org/ostree.conf notify: diff --git a/roles/fedora-web/registry/tasks/main.yml b/roles/fedora-web/registry/tasks/main.yml index 384d760116..3c4cc18e34 100644 --- a/roles/fedora-web/registry/tasks/main.yml +++ b/roles/fedora-web/registry/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: make registry-signatures dir file: state=directory path=/srv/web/registry-signatures owner=apache group=sysadmin-releng mode=2775 setype=httpd_sys_content_t seuser=system_u tags: diff --git a/roles/fedora-web/src/tasks/main.yml b/roles/fedora-web/src/tasks/main.yml index fbe8e87d16..5fe2cb9a2a 100644 --- a/roles/fedora-web/src/tasks/main.yml +++ b/roles/fedora-web/src/tasks/main.yml @@ -1,4 +1,5 @@ # For info, check roles/httpd/reverseproxy/templates/reversepassproxy.src.conf +--- - name: Install mod_auth_gssapi package: name=mod_auth_gssapi state=present diff --git a/roles/fedora-web/start/tasks/main.yml b/roles/fedora-web/start/tasks/main.yml index 5979715157..72899d168a 100644 --- a/roles/fedora-web/start/tasks/main.yml +++ b/roles/fedora-web/start/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-start cronjob copy: src=cron-sync-start dest=/etc/cron.d/sync-start tags: diff --git a/roles/fedora-web/translation/tasks/main.yml b/roles/fedora-web/translation/tasks/main.yml index aa217efda8..b132f5fde5 100644 --- a/roles/fedora-web/translation/tasks/main.yml +++ b/roles/fedora-web/translation/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Install packages package: name: @@ -32,7 +33,7 @@ dest: ~_update_web_trans/.gitconfig owner: _update_web_trans group: _update_web_trans - mode: 0644 + mode: "0644" tags: - fedora-web-translation @@ -41,16 +42,16 @@ dest: ~_update_web_trans/.ssh/config owner: _update_web_trans group: _update_web_trans - mode: 0644 + mode: "0644" tags: - fedora-web-translation - + - copy: src: web-translation-update dest: /usr/local/bin/web-translation-update owner: root group: root - mode: 0755 + mode: "0755" tags: - fedora-web-translation @@ -59,7 +60,7 @@ dest: /etc/cron.d/cron-web-translation-update owner: root group: root - mode: 0644 + mode: "0644" tags: - fedora-web-translation when: env == "production" and inventory_hostname.startswith('sundries01') diff --git a/roles/fedora_nightlies/defaults/main.yml b/roles/fedora_nightlies/defaults/main.yml index e974df5473..e6314ad66b 100644 --- a/roles/fedora_nightlies/defaults/main.yml +++ b/roles/fedora_nightlies/defaults/main.yml @@ -1,3 +1,4 @@ +--- fedora_nightlies_amqp_passive: false fedora_nightlies_amqp_url: "amqps://fedora:@rabbitmq.fedoraproject.org/%2Fpublic_pubsub" fedora_nightlies_amqp_cacert: /etc/fedora-messaging/cacert.pem diff --git a/roles/fedora_nightlies/handlers/main.yml b/roles/fedora_nightlies/handlers/main.yml index 3a1025227c..243c67c3bf 100644 --- a/roles/fedora_nightlies/handlers/main.yml +++ b/roles/fedora_nightlies/handlers/main.yml @@ -1,4 +1,5 @@ # Restart handler for our fedora-messaging consumers +--- - name: Conditionally restart fedora_nightlies consumer service command: /usr/local/bin/conditional-restart.sh fm-consumer@fedora_nightlies listen: diff --git a/roles/fedora_nightlies/tasks/main.yml b/roles/fedora_nightlies/tasks/main.yml index fb2b2f8fac..10fce4b9bd 100644 --- a/roles/fedora_nightlies/tasks/main.yml +++ b/roles/fedora_nightlies/tasks/main.yml @@ -74,6 +74,7 @@ ## fedora_nightlies default will be used +--- - name: Install required packages package: # 'relval' itself is needed as we call it directly for size @@ -105,7 +106,7 @@ - name: Create /etc/pki/fedora-messaging file: dest: /etc/pki/fedora-messaging - mode: 0775 + mode: "0775" owner: root group: root state: directory @@ -119,7 +120,7 @@ copy: src: "{{ private }}/files/rabbitmq/production/pki/issued/openqa.crt" dest: /etc/pki/fedora-messaging/openqa-cert.pem - mode: 0644 + mode: "0644" owner: root group: root when: "deployment_type is defined" @@ -134,7 +135,7 @@ copy: src: "{{ private }}/files/rabbitmq/production/pki/private/openqa.key" dest: /etc/pki/fedora-messaging/openqa-key.pem - mode: 0640 + mode: "0640" owner: root group: geekotest when: "deployment_type is defined" diff --git a/roles/fedoraloveskde/build/tasks/main.yml b/roles/fedoraloveskde/build/tasks/main.yml index cfe560059c..ddef86bd6d 100644 --- a/roles/fedoraloveskde/build/tasks/main.yml +++ b/roles/fedoraloveskde/build/tasks/main.yml @@ -1,10 +1,11 @@ +--- - name: Create directories file: state: directory path: "/srv/web/{{item}}" owner: apache group: apache - mode: 0755 + mode: "0755" setype: httpd_sys_content_t seuser: system_u with_items: @@ -19,7 +20,7 @@ dest: /usr/local/bin/sync{{item}} owner: root group: root - mode: 0755 + mode: "0755" with_items: - fedoraloveskde tags: @@ -32,7 +33,7 @@ dest: "/usr/local/bin/{{item}}" owner: root group: root - mode: 0755 + mode: "0755" with_items: - syncfedoraloveskde tags: @@ -44,7 +45,7 @@ dest: "/etc/cron.d/{{item}}.cron" owner: root group: root - mode: 0644 + mode: "0644" with_items: - syncfedoraloveskde tags: diff --git a/roles/fedoraloveskde/website/tasks/main.yml b/roles/fedoraloveskde/website/tasks/main.yml index b23fc76dfb..3f4eb6ff75 100644 --- a/roles/fedoraloveskde/website/tasks/main.yml +++ b/roles/fedoraloveskde/website/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the sync-fedoraloveskde cronjob copy: src: "cron-sync-{{item}}" @@ -13,7 +14,7 @@ dest: "/etc/httpd/conf.d/{{website}}/{{item}}" owner: root group: root - mode: 0644 + mode: "0644" with_items: - fedoraloveskde.conf notify: diff --git a/roles/flatpak-cache/tasks/main.yml b/roles/flatpak-cache/tasks/main.yml index bce57c8a78..51ae84df78 100644 --- a/roles/flatpak-cache/tasks/main.yml +++ b/roles/flatpak-cache/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: install packages needed package: name={{ item }} state=present with_items: @@ -15,7 +16,7 @@ state: directory owner: squid group: squid - mode: 0755 + mode: "0755" tags: - flatpak-cache - config @@ -26,7 +27,7 @@ state: directory owner: squid group: squid - mode: 0755 + mode: "0755" tags: - flatpak-cache - config @@ -43,7 +44,7 @@ dest: /etc/pki/squid/ owner: squid group: squid - mode: 0640 + mode: "0640" with_items: - "{{private}}/files/flatpak-cache-certs/production/pki/ca.crt" - "{{private}}/files/flatpak-cache-certs/production/pki/private/ca.key" diff --git a/roles/geoip-city-wsgi/proxy/tasks/main.yml b/roles/geoip-city-wsgi/proxy/tasks/main.yml index 39db649c59..709e9b693d 100644 --- a/roles/geoip-city-wsgi/proxy/tasks/main.yml +++ b/roles/geoip-city-wsgi/proxy/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy in the proxy conf template: > src=geoip-city-wsgi-proxy.conf diff --git a/roles/geoip/tasks/main.yml b/roles/geoip/tasks/main.yml index f1e872eb19..735149a161 100644 --- a/roles/geoip/tasks/main.yml +++ b/roles/geoip/tasks/main.yml @@ -18,24 +18,24 @@ state: directory owner: root group: root - mode: 0755 + mode: "0755" tags: - geoip - name: push over the older geoip db copy: src={{ item }} dest=/usr/share/GeoIP/ with_fileglob: - - "{{ bigfiles }}/geoip/*.dat" + - "{{ bigfiles }}/geoip/*.dat" tags: - geoip - name: push over the newer geoip db copy: src={{ item }} dest=/usr/share/GeoIP/ with_fileglob: - - "{{ bigfiles }}/geoip/*.mmdb" + - "{{ bigfiles }}/geoip/*.mmdb" tags: - geoip # comment out 2022-05-19. Script does not work since 2018. -#- name: geoip syncing script via cron +# - name: geoip syncing script via cron # copy: src=geoip_sync dest=/etc/cron.d/geoip_sync mode=0644 diff --git a/roles/git/checks/tasks/main.yml b/roles/git/checks/tasks/main.yml index c4b49b3e9e..55f14b534d 100644 --- a/roles/git/checks/tasks/main.yml +++ b/roles/git/checks/tasks/main.yml @@ -26,4 +26,3 @@ tags: - git - git/checks - diff --git a/roles/git/hooks/tasks/main.yml b/roles/git/hooks/tasks/main.yml index d87ab45fa9..7c79a2f5af 100644 --- a/roles/git/hooks/tasks/main.yml +++ b/roles/git/hooks/tasks/main.yml @@ -6,7 +6,7 @@ state: present name: - git - #- moreutils + # - moreutils - python3-kitchen - python3-pygit2 - fedora-messaging diff --git a/roles/haproxy/rewrite/tasks/main.yml b/roles/haproxy/rewrite/tasks/main.yml index 33b2eae508..7f2fa7f11f 100644 --- a/roles/haproxy/rewrite/tasks/main.yml +++ b/roles/haproxy/rewrite/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Make directory for the config files for {{website}} we are about to copy file: path=/etc/httpd/conf.d/{{website}} state=directory owner=root group=root mode=0755 tags: diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml index 564c5e3c1c..dff61ca1d5 100644 --- a/roles/haproxy/tasks/main.yml +++ b/roles/haproxy/tasks/main.yml @@ -120,4 +120,3 @@ service: name=haproxy state=started enabled=yes tags: - haproxy - diff --git a/roles/httpd/certificate/tasks/main.yml b/roles/httpd/certificate/tasks/main.yml index afad02c105..0553ff9856 100644 --- a/roles/httpd/certificate/tasks/main.yml +++ b/roles/httpd/certificate/tasks/main.yml @@ -4,6 +4,7 @@ # - cert: # - key: +--- - name: Copy over SSLCertificateChainFile if defined copy: > src={{private}}/files/httpd/{{SSLCertificateChainFile}} diff --git a/roles/httpd/certificate/vars/main.yml b/roles/httpd/certificate/vars/main.yml index 46dde4dd79..1d4eed5c7f 100644 --- a/roles/httpd/certificate/vars/main.yml +++ b/roles/httpd/certificate/vars/main.yml @@ -1,2 +1,3 @@ +--- cert: this-file-does-not-exist-and-must-be-overridden key: this-file-does-not-exist-and-must-be-overridden diff --git a/roles/httpd/domainrewrite/tasks/main.yml b/roles/httpd/domainrewrite/tasks/main.yml index cfa58c8ccf..d0778ded4a 100644 --- a/roles/httpd/domainrewrite/tasks/main.yml +++ b/roles/httpd/domainrewrite/tasks/main.yml @@ -5,6 +5,7 @@ # - target.. # - status.. +--- - name: Copy in domain rewrite for {{destname}} ({{website}}{{path}}) template: > src={{item}} diff --git a/roles/httpd/domainrewrite/vars/main.yml b/roles/httpd/domainrewrite/vars/main.yml index 0191513219..a5d59d1cc5 100644 --- a/roles/httpd/domainrewrite/vars/main.yml +++ b/roles/httpd/domainrewrite/vars/main.yml @@ -1,2 +1,3 @@ +--- path: ^/$ status: 302 diff --git a/roles/httpd/fingerprints/tasks/main.yml b/roles/httpd/fingerprints/tasks/main.yml index 24b9d3f044..36f4c27c1d 100644 --- a/roles/httpd/fingerprints/tasks/main.yml +++ b/roles/httpd/fingerprints/tasks/main.yml @@ -1,3 +1,4 @@ +--- - copy: src=fingerprints.html dest=/srv/web/fingerprints.html notify: - reload proxyhttpd diff --git a/roles/httpd/mime-type/tasks/main.yml b/roles/httpd/mime-type/tasks/main.yml index 137eac1bb5..d836a1e184 100644 --- a/roles/httpd/mime-type/tasks/main.yml +++ b/roles/httpd/mime-type/tasks/main.yml @@ -1,3 +1,4 @@ +--- - template: > src=mime-types.conf dest=/etc/httpd/conf.d/{{website}}/mime-types.conf owner=root group=root mode=0644 diff --git a/roles/httpd/mod_ssl/tasks/main.yml b/roles/httpd/mod_ssl/tasks/main.yml index ab926d6998..f43056956a 100644 --- a/roles/httpd/mod_ssl/tasks/main.yml +++ b/roles/httpd/mod_ssl/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Install mod_ssl package: name=mod_ssl state=present notify: diff --git a/roles/httpd/proxy/tasks/main.yml b/roles/httpd/proxy/tasks/main.yml index 2bb2766c65..d6269d4756 100644 --- a/roles/httpd/proxy/tasks/main.yml +++ b/roles/httpd/proxy/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Make sure the ticketkey is deployed copy: src=/root/ticketkey_{{env}}.tkey dest=/etc/httpd/ticketkey_{{env}}.tkey owner=root group=root mode=0600 diff --git a/roles/httpd/redirect/tasks/main.yml b/roles/httpd/redirect/tasks/main.yml index 145d7345c1..bfa5e8b827 100644 --- a/roles/httpd/redirect/tasks/main.yml +++ b/roles/httpd/redirect/tasks/main.yml @@ -6,6 +6,7 @@ # role only into the {{website}}/ folder for each site. # This is the only real work we do. +--- - name: Copy over httpd redirect file for {{shortname}} template: > src={{item}} diff --git a/roles/httpd/redirect/vars/main.yml b/roles/httpd/redirect/vars/main.yml index ca81e381c2..ee470b9b15 100644 --- a/roles/httpd/redirect/vars/main.yml +++ b/roles/httpd/redirect/vars/main.yml @@ -1 +1,2 @@ +--- path: / diff --git a/roles/httpd/redirectmatch/tasks/main.yml b/roles/httpd/redirectmatch/tasks/main.yml index 4f666dfefc..0c76e917b0 100644 --- a/roles/httpd/redirectmatch/tasks/main.yml +++ b/roles/httpd/redirectmatch/tasks/main.yml @@ -7,6 +7,7 @@ # This is the only real work we do. +--- - name: Ensure directory exists for redirect file: path: /etc/httpd/conf.d/{{website}} diff --git a/roles/httpd/redirectmatch/vars/main.yml b/roles/httpd/redirectmatch/vars/main.yml index a6f3bbe593..3243341d23 100644 --- a/roles/httpd/redirectmatch/vars/main.yml +++ b/roles/httpd/redirectmatch/vars/main.yml @@ -1 +1,2 @@ +--- status: 302 diff --git a/roles/httpd/reverseproxy/tasks/main.yml b/roles/httpd/reverseproxy/tasks/main.yml index 85956742e8..2a09d1f06a 100644 --- a/roles/httpd/reverseproxy/tasks/main.yml +++ b/roles/httpd/reverseproxy/tasks/main.yml @@ -7,6 +7,7 @@ # - keephost # - proxyopts +--- - name: Copy in ProxyPassReverse for {{destname}} ({{website}}{{remotepath}}) template: > src={{item}} diff --git a/roles/httpd/reverseproxy/vars/main.yml b/roles/httpd/reverseproxy/vars/main.yml index d88f2e67d1..96af54e773 100644 --- a/roles/httpd/reverseproxy/vars/main.yml +++ b/roles/httpd/reverseproxy/vars/main.yml @@ -1,3 +1,4 @@ +--- remotepath: / localpath: / destname: reversepassproxy diff --git a/roles/httpd/website/defaults/main.yml b/roles/httpd/website/defaults/main.yml index 83fbab60f3..9c0a26e159 100644 --- a/roles/httpd/website/defaults/main.yml +++ b/roles/httpd/website/defaults/main.yml @@ -1,7 +1,8 @@ # These three are required -#name: ... -#cert_name: "" +# name: ... +# cert_name: "" +--- use_h2: true server_aliases: [] server_admin: webmaster@fedoraproject.org diff --git a/roles/httpd/website/tasks/main.yml b/roles/httpd/website/tasks/main.yml index fa05796b06..7e62c771bf 100644 --- a/roles/httpd/website/tasks/main.yml +++ b/roles/httpd/website/tasks/main.yml @@ -8,6 +8,7 @@ # - SSLCertificateChainFile: "" # - gzip: false +--- - name: Create site directory in httpd/conf.d/{{site_name}} file: > dest=/etc/httpd/conf.d/{{site_name}} diff --git a/roles/ipa/client/tasks/common.yml b/roles/ipa/client/tasks/common.yml index 9cee19b85a..f890136fa3 100644 --- a/roles/ipa/client/tasks/common.yml +++ b/roles/ipa/client/tasks/common.yml @@ -39,4 +39,3 @@ host: "{{ item[2] | list | sort }}" loop: "{{ ipa_server_host_groups_hosts }}" when: ipa_server_host_groups_hosts is defined - diff --git a/roles/ipa/client/tasks/main.yml b/roles/ipa/client/tasks/main.yml index 22ab24ec95..aa85d44651 100644 --- a/roles/ipa/client/tasks/main.yml +++ b/roles/ipa/client/tasks/main.yml @@ -66,7 +66,7 @@ run_once: yes - name: Configure sudo on IPA cluster - #delegate_to: "{{ ipa_server }}" + # delegate_to: "{{ ipa_server }}" import_tasks: sudo.yml tags: - ipa/client diff --git a/roles/ipsilon/defaults/main.yml b/roles/ipsilon/defaults/main.yml index d399e3b398..6175e2bb9a 100644 --- a/roles/ipsilon/defaults/main.yml +++ b/roles/ipsilon/defaults/main.yml @@ -1,2 +1,3 @@ +--- ipsilon_patches: - 409 diff --git a/roles/ipsilon/handlers/main.yml b/roles/ipsilon/handlers/main.yml index 8121eba598..c21d1696ff 100644 --- a/roles/ipsilon/handlers/main.yml +++ b/roles/ipsilon/handlers/main.yml @@ -1,5 +1,5 @@ +--- - name: restart sssd service: name: sssd state: restarted - diff --git a/roles/ipsilon/tasks/main.yml b/roles/ipsilon/tasks/main.yml index 6be6fe19f7..336e44a433 100644 --- a/roles/ipsilon/tasks/main.yml +++ b/roles/ipsilon/tasks/main.yml @@ -100,7 +100,7 @@ owner: ipsilon group: ipsilon state: directory - mode: 0700 + mode: "0700" tags: - ipsilon - config @@ -111,7 +111,7 @@ dest: "/etc/ipsilon/root/ipsilon.conf" owner: ipsilon group: ipsilon - mode: 0600 + mode: "0600" tags: - ipsilon - config @@ -134,7 +134,7 @@ dest: "/etc/ipsilon/root/configuration.conf" owner: ipsilon group: ipsilon - mode: 0600 + mode: "0600" tags: - ipsilon - config @@ -147,7 +147,7 @@ dest: /etc/ipsilon/root/openidc.static.cfg owner: ipsilon group: ipsilon - mode: 0600 + mode: "0600" tags: - ipsilon - config @@ -171,7 +171,7 @@ dest: /etc/ipsilon/root/openidc.key owner: ipsilon group: ipsilon - mode: 0600 + mode: "0600" tags: - ipsilon @@ -179,7 +179,7 @@ file: path: /etc/ipsilon/root/saml2 state: directory - mode: 0700 + mode: "0700" owner: ipsilon group: ipsilon setype: httpd_var_lib_t @@ -192,7 +192,7 @@ dest: /etc/ipsilon/root/saml2/idp.key owner: ipsilon group: ipsilon - mode: 0600 + mode: "0600" tags: - ipsilon @@ -202,7 +202,7 @@ dest: /etc/ipsilon/root/saml2/idp.crt owner: ipsilon group: ipsilon - mode: 0644 + mode: "0644" tags: - ipsilon @@ -212,7 +212,7 @@ dest: /usr/local/bin/prepare-saml2-metadata owner: root group: root - mode: 0755 + mode: "0755" tags: - ipsilon @@ -273,7 +273,7 @@ dest: /etc/sssd/sssd.conf owner: root group: root - mode: 0600 + mode: "0600" tags: - ipsilon - config diff --git a/roles/ipsilon/tasks/patches.yml b/roles/ipsilon/tasks/patches.yml index 63f83b8f4a..3e5a2f29ea 100644 --- a/roles/ipsilon/tasks/patches.yml +++ b/roles/ipsilon/tasks/patches.yml @@ -1,3 +1,4 @@ +--- - name: install patch and filterdiff dnf: name: diff --git a/roles/iscsi_client/tasks/main.yml b/roles/iscsi_client/tasks/main.yml index 22eb336827..e7b10fe3e3 100644 --- a/roles/iscsi_client/tasks/main.yml +++ b/roles/iscsi_client/tasks/main.yml @@ -70,7 +70,7 @@ tags: - config -#- name: run iscsiadm command for initial connect to vtap-fedora-nfs01 +# - name: run iscsiadm command for initial connect to vtap-fedora-nfs01 # command: creates=/var/lib/iscsi/nodes/{{ netapp_nfs01_iscsi_name }}/{{ netapp_nfs01_iscsi_portal }},3260 /sbin/iscsiadm --mode node --targetname --portal {{ netapp_nfs01_iscsi_portal }} -o new ; /sbin/iscsiadm --mode node --targetname {{ netapp_nfs01_iscsi_name }} --portal {{ netapp_nfs01_iscsi_portal }} --login # tags: # - config diff --git a/roles/iscsi_client/vars/main.yml b/roles/iscsi_client/vars/main.yml index b0f2bcc49d..38d317b2f3 100644 --- a/roles/iscsi_client/vars/main.yml +++ b/roles/iscsi_client/vars/main.yml @@ -1,3 +1,4 @@ +--- # iscsi initiator for netapp iscsi volume netapp_iscsi_name: iqn.1992-08.com.netapp:sn.8a2c2d9073de11e4a645123478563412:vs.13 # iscsi portal for netapp iscsi volume diff --git a/roles/keepalived/handlers/main.yml b/roles/keepalived/handlers/main.yml index 3840e64664..2ac9fe3e5a 100644 --- a/roles/keepalived/handlers/main.yml +++ b/roles/keepalived/handlers/main.yml @@ -1,2 +1,3 @@ +--- - name: restart keepalived service: name=keepalived state=restarted diff --git a/roles/keepalived/tasks/main.yml b/roles/keepalived/tasks/main.yml index 36b0c6c956..1ac3ca011d 100644 --- a/roles/keepalived/tasks/main.yml +++ b/roles/keepalived/tasks/main.yml @@ -7,6 +7,7 @@ # keepalived_ipaddress - virtual ip address on master host # +--- - name: Install keepalived package package: state=present name=keepalived tags: diff --git a/roles/kerneltest/tasks/main.yml b/roles/kerneltest/tasks/main.yml index 63b50c4004..33d0f05706 100644 --- a/roles/kerneltest/tasks/main.yml +++ b/roles/kerneltest/tasks/main.yml @@ -39,7 +39,7 @@ when: inventory_hostname.startswith('kerneltest01') command: /usr/bin/python2 /usr/share/kerneltest/kerneltest_createdb.py environment: - KERNELTEST_CONFIG: /etc/kerneltest/kerneltest.cfg + KERNELTEST_CONFIG: /etc/kerneltest/kerneltest.cfg tags: - kerneltest diff --git a/roles/keytab/service/defaults/main.yml b/roles/keytab/service/defaults/main.yml index 13bd71eec9..1fc3d56f2f 100644 --- a/roles/keytab/service/defaults/main.yml +++ b/roles/keytab/service/defaults/main.yml @@ -1,3 +1,4 @@ +--- owner_user: root owner_group: root host: "{{inventory_hostname }}" diff --git a/roles/koji_builder/defaults/main.yaml b/roles/koji_builder/defaults/main.yaml index ec4158b468..abac294cbc 100644 --- a/roles/koji_builder/defaults/main.yaml +++ b/roles/koji_builder/defaults/main.yaml @@ -1,3 +1,4 @@ +--- koji_builder_client_secret_stg: "OVERRIDEME" koji_builder_client_id_stg: "OVERRIDEME" koji_builder_client_secret: "OVERRIDEME" diff --git a/roles/koji_builder/tasks/main.yml b/roles/koji_builder/tasks/main.yml index e17bdfbd9e..c01d55120f 100644 --- a/roles/koji_builder/tasks/main.yml +++ b/roles/koji_builder/tasks/main.yml @@ -1,6 +1,7 @@ # # This is a base koji_builder role. # +--- - name: set hostname hostname: name="{{inventory_hostname}}" tags: @@ -237,7 +238,7 @@ # install libvirt/network.conf # # The default in f41+ is to use nftables, but it's not compatible with the -# iptables setup we are using on the builders for some reason. +# iptables setup we are using on the builders for some reason. # So, switch back to iptables until we switch to nftables, or move everying # away from oz/Imagefactory so we don't need virt instances for image builds # anymore. @@ -336,7 +337,7 @@ state: directory owner: root group: root - mode: 0660 + mode: "0660" tags: - koji_builder when: env == "staging" @@ -393,11 +394,11 @@ - name: create override dir for systemd-nspawn containers config file: - state: directory - owner: root - group: root - mode: 0755 - path: /etc/systemd/system/machine-.scope.d + state: directory + owner: root + group: root + mode: "0755" + path: /etc/systemd/system/machine-.scope.d when: inventory_hostname.startswith(('buildhw-a64')) tags: - koji_builder diff --git a/roles/koji_db/tasks/main.yml b/roles/koji_db/tasks/main.yml index 181b517e88..8723bb4dd1 100644 --- a/roles/koji_db/tasks/main.yml +++ b/roles/koji_db/tasks/main.yml @@ -26,4 +26,3 @@ tags: - db when: is_kojidb == "True" - diff --git a/roles/koji_hub/tasks/main.yml b/roles/koji_hub/tasks/main.yml index 55c9c472f2..30d6e504d1 100644 --- a/roles/koji_hub/tasks/main.yml +++ b/roles/koji_hub/tasks/main.yml @@ -111,8 +111,8 @@ - name: install the configuration file for fedora-messaging template: - src=fedora-messaging.toml - dest=/etc/fedora-messaging/config.toml + src=fedora-messaging.toml + dest=/etc/fedora-messaging/config.toml tags: - config - koji_hub @@ -133,7 +133,7 @@ - src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/koji{{ env_suffix }}.crt" dest: koji.crt owner: apache - mode: 0644 + mode: "0644" - src: "{{private}}/files/rabbitmq/{{env}}/pki/private/koji{{ env_suffix }}.key" dest: koji.key owner: apache @@ -141,7 +141,7 @@ - src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt" dest: koji.ca owner: apache - mode: 0644 + mode: "0644" tags: - config - koji_hub diff --git a/roles/kojipkgs/tasks/main.yml b/roles/kojipkgs/tasks/main.yml index f2ad01dba2..af8f4e82d9 100644 --- a/roles/kojipkgs/tasks/main.yml +++ b/roles/kojipkgs/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: set seboolean for nfs httpd seboolean: name=httpd_use_nfs state=true persistent=true tags: diff --git a/roles/letsencrypt/tasks/main.yml b/roles/letsencrypt/tasks/main.yml index afae56da4e..cea01d3798 100644 --- a/roles/letsencrypt/tasks/main.yml +++ b/roles/letsencrypt/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: setup defaults file delegate_to: "certgetter01.iad2.fedoraproject.org" copy: > diff --git a/roles/logging/tasks/main.yml b/roles/logging/tasks/main.yml index 04994387b0..c131960d6f 100644 --- a/roles/logging/tasks/main.yml +++ b/roles/logging/tasks/main.yml @@ -2,7 +2,7 @@ - name: Create /etc/pki/fedora-messaging file: dest: /etc/pki/fedora-messaging - mode: 0775 + mode: "0775" owner: root group: root state: directory @@ -15,7 +15,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{ env }}/pki/ca.crt" dest: /etc/pki/fedora-messaging/rabbitmq-ca.crt - mode: 0644 + mode: "0644" owner: root group: root tags: @@ -27,7 +27,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{ env }}/pki/issued/logging{{ env_suffix }}.crt" dest: /etc/pki/fedora-messaging/logging.crt - mode: 0644 + mode: "0644" owner: root group: root tags: @@ -39,7 +39,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{ env }}/pki/private/logging{{ env_suffix }}.key" dest: /etc/pki/fedora-messaging/logging.key - mode: 0640 + mode: "0640" owner: root group: countme tags: @@ -53,7 +53,7 @@ dest: /etc/fedora-messaging/config.toml owner: countme group: countme - mode: 0660 + mode: "0660" tags: - config - logging diff --git a/roles/mariadb_server/tasks/main.yml b/roles/mariadb_server/tasks/main.yml index 9716297c7e..428abc5559 100644 --- a/roles/mariadb_server/tasks/main.yml +++ b/roles/mariadb_server/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: ensure packages required for mariadb are installed package: state: present @@ -29,8 +30,8 @@ service: name=mariadb enabled=yes state=started - name: set mariaddb root user password - no_log: True - mysql_user: + no_log: true + mysql_user: name: root login_user: root login_password: "{{ mariadb_root_password }}" diff --git a/roles/mediawiki/tasks/main.yml b/roles/mediawiki/tasks/main.yml index 3f6d6bb546..7761bd25cf 100644 --- a/roles/mediawiki/tasks/main.yml +++ b/roles/mediawiki/tasks/main.yml @@ -75,7 +75,7 @@ - name: Create /etc/pki/fedora-messaging file: dest: /etc/pki/fedora-messaging - mode: 0775 + mode: "0775" owner: root group: root state: directory @@ -88,7 +88,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/ca.crt" dest: /etc/pki/fedora-messaging/cacert.pem - mode: 0644 + mode: "0644" owner: root group: root tags: @@ -100,7 +100,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/issued/mediawiki{{env_suffix}}.crt" dest: /etc/pki/fedora-messaging/mediawiki{{env_suffix}}-cert.pem - mode: 0644 + mode: "0644" owner: root group: root tags: @@ -112,7 +112,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/private/mediawiki{{env_suffix}}.key" dest: /etc/pki/fedora-messaging/mediawiki{{env_suffix}}-key.pem - mode: 0640 + mode: "0640" owner: root group: apache tags: @@ -126,7 +126,7 @@ dest: /etc/fedora-messaging/config.toml owner: root group: apache - mode: 0640 + mode: "0640" tags: - config - mediawiki @@ -148,13 +148,13 @@ tags: - mediawiki -#- name: creating config dir +# - name: creating config dir # file: src=/usr/share/{{ wikiver }}/config dest=/srv/web/{{wikiname}}/config owner=apache group=apache mode=755 state=directory # tags: # - mediawiki # This doesn't seem to exist anymore in upstream.... -#- name: install utils +# - name: install utils # file: src=/usr/share/{{ wikiver }}/install-utils.inc dest=/srv/web/{{wikiname}}-wiki/install-utils.inc state=link # tags: # - mediawiki @@ -207,7 +207,7 @@ tags: - mediawiki -#- name: linking serialized +# - name: linking serialized # file: dest=/srv/web/{{wikiname}}-wiki/serialized src=/usr/share/{{ wikiver }}/serialized state=link # tags: # - mediawiki @@ -248,7 +248,7 @@ path: /srv/web/fp-wiki/extensions/FedoraMessaging/vendor owner: apache group: apache - mode: 0755 + mode: "0755" state: directory tags: - config diff --git a/roles/messaging/base/tasks/main.yml b/roles/messaging/base/tasks/main.yml index f4d02a874b..e3248e8527 100644 --- a/roles/messaging/base/tasks/main.yml +++ b/roles/messaging/base/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: install the messaging packages package: name={{ item }} state=present with_items: diff --git a/roles/mirror_pagure_ansible/tasks/main.yml b/roles/mirror_pagure_ansible/tasks/main.yml index 9f461d93a8..f532699891 100644 --- a/roles/mirror_pagure_ansible/tasks/main.yml +++ b/roles/mirror_pagure_ansible/tasks/main.yml @@ -1,4 +1,5 @@ -- name: Install packages +--- +- name: Install packages package: state=present name={{ item }} with_items: - fedora-messaging @@ -12,10 +13,10 @@ - name: Setup pagure user user: - name: mirror_pagure_ansible - shell: /sbin/nologin - comment: "mirror_pagure_ansible User" - tags: + name: mirror_pagure_ansible + shell: /sbin/nologin + comment: "mirror_pagure_ansible User" + tags: - mirror_pagure_ansible - mirror_pagure_ansible/user @@ -33,7 +34,7 @@ - name: Create /etc/pki/fedora-messaging file: dest: /etc/pki/fedora-messaging - mode: 0775 + mode: "0775" owner: root group: root state: directory @@ -59,7 +60,7 @@ - src: "{{private}}/files/rabbitmq/production/pki/ca.crt" dest: cacert.pem owner: mirror_pagure_ansible - group: mirror_pagure_ansible + group: mirror_pagure_ansible mode: "0644" tags: - pagure @@ -71,7 +72,7 @@ dest: /etc/fedora-messaging/mirror_pagure_ansible.toml owner: mirror_pagure_ansible group: mirror_pagure_ansible - mode: 0640 + mode: "0640" tags: - config - mirror_pagure_ansible @@ -82,7 +83,7 @@ - name: Create /usr/local/libexec/mirror_pagure_ansible file: dest: /usr/local/libexec/mirror_pagure_ansible - mode: 0775 + mode: "0775" owner: root group: root state: directory @@ -107,7 +108,7 @@ dest: /etc/systemd/system/mirror_pagure_ansible.service owner: root group: root - mode: 0755 + mode: "0755" notify: - reload systemd tags: @@ -122,4 +123,3 @@ tags: - config - mirror_pagure_ansible - diff --git a/roles/mirrormanager/mirrorlist_proxy/tasks/main.yml b/roles/mirrormanager/mirrorlist_proxy/tasks/main.yml index 8642357025..4d836a27f9 100644 --- a/roles/mirrormanager/mirrorlist_proxy/tasks/main.yml +++ b/roles/mirrormanager/mirrorlist_proxy/tasks/main.yml @@ -32,14 +32,14 @@ state: directory owner: root group: root - mode: 0755 + mode: "0755" tags: - mirrorlist_proxy - name: push over the newer geoip db copy: src={{ item }} dest=/usr/share/GeoIP/ with_fileglob: - - "{{ bigfiles }}/geoip/*.mmdb" + - "{{ bigfiles }}/geoip/*.mmdb" tags: - mirrorlist_proxy diff --git a/roles/mirrormanager/mirrorlist_proxy/vars/main.yml b/roles/mirrormanager/mirrorlist_proxy/vars/main.yml index 089784c9b0..9e71b9b38f 100644 --- a/roles/mirrormanager/mirrorlist_proxy/vars/main.yml +++ b/roles/mirrormanager/mirrorlist_proxy/vars/main.yml @@ -1,3 +1,4 @@ +--- mirrormanager_uid: 441 mirrormanager_gid: 441 mirrors_gid: 263 diff --git a/roles/mod_wsgi/meta/main.yml b/roles/mod_wsgi/meta/main.yml index 7f15145c91..e4fdbecd86 100644 --- a/roles/mod_wsgi/meta/main.yml +++ b/roles/mod_wsgi/meta/main.yml @@ -1,3 +1,4 @@ +--- dependencies: - role: apache when: wsgi_wants_apache diff --git a/roles/mote/handlers/main.yml b/roles/mote/handlers/main.yml index 8c1c79f37f..607fe3e566 100644 --- a/roles/mote/handlers/main.yml +++ b/roles/mote/handlers/main.yml @@ -1,2 +1,3 @@ +--- - name: nuke mote json cache file: dest=/var/cache/httpd/mote/cache.json state=absent diff --git a/roles/mote/tasks/main.yml b/roles/mote/tasks/main.yml index 93c3d2796e..b06c548edd 100644 --- a/roles/mote/tasks/main.yml +++ b/roles/mote/tasks/main.yml @@ -23,7 +23,7 @@ file: state: directory path: /etc/systemd/system/memcached.service.d - mode: 0755 + mode: "0755" owner: root group: root tags: diff --git a/roles/nagios_client/tasks/main.yml b/roles/nagios_client/tasks/main.yml index 832be14294..e0efd154de 100644 --- a/roles/nagios_client/tasks/main.yml +++ b/roles/nagios_client/tasks/main.yml @@ -268,7 +268,7 @@ dest: "/etc/nrpe.d/rabbitmq_args.ini" owner: root group: nrpe - mode: 0640 + mode: "0640" when: inventory_hostname.startswith('rabbitmq') tags: - nagios_client @@ -279,7 +279,7 @@ dest: "/etc/nrpe.d/{{ item }}" owner: root group: root - mode: 0644 + mode: "0644" with_items: - check_rabbitmq_server.cfg - check_rabbitmq_watermark.cfg diff --git a/roles/nagios_server/tasks/main.yml b/roles/nagios_server/tasks/main.yml index d6e0be7c56..9c628e9edf 100644 --- a/roles/nagios_server/tasks/main.yml +++ b/roles/nagios_server/tasks/main.yml @@ -3,6 +3,7 @@ ## ## Setup the initial user and groups. +--- - name: Add nagios group as 420 group: name=nagios gid=420 state=present system=yes tags: diff --git a/roles/nfs/client/tasks/main.yml b/roles/nfs/client/tasks/main.yml index 7a1275554c..672adc977b 100644 --- a/roles/nfs/client/tasks/main.yml +++ b/roles/nfs/client/tasks/main.yml @@ -1,4 +1,5 @@ # Setup our idmapd.conf file. It should be loaded automagically. +--- - name: idmapd.conf copy: src=idmapd.conf dest=/etc/idmapd.conf tags: diff --git a/roles/nfs/server/tasks/main.yml b/roles/nfs/server/tasks/main.yml index 2c2433c86f..675f974e2a 100644 --- a/roles/nfs/server/tasks/main.yml +++ b/roles/nfs/server/tasks/main.yml @@ -1,6 +1,7 @@ # # Install needed packages # +--- - name: Install needed nfs server packages package: name={{ item }} state=present with_items: @@ -45,4 +46,3 @@ when: exports.changed tags: - nfs/server - diff --git a/roles/nfs/server/tasks/storinator-cloud.yml b/roles/nfs/server/tasks/storinator-cloud.yml index 1be94950fb..53e7647a02 100644 --- a/roles/nfs/server/tasks/storinator-cloud.yml +++ b/roles/nfs/server/tasks/storinator-cloud.yml @@ -7,25 +7,24 @@ - name: create 5 GB communishift logical volumes lvol: vg=VG_nfs lv=openshift-05gb-{{item}} size=5g shrink=no - with_items: ["00","01","02","03","04","05","06","07","08","09"] + with_items: ["00", "01", "02", "03", "04", "05", "06", "07", "08", "09"] - name: Create FS for 5 GB communishift logical volules filesystem: fstype=xfs dev=/dev/VG_nfs/openshift-05gb-{{item}} - with_items: ["00","01","02","03","04","05","06","07","08","09"] + with_items: ["00", "01", "02", "03", "04", "05", "06", "07", "08", "09"] - name: create 10 GB communishift logical volumes lvol: vg=VG_nfs lv=openshift-10gb-{{item}} size=10g shrink=no - with_items: ["00","01","02","03","04","05","06","07","08","09"] + with_items: ["00", "01", "02", "03", "04", "05", "06", "07", "08", "09"] - name: Create FS for 10 GB communishift logical volules filesystem: fstype=xfs dev=/dev/VG_nfs/openshift-10gb-{{item}} - with_items: ["00","01","02","03","04","05","06","07","08","09"] + with_items: ["00", "01", "02", "03", "04", "05", "06", "07", "08", "09"] - name: create 25 GB communishift logical volumes lvol: vg=VG_nfs lv=openshift-25gb-{{item}} size=25g shrink=no - with_items: ["00","01","02","03","04","05","06","07","08","09"] + with_items: ["00", "01", "02", "03", "04", "05", "06", "07", "08", "09"] - name: Create FS for 25 GB communishift logical volules filesystem: fstype=xfs dev=/dev/VG_nfs/openshift-25gb-{{item}} - with_items: ["00","01","02","03","04","05","06","07","08","09"] - + with_items: ["00", "01", "02", "03", "04", "05", "06", "07", "08", "09"] diff --git a/roles/opendkim/tasks/main.yml b/roles/opendkim/tasks/main.yml index e6821bd6a6..5a4bd1f1c9 100644 --- a/roles/opendkim/tasks/main.yml +++ b/roles/opendkim/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: install opendkim package: name=opendkim state=present tags: diff --git a/roles/openqa/dispatcher/defaults/main.yml b/roles/openqa/dispatcher/defaults/main.yml index aef3d201eb..31a25be7f0 100644 --- a/roles/openqa/dispatcher/defaults/main.yml +++ b/roles/openqa/dispatcher/defaults/main.yml @@ -1,3 +1,4 @@ +--- openqa_hostname: localhost openqa_compose_arches: "x86_64" openqa_update_arches: ["x86_64"] diff --git a/roles/openqa/dispatcher/handlers/main.yml b/roles/openqa/dispatcher/handlers/main.yml index 04ece7368f..8771a279c1 100644 --- a/roles/openqa/dispatcher/handlers/main.yml +++ b/roles/openqa/dispatcher/handlers/main.yml @@ -1,4 +1,5 @@ # Restart handler for our fedora-messaging consumers +--- - name: Conditionally restart openQA scheduler consumer command: /usr/local/bin/conditional-restart.sh fm-consumer@fedora_openqa_scheduler listen: diff --git a/roles/openqa/dispatcher/tasks/main.yml b/roles/openqa/dispatcher/tasks/main.yml index 38c2922d3f..54f62d0e45 100644 --- a/roles/openqa/dispatcher/tasks/main.yml +++ b/roles/openqa/dispatcher/tasks/main.yml @@ -161,7 +161,7 @@ # scheduler is no longer responsible for downloading assets. # just keeping this around for convenience as we often need it -#- name: Install required packages (testing) +# - name: Install required packages (testing) # dnf: # name: ['python2-fedfind', 'python2-wikitcms'] # state: present @@ -172,6 +172,7 @@ # fedora_openqa requires most of these, including the resultsdb and # wikitcms bits even when reporting is disabled; the consumer module # always imports the report module which imports those +--- - name: Install required packages package: name: ['fedora-messaging', 'python3-fedfind', 'python3-wikitcms', 'python3-openqa_client', @@ -265,7 +266,7 @@ - name: Create /etc/pki/fedora-messaging file: dest: /etc/pki/fedora-messaging - mode: 0775 + mode: "0775" owner: root group: root state: directory @@ -277,7 +278,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{ openqa_env }}/pki/issued/{{ openqa_amqp_this_username }}.crt" dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_this_username }}-cert.pem" - mode: 0644 + mode: "0644" owner: root group: root when: "deployment_type is defined" @@ -288,7 +289,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{ openqa_env }}/pki/private/{{ openqa_amqp_this_username }}.key" dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_this_username }}-key.pem" - mode: 0640 + mode: "0640" owner: root group: geekotest when: "deployment_type is defined" @@ -299,7 +300,7 @@ copy: src: "{{ private }}/files/rabbitmq/production/pki/issued/{{ openqa_amqp_prod_username }}.crt" dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_prod_username }}-cert.pem" - mode: 0644 + mode: "0644" owner: root group: root when: "deployment_type is defined and deployment_type == 'stg'" @@ -310,7 +311,7 @@ copy: src: "{{ private }}/files/rabbitmq/production/pki/private/{{ openqa_amqp_prod_username }}.key" dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_prod_username }}-key.pem" - mode: 0640 + mode: "0640" owner: root group: geekotest when: "deployment_type is defined and deployment_type == 'stg'" diff --git a/roles/openqa/server/defaults/main.yml b/roles/openqa/server/defaults/main.yml index c12a4ba4af..61096d8902 100644 --- a/roles/openqa/server/defaults/main.yml +++ b/roles/openqa/server/defaults/main.yml @@ -1,3 +1,4 @@ +--- openqa_amqp_publisher_prefix: openqa_amqp_publisher_url: amqp://test:@localhost/%2Fpubsub openqa_amqp_publisher_exchange: amq.topic diff --git a/roles/openqa/server/tasks/main.yml b/roles/openqa/server/tasks/main.yml index 634f8d0c63..7c9898e512 100644 --- a/roles/openqa/server/tasks/main.yml +++ b/roles/openqa/server/tasks/main.yml @@ -83,6 +83,7 @@ # If openqa_dbhost is not set, the server will use a local SQLite database # and the other openqa_db* values are ignored. +--- - name: Create geekotest group with static GID group: "name=geekotest gid={{ openqa_static_uid }} system=yes" when: "openqa_static_uid is defined" diff --git a/roles/openqa/worker/defaults/main.yml b/roles/openqa/worker/defaults/main.yml index 848e7df8ae..5104b8c8a0 100644 --- a/roles/openqa/worker/defaults/main.yml +++ b/roles/openqa/worker/defaults/main.yml @@ -1,3 +1,4 @@ +--- openqa_hostname: localhost openqa_repo: updates openqa_createhdds_branch: main diff --git a/roles/openqa/worker/handlers/main.yml b/roles/openqa/worker/handlers/main.yml index 9eb7ac4cbf..2c427e89c3 100644 --- a/roles/openqa/worker/handlers/main.yml +++ b/roles/openqa/worker/handlers/main.yml @@ -1,4 +1,5 @@ # Restart handler for worker services +--- - name: Conditionally restart openQA workers command: /usr/local/bin/conditional-restart.sh openqa-worker@{{ item }} loop: "{{ range(1, openqa_workers + 1)|list }}" diff --git a/roles/openqa/worker/tasks/createhdds.yml b/roles/openqa/worker/tasks/createhdds.yml index 7358704ac4..3f75fa7cb8 100644 --- a/roles/openqa/worker/tasks/createhdds.yml +++ b/roles/openqa/worker/tasks/createhdds.yml @@ -3,6 +3,7 @@ ## string - The git branch of createhdds to check out ## default - main +--- - name: Install required packages package: name: ['python3-libsemanage', 'libvirt-daemon-kvm', 'libvirt-python3', 'python3-libguestfs', diff --git a/roles/openqa/worker/tasks/main.yml b/roles/openqa/worker/tasks/main.yml index 582d04c18f..791062977d 100644 --- a/roles/openqa/worker/tasks/main.yml +++ b/roles/openqa/worker/tasks/main.yml @@ -61,6 +61,7 @@ ## If worker host is above this load average, it will not pick ## up new jobs +--- - name: Remove old scratch repo directory file: path=/var/tmp/scratchrepo state=absent diff --git a/roles/openqa/worker/tasks/nfs-client.yml b/roles/openqa/worker/tasks/nfs-client.yml index d9e7f8e8e9..9c59916510 100644 --- a/roles/openqa/worker/tasks/nfs-client.yml +++ b/roles/openqa/worker/tasks/nfs-client.yml @@ -1,7 +1,7 @@ # Required vars # - openqa_hostname ## string - hostname of the openQA server (we assume it is hosting the NFS mount) - +--- - name: Install NFS client package: name=nfs-utils state=present tags: diff --git a/roles/openqa/worker/tasks/tap-setup.yml b/roles/openqa/worker/tasks/tap-setup.yml index 0a40829d2b..e2c8a7313e 100644 --- a/roles/openqa/worker/tasks/tap-setup.yml +++ b/roles/openqa/worker/tasks/tap-setup.yml @@ -1,3 +1,4 @@ +--- - name: Install packages package: name: ['os-autoinst-openvswitch', 'NetworkManager-ovs'] diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml index be293b2163..9653afc662 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_alertmanagers.yaml @@ -1,4 +1,3 @@ - --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml index 9c225995bf..6c4997a0d9 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_podmonitors.yaml @@ -1,4 +1,3 @@ - --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml index 1b9d12633b..974ae9d695 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheuses.yaml @@ -1,4 +1,3 @@ - --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml index 1e95304bea..bdc930a8f6 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_prometheusrules.yaml @@ -1,4 +1,3 @@ - --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml index 65add833b6..901df100d9 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_servicemonitors.yaml @@ -1,4 +1,3 @@ - --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml index a3449a0c4b..24d0765132 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/prometheus-operator-crd/monitoring.coreos.com_thanosrulers.yaml @@ -1,4 +1,3 @@ - --- apiVersion: apiextensions.k8s.io/v1beta1 kind: CustomResourceDefinition diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator-crd/prometheus-operator-crd-cluster-roles.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator-crd/prometheus-operator-crd-cluster-roles.yaml index e7a065787e..fb85109c78 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator-crd/prometheus-operator-crd-cluster-roles.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator-crd/prometheus-operator-crd-cluster-roles.yaml @@ -1,3 +1,4 @@ +--- kind: ClusterRole apiVersion: rbac.authorization.k8s.io/v1 metadata: diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml index 53fbbc1911..5ed18ee1b4 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role-binding.yaml @@ -1,3 +1,4 @@ +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml index e78eac8796..857d064976 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-cluster-role.yaml @@ -1,3 +1,4 @@ +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-deployment.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-deployment.yaml index 3f89383a99..f9b3606990 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-deployment.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-deployment.yaml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-account.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-account.yaml index b948b1a33d..dabcb22105 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-account.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-account.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ServiceAccount metadata: diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-monitor.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-monitor.yaml index 119cb6cbe0..11a982985a 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-monitor.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service-monitor.yaml @@ -1,3 +1,4 @@ +--- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service.yaml index 3d4f789bf3..c27073e5cf 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus-operator/prometheus-operator-service.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role-binding.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role-binding.yaml index c4d203d7ea..9ced8674fa 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role-binding.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role-binding.yaml @@ -1,3 +1,4 @@ +--- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRoleBinding metadata: diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role.yaml index 2a0070ea47..dc7b9ad2f3 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-cluster-role.yaml @@ -1,3 +1,4 @@ +--- apiVersion: rbac.authorization.k8s.io/v1beta1 kind: ClusterRole metadata: diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-service-account.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-service-account.yaml index f3fb283ca0..ce5d8f3a62 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-service-account.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus-service-account.yaml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ServiceAccount metadata: diff --git a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus.yaml b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus.yaml index e32f0c936d..9ecb93fbdb 100644 --- a/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus.yaml +++ b/roles/openshift-apps/application-monitoring/files/prometheus-operator/example/rbac/prometheus/prometheus.yaml @@ -1,3 +1,4 @@ +--- apiVersion: monitoring.coreos.com/v1 kind: Prometheus metadata: diff --git a/roles/openshift-apps/asknot/files/service.yml b/roles/openshift-apps/asknot/files/service.yml index baadaf0ab5..18f210aea3 100644 --- a/roles/openshift-apps/asknot/files/service.yml +++ b/roles/openshift-apps/asknot/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: @@ -13,4 +14,3 @@ spec: selector: app: asknot deploymentconfig: asknot - diff --git a/roles/openshift-apps/asknot/templates/buildconfig.yml b/roles/openshift-apps/asknot/templates/buildconfig.yml index 644e42277c..1ba24d7418 100644 --- a/roles/openshift-apps/asknot/templates/buildconfig.yml +++ b/roles/openshift-apps/asknot/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/asknot/templates/imagestream.yml b/roles/openshift-apps/asknot/templates/imagestream.yml index 7677d531b0..460f7e0844 100644 --- a/roles/openshift-apps/asknot/templates/imagestream.yml +++ b/roles/openshift-apps/asknot/templates/imagestream.yml @@ -1,4 +1,5 @@ +--- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: - name: "asknot" + name: "asknot" diff --git a/roles/openshift-apps/badges/files/imagestream.yml b/roles/openshift-apps/badges/files/imagestream.yml index d5dee671a1..e29e4456da 100644 --- a/roles/openshift-apps/badges/files/imagestream.yml +++ b/roles/openshift-apps/badges/files/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 kind: List items: diff --git a/roles/openshift-apps/blockerbugs/templates/cron.yml b/roles/openshift-apps/blockerbugs/templates/cron.yml index dbc948f524..552b1d16fd 100644 --- a/roles/openshift-apps/blockerbugs/templates/cron.yml +++ b/roles/openshift-apps/blockerbugs/templates/cron.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: CronJob metadata: diff --git a/roles/openshift-apps/blockerbugs/templates/deploymentconfig.yml b/roles/openshift-apps/blockerbugs/templates/deploymentconfig.yml index 0bca32fb48..6d3df29010 100644 --- a/roles/openshift-apps/blockerbugs/templates/deploymentconfig.yml +++ b/roles/openshift-apps/blockerbugs/templates/deploymentconfig.yml @@ -23,7 +23,7 @@ spec: command: ["python", "/opt/app-root/src/blockerbugs/cli.py", "init_db"] # and then just the gunicorn for the frontend part volumes: - - blockerbugs-secret-volume + - blockerbugs-secret-volume template: metadata: labels: diff --git a/roles/openshift-apps/blockerbugs/templates/imagestream.yml b/roles/openshift-apps/blockerbugs/templates/imagestream.yml index 5e4211f49d..935a1b13b0 100644 --- a/roles/openshift-apps/blockerbugs/templates/imagestream.yml +++ b/roles/openshift-apps/blockerbugs/templates/imagestream.yml @@ -22,4 +22,4 @@ spec: kind: ImageStreamTag name: qa-landing status: - dockerImageRepository: "" \ No newline at end of file + dockerImageRepository: "" diff --git a/roles/openshift-apps/bodhi/files/imagestream.yml b/roles/openshift-apps/bodhi/files/imagestream.yml index 364216b208..865a2e8c9d 100644 --- a/roles/openshift-apps/bodhi/files/imagestream.yml +++ b/roles/openshift-apps/bodhi/files/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 items: - apiVersion: image.openshift.io/v1 diff --git a/roles/openshift-apps/bodhi/files/podmonitor.yml b/roles/openshift-apps/bodhi/files/podmonitor.yml index fd6e55afef..b66ff71707 100644 --- a/roles/openshift-apps/bodhi/files/podmonitor.yml +++ b/roles/openshift-apps/bodhi/files/podmonitor.yml @@ -1,3 +1,4 @@ +--- apiVersion: monitoring.coreos.com/v1 kind: PodMonitor metadata: diff --git a/roles/openshift-apps/bodhi/files/pvc.yml b/roles/openshift-apps/bodhi/files/pvc.yml index 9768d26b8c..ad36bae5ae 100644 --- a/roles/openshift-apps/bodhi/files/pvc.yml +++ b/roles/openshift-apps/bodhi/files/pvc.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/bodhi/files/service.yml b/roles/openshift-apps/bodhi/files/service.yml index 67880847c0..3f5fecedc3 100644 --- a/roles/openshift-apps/bodhi/files/service.yml +++ b/roles/openshift-apps/bodhi/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/bodhi/files/servicemonitor.yml b/roles/openshift-apps/bodhi/files/servicemonitor.yml index 6720f5d456..0f57665772 100644 --- a/roles/openshift-apps/bodhi/files/servicemonitor.yml +++ b/roles/openshift-apps/bodhi/files/servicemonitor.yml @@ -1,3 +1,4 @@ +--- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: @@ -10,4 +11,4 @@ spec: port: web selector: matchLabels: - app: bodhi \ No newline at end of file + app: bodhi diff --git a/roles/openshift-apps/bodhi/templates/critpathcron.yml b/roles/openshift-apps/bodhi/templates/critpathcron.yml index e385ecc326..d4917556a8 100644 --- a/roles/openshift-apps/bodhi/templates/critpathcron.yml +++ b/roles/openshift-apps/bodhi/templates/critpathcron.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: CronJob metadata: diff --git a/roles/openshift-apps/bodhi/templates/deploymentconfig.yml b/roles/openshift-apps/bodhi/templates/deploymentconfig.yml index 9a8ef5ae58..04c398220b 100644 --- a/roles/openshift-apps/bodhi/templates/deploymentconfig.yml +++ b/roles/openshift-apps/bodhi/templates/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 items: - apiVersion: apps.openshift.io/v1 @@ -14,20 +15,20 @@ items: strategy: activeDeadlineSeconds: 21600 recreateParams: - mid: - execNewPod: - command: - - /bin/sh - - '-c' - - >- - (/usr/bin/alembic-3 -c /etc/bodhi/alembic.ini current | grep -q - "(head)") || ( cd /etc/bodhi && /usr/bin/alembic-3 -c - /etc/bodhi/alembic.ini upgrade head) - containerName: bodhi-web - volumes: - - config-volume - failurePolicy: Abort - timeoutSeconds: 600 + mid: + execNewPod: + command: + - /bin/sh + - '-c' + - >- + (/usr/bin/alembic-3 -c /etc/bodhi/alembic.ini current | grep -q + "(head)") || ( cd /etc/bodhi && /usr/bin/alembic-3 -c + /etc/bodhi/alembic.ini upgrade head) + containerName: bodhi-web + volumes: + - config-volume + failurePolicy: Abort + timeoutSeconds: 600 resources: {} type: Recreate template: diff --git a/roles/openshift-apps/bodhi/templates/imagestreams-tagged.yml b/roles/openshift-apps/bodhi/templates/imagestreams-tagged.yml index a5f5da2fab..541a5c6608 100644 --- a/roles/openshift-apps/bodhi/templates/imagestreams-tagged.yml +++ b/roles/openshift-apps/bodhi/templates/imagestreams-tagged.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 items: - apiVersion: v1 diff --git a/roles/openshift-apps/bugzilla2fedmsg/templates/buildconfig.yml b/roles/openshift-apps/bugzilla2fedmsg/templates/buildconfig.yml index 0a4122ff07..f243e6c487 100644 --- a/roles/openshift-apps/bugzilla2fedmsg/templates/buildconfig.yml +++ b/roles/openshift-apps/bugzilla2fedmsg/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/bugzilla2fedmsg/templates/configmap.yml b/roles/openshift-apps/bugzilla2fedmsg/templates/configmap.yml index da66275238..8e45814563 100644 --- a/roles/openshift-apps/bugzilla2fedmsg/templates/configmap.yml +++ b/roles/openshift-apps/bugzilla2fedmsg/templates/configmap.yml @@ -9,4 +9,3 @@ metadata: data: config.toml: |- {{ load_file('fedora-messaging.toml') | indent }} - diff --git a/roles/openshift-apps/cloud-image-uploader/templates/aws-secrets.yml b/roles/openshift-apps/cloud-image-uploader/templates/aws-secrets.yml index b28fb0323d..86063aefba 100644 --- a/roles/openshift-apps/cloud-image-uploader/templates/aws-secrets.yml +++ b/roles/openshift-apps/cloud-image-uploader/templates/aws-secrets.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/cloud-image-uploader/templates/buildconfig.yml b/roles/openshift-apps/cloud-image-uploader/templates/buildconfig.yml index ea7efefa16..27c2f99ddd 100644 --- a/roles/openshift-apps/cloud-image-uploader/templates/buildconfig.yml +++ b/roles/openshift-apps/cloud-image-uploader/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 items: - apiVersion: build.openshift.io/v1 diff --git a/roles/openshift-apps/cloud-image-uploader/templates/container-secrets.yml b/roles/openshift-apps/cloud-image-uploader/templates/container-secrets.yml index ea1d4b842e..27eeb0cc07 100644 --- a/roles/openshift-apps/cloud-image-uploader/templates/container-secrets.yml +++ b/roles/openshift-apps/cloud-image-uploader/templates/container-secrets.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/cloud-image-uploader/templates/deployment.yml b/roles/openshift-apps/cloud-image-uploader/templates/deployment.yml index 7e8513ea5a..dde9f931af 100644 --- a/roles/openshift-apps/cloud-image-uploader/templates/deployment.yml +++ b/roles/openshift-apps/cloud-image-uploader/templates/deployment.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/cloud-image-uploader/templates/secret.yml b/roles/openshift-apps/cloud-image-uploader/templates/secret.yml index 9f151ddfa1..fe32a5a9bf 100644 --- a/roles/openshift-apps/cloud-image-uploader/templates/secret.yml +++ b/roles/openshift-apps/cloud-image-uploader/templates/secret.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/compose-tracker/templates/buildconfig.yml b/roles/openshift-apps/compose-tracker/templates/buildconfig.yml index 3de45529ba..1d1ffe5b30 100644 --- a/roles/openshift-apps/compose-tracker/templates/buildconfig.yml +++ b/roles/openshift-apps/compose-tracker/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/compose-tracker/templates/deploymentconfig.yml b/roles/openshift-apps/compose-tracker/templates/deploymentconfig.yml index 55793c579c..2cb5e2868e 100644 --- a/roles/openshift-apps/compose-tracker/templates/deploymentconfig.yml +++ b/roles/openshift-apps/compose-tracker/templates/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: diff --git a/roles/openshift-apps/compose-tracker/templates/imagestream.yml b/roles/openshift-apps/compose-tracker/templates/imagestream.yml index 8aae4c9d30..56f33b0f29 100644 --- a/roles/openshift-apps/compose-tracker/templates/imagestream.yml +++ b/roles/openshift-apps/compose-tracker/templates/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 kind: List items: @@ -16,7 +17,7 @@ items: from: kind: DockerImage name: registry.fedoraproject.org/fedora:38 - importPolicy: + importPolicy: scheduled: true referencePolicy: type: Source diff --git a/roles/openshift-apps/compose-tracker/templates/secret.yml b/roles/openshift-apps/compose-tracker/templates/secret.yml index ca22ae99a8..7acee53dc1 100644 --- a/roles/openshift-apps/compose-tracker/templates/secret.yml +++ b/roles/openshift-apps/compose-tracker/templates/secret.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/coreos-ci/tasks/main.yaml b/roles/openshift-apps/coreos-ci/tasks/main.yaml index 36281bf3e3..1c7cb23ec1 100644 --- a/roles/openshift-apps/coreos-ci/tasks/main.yaml +++ b/roles/openshift-apps/coreos-ci/tasks/main.yaml @@ -5,7 +5,7 @@ state: directory owner: root group: root - mode: 0770 + mode: "0770" recurse: true # generate the templates for project to be created @@ -13,7 +13,7 @@ template: src: "{{ item }}" dest: "/root/ocp4/openshift-apps/{{project_name}}/{{ item }}" - mode: 0770 + mode: "0770" with_items: "{{ project_templates }}" # apply created openshift resources diff --git a/roles/openshift-apps/datagrepper/files/imagestream.yml b/roles/openshift-apps/datagrepper/files/imagestream.yml index e51fa0a192..70aa6f1881 100644 --- a/roles/openshift-apps/datagrepper/files/imagestream.yml +++ b/roles/openshift-apps/datagrepper/files/imagestream.yml @@ -20,4 +20,3 @@ metadata: scheduled: true referencePolicy: type: Source - diff --git a/roles/openshift-apps/datagrepper/templates/buildconfig.yml b/roles/openshift-apps/datagrepper/templates/buildconfig.yml index 42f9e00128..4f3485eae5 100644 --- a/roles/openshift-apps/datagrepper/templates/buildconfig.yml +++ b/roles/openshift-apps/datagrepper/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/datagrepper/templates/deploymentconfig.yml b/roles/openshift-apps/datagrepper/templates/deploymentconfig.yml index 2ee04eeac4..da6cd43f6d 100644 --- a/roles/openshift-apps/datagrepper/templates/deploymentconfig.yml +++ b/roles/openshift-apps/datagrepper/templates/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: @@ -30,9 +31,9 @@ spec: imagePullPolicy: Always ports: - containerPort: 8080 - #resources: {} - #terminationMessagePath: /dev/termination-log - #terminationMessagePolicy: File + # resources: {} + # terminationMessagePath: /dev/termination-log + # terminationMessagePolicy: File volumeMounts: - name: datagrepper-config-volume mountPath: "/etc/datagrepper" diff --git a/roles/openshift-apps/datagrepper/templates/secret-webhook.yml b/roles/openshift-apps/datagrepper/templates/secret-webhook.yml index c7a1a9a179..b80789cbf8 100644 --- a/roles/openshift-apps/datagrepper/templates/secret-webhook.yml +++ b/roles/openshift-apps/datagrepper/templates/secret-webhook.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/datagrepper/templates/service.yml b/roles/openshift-apps/datagrepper/templates/service.yml index ec550447cd..5b14800a65 100644 --- a/roles/openshift-apps/datagrepper/templates/service.yml +++ b/roles/openshift-apps/datagrepper/templates/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/datanommer/files/imagestream.yml b/roles/openshift-apps/datanommer/files/imagestream.yml index 12e00c7a95..edaaad44a4 100644 --- a/roles/openshift-apps/datanommer/files/imagestream.yml +++ b/roles/openshift-apps/datanommer/files/imagestream.yml @@ -20,4 +20,3 @@ metadata: scheduled: true referencePolicy: type: Source - diff --git a/roles/openshift-apps/datanommer/templates/buildconfig.yml b/roles/openshift-apps/datanommer/templates/buildconfig.yml index 78d2bedc07..ab8a1e4de3 100644 --- a/roles/openshift-apps/datanommer/templates/buildconfig.yml +++ b/roles/openshift-apps/datanommer/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/datanommer/templates/deploymentconfig.yml b/roles/openshift-apps/datanommer/templates/deploymentconfig.yml index d60323a45a..56160f35d4 100644 --- a/roles/openshift-apps/datanommer/templates/deploymentconfig.yml +++ b/roles/openshift-apps/datanommer/templates/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: diff --git a/roles/openshift-apps/datanommer/templates/job.yml b/roles/openshift-apps/datanommer/templates/job.yml index 9f2509d24e..d9a835a2cd 100644 --- a/roles/openshift-apps/datanommer/templates/job.yml +++ b/roles/openshift-apps/datanommer/templates/job.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: Job metadata: diff --git a/roles/openshift-apps/discourse2fedmsg/files/service.yml b/roles/openshift-apps/discourse2fedmsg/files/service.yml index 2d886dedfb..7bad6473f6 100644 --- a/roles/openshift-apps/discourse2fedmsg/files/service.yml +++ b/roles/openshift-apps/discourse2fedmsg/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/discourse2fedmsg/templates/buildconfig.yml b/roles/openshift-apps/discourse2fedmsg/templates/buildconfig.yml index fc8067ca46..dc45453999 100644 --- a/roles/openshift-apps/discourse2fedmsg/templates/buildconfig.yml +++ b/roles/openshift-apps/discourse2fedmsg/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/docsbuilding/files/pvc.yml b/roles/openshift-apps/docsbuilding/files/pvc.yml index c5423a8dd4..11935d299c 100644 --- a/roles/openshift-apps/docsbuilding/files/pvc.yml +++ b/roles/openshift-apps/docsbuilding/files/pvc.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/docsbuilding/templates/buildconfig.yml b/roles/openshift-apps/docsbuilding/templates/buildconfig.yml index 72bb13641b..349a6efce2 100644 --- a/roles/openshift-apps/docsbuilding/templates/buildconfig.yml +++ b/roles/openshift-apps/docsbuilding/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/docsbuilding/templates/cron-translated.yml b/roles/openshift-apps/docsbuilding/templates/cron-translated.yml index 5e41cfb285..1173283c27 100644 --- a/roles/openshift-apps/docsbuilding/templates/cron-translated.yml +++ b/roles/openshift-apps/docsbuilding/templates/cron-translated.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: CronJob metadata: diff --git a/roles/openshift-apps/docsbuilding/templates/cron.yml b/roles/openshift-apps/docsbuilding/templates/cron.yml index 3c97bc716d..ca6012c947 100644 --- a/roles/openshift-apps/docsbuilding/templates/cron.yml +++ b/roles/openshift-apps/docsbuilding/templates/cron.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: CronJob metadata: diff --git a/roles/openshift-apps/docstranslation/templates/buildconfig.yml b/roles/openshift-apps/docstranslation/templates/buildconfig.yml index d626666d45..b4bbd1b484 100644 --- a/roles/openshift-apps/docstranslation/templates/buildconfig.yml +++ b/roles/openshift-apps/docstranslation/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: @@ -22,4 +23,3 @@ spec: to: kind: ImageStreamTag name: builder:latest - diff --git a/roles/openshift-apps/docstranslation/templates/configmap.yml b/roles/openshift-apps/docstranslation/templates/configmap.yml index 32595e516b..74ca913d89 100644 --- a/roles/openshift-apps/docstranslation/templates/configmap.yml +++ b/roles/openshift-apps/docstranslation/templates/configmap.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ConfigMap metadata: diff --git a/roles/openshift-apps/docstranslation/templates/cron.yml b/roles/openshift-apps/docstranslation/templates/cron.yml index a794df4d5f..1c3ded1a73 100644 --- a/roles/openshift-apps/docstranslation/templates/cron.yml +++ b/roles/openshift-apps/docstranslation/templates/cron.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: CronJob metadata: @@ -15,7 +16,7 @@ spec: containers: - name: translate image: image-registry.openshift-image-registry.svc:5000/docstranslation/builder:latest - args: + args: - "--clone_sources" - "--commit_l10n" - "--commit_tsources" @@ -23,7 +24,7 @@ spec: - "--nopush" {% endif %} env: [] - volumeMounts: + volumeMounts: - name: ssh-config-volume mountPath: /workspace/.ssh readOnly: true @@ -33,7 +34,7 @@ spec: readOnly: true restartPolicy: Never startingDeadlineSeconds: 600 - volumes: + volumes: - name: ssh-config-volume secret: secretName: ssh-config diff --git a/roles/openshift-apps/easyfix/files/imagestream.yml b/roles/openshift-apps/easyfix/files/imagestream.yml index f57921a2e7..bd3d3e31ff 100644 --- a/roles/openshift-apps/easyfix/files/imagestream.yml +++ b/roles/openshift-apps/easyfix/files/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 kind: List items: diff --git a/roles/openshift-apps/easyfix/files/storage.yml b/roles/openshift-apps/easyfix/files/storage.yml index 937c08e585..2f334da194 100644 --- a/roles/openshift-apps/easyfix/files/storage.yml +++ b/roles/openshift-apps/easyfix/files/storage.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/easyfix/templates/cron.yml b/roles/openshift-apps/easyfix/templates/cron.yml index 76393c9648..d80a01b1f2 100644 --- a/roles/openshift-apps/easyfix/templates/cron.yml +++ b/roles/openshift-apps/easyfix/templates/cron.yml @@ -33,4 +33,4 @@ spec: name: config - name: data persistentVolumeClaim: - claimName: data + claimName: data diff --git a/roles/openshift-apps/elections/files/deploymentconfig.yml b/roles/openshift-apps/elections/files/deploymentconfig.yml index 55fe38c6a9..748282563d 100644 --- a/roles/openshift-apps/elections/files/deploymentconfig.yml +++ b/roles/openshift-apps/elections/files/deploymentconfig.yml @@ -92,7 +92,7 @@ spec: secretName: elections-fedora-messaging-ca - name: fedora-messaging-key-volume secret: - secretName: elections-fedora-messaging-key + secretName: elections-fedora-messaging-key - name: fedora-messaging-cert-volume secret: secretName: elections-fedora-messaging-crt diff --git a/roles/openshift-apps/elections/files/service.yml b/roles/openshift-apps/elections/files/service.yml index e6cad41d95..6f85983e4c 100644 --- a/roles/openshift-apps/elections/files/service.yml +++ b/roles/openshift-apps/elections/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/elections/templates/buildconfig.yml b/roles/openshift-apps/elections/templates/buildconfig.yml index 5274d6d0cd..62c89fb909 100644 --- a/roles/openshift-apps/elections/templates/buildconfig.yml +++ b/roles/openshift-apps/elections/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/elections/templates/configmap.yml b/roles/openshift-apps/elections/templates/configmap.yml index 2d67f86f3f..c9d5fd3299 100644 --- a/roles/openshift-apps/elections/templates/configmap.yml +++ b/roles/openshift-apps/elections/templates/configmap.yml @@ -13,4 +13,3 @@ data: {{ load_file('fedora-elections.cfg') | indent }} fedora-messaging.toml: |- {{ load_file('fedora-messaging.toml') | indent }} - diff --git a/roles/openshift-apps/fasjson/files/service.yml b/roles/openshift-apps/fasjson/files/service.yml index 7f99e5b13c..6ac9f63c40 100644 --- a/roles/openshift-apps/fasjson/files/service.yml +++ b/roles/openshift-apps/fasjson/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/fasjson/templates/deploymentconfig.yml b/roles/openshift-apps/fasjson/templates/deploymentconfig.yml index 6a1caed278..283d72c5c9 100644 --- a/roles/openshift-apps/fasjson/templates/deploymentconfig.yml +++ b/roles/openshift-apps/fasjson/templates/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: diff --git a/roles/openshift-apps/fasjson/templates/secret-webhook.yml b/roles/openshift-apps/fasjson/templates/secret-webhook.yml index da524a1662..6310e2adb8 100644 --- a/roles/openshift-apps/fasjson/templates/secret-webhook.yml +++ b/roles/openshift-apps/fasjson/templates/secret-webhook.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/fedocal/files/cron.yml b/roles/openshift-apps/fedocal/files/cron.yml index a17940d46f..0d06684192 100644 --- a/roles/openshift-apps/fedocal/files/cron.yml +++ b/roles/openshift-apps/fedocal/files/cron.yml @@ -56,4 +56,3 @@ spec: - name: fedora-messaging-cert-volume secret: secretName: fedocal-fedora-messaging-crt - diff --git a/roles/openshift-apps/fedocal/files/service.yml b/roles/openshift-apps/fedocal/files/service.yml index d8a391b48b..255de786bc 100644 --- a/roles/openshift-apps/fedocal/files/service.yml +++ b/roles/openshift-apps/fedocal/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/fedocal/templates/buildconfig.yml b/roles/openshift-apps/fedocal/templates/buildconfig.yml index 294f8ffc25..d11e2dd255 100644 --- a/roles/openshift-apps/fedocal/templates/buildconfig.yml +++ b/roles/openshift-apps/fedocal/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/fedocal/templates/configmap.yml b/roles/openshift-apps/fedocal/templates/configmap.yml index f02d8cd75b..1ba20e341b 100644 --- a/roles/openshift-apps/fedocal/templates/configmap.yml +++ b/roles/openshift-apps/fedocal/templates/configmap.yml @@ -13,4 +13,3 @@ data: {{ load_file('fedocal.cfg') | indent }} fedora-messaging.toml: |- {{ load_file('fedora-messaging.toml') | indent }} - diff --git a/roles/openshift-apps/fedocal/templates/secret.yml b/roles/openshift-apps/fedocal/templates/secret.yml index 593d70c631..5d05279e51 100644 --- a/roles/openshift-apps/fedocal/templates/secret.yml +++ b/roles/openshift-apps/fedocal/templates/secret.yml @@ -8,4 +8,3 @@ metadata: stringData: client_secrets.json: |- {{ load_file('client_secrets.json') | indent }} - diff --git a/roles/openshift-apps/fedora-coreos-pipeline/tasks/main.yaml b/roles/openshift-apps/fedora-coreos-pipeline/tasks/main.yaml index 9b8c79d280..89ca8b42f9 100644 --- a/roles/openshift-apps/fedora-coreos-pipeline/tasks/main.yaml +++ b/roles/openshift-apps/fedora-coreos-pipeline/tasks/main.yaml @@ -5,7 +5,7 @@ state: directory owner: root group: root - mode: 0770 + mode: "0770" recurse: true # generate the templates for project to be created @@ -13,7 +13,7 @@ template: src: "{{ item }}" dest: "/root/ocp4/openshift-apps/{{project_name}}/{{ item }}" - mode: 0770 + mode: "0770" with_items: "{{ project_templates }}" # apply created openshift resources diff --git a/roles/openshift-apps/fedora-packages-static/files/imagestream.yml b/roles/openshift-apps/fedora-packages-static/files/imagestream.yml index 08bea158d9..fa1d80c6d2 100644 --- a/roles/openshift-apps/fedora-packages-static/files/imagestream.yml +++ b/roles/openshift-apps/fedora-packages-static/files/imagestream.yml @@ -12,7 +12,7 @@ status: apiVersion: image.openshift.io/v1 kind: ImageStream metadata: - name: solr + name: solr spec: tags: - name: "8" diff --git a/roles/openshift-apps/fedora-packages-static/templates/deploymentconfig.yml b/roles/openshift-apps/fedora-packages-static/templates/deploymentconfig.yml index 11c4b3cccf..5e3ad339ad 100644 --- a/roles/openshift-apps/fedora-packages-static/templates/deploymentconfig.yml +++ b/roles/openshift-apps/fedora-packages-static/templates/deploymentconfig.yml @@ -131,7 +131,7 @@ spec: volumes: - name: data-volume persistentVolumeClaim: - claimName: solr-storage{{ '-stg' if env == 'staging' else '' }} + claimName: solr-storage{{ '-stg' if env == 'staging' else '' }} - name: config-volume configMap: name: fedora-packages-static-solr-configmap diff --git a/roles/openshift-apps/firmitas/default/main.yml b/roles/openshift-apps/firmitas/default/main.yml index 7b6374b16a..a8702d95f6 100644 --- a/roles/openshift-apps/firmitas/default/main.yml +++ b/roles/openshift-apps/firmitas/default/main.yml @@ -1,3 +1,4 @@ +--- firmitas_namespace: "firmitas" firmitas_project_description: "Firmitas is a monitoring application which alerts about the expiration of RabbitMQ certs." firmitas_application_name: "{{ firmitas_namespace }}" diff --git a/roles/openshift-apps/firmitas/tasks/create-buildconfig.yml b/roles/openshift-apps/firmitas/tasks/create-buildconfig.yml index 6c9c1bc8fa..e37d1edb36 100644 --- a/roles/openshift-apps/firmitas/tasks/create-buildconfig.yml +++ b/roles/openshift-apps/firmitas/tasks/create-buildconfig.yml @@ -4,7 +4,7 @@ template: src: "buildconfig.yml" dest: "/root/ocp4/openshift-apps/firmitas/buildconfig.yml" - mode: 0770 + mode: "0770" # apply created openshift resources - name: oc apply resources diff --git a/roles/openshift-apps/firmitas/tasks/create-cronjob.yml b/roles/openshift-apps/firmitas/tasks/create-cronjob.yml index 1b45a445ea..c1b79a223f 100644 --- a/roles/openshift-apps/firmitas/tasks/create-cronjob.yml +++ b/roles/openshift-apps/firmitas/tasks/create-cronjob.yml @@ -4,7 +4,7 @@ template: src: "cronjob.yml" dest: "/root/ocp4/openshift-apps/firmitas/cronjob.yml" - mode: 0770 + mode: "0770" # apply created openshift resources - name: oc apply resources diff --git a/roles/openshift-apps/firmitas/tasks/create-deployment.yml b/roles/openshift-apps/firmitas/tasks/create-deployment.yml index 53ebda317e..6f01a2ee03 100644 --- a/roles/openshift-apps/firmitas/tasks/create-deployment.yml +++ b/roles/openshift-apps/firmitas/tasks/create-deployment.yml @@ -4,7 +4,7 @@ template: src: "deployment.yml" dest: "/root/ocp4/openshift-apps/firmitas/deployment.yml" - mode: 0770 + mode: "0770" # apply created openshift resources - name: oc apply resources diff --git a/roles/openshift-apps/firmitas/tasks/create-firmitas-configuration-secret.yml b/roles/openshift-apps/firmitas/tasks/create-firmitas-configuration-secret.yml index ecec0e039f..ea9bca7440 100644 --- a/roles/openshift-apps/firmitas/tasks/create-firmitas-configuration-secret.yml +++ b/roles/openshift-apps/firmitas/tasks/create-firmitas-configuration-secret.yml @@ -4,7 +4,7 @@ ansible.builtin.template: src: myconfig.py.j2 dest: /root/ocp4/openshift-apps/firmitas/myconfig.py - mode: 0600 + mode: "0600" owner: root group: root tags: @@ -15,7 +15,7 @@ ansible.builtin.template: src: certlist.yml.j2 dest: /root/ocp4/openshift-apps/firmitas/certlist.yml - mode: 0600 + mode: "0600" owner: root group: root tags: @@ -38,7 +38,7 @@ template: src: "secret-configuration.yml" dest: "/root/ocp4/openshift-apps/firmitas/secret-configuration.yml" - mode: 0600 + mode: "0600" # apply the openshift resources diff --git a/roles/openshift-apps/firmitas/tasks/create-imagestream.yml b/roles/openshift-apps/firmitas/tasks/create-imagestream.yml index 40a3e5b9bc..e0b77375a4 100644 --- a/roles/openshift-apps/firmitas/tasks/create-imagestream.yml +++ b/roles/openshift-apps/firmitas/tasks/create-imagestream.yml @@ -4,7 +4,7 @@ template: src: "imagestream.yml" dest: "/root/ocp4/openshift-apps/firmitas/imagestream.yml" - mode: 0770 + mode: "0770" # apply created openshift resources - name: oc apply resources diff --git a/roles/openshift-apps/firmitas/tasks/create-namespace.yml b/roles/openshift-apps/firmitas/tasks/create-namespace.yml index c916a027a3..564b5c3b39 100644 --- a/roles/openshift-apps/firmitas/tasks/create-namespace.yml +++ b/roles/openshift-apps/firmitas/tasks/create-namespace.yml @@ -4,7 +4,7 @@ template: src: "namespace.yml" dest: "/root/ocp4/openshift-apps/firmitas/namespace.yml" - mode: 0770 + mode: "0770" # apply created openshift resources - name: oc apply resources diff --git a/roles/openshift-apps/firmitas/tasks/create-pagure-apikey-secret.yml b/roles/openshift-apps/firmitas/tasks/create-pagure-apikey-secret.yml index df69b94061..0b0c1c3076 100644 --- a/roles/openshift-apps/firmitas/tasks/create-pagure-apikey-secret.yml +++ b/roles/openshift-apps/firmitas/tasks/create-pagure-apikey-secret.yml @@ -4,7 +4,7 @@ template: src: "secret-pagure-apikey.yml" dest: "/root/ocp4/openshift-apps/firmitas/secret-pagure-apikey.yml" - mode: 0770 + mode: "0770" # apply created openshift resources - name: oc apply resources diff --git a/roles/openshift-apps/firmitas/tasks/create-persistent-volume-claim.yml b/roles/openshift-apps/firmitas/tasks/create-persistent-volume-claim.yml index f4c15f3803..8ba1042f85 100644 --- a/roles/openshift-apps/firmitas/tasks/create-persistent-volume-claim.yml +++ b/roles/openshift-apps/firmitas/tasks/create-persistent-volume-claim.yml @@ -4,7 +4,7 @@ template: src: "persistent-volume-claim.yml" dest: "/root/ocp4/openshift-apps/firmitas/persistent-volume-claim.yml" - mode: 0770 + mode: "0770" # apply created openshift resources - name: oc apply resources diff --git a/roles/openshift-apps/firmitas/templates/deployment.yml b/roles/openshift-apps/firmitas/templates/deployment.yml index 065ea4f2ce..29fcedff81 100644 --- a/roles/openshift-apps/firmitas/templates/deployment.yml +++ b/roles/openshift-apps/firmitas/templates/deployment.yml @@ -69,4 +69,3 @@ spec: claimName: "firmitas-volume" terminationGracePeriodSeconds: 10 - diff --git a/roles/openshift-apps/firmitas/templates/imagestream.yml b/roles/openshift-apps/firmitas/templates/imagestream.yml index a599382179..1aee16e176 100644 --- a/roles/openshift-apps/firmitas/templates/imagestream.yml +++ b/roles/openshift-apps/firmitas/templates/imagestream.yml @@ -4,4 +4,3 @@ apiVersion: image.openshift.io/v1 metadata: name: "{{ firmitas_application_name }}" namespace: "{{ firmitas_namespace }}" - diff --git a/roles/openshift-apps/firmitas/templates/namespace.yml b/roles/openshift-apps/firmitas/templates/namespace.yml index bcbe6f65cc..ad5cd0a307 100644 --- a/roles/openshift-apps/firmitas/templates/namespace.yml +++ b/roles/openshift-apps/firmitas/templates/namespace.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Namespace metadata: @@ -6,4 +7,3 @@ metadata: openshift.io/display-name: "{{firmitas_application_name}}" openshift.io/requester: "{{ firmitas_requester }}" name: "{{ firmitas_namespace }}" - diff --git a/roles/openshift-apps/firmitas/templates/persistent-volume-claim.yml b/roles/openshift-apps/firmitas/templates/persistent-volume-claim.yml index 8b4a9f5c61..825f4caeb8 100644 --- a/roles/openshift-apps/firmitas/templates/persistent-volume-claim.yml +++ b/roles/openshift-apps/firmitas/templates/persistent-volume-claim.yml @@ -1,3 +1,4 @@ +--- kind: PersistentVolumeClaim apiVersion: v1 metadata: @@ -12,4 +13,3 @@ spec: volumeName: storageClassName: ocs-storagecluster-cephfs volumeMode: Filesystem - diff --git a/roles/openshift-apps/firmitas/templates/secret-configuration.yml b/roles/openshift-apps/firmitas/templates/secret-configuration.yml index a844427de2..74a6fdb7c0 100644 --- a/roles/openshift-apps/firmitas/templates/secret-configuration.yml +++ b/roles/openshift-apps/firmitas/templates/secret-configuration.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/firmitas/templates/secret-pagure-apikey.yml b/roles/openshift-apps/firmitas/templates/secret-pagure-apikey.yml index 5068c57110..cc6609e103 100644 --- a/roles/openshift-apps/firmitas/templates/secret-pagure-apikey.yml +++ b/roles/openshift-apps/firmitas/templates/secret-pagure-apikey.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: @@ -8,4 +9,3 @@ data: "{{ (env == 'production')|ternary(firmitas_pagure_apikey, firmitas_stg_pagure_apikey) | b64encode }}" firmitas-pagure-host: "{{ (env == 'production')|ternary( firmitas_pagure_host, firmitas_stg_pagure_host) | b64encode }}" - diff --git a/roles/openshift-apps/flask-oidc-dev/files/service.yml b/roles/openshift-apps/flask-oidc-dev/files/service.yml index f276490282..57cf875cd0 100644 --- a/roles/openshift-apps/flask-oidc-dev/files/service.yml +++ b/roles/openshift-apps/flask-oidc-dev/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/flask-oidc-dev/templates/buildconfig.yml b/roles/openshift-apps/flask-oidc-dev/templates/buildconfig.yml index 61fb480c59..95d70f7568 100644 --- a/roles/openshift-apps/flask-oidc-dev/templates/buildconfig.yml +++ b/roles/openshift-apps/flask-oidc-dev/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/flask-oidc-dev/templates/deploymentconfig.yml b/roles/openshift-apps/flask-oidc-dev/templates/deploymentconfig.yml index 7867651641..2ab5dd30d4 100644 --- a/roles/openshift-apps/flask-oidc-dev/templates/deploymentconfig.yml +++ b/roles/openshift-apps/flask-oidc-dev/templates/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: @@ -30,10 +31,10 @@ spec: imagePullPolicy: Always ports: - containerPort: 8080 - #protocol: TCP - #resources: {} - #terminationMessagePath: /dev/termination-log - #terminationMessagePolicy: File + # protocol: TCP + # resources: {} + # terminationMessagePath: /dev/termination-log + # terminationMessagePolicy: File volumeMounts: - name: flask-oidc-dev-config-volume mountPath: "/etc/flask-oidc-dev" diff --git a/roles/openshift-apps/flask-oidc-dev/templates/secret-webhook.yml b/roles/openshift-apps/flask-oidc-dev/templates/secret-webhook.yml index e8662f8cfc..acd9bf5dbb 100644 --- a/roles/openshift-apps/flask-oidc-dev/templates/secret-webhook.yml +++ b/roles/openshift-apps/flask-oidc-dev/templates/secret-webhook.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/flatpak-indexer/files/imagestream.yml b/roles/openshift-apps/flatpak-indexer/files/imagestream.yml index 9c9e9a5c55..c7546d9cab 100644 --- a/roles/openshift-apps/flatpak-indexer/files/imagestream.yml +++ b/roles/openshift-apps/flatpak-indexer/files/imagestream.yml @@ -19,48 +19,48 @@ kind: ImageStream metadata: name: fedora spec: - lookupPolicy: - local: false - tags: - - name: latest - from: - kind: DockerImage - name: registry.fedoraproject.org/fedora:40 - importPolicy: - scheduled: true - referencePolicy: - type: Source + lookupPolicy: + local: false + tags: + - name: latest + from: + kind: DockerImage + name: registry.fedoraproject.org/fedora:40 + importPolicy: + scheduled: true + referencePolicy: + type: Source --- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: ubi8-go-toolset spec: - lookupPolicy: - local: false - tags: - - name: latest - from: - kind: DockerImage - name: registry.access.redhat.com/ubi8/go-toolset:latest - importPolicy: - scheduled: true - referencePolicy: - type: Source + lookupPolicy: + local: false + tags: + - name: latest + from: + kind: DockerImage + name: registry.access.redhat.com/ubi8/go-toolset:latest + importPolicy: + scheduled: true + referencePolicy: + type: Source --- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: name: ubi8-python-39 spec: - lookupPolicy: - local: false - tags: - - name: latest - from: - kind: DockerImage - name: registry.access.redhat.com/ubi8/python-39:latest - importPolicy: - scheduled: true - referencePolicy: - type: Source + lookupPolicy: + local: false + tags: + - name: latest + from: + kind: DockerImage + name: registry.access.redhat.com/ubi8/python-39:latest + importPolicy: + scheduled: true + referencePolicy: + type: Source diff --git a/roles/openshift-apps/fmn/files/imagestream.yml b/roles/openshift-apps/fmn/files/imagestream.yml index 6bb63c9cc3..48af749226 100644 --- a/roles/openshift-apps/fmn/files/imagestream.yml +++ b/roles/openshift-apps/fmn/files/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 kind: List items: diff --git a/roles/openshift-apps/fmn/templates/deploymentconfig.yml b/roles/openshift-apps/fmn/templates/deploymentconfig.yml index 4f4a9a2011..89b7356340 100644 --- a/roles/openshift-apps/fmn/templates/deploymentconfig.yml +++ b/roles/openshift-apps/fmn/templates/deploymentconfig.yml @@ -359,7 +359,7 @@ metadata: spec: # There can be only one pod for IRC # Staging is currently unable to connect to IRC outside because of firewall rules. - replicas: {{ (env == 'production')|ternary('1', '0') }} + replicas: "{{ (env == 'production')|ternary('1', '0') }}" selector: app: fmn deploymentconfig: sender-irc diff --git a/roles/openshift-apps/fmn/templates/secret-webhook.yml b/roles/openshift-apps/fmn/templates/secret-webhook.yml index 23efc3ce4c..703d1593b0 100644 --- a/roles/openshift-apps/fmn/templates/secret-webhook.yml +++ b/roles/openshift-apps/fmn/templates/secret-webhook.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/greenwave/files/route.yml b/roles/openshift-apps/greenwave/files/route.yml index d4a09c4d7b..96d6481238 100644 --- a/roles/openshift-apps/greenwave/files/route.yml +++ b/roles/openshift-apps/greenwave/files/route.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Route metadata: @@ -5,7 +6,7 @@ metadata: labels: app: greenwave spec: - #host: greenwave.stg.fedoraproject.org + # host: greenwave.stg.fedoraproject.org port: targetPort: web to: diff --git a/roles/openshift-apps/greenwave/templates/fedora.yaml b/roles/openshift-apps/greenwave/templates/fedora.yaml index 983c175fb9..7b245894e3 100644 --- a/roles/openshift-apps/greenwave/templates/fedora.yaml +++ b/roles/openshift-apps/greenwave/templates/fedora.yaml @@ -546,4 +546,3 @@ rules: - !PassingTestCaseRule {test_case_name: compose.server_realmd_join_kickstart, scenario: "fedora.Server-dvd-iso.x86_64.64bit"} - !PassingTestCaseRule {test_case_name: compose.server_role_deploy_database_server, scenario: "fedora.Server-dvd-iso.x86_64.64bit"} - !PassingTestCaseRule {test_case_name: compose.server_role_deploy_domain_controller, scenario: "fedora.Server-dvd-iso.x86_64.64bit"} - diff --git a/roles/openshift-apps/ipsilon-website/files/service.yml b/roles/openshift-apps/ipsilon-website/files/service.yml index cebe301b6b..cd3876c0a5 100644 --- a/roles/openshift-apps/ipsilon-website/files/service.yml +++ b/roles/openshift-apps/ipsilon-website/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/ipsilon-website/templates/buildconfig.yml b/roles/openshift-apps/ipsilon-website/templates/buildconfig.yml index 1ca63fdf5f..4aa9514f1b 100644 --- a/roles/openshift-apps/ipsilon-website/templates/buildconfig.yml +++ b/roles/openshift-apps/ipsilon-website/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/ipsilon-website/templates/deploymentconfig.yml b/roles/openshift-apps/ipsilon-website/templates/deploymentconfig.yml index 9bc75a0d02..b4435d13e6 100644 --- a/roles/openshift-apps/ipsilon-website/templates/deploymentconfig.yml +++ b/roles/openshift-apps/ipsilon-website/templates/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: @@ -30,7 +31,7 @@ spec: imagePullPolicy: Always ports: - containerPort: 8080 - #protocol: TCP + # protocol: TCP readinessProbe: timeoutSeconds: 5 initialDelaySeconds: 30 @@ -43,9 +44,9 @@ spec: httpGet: path: / port: 8080 - #resources: {} - #terminationMessagePath: /dev/termination-log - #terminationMessagePolicy: File + # resources: {} + # terminationMessagePath: /dev/termination-log + # terminationMessagePolicy: File triggers: - type: ConfigChange - type: ImageChange diff --git a/roles/openshift-apps/kanban/templates/buildconfig.yml b/roles/openshift-apps/kanban/templates/buildconfig.yml index 1d60ca8e55..404e6d4338 100644 --- a/roles/openshift-apps/kanban/templates/buildconfig.yml +++ b/roles/openshift-apps/kanban/templates/buildconfig.yml @@ -10,7 +10,7 @@ spec: type: Git git: uri: https://pagure.io/fedora-qa/kanban - ref: {{ (env == 'production')|ternary('master', 'develop') }} + ref: "{{ (env == 'production')|ternary('master', 'develop') }}" strategy: type: Source sourceStrategy: diff --git a/roles/openshift-apps/kerneltest/files/deploymentconfig.yml b/roles/openshift-apps/kerneltest/files/deploymentconfig.yml index 8b64252308..215f6727f8 100644 --- a/roles/openshift-apps/kerneltest/files/deploymentconfig.yml +++ b/roles/openshift-apps/kerneltest/files/deploymentconfig.yml @@ -136,4 +136,4 @@ spec: - kerneltest from: kind: ImageStreamTag - name: kerneltest:latest \ No newline at end of file + name: kerneltest:latest diff --git a/roles/openshift-apps/kerneltest/files/service.yml b/roles/openshift-apps/kerneltest/files/service.yml index df433e9315..233e40fe5e 100644 --- a/roles/openshift-apps/kerneltest/files/service.yml +++ b/roles/openshift-apps/kerneltest/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/kerneltest/files/storage.yml b/roles/openshift-apps/kerneltest/files/storage.yml index 0b3d08b618..84cf065c03 100644 --- a/roles/openshift-apps/kerneltest/files/storage.yml +++ b/roles/openshift-apps/kerneltest/files/storage.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: @@ -8,4 +9,4 @@ spec: resources: requests: storage: 1Gi - storageClassName: ocs-storagecluster-cephfs \ No newline at end of file + storageClassName: ocs-storagecluster-cephfs diff --git a/roles/openshift-apps/kerneltest/templates/buildconfig.yml b/roles/openshift-apps/kerneltest/templates/buildconfig.yml index 8c3e699535..37dccdcfaa 100644 --- a/roles/openshift-apps/kerneltest/templates/buildconfig.yml +++ b/roles/openshift-apps/kerneltest/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/kerneltest/templates/configmap.yml b/roles/openshift-apps/kerneltest/templates/configmap.yml index 179c9a4dc3..f111ca315f 100644 --- a/roles/openshift-apps/kerneltest/templates/configmap.yml +++ b/roles/openshift-apps/kerneltest/templates/configmap.yml @@ -45,4 +45,3 @@ items: data: config.toml: |- {{ load_file('fedora-messaging.toml') | indent(6) }} - diff --git a/roles/openshift-apps/koschei/job/tasks/main.yml b/roles/openshift-apps/koschei/job/tasks/main.yml index ac7a1bcaf0..66a7909500 100644 --- a/roles/openshift-apps/koschei/job/tasks/main.yml +++ b/roles/openshift-apps/koschei/job/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy job template to a temporary file template: src: "{{roles_path}}/openshift-apps/{{app}}/templates/job.yml" diff --git a/roles/openshift-apps/koschei/templates/admin-config.yml b/roles/openshift-apps/koschei/templates/admin-config.yml index e70bb6ebf0..02e1849b58 100644 --- a/roles/openshift-apps/koschei/templates/admin-config.yml +++ b/roles/openshift-apps/koschei/templates/admin-config.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/koschei/templates/admin-deployment.yml b/roles/openshift-apps/koschei/templates/admin-deployment.yml index fef003457f..73a2ecba6e 100644 --- a/roles/openshift-apps/koschei/templates/admin-deployment.yml +++ b/roles/openshift-apps/koschei/templates/admin-deployment.yml @@ -1,4 +1,5 @@ # https://docs.openshift.com/container-platform/4.15/rest_api/workloads_apis/deployment-apps-v1.html +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/koschei/templates/backend-config.yml b/roles/openshift-apps/koschei/templates/backend-config.yml index f293097341..6d6f240cec 100644 --- a/roles/openshift-apps/koschei/templates/backend-config.yml +++ b/roles/openshift-apps/koschei/templates/backend-config.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/koschei/templates/backend-deployment.yml b/roles/openshift-apps/koschei/templates/backend-deployment.yml index 17a1d40997..8eaa2e94cb 100644 --- a/roles/openshift-apps/koschei/templates/backend-deployment.yml +++ b/roles/openshift-apps/koschei/templates/backend-deployment.yml @@ -1,4 +1,5 @@ # https://docs.openshift.com/container-platform/4.15/rest_api/workloads_apis/deployment-apps-v1.html +--- apiVersion: apps/v1 kind: Deployment metadata: @@ -20,7 +21,7 @@ spec: containers: - name: {{service}} image: image-registry.openshift-image-registry.svc:5000/koschei/koschei:latest - command: [/usr/bin/koschei-{{service}}] + command: ["/usr/bin/koschei-{{service}}"] env: - name: SUDO_USER value: admin diff --git a/roles/openshift-apps/koschei/templates/cronjob.yml b/roles/openshift-apps/koschei/templates/cronjob.yml index 7fbeefe0ab..43c592e382 100644 --- a/roles/openshift-apps/koschei/templates/cronjob.yml +++ b/roles/openshift-apps/koschei/templates/cronjob.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: CronJob metadata: diff --git a/roles/openshift-apps/koschei/templates/frontend-config.yml b/roles/openshift-apps/koschei/templates/frontend-config.yml index c131997596..df6db1a618 100644 --- a/roles/openshift-apps/koschei/templates/frontend-config.yml +++ b/roles/openshift-apps/koschei/templates/frontend-config.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/koschei/templates/frontend-deployment.yml b/roles/openshift-apps/koschei/templates/frontend-deployment.yml index f094155a9f..a98d50d14b 100644 --- a/roles/openshift-apps/koschei/templates/frontend-deployment.yml +++ b/roles/openshift-apps/koschei/templates/frontend-deployment.yml @@ -1,4 +1,5 @@ # https://docs.openshift.com/container-platform/4.15/rest_api/workloads_apis/deployment-apps-v1.html +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/koschei/templates/frontend-service.yml b/roles/openshift-apps/koschei/templates/frontend-service.yml index 695a471797..2af136ba96 100644 --- a/roles/openshift-apps/koschei/templates/frontend-service.yml +++ b/roles/openshift-apps/koschei/templates/frontend-service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/koschei/templates/imagestream.yml b/roles/openshift-apps/koschei/templates/imagestream.yml index 7021e0fda0..8b4c23c9cd 100644 --- a/roles/openshift-apps/koschei/templates/imagestream.yml +++ b/roles/openshift-apps/koschei/templates/imagestream.yml @@ -1,7 +1,8 @@ +--- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: - name: koschei + name: koschei spec: tags: - name: latest diff --git a/roles/openshift-apps/koschei/templates/job.yml b/roles/openshift-apps/koschei/templates/job.yml index 345e085a89..da96f22c67 100644 --- a/roles/openshift-apps/koschei/templates/job.yml +++ b/roles/openshift-apps/koschei/templates/job.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: Job metadata: diff --git a/roles/openshift-apps/koschei/vars/main.yml b/roles/openshift-apps/koschei/vars/main.yml index 548dc5601b..bcd31972eb 100644 --- a/roles/openshift-apps/koschei/vars/main.yml +++ b/roles/openshift-apps/koschei/vars/main.yml @@ -1,3 +1,4 @@ +--- app: koschei description: koschei diff --git a/roles/openshift-apps/koschei/vars/production.yml b/roles/openshift-apps/koschei/vars/production.yml index ffed6a8fb6..ba5d772e84 100644 --- a/roles/openshift-apps/koschei/vars/production.yml +++ b/roles/openshift-apps/koschei/vars/production.yml @@ -1,3 +1,4 @@ +--- appowners: - mizdebsk @@ -27,11 +28,11 @@ koschei_oidc_crypto_secret: "{{ koschei_oidc_crypto_secret_prod }}" koschei_frontend_replicas: 3 koschei_backend_services: - - { name: polling, cpu: [ 1000, 1500 ], memory: [ 512, 1024 ] } - - { name: scheduler, cpu: [ 200, 500 ], memory: [ 128, 256 ] } - - { name: build-resolver, cpu: [ 1000, 2000 ], memory: [ 1536, 4096 ] } - - { name: repo-resolver, cpu: [ 2000, 8000 ], memory: [ 2048, 4096 ] } - - { name: watcher, cpu: [ 200, 1000 ], memory: [ 128, 512 ] } + - { name: polling, cpu: [ 1000, 1500 ], memory: [ 512, 1024 ] } # yamllint disable-line rule:commas rule:brackets + - { name: scheduler, cpu: [ 200, 500 ], memory: [ 128, 256 ] } # yamllint disable-line rule:commas rule:brackets + - { name: build-resolver, cpu: [ 1000, 2000 ], memory: [ 1536, 4096 ] } # yamllint disable-line rule:commas rule:brackets + - { name: repo-resolver, cpu: [ 2000, 8000 ], memory: [ 2048, 4096 ] } # yamllint disable-line rule:commas rule:brackets + - { name: watcher, cpu: [ 200, 1000 ], memory: [ 128, 512 ] } # yamllint disable-line rule:commas rule:brackets koschei_cron_jobs: - name: db-cleanup diff --git a/roles/openshift-apps/koschei/vars/staging.yml b/roles/openshift-apps/koschei/vars/staging.yml index 5de5225f76..2feb7e568d 100644 --- a/roles/openshift-apps/koschei/vars/staging.yml +++ b/roles/openshift-apps/koschei/vars/staging.yml @@ -1,3 +1,4 @@ +--- appowners: - mizdebsk @@ -27,13 +28,13 @@ koschei_oidc_crypto_secret: "{{ koschei_oidc_crypto_secret_stg }}" koschei_frontend_replicas: 2 koschei_backend_services: - - { name: polling, cpu: [ 1000, 1500 ], memory: [ 512, 1024 ] } - - { name: scheduler, cpu: [ 200, 500 ], memory: [ 128, 256 ] } - - { name: build-resolver, cpu: [ 1000, 2000 ], memory: [ 1536, 4096 ] } - - { name: repo-resolver, cpu: [ 2000, 8000 ], memory: [ 2048, 4096 ] } - - { name: watcher, cpu: [ 200, 1000 ], memory: [ 128, 512 ] } - - { name: copr-resolver, cpu: [ 2000, 8000 ], memory: [ 1024, 4096 ] } - - { name: copr-scheduler, cpu: [ 1000, 2000 ], memory: [ 1024, 2048 ] } + - { name: polling, cpu: [ 1000, 1500 ], memory: [ 512, 1024 ] } # yamllint disable-line rule:commas rule:brackets + - { name: scheduler, cpu: [ 200, 500 ], memory: [ 128, 256 ] } # yamllint disable-line rule:commas rule:brackets + - { name: build-resolver, cpu: [ 1000, 2000 ], memory: [ 1536, 4096 ] } # yamllint disable-line rule:commas rule:brackets + - { name: repo-resolver, cpu: [ 2000, 8000 ], memory: [ 2048, 4096 ] } # yamllint disable-line rule:commas rule:brackets + - { name: watcher, cpu: [ 200, 1000 ], memory: [ 128, 512 ] } # yamllint disable-line rule:commas rule:brackets + - { name: copr-resolver, cpu: [ 2000, 8000 ], memory: [ 1024, 4096 ] } # yamllint disable-line rule:commas rule:brackets + - { name: copr-scheduler, cpu: [ 1000, 2000 ], memory: [ 1024, 2048 ] } # yamllint disable-line rule:commas rule:brackets koschei_cron_jobs: - name: db-cleanup diff --git a/roles/openshift-apps/languages/templates/buildconfig.yml b/roles/openshift-apps/languages/templates/buildconfig.yml index 00d5daa599..b958699c09 100644 --- a/roles/openshift-apps/languages/templates/buildconfig.yml +++ b/roles/openshift-apps/languages/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: @@ -11,7 +12,7 @@ spec: source: git: uri: "https://pagure.io/fedora-l10n/fedora-localization-statistics.git" - ref: {{ 'staging' if env == 'staging' else 'main' }} + ref: "{{ 'staging' if env == 'staging' else 'main' }}" strategy: type: Docker dockerStrategy: diff --git a/roles/openshift-apps/languages/templates/cron_template.yml b/roles/openshift-apps/languages/templates/cron_template.yml index 2ad5d5442f..9d6793e831 100644 --- a/roles/openshift-apps/languages/templates/cron_template.yml +++ b/roles/openshift-apps/languages/templates/cron_template.yml @@ -1,3 +1,4 @@ +--- volumes: - name: srpm-data persistentVolumeClaim: @@ -82,4 +83,3 @@ containers: requests: cpu: '0' memory: 4Gi - diff --git a/roles/openshift-apps/languages/templates/deployment.yml b/roles/openshift-apps/languages/templates/deployment.yml index bbe5b5cb27..9358fd9a00 100644 --- a/roles/openshift-apps/languages/templates/deployment.yml +++ b/roles/openshift-apps/languages/templates/deployment.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/languages/templates/pvc.yml b/roles/openshift-apps/languages/templates/pvc.yml index 27172bc225..477b0f6450 100644 --- a/roles/openshift-apps/languages/templates/pvc.yml +++ b/roles/openshift-apps/languages/templates/pvc.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/languages/templates/service.yml b/roles/openshift-apps/languages/templates/service.yml index a53758d759..80f930be26 100644 --- a/roles/openshift-apps/languages/templates/service.yml +++ b/roles/openshift-apps/languages/templates/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/maubot/files/deployment.yml b/roles/openshift-apps/maubot/files/deployment.yml index 95d6f88d91..0cb3c8d73c 100644 --- a/roles/openshift-apps/maubot/files/deployment.yml +++ b/roles/openshift-apps/maubot/files/deployment.yml @@ -79,10 +79,10 @@ spec: name: fedora-messaging-configmap - name: fedora-messaging-ca-volume secret: - secretName: maubot-fedora-messaging-ca + secretName: maubot-fedora-messaging-ca - name: fedora-messaging-key-volume secret: - secretName: maubot-fedora-messaging-key + secretName: maubot-fedora-messaging-key - name: fedora-messaging-crt-volume secret: - secretName: maubot-fedora-messaging-crt + secretName: maubot-fedora-messaging-crt diff --git a/roles/openshift-apps/maubot/files/deploymentconfig.yml b/roles/openshift-apps/maubot/files/deploymentconfig.yml index bcab625c7e..fa14cd4448 100644 --- a/roles/openshift-apps/maubot/files/deploymentconfig.yml +++ b/roles/openshift-apps/maubot/files/deploymentconfig.yml @@ -78,13 +78,13 @@ spec: name: fedora-messaging-configmap - name: fedora-messaging-ca-volume secret: - secretName: maubot-fedora-messaging-ca + secretName: maubot-fedora-messaging-ca - name: fedora-messaging-key-volume secret: - secretName: maubot-fedora-messaging-key + secretName: maubot-fedora-messaging-key - name: fedora-messaging-crt-volume secret: - secretName: maubot-fedora-messaging-crt + secretName: maubot-fedora-messaging-crt triggers: - type: ConfigChange - type: ImageChange diff --git a/roles/openshift-apps/maubot/files/imagestream.yml b/roles/openshift-apps/maubot/files/imagestream.yml index 2f7132308d..98c45fc6fe 100644 --- a/roles/openshift-apps/maubot/files/imagestream.yml +++ b/roles/openshift-apps/maubot/files/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 kind: List items: diff --git a/roles/openshift-apps/maubot/files/service.yml b/roles/openshift-apps/maubot/files/service.yml index 6c96541189..0200b24285 100644 --- a/roles/openshift-apps/maubot/files/service.yml +++ b/roles/openshift-apps/maubot/files/service.yml @@ -11,4 +11,4 @@ spec: port: 8080 targetPort: 8080 selector: - app: maubot \ No newline at end of file + app: maubot diff --git a/roles/openshift-apps/maubot/templates/config.yml b/roles/openshift-apps/maubot/templates/config.yml index 098a419872..308633a2a3 100644 --- a/roles/openshift-apps/maubot/templates/config.yml +++ b/roles/openshift-apps/maubot/templates/config.yml @@ -1,76 +1,76 @@ - +--- database: postgresql://maubot:{{ (env == 'production')|ternary(maubot_prod_db_password, maubot_stg_db_password) }}@db01{{ env_suffix }}.iad2.fedoraproject.org/maubot crypto_database: default database_opts: - min_size: 1 - max_size: 10 + min_size: 1 + max_size: 10 plugin_directories: - upload: /maubot - load: - - /maubot - trash: delete + upload: /maubot + load: + - /maubot + trash: delete plugin_databases: - postgres: default - postgres_max_conns_per_plugin: 3 - postgres_opts: {} + postgres: default + postgres_max_conns_per_plugin: 3 + postgres_opts: {} server: - hostname: 0.0.0.0 - port: 8080 - public_url: http://maubot.apps.ocp{{env_suffix}}.fedoraproject.org/ - ui_base_path: / - plugin_base_path: /plugin/ - override_resource_path: false - unshared_secret: generate + hostname: 0.0.0.0 + port: 8080 + public_url: http://maubot.apps.ocp{{env_suffix}}.fedoraproject.org/ + ui_base_path: / + plugin_base_path: /plugin/ + override_resource_path: false + unshared_secret: generate homeservers: - fedora.im: - url: https://fedora.ems.host - secret: null + fedora.im: + url: https://fedora.ems.host + secret: null admins: - root: "" + root: "" {% if env == 'staging' %} - {{ maubot_stg_admin_user }}: "{{ maubot_stg_admin_password }}" + {{ maubot_stg_admin_user }}: "{{ maubot_stg_admin_password }}" {% else %} - {{ maubot_prod_admin_user }}: "{{ maubot_prod_admin_password }}" + {{ maubot_prod_admin_user }}: "{{ maubot_prod_admin_password }}" {% endif %} api_features: - login: true - plugin: true - plugin_upload: true - instance: true - instance_database: true - client: true - client_proxy: true - client_auth: true - dev_open: true - log: true + login: true + plugin: true + plugin_upload: true + instance: true + instance_database: true + client: true + client_proxy: true + client_auth: true + dev_open: true + log: true logging: - version: 1 - formatters: - colored: - (): maubot.lib.color_log.ColorFormatter - format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" - normal: - format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" - handlers: - console: - class: logging.StreamHandler - formatter: colored - loggers: - maubot: - level: INFO - mau: - level: INFO - aiohttp: - level: WARN - root: - level: WARN - handlers: [console] + version: 1 + formatters: + colored: + (): maubot.lib.color_log.ColorFormatter + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + normal: + format: "[%(asctime)s] [%(levelname)s@%(name)s] %(message)s" + handlers: + console: + class: logging.StreamHandler + formatter: colored + loggers: + maubot: + level: INFO + mau: + level: INFO + aiohttp: + level: WARN + root: + level: WARN + handlers: [console] diff --git a/roles/openshift-apps/maubot/templates/meetbot-logs-volume.yml b/roles/openshift-apps/maubot/templates/meetbot-logs-volume.yml index 196046ad6e..0afc9e7ffa 100644 --- a/roles/openshift-apps/maubot/templates/meetbot-logs-volume.yml +++ b/roles/openshift-apps/maubot/templates/meetbot-logs-volume.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/mdapi/files/cron.yml b/roles/openshift-apps/mdapi/files/cron.yml index 2e73e0d361..64c1d879b9 100644 --- a/roles/openshift-apps/mdapi/files/cron.yml +++ b/roles/openshift-apps/mdapi/files/cron.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: CronJob metadata: @@ -43,24 +44,24 @@ spec: volumes: - name: myconfigpy-volume configMap: - defaultMode: 420 - name: mdapi-myconfigpy-configmap + defaultMode: 420 + name: mdapi-myconfigpy-configmap - name: config-volume configMap: - defaultMode: 420 - name: mdapi-configmap + defaultMode: 420 + name: mdapi-configmap - name: data-volume persistentVolumeClaim: - claimName: mdapi-storage + claimName: mdapi-storage - name: fedora-messaging-config-volume configMap: name: fedora-messaging-configmap - name: fedora-messaging-ca-volume secret: - secretName: mdapi-fedora-messaging-ca + secretName: mdapi-fedora-messaging-ca - name: fedora-messaging-key-volume secret: - secretName: mdapi-fedora-messaging-key + secretName: mdapi-fedora-messaging-key - name: fedora-messaging-crt-volume secret: - secretName: mdapi-fedora-messaging-crt + secretName: mdapi-fedora-messaging-crt diff --git a/roles/openshift-apps/mdapi/files/deploymentconfig.yml b/roles/openshift-apps/mdapi/files/deploymentconfig.yml index 692e743d5b..08c13a41e2 100644 --- a/roles/openshift-apps/mdapi/files/deploymentconfig.yml +++ b/roles/openshift-apps/mdapi/files/deploymentconfig.yml @@ -47,15 +47,15 @@ spec: port: 8080 resources: volumes: - - name: config-volume - configMap: - name: mdapi-configmap - - name: myconfigpy-volume - configMap: - name: mdapi-myconfigpy-configmap - - name: data-volume - persistentVolumeClaim: - claimName: mdapi-storage + - name: config-volume + configMap: + name: mdapi-configmap + - name: myconfigpy-volume + configMap: + name: mdapi-myconfigpy-configmap + - name: data-volume + persistentVolumeClaim: + claimName: mdapi-storage triggers: - type: ImageChange imageChangeParams: diff --git a/roles/openshift-apps/mdapi/files/service.yml b/roles/openshift-apps/mdapi/files/service.yml index 23c5c17ec5..d459a61602 100644 --- a/roles/openshift-apps/mdapi/files/service.yml +++ b/roles/openshift-apps/mdapi/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: @@ -13,4 +14,3 @@ spec: selector: app: mdapi deploymentconfig: mdapi - diff --git a/roles/openshift-apps/mdapi/files/storage.yml b/roles/openshift-apps/mdapi/files/storage.yml index 463cba21fc..4a433c45ed 100644 --- a/roles/openshift-apps/mdapi/files/storage.yml +++ b/roles/openshift-apps/mdapi/files/storage.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/mdapi/templates/buildconfig.yml b/roles/openshift-apps/mdapi/templates/buildconfig.yml index 2fa320e0b1..d002d214f7 100644 --- a/roles/openshift-apps/mdapi/templates/buildconfig.yml +++ b/roles/openshift-apps/mdapi/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/mdapi/templates/imagestream.yml b/roles/openshift-apps/mdapi/templates/imagestream.yml index 4f2ca0c89c..1432eb3644 100644 --- a/roles/openshift-apps/mdapi/templates/imagestream.yml +++ b/roles/openshift-apps/mdapi/templates/imagestream.yml @@ -1,4 +1,5 @@ +--- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: - name: "mdapi" + name: "mdapi" diff --git a/roles/openshift-apps/messaging-bridges/files/imagestream.yml b/roles/openshift-apps/messaging-bridges/files/imagestream.yml index aa7e7bdaf2..56d4540821 100644 --- a/roles/openshift-apps/messaging-bridges/files/imagestream.yml +++ b/roles/openshift-apps/messaging-bridges/files/imagestream.yml @@ -2,7 +2,7 @@ apiVersion: image.openshift.io/v1 kind: ImageStream metadata: - name: fedmsg-migration-tools + name: fedmsg-migration-tools spec: lookupPolicy: local: false diff --git a/roles/openshift-apps/messaging-bridges/files/service.yml b/roles/openshift-apps/messaging-bridges/files/service.yml index f61708b011..dc29483a5a 100644 --- a/roles/openshift-apps/messaging-bridges/files/service.yml +++ b/roles/openshift-apps/messaging-bridges/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/messaging-bridges/templates/buildconfig.yml b/roles/openshift-apps/messaging-bridges/templates/buildconfig.yml index e26fd58b2a..1210c2b0b9 100644 --- a/roles/openshift-apps/messaging-bridges/templates/buildconfig.yml +++ b/roles/openshift-apps/messaging-bridges/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/mirrormanager/files/service.yml b/roles/openshift-apps/mirrormanager/files/service.yml index 48644a2f08..d2382eee79 100644 --- a/roles/openshift-apps/mirrormanager/files/service.yml +++ b/roles/openshift-apps/mirrormanager/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/mirrormanager/templates/cron-primary-mirror.yml b/roles/openshift-apps/mirrormanager/templates/cron-primary-mirror.yml index 21a4551a7a..31e12502e6 100644 --- a/roles/openshift-apps/mirrormanager/templates/cron-primary-mirror.yml +++ b/roles/openshift-apps/mirrormanager/templates/cron-primary-mirror.yml @@ -1,4 +1,3 @@ - ### Primary mirror scanning cron jobs # {% from "_macros.yml" import common_volume_mounts, common_volumes, common_env, security_context with context %} diff --git a/roles/openshift-apps/mirrormanager/templates/secret-webhook.yml b/roles/openshift-apps/mirrormanager/templates/secret-webhook.yml index ed54229359..3ea0976662 100644 --- a/roles/openshift-apps/mirrormanager/templates/secret-webhook.yml +++ b/roles/openshift-apps/mirrormanager/templates/secret-webhook.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/monitor-dashboard/files/dashboard_provision_config.yml b/roles/openshift-apps/monitor-dashboard/files/dashboard_provision_config.yml index 7eda14da6f..8f29dc1dc6 100644 --- a/roles/openshift-apps/monitor-dashboard/files/dashboard_provision_config.yml +++ b/roles/openshift-apps/monitor-dashboard/files/dashboard_provision_config.yml @@ -1,8 +1,9 @@ +--- apiVersion: v1 data: dashboards.yml: | apiVersion: 1 - + providers: # an unique provider name. Required - name: 'Preset Dashboards' @@ -27,4 +28,4 @@ data: foldersFromFilesStructure: true kind: ConfigMap metadata: - name: grafana-dashboards-provision \ No newline at end of file + name: grafana-dashboards-provision diff --git a/roles/openshift-apps/monitor-dashboard/files/dashboards.yaml b/roles/openshift-apps/monitor-dashboard/files/dashboards.yaml index b4e9c8c162..1198cf94fc 100644 --- a/roles/openshift-apps/monitor-dashboard/files/dashboards.yaml +++ b/roles/openshift-apps/monitor-dashboard/files/dashboards.yaml @@ -1,3 +1,4 @@ +--- apiVersion: 1 providers: diff --git a/roles/openshift-apps/monitor-dashboard/files/datagrepper_route.yml b/roles/openshift-apps/monitor-dashboard/files/datagrepper_route.yml index fefda456ce..a8e23259f0 100644 --- a/roles/openshift-apps/monitor-dashboard/files/datagrepper_route.yml +++ b/roles/openshift-apps/monitor-dashboard/files/datagrepper_route.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Route metadata: @@ -5,7 +6,7 @@ metadata: labels: app: datagrepper spec: - #host: waiverdb.stg.fedoraproject.org + # host: waiverdb.stg.fedoraproject.org port: targetPort: datagrepper to: diff --git a/roles/openshift-apps/monitor-dashboard/files/datagrepper_service.yml b/roles/openshift-apps/monitor-dashboard/files/datagrepper_service.yml index 2232926b5f..2dfc67ec49 100644 --- a/roles/openshift-apps/monitor-dashboard/files/datagrepper_service.yml +++ b/roles/openshift-apps/monitor-dashboard/files/datagrepper_service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/monitor-dashboard/files/imagestream.yml b/roles/openshift-apps/monitor-dashboard/files/imagestream.yml index 9d9c24720b..5e863cd49a 100644 --- a/roles/openshift-apps/monitor-dashboard/files/imagestream.yml +++ b/roles/openshift-apps/monitor-dashboard/files/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 items: - apiVersion: image.openshift.io/v1 diff --git a/roles/openshift-apps/monitor-dashboard/files/notifiers.yaml b/roles/openshift-apps/monitor-dashboard/files/notifiers.yaml index 796c45ef08..324530692f 100644 --- a/roles/openshift-apps/monitor-dashboard/files/notifiers.yaml +++ b/roles/openshift-apps/monitor-dashboard/files/notifiers.yaml @@ -24,4 +24,4 @@ data: autoResolve: true httpMethod: POST severity: critical - url: https://chat.googleapis.com/v1/spaces/AAAAgMlYYeQ/messages?key=AIzaSyDdI0hCZtE6vySjMm-WEfRq3CPzqKqqsHI&token=bu44RPo8FAICEBrtCkvAzuwe9Pnvcq1PJVfaIvMqtVk%3D \ No newline at end of file + url: https://chat.googleapis.com/v1/spaces/AAAAgMlYYeQ/messages?key=AIzaSyDdI0hCZtE6vySjMm-WEfRq3CPzqKqqsHI&token=bu44RPo8FAICEBrtCkvAzuwe9Pnvcq1PJVfaIvMqtVk%3D diff --git a/roles/openshift-apps/monitor-dashboard/files/postgrest_route.yml b/roles/openshift-apps/monitor-dashboard/files/postgrest_route.yml index b42396067b..a1d2c092d2 100644 --- a/roles/openshift-apps/monitor-dashboard/files/postgrest_route.yml +++ b/roles/openshift-apps/monitor-dashboard/files/postgrest_route.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Route metadata: @@ -5,7 +6,7 @@ metadata: labels: app: postgrest spec: - #host: waiverdb.stg.fedoraproject.org + # host: waiverdb.stg.fedoraproject.org port: targetPort: postgrest to: diff --git a/roles/openshift-apps/monitor-dashboard/files/postgrest_service.yml b/roles/openshift-apps/monitor-dashboard/files/postgrest_service.yml index 44e11fd605..b1b8c2e89d 100644 --- a/roles/openshift-apps/monitor-dashboard/files/postgrest_service.yml +++ b/roles/openshift-apps/monitor-dashboard/files/postgrest_service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/monitor-dashboard/files/prest_route.yml b/roles/openshift-apps/monitor-dashboard/files/prest_route.yml index cb8ca28ce6..7feef9695e 100644 --- a/roles/openshift-apps/monitor-dashboard/files/prest_route.yml +++ b/roles/openshift-apps/monitor-dashboard/files/prest_route.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Route metadata: @@ -5,7 +6,7 @@ metadata: labels: app: prest spec: - #host: waiverdb.stg.fedoraproject.org + # host: waiverdb.stg.fedoraproject.org port: targetPort: prest to: diff --git a/roles/openshift-apps/monitor-dashboard/files/prest_service.yml b/roles/openshift-apps/monitor-dashboard/files/prest_service.yml index 232ea2a20b..4a579091d3 100644 --- a/roles/openshift-apps/monitor-dashboard/files/prest_service.yml +++ b/roles/openshift-apps/monitor-dashboard/files/prest_service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/monitor-dashboard/files/route.yml b/roles/openshift-apps/monitor-dashboard/files/route.yml index a00198063c..5c16a10ac1 100644 --- a/roles/openshift-apps/monitor-dashboard/files/route.yml +++ b/roles/openshift-apps/monitor-dashboard/files/route.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Route metadata: @@ -5,7 +6,7 @@ metadata: labels: app: monitor-dashboard spec: - #host: waiverdb.stg.fedoraproject.org + # host: waiverdb.stg.fedoraproject.org port: targetPort: web to: diff --git a/roles/openshift-apps/monitor-dashboard/files/route_serviceaccount.yml b/roles/openshift-apps/monitor-dashboard/files/route_serviceaccount.yml index 729024bf0f..f9fc719e08 100644 --- a/roles/openshift-apps/monitor-dashboard/files/route_serviceaccount.yml +++ b/roles/openshift-apps/monitor-dashboard/files/route_serviceaccount.yml @@ -1,7 +1,7 @@ +--- apiVersion: v1 kind: ServiceAccount metadata: name: monitor-dashboard-web annotations: serviceaccounts.openshift.io/oauth-redirectreference.primary: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"monitor-dashboard-web"}}' - \ No newline at end of file diff --git a/roles/openshift-apps/monitor-dashboard/files/service.yml b/roles/openshift-apps/monitor-dashboard/files/service.yml index fe9b556acd..8e3ef2e09e 100644 --- a/roles/openshift-apps/monitor-dashboard/files/service.yml +++ b/roles/openshift-apps/monitor-dashboard/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/monitor-dashboard/templates/datagrepper_deploymentconfig.yml b/roles/openshift-apps/monitor-dashboard/templates/datagrepper_deploymentconfig.yml index 93bbd71a81..f0592c3efd 100644 --- a/roles/openshift-apps/monitor-dashboard/templates/datagrepper_deploymentconfig.yml +++ b/roles/openshift-apps/monitor-dashboard/templates/datagrepper_deploymentconfig.yml @@ -45,11 +45,11 @@ spec: value: "/srv/datanommer/apache/datagrepper.cfg" volumeMounts: - mountPath: /etc/fedmsg.d/datagrepper.py - subPath: datagrepper.py + subPath: datagrepper.py name: datagrepper - mountPath: /srv/datanommer/fedmsg.d/datagrepper.cfg - subPath: datagrepper.cfg - name: datagrepper + subPath: datagrepper.cfg + name: datagrepper triggers: - type: ImageChange imageChangeParams: diff --git a/roles/openshift-apps/monitor-gating/templates/buildconfig.yml b/roles/openshift-apps/monitor-gating/templates/buildconfig.yml index 525bdd8074..984edcdb92 100644 --- a/roles/openshift-apps/monitor-gating/templates/buildconfig.yml +++ b/roles/openshift-apps/monitor-gating/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/monitor-gating/templates/dashboard_deploymentconfig.yml b/roles/openshift-apps/monitor-gating/templates/dashboard_deploymentconfig.yml index 2ae398ca19..9143ed8688 100644 --- a/roles/openshift-apps/monitor-gating/templates/dashboard_deploymentconfig.yml +++ b/roles/openshift-apps/monitor-gating/templates/dashboard_deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: @@ -79,4 +80,4 @@ spec: name: grafana-dashboards - configMap: name: grafana-dashboards-provision - name: grafana-dashboards-provision \ No newline at end of file + name: grafana-dashboards-provision diff --git a/roles/openshift-apps/monitor-gating/templates/dashboard_provision_config.yml b/roles/openshift-apps/monitor-gating/templates/dashboard_provision_config.yml index 7eda14da6f..8f29dc1dc6 100644 --- a/roles/openshift-apps/monitor-gating/templates/dashboard_provision_config.yml +++ b/roles/openshift-apps/monitor-gating/templates/dashboard_provision_config.yml @@ -1,8 +1,9 @@ +--- apiVersion: v1 data: dashboards.yml: | apiVersion: 1 - + providers: # an unique provider name. Required - name: 'Preset Dashboards' @@ -27,4 +28,4 @@ data: foldersFromFilesStructure: true kind: ConfigMap metadata: - name: grafana-dashboards-provision \ No newline at end of file + name: grafana-dashboards-provision diff --git a/roles/openshift-apps/monitor-gating/templates/dashboard_route.yml b/roles/openshift-apps/monitor-gating/templates/dashboard_route.yml index c141041e9b..56572438d4 100644 --- a/roles/openshift-apps/monitor-gating/templates/dashboard_route.yml +++ b/roles/openshift-apps/monitor-gating/templates/dashboard_route.yml @@ -1,3 +1,4 @@ +--- apiVersion: route.openshift.io/v1 kind: Route metadata: @@ -5,7 +6,7 @@ metadata: labels: app: monitor-dashboard spec: - #host: waiverdb.stg.fedoraproject.org + # host: waiverdb.stg.fedoraproject.org port: targetPort: web to: diff --git a/roles/openshift-apps/monitor-gating/templates/dashboard_service.yml b/roles/openshift-apps/monitor-gating/templates/dashboard_service.yml index 45033e9e55..d7c3a5dca8 100644 --- a/roles/openshift-apps/monitor-gating/templates/dashboard_service.yml +++ b/roles/openshift-apps/monitor-gating/templates/dashboard_service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: @@ -12,4 +13,4 @@ spec: ports: - name: web port: 8443 - targetPort: 8443 \ No newline at end of file + targetPort: 8443 diff --git a/roles/openshift-apps/monitor-gating/templates/dashboard_serviceaccount.yml b/roles/openshift-apps/monitor-gating/templates/dashboard_serviceaccount.yml index d7b0d83396..d57fab2a58 100644 --- a/roles/openshift-apps/monitor-gating/templates/dashboard_serviceaccount.yml +++ b/roles/openshift-apps/monitor-gating/templates/dashboard_serviceaccount.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ServiceAccount metadata: diff --git a/roles/openshift-apps/monitor-gating/templates/imagestream.yml b/roles/openshift-apps/monitor-gating/templates/imagestream.yml index 1bc043591b..ae4e06d9b4 100644 --- a/roles/openshift-apps/monitor-gating/templates/imagestream.yml +++ b/roles/openshift-apps/monitor-gating/templates/imagestream.yml @@ -1,4 +1,5 @@ +--- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: - name: "monitor-gating" + name: "monitor-gating" diff --git a/roles/openshift-apps/monitor-gating/templates/secret.yml b/roles/openshift-apps/monitor-gating/templates/secret.yml index f4a570a7ca..78ab7e9434 100644 --- a/roles/openshift-apps/monitor-gating/templates/secret.yml +++ b/roles/openshift-apps/monitor-gating/templates/secret.yml @@ -12,4 +12,3 @@ stringData: {{ load_file('runner.cfg') | indent }} krb5.conf: | {{ lookup('template', roles_path + '/base/templates/krb5.conf.j2') | indent }} - diff --git a/roles/openshift-apps/mote/templates/buildconfig.yml b/roles/openshift-apps/mote/templates/buildconfig.yml index aafe41f8ed..e8169de40e 100644 --- a/roles/openshift-apps/mote/templates/buildconfig.yml +++ b/roles/openshift-apps/mote/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/mote/templates/fedmsg-cm.yml b/roles/openshift-apps/mote/templates/fedmsg-cm.yml index 5e40adf8b1..fd96f27ea0 100644 --- a/roles/openshift-apps/mote/templates/fedmsg-cm.yml +++ b/roles/openshift-apps/mote/templates/fedmsg-cm.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ConfigMap metadata: diff --git a/roles/openshift-apps/mote/templates/fedmsg-dc.yml b/roles/openshift-apps/mote/templates/fedmsg-dc.yml index ae9e95b448..2c119a0b77 100644 --- a/roles/openshift-apps/mote/templates/fedmsg-dc.yml +++ b/roles/openshift-apps/mote/templates/fedmsg-dc.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/mote/templates/mote-cm.yml b/roles/openshift-apps/mote/templates/mote-cm.yml index 473f98659e..7f70f9b1ae 100644 --- a/roles/openshift-apps/mote/templates/mote-cm.yml +++ b/roles/openshift-apps/mote/templates/mote-cm.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ConfigMap metadata: diff --git a/roles/openshift-apps/mote/templates/mote-dc.yml b/roles/openshift-apps/mote/templates/mote-dc.yml index 2397ada427..5a4a71e77d 100644 --- a/roles/openshift-apps/mote/templates/mote-dc.yml +++ b/roles/openshift-apps/mote/templates/mote-dc.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/mote/templates/mote-svc.yml b/roles/openshift-apps/mote/templates/mote-svc.yml index 9c778fb855..d736b2eccd 100644 --- a/roles/openshift-apps/mote/templates/mote-svc.yml +++ b/roles/openshift-apps/mote/templates/mote-svc.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: @@ -13,4 +14,3 @@ spec: selector: app: mote type: ClusterIP - diff --git a/roles/openshift-apps/mote/templates/mote-worker-dc.yml b/roles/openshift-apps/mote/templates/mote-worker-dc.yml index 269c6acacd..81d247a47e 100644 --- a/roles/openshift-apps/mote/templates/mote-worker-dc.yml +++ b/roles/openshift-apps/mote/templates/mote-worker-dc.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/mote/templates/pvc.yml b/roles/openshift-apps/mote/templates/pvc.yml index 245dea4701..80f5702621 100644 --- a/roles/openshift-apps/mote/templates/pvc.yml +++ b/roles/openshift-apps/mote/templates/pvc.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/mote/templates/redis-dc.yml b/roles/openshift-apps/mote/templates/redis-dc.yml index f026c81a1d..1facc11f0f 100644 --- a/roles/openshift-apps/mote/templates/redis-dc.yml +++ b/roles/openshift-apps/mote/templates/redis-dc.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/mote/templates/redis-is.yml b/roles/openshift-apps/mote/templates/redis-is.yml index 317388365c..086a0520c7 100644 --- a/roles/openshift-apps/mote/templates/redis-is.yml +++ b/roles/openshift-apps/mote/templates/redis-is.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: @@ -15,4 +16,3 @@ spec: name: latest referencePolicy: type: Source - diff --git a/roles/openshift-apps/mote/templates/redis-svc.yml b/roles/openshift-apps/mote/templates/redis-svc.yml index 443dfef548..1aaeefeecc 100644 --- a/roles/openshift-apps/mote/templates/redis-svc.yml +++ b/roles/openshift-apps/mote/templates/redis-svc.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: @@ -13,4 +14,3 @@ spec: selector: app: redis type: ClusterIP - diff --git a/roles/openshift-apps/noggin/templates/buildconfig.yml b/roles/openshift-apps/noggin/templates/buildconfig.yml index c48117f096..e488a4b99e 100644 --- a/roles/openshift-apps/noggin/templates/buildconfig.yml +++ b/roles/openshift-apps/noggin/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/noggin/templates/deploymentconfig.yml b/roles/openshift-apps/noggin/templates/deploymentconfig.yml index 11b7df9466..cf92e71fa3 100644 --- a/roles/openshift-apps/noggin/templates/deploymentconfig.yml +++ b/roles/openshift-apps/noggin/templates/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: @@ -30,10 +31,10 @@ spec: imagePullPolicy: Always ports: - containerPort: 8080 - #protocol: TCP - #resources: {} - #terminationMessagePath: /dev/termination-log - #terminationMessagePolicy: File + # protocol: TCP + # resources: {} + # terminationMessagePath: /dev/termination-log + # terminationMessagePolicy: File volumeMounts: - name: noggin-config-volume mountPath: "/etc/noggin" diff --git a/roles/openshift-apps/noggin/templates/secret-webhook.yml b/roles/openshift-apps/noggin/templates/secret-webhook.yml index c2e805e972..ccb9da52c4 100644 --- a/roles/openshift-apps/noggin/templates/secret-webhook.yml +++ b/roles/openshift-apps/noggin/templates/secret-webhook.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/noggin/templates/secrets.yml b/roles/openshift-apps/noggin/templates/secrets.yml index e002e5648c..3a45fd9de0 100644 --- a/roles/openshift-apps/noggin/templates/secrets.yml +++ b/roles/openshift-apps/noggin/templates/secrets.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/noggin/templates/service.yml b/roles/openshift-apps/noggin/templates/service.yml index b1955b7f9a..a8f7a545ae 100644 --- a/roles/openshift-apps/noggin/templates/service.yml +++ b/roles/openshift-apps/noggin/templates/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/openscanhub/files/deployment-redis.yml b/roles/openshift-apps/openscanhub/files/deployment-redis.yml index 85fd335886..6000427018 100644 --- a/roles/openshift-apps/openscanhub/files/deployment-redis.yml +++ b/roles/openshift-apps/openscanhub/files/deployment-redis.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/openscanhub/files/route-redis.yml b/roles/openshift-apps/openscanhub/files/route-redis.yml index d815ee1518..0b6a4779a7 100644 --- a/roles/openshift-apps/openscanhub/files/route-redis.yml +++ b/roles/openshift-apps/openscanhub/files/route-redis.yml @@ -1,3 +1,4 @@ +--- apiVersion: route.openshift.io/v1 kind: Route metadata: diff --git a/roles/openshift-apps/openscanhub/files/service-fedora-osh-hub.yml b/roles/openshift-apps/openscanhub/files/service-fedora-osh-hub.yml index 6bfc3c8cf9..e79719ffb6 100644 --- a/roles/openshift-apps/openscanhub/files/service-fedora-osh-hub.yml +++ b/roles/openshift-apps/openscanhub/files/service-fedora-osh-hub.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/openscanhub/files/service-redis.yml b/roles/openshift-apps/openscanhub/files/service-redis.yml index 4d7ae3e3db..d00e8ccb6f 100644 --- a/roles/openshift-apps/openscanhub/files/service-redis.yml +++ b/roles/openshift-apps/openscanhub/files/service-redis.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/openscanhub/templates/deployment-fedora-osh-hub.yml b/roles/openshift-apps/openscanhub/templates/deployment-fedora-osh-hub.yml index 9aaa9b62c8..b7ecb9ac61 100644 --- a/roles/openshift-apps/openscanhub/templates/deployment-fedora-osh-hub.yml +++ b/roles/openshift-apps/openscanhub/templates/deployment-fedora-osh-hub.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/openscanhub/templates/deployment-resalloc-server.yml b/roles/openshift-apps/openscanhub/templates/deployment-resalloc-server.yml index 929c049c62..d0cbb5019e 100644 --- a/roles/openshift-apps/openscanhub/templates/deployment-resalloc-server.yml +++ b/roles/openshift-apps/openscanhub/templates/deployment-resalloc-server.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/openscanhub/templates/pvc-var-lib-osh.yml b/roles/openshift-apps/openscanhub/templates/pvc-var-lib-osh.yml index ec46d7401c..1f6b83e3da 100644 --- a/roles/openshift-apps/openscanhub/templates/pvc-var-lib-osh.yml +++ b/roles/openshift-apps/openscanhub/templates/pvc-var-lib-osh.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/openscanhub/templates/pvc-var-lib-redis-data.yml b/roles/openshift-apps/openscanhub/templates/pvc-var-lib-redis-data.yml index bf6bc10124..aca4b98cf3 100644 --- a/roles/openshift-apps/openscanhub/templates/pvc-var-lib-redis-data.yml +++ b/roles/openshift-apps/openscanhub/templates/pvc-var-lib-redis-data.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/openscanhub/templates/route-fedora-osh-hub.yml b/roles/openshift-apps/openscanhub/templates/route-fedora-osh-hub.yml index 903a721ca8..8a28390259 100644 --- a/roles/openshift-apps/openscanhub/templates/route-fedora-osh-hub.yml +++ b/roles/openshift-apps/openscanhub/templates/route-fedora-osh-hub.yml @@ -1,3 +1,4 @@ +--- apiVersion: route.openshift.io/v1 kind: Route metadata: diff --git a/roles/openshift-apps/openscanhub/templates/route-resalloc-server.yml b/roles/openshift-apps/openscanhub/templates/route-resalloc-server.yml index 7888e1c467..99d4c4fe07 100644 --- a/roles/openshift-apps/openscanhub/templates/route-resalloc-server.yml +++ b/roles/openshift-apps/openscanhub/templates/route-resalloc-server.yml @@ -1,3 +1,4 @@ +--- apiVersion: route.openshift.io/v1 kind: Route metadata: diff --git a/roles/openshift-apps/openscanhub/templates/service-resalloc-server.yml b/roles/openshift-apps/openscanhub/templates/service-resalloc-server.yml index e9dc1ad13f..ad5db8e4b5 100644 --- a/roles/openshift-apps/openscanhub/templates/service-resalloc-server.yml +++ b/roles/openshift-apps/openscanhub/templates/service-resalloc-server.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/openvpn/templates/buildconfig.yml b/roles/openshift-apps/openvpn/templates/buildconfig.yml index d8c211989d..2fb157807b 100644 --- a/roles/openshift-apps/openvpn/templates/buildconfig.yml +++ b/roles/openshift-apps/openvpn/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/openvpn/templates/deployment.yml b/roles/openshift-apps/openvpn/templates/deployment.yml index 3d5b91e855..a7940d4101 100644 --- a/roles/openshift-apps/openvpn/templates/deployment.yml +++ b/roles/openshift-apps/openvpn/templates/deployment.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: @@ -39,7 +40,7 @@ spec: containers: - image: image-registry.openshift-image-registry.svc:5000/openvpn/openvpn:latest imagePullPolicy: IfNotPresent - securityContext: + securityContext: capabilities: add: ["NET_ADMIN"] name: openvpn @@ -62,7 +63,7 @@ spec: - name: all-certs secret: secretName: openvpn-certs - defaultMode: 0400 + defaultMode: "0400" - configMap: name: openvpn-config name: openvpn-config @@ -92,4 +93,3 @@ spec: topologyKey: "kubernetes.io/hostname" namespaces: - openshift-ingress - diff --git a/roles/openshift-apps/openvpn/templates/imagestream.yml b/roles/openshift-apps/openvpn/templates/imagestream.yml index 8d62ffa5f4..90b6a1137e 100644 --- a/roles/openshift-apps/openvpn/templates/imagestream.yml +++ b/roles/openshift-apps/openvpn/templates/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: diff --git a/roles/openshift-apps/openvpn/templates/scc.yml b/roles/openshift-apps/openvpn/templates/scc.yml index 87cef8d84b..a6353fe743 100644 --- a/roles/openshift-apps/openvpn/templates/scc.yml +++ b/roles/openshift-apps/openvpn/templates/scc.yml @@ -1,3 +1,4 @@ +--- allowHostDirVolumePlugin: true allowHostIPC: false allowHostNetwork: true @@ -40,4 +41,3 @@ volumes: - projected - secret - hostPath - diff --git a/roles/openshift-apps/openvpn/templates/scc_role.yml b/roles/openshift-apps/openvpn/templates/scc_role.yml index c73f7506ee..ec32b8f65e 100644 --- a/roles/openshift-apps/openvpn/templates/scc_role.yml +++ b/roles/openshift-apps/openvpn/templates/scc_role.yml @@ -1,3 +1,4 @@ +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: diff --git a/roles/openshift-apps/openvpn/templates/scc_rolebinding.yml b/roles/openshift-apps/openvpn/templates/scc_rolebinding.yml index 9554827a50..3494fa031c 100644 --- a/roles/openshift-apps/openvpn/templates/scc_rolebinding.yml +++ b/roles/openshift-apps/openvpn/templates/scc_rolebinding.yml @@ -1,3 +1,4 @@ +--- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: diff --git a/roles/openshift-apps/openvpn/templates/serviceaccount.yml b/roles/openshift-apps/openvpn/templates/serviceaccount.yml index 52a016b230..cddd46e00c 100644 --- a/roles/openshift-apps/openvpn/templates/serviceaccount.yml +++ b/roles/openshift-apps/openvpn/templates/serviceaccount.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ServiceAccount metadata: diff --git a/roles/openshift-apps/oraculum/templates/deploymentconfig.yml b/roles/openshift-apps/oraculum/templates/deploymentconfig.yml index 04a87c028b..f09fb0cf9d 100644 --- a/roles/openshift-apps/oraculum/templates/deploymentconfig.yml +++ b/roles/openshift-apps/oraculum/templates/deploymentconfig.yml @@ -23,7 +23,7 @@ spec: command: ["python", "-m", "oraculum.cli", "init_db"] # and then just the gunicorn for the frontend part of the backend :) volumes: - - oraculum-secret-volume + - oraculum-secret-volume template: metadata: labels: diff --git a/roles/openshift-apps/oraculum/templates/imagestream.yml b/roles/openshift-apps/oraculum/templates/imagestream.yml index 51d15cf1c9..3999f27b57 100644 --- a/roles/openshift-apps/oraculum/templates/imagestream.yml +++ b/roles/openshift-apps/oraculum/templates/imagestream.yml @@ -12,7 +12,7 @@ status: apiVersion: image.openshift.io/v1 kind: ImageStream metadata: - name: packager-dashboard-redis + name: packager-dashboard-redis spec: tags: - name: latest @@ -26,7 +26,7 @@ spec: apiVersion: image.openshift.io/v1 kind: ImageStream metadata: - name: oraculum-frontend + name: oraculum-frontend spec: lookupPolicy: local: false @@ -41,7 +41,7 @@ status: apiVersion: image.openshift.io/v1 kind: ImageStream metadata: - name: packager-dashboard-frontend + name: packager-dashboard-frontend spec: tags: - name: latest diff --git a/roles/openshift-apps/planet/files/imagestream.yml b/roles/openshift-apps/planet/files/imagestream.yml index 8f9c096f5b..ebca60996a 100644 --- a/roles/openshift-apps/planet/files/imagestream.yml +++ b/roles/openshift-apps/planet/files/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: diff --git a/roles/openshift-apps/planet/files/podmonitor.yml b/roles/openshift-apps/planet/files/podmonitor.yml index 8f20814072..c9067aa14b 100644 --- a/roles/openshift-apps/planet/files/podmonitor.yml +++ b/roles/openshift-apps/planet/files/podmonitor.yml @@ -1,3 +1,4 @@ +--- apiVersion: monitoring.coreos.com/v1 kind: PodMonitor metadata: @@ -11,4 +12,3 @@ spec: podMetricsEndpoints: - port: web path: /metrics - \ No newline at end of file diff --git a/roles/openshift-apps/planet/files/pvc.yml b/roles/openshift-apps/planet/files/pvc.yml index 9a5a48bf13..889c71bb30 100644 --- a/roles/openshift-apps/planet/files/pvc.yml +++ b/roles/openshift-apps/planet/files/pvc.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/planet/files/service.yml b/roles/openshift-apps/planet/files/service.yml index 904404e6ed..66eb5b7436 100644 --- a/roles/openshift-apps/planet/files/service.yml +++ b/roles/openshift-apps/planet/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: @@ -5,7 +6,7 @@ metadata: namespace: planet labels: app: planet - service: planet + service: planet spec: ports: - name: web diff --git a/roles/openshift-apps/planet/files/servicemonitor.yml b/roles/openshift-apps/planet/files/servicemonitor.yml index 16412752ba..a434fdf1bb 100644 --- a/roles/openshift-apps/planet/files/servicemonitor.yml +++ b/roles/openshift-apps/planet/files/servicemonitor.yml @@ -1,3 +1,4 @@ +--- apiVersion: monitoring.coreos.com/v1 kind: ServiceMonitor metadata: diff --git a/roles/openshift-apps/planet/templates/buildconfig.yml b/roles/openshift-apps/planet/templates/buildconfig.yml index 3ac119fc3c..ba232a124f 100644 --- a/roles/openshift-apps/planet/templates/buildconfig.yml +++ b/roles/openshift-apps/planet/templates/buildconfig.yml @@ -1,17 +1,18 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: name: planet labels: app: planet - build: planet + build: planet spec: runPolicy: Serial source: type: Git git: uri: https://github.com/fedora-infra/planet - ref: {{ (env == 'production')|ternary('stable', 'staging') }} + ref: "{{ (env == 'production')|ternary('stable', 'staging') }}" strategy: type: Docker output: diff --git a/roles/openshift-apps/planet/templates/cronjob.yml b/roles/openshift-apps/planet/templates/cronjob.yml index 3b6ef384ad..d18aca0312 100644 --- a/roles/openshift-apps/planet/templates/cronjob.yml +++ b/roles/openshift-apps/planet/templates/cronjob.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: CronJob metadata: diff --git a/roles/openshift-apps/planet/templates/deployment.yml b/roles/openshift-apps/planet/templates/deployment.yml index 71ea967a54..7560fac380 100644 --- a/roles/openshift-apps/planet/templates/deployment.yml +++ b/roles/openshift-apps/planet/templates/deployment.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/poddlers/templates/secret-webhook.yml b/roles/openshift-apps/poddlers/templates/secret-webhook.yml index 4f6e31aa79..1d68da1ab1 100644 --- a/roles/openshift-apps/poddlers/templates/secret-webhook.yml +++ b/roles/openshift-apps/poddlers/templates/secret-webhook.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/release-monitoring/files/deploymentconfig.yml b/roles/openshift-apps/release-monitoring/files/deploymentconfig.yml index 2e2b60ca49..94b66d45c9 100644 --- a/roles/openshift-apps/release-monitoring/files/deploymentconfig.yml +++ b/roles/openshift-apps/release-monitoring/files/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 items: - apiVersion: apps.openshift.io/v1 diff --git a/roles/openshift-apps/release-monitoring/files/imagestream.yml b/roles/openshift-apps/release-monitoring/files/imagestream.yml index 4c53d744e7..d5bdcc0004 100644 --- a/roles/openshift-apps/release-monitoring/files/imagestream.yml +++ b/roles/openshift-apps/release-monitoring/files/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 items: - apiVersion: image.openshift.io/v1 diff --git a/roles/openshift-apps/release-monitoring/files/service.yml b/roles/openshift-apps/release-monitoring/files/service.yml index 0334e45c4b..d0d778e155 100644 --- a/roles/openshift-apps/release-monitoring/files/service.yml +++ b/roles/openshift-apps/release-monitoring/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/release-monitoring/templates/route.yml b/roles/openshift-apps/release-monitoring/templates/route.yml index a9f5b6c082..604af710a4 100644 --- a/roles/openshift-apps/release-monitoring/templates/route.yml +++ b/roles/openshift-apps/release-monitoring/templates/route.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Route metadata: diff --git a/roles/openshift-apps/resultsdb-ci-listener/templates/configmaps.yml b/roles/openshift-apps/resultsdb-ci-listener/templates/configmaps.yml index 942f2526b8..9bae0933be 100644 --- a/roles/openshift-apps/resultsdb-ci-listener/templates/configmaps.yml +++ b/roles/openshift-apps/resultsdb-ci-listener/templates/configmaps.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ConfigMap metadata: diff --git a/roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml b/roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml index 8d4ad8623c..679360b502 100644 --- a/roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml +++ b/roles/openshift-apps/resultsdb-ci-listener/templates/deploymentconfigs.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: diff --git a/roles/openshift-apps/resultsdb-ci-listener/templates/secrets.yml b/roles/openshift-apps/resultsdb-ci-listener/templates/secrets.yml index ea5a39dc53..44b3830d5f 100644 --- a/roles/openshift-apps/resultsdb-ci-listener/templates/secrets.yml +++ b/roles/openshift-apps/resultsdb-ci-listener/templates/secrets.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/resultsdb/templates/backend/configmaps.yml b/roles/openshift-apps/resultsdb/templates/backend/configmaps.yml index 40e3a0ed28..02bce851fd 100644 --- a/roles/openshift-apps/resultsdb/templates/backend/configmaps.yml +++ b/roles/openshift-apps/resultsdb/templates/backend/configmaps.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ConfigMap metadata: diff --git a/roles/openshift-apps/resultsdb/templates/backend/deploymentconfigs.yml b/roles/openshift-apps/resultsdb/templates/backend/deploymentconfigs.yml index 44c4de342c..947aa7bfa9 100644 --- a/roles/openshift-apps/resultsdb/templates/backend/deploymentconfigs.yml +++ b/roles/openshift-apps/resultsdb/templates/backend/deploymentconfigs.yml @@ -16,7 +16,7 @@ spec: rollingParams: pre: failurePolicy: Abort - execNewPod: + execNewPod: containerName: api command: - /bin/sh diff --git a/roles/openshift-apps/resultsdb/templates/backend/secrets.yml b/roles/openshift-apps/resultsdb/templates/backend/secrets.yml index fed261b943..da0d5a05f9 100644 --- a/roles/openshift-apps/resultsdb/templates/backend/secrets.yml +++ b/roles/openshift-apps/resultsdb/templates/backend/secrets.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/resultsdb/templates/backend/services.yml b/roles/openshift-apps/resultsdb/templates/backend/services.yml index 7f46ba7cf1..01d97b8629 100644 --- a/roles/openshift-apps/resultsdb/templates/backend/services.yml +++ b/roles/openshift-apps/resultsdb/templates/backend/services.yml @@ -1,6 +1,7 @@ +--- apiVersion: v1 kind: Service -metadata: +metadata: name: "resultsdb-api" labels: app: resultsdb @@ -11,4 +12,4 @@ spec: ports: - name: api port: 5001 - targetPort: 5001 \ No newline at end of file + targetPort: 5001 diff --git a/roles/openshift-apps/resultsdb/templates/frontend/configmaps.yml b/roles/openshift-apps/resultsdb/templates/frontend/configmaps.yml index 7cbe599885..dafebf7890 100644 --- a/roles/openshift-apps/resultsdb/templates/frontend/configmaps.yml +++ b/roles/openshift-apps/resultsdb/templates/frontend/configmaps.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: ConfigMap metadata: @@ -7,7 +8,7 @@ metadata: service: web data: settings.py: |- - import os + import os {% if env == 'staging' %} RDB_URL = '{{ stg_resultsdb_frontend_api_url }}' {% else %} @@ -33,12 +34,12 @@ data: WSGIDaemonProcess resultsdb_frontend user=apache group=apache threads=10 WSGIScriptAlias / /usr/share/resultsdb_frontend/resultsdb_frontend.wsgi WSGISocketPrefix /tmp/wsgi - + - WSGIProcessGroup resultsdb_frontend + WSGIProcessGroup resultsdb_frontend WSGIApplicationGroup %{GLOBAL} WSGIScriptReloading On - + Order deny,allow Allow from all @@ -49,4 +50,4 @@ data: Order allow,deny Allow from all - + diff --git a/roles/openshift-apps/resultsdb/templates/frontend/deploymentconfigs.yml b/roles/openshift-apps/resultsdb/templates/frontend/deploymentconfigs.yml index 042b4f2d75..60d71a8fd1 100644 --- a/roles/openshift-apps/resultsdb/templates/frontend/deploymentconfigs.yml +++ b/roles/openshift-apps/resultsdb/templates/frontend/deploymentconfigs.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: diff --git a/roles/openshift-apps/resultsdb/templates/frontend/secrets.yml b/roles/openshift-apps/resultsdb/templates/frontend/secrets.yml index 5689051132..326461ea18 100644 --- a/roles/openshift-apps/resultsdb/templates/frontend/secrets.yml +++ b/roles/openshift-apps/resultsdb/templates/frontend/secrets.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: @@ -8,7 +9,6 @@ metadata: service: web stringData: settings.py: |- - import os {% if env == 'staging' %} RDB_URL = '{{ stg_resultsdb_frontend_api_url }}' {% else %} diff --git a/roles/openshift-apps/resultsdb/templates/frontend/services.yml b/roles/openshift-apps/resultsdb/templates/frontend/services.yml index 3c9730506a..393f67d0c6 100644 --- a/roles/openshift-apps/resultsdb/templates/frontend/services.yml +++ b/roles/openshift-apps/resultsdb/templates/frontend/services.yml @@ -1,6 +1,7 @@ +--- apiVersion: v1 kind: Service -metadata: +metadata: name: "resultsdb-frontend" labels: app: resultsdb diff --git a/roles/openshift-apps/resultsdb/vars/main.yml b/roles/openshift-apps/resultsdb/vars/main.yml index ef42954c07..02fe9556f4 100644 --- a/roles/openshift-apps/resultsdb/vars/main.yml +++ b/roles/openshift-apps/resultsdb/vars/main.yml @@ -1,4 +1,5 @@ # backend vars +--- prod_resultsdb_image: quay.io/factory2/resultsdb:prod-fedora stg_resultsdb_image: quay.io/factory2/resultsdb:latest diff --git a/roles/openshift-apps/review-stats/templates/buildconfig.yml b/roles/openshift-apps/review-stats/templates/buildconfig.yml index 56aa629d49..ba6ad4c9d9 100644 --- a/roles/openshift-apps/review-stats/templates/buildconfig.yml +++ b/roles/openshift-apps/review-stats/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/review-stats/templates/cron.yml b/roles/openshift-apps/review-stats/templates/cron.yml index c6219cca7e..bab919db52 100644 --- a/roles/openshift-apps/review-stats/templates/cron.yml +++ b/roles/openshift-apps/review-stats/templates/cron.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: CronJob metadata: diff --git a/roles/openshift-apps/review-stats/templates/pvc.yml b/roles/openshift-apps/review-stats/templates/pvc.yml index c2adf8b423..84a6917281 100644 --- a/roles/openshift-apps/review-stats/templates/pvc.yml +++ b/roles/openshift-apps/review-stats/templates/pvc.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/testdays/files/service.yml b/roles/openshift-apps/testdays/files/service.yml index 29f0fe5916..07450c86bf 100644 --- a/roles/openshift-apps/testdays/files/service.yml +++ b/roles/openshift-apps/testdays/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/testdays/templates/buildconfig.yml b/roles/openshift-apps/testdays/templates/buildconfig.yml index 6fb9aec67b..7bfd1bcf45 100644 --- a/roles/openshift-apps/testdays/templates/buildconfig.yml +++ b/roles/openshift-apps/testdays/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/testdays/templates/imagestream.yml b/roles/openshift-apps/testdays/templates/imagestream.yml index a240daa24d..dd24f1f524 100644 --- a/roles/openshift-apps/testdays/templates/imagestream.yml +++ b/roles/openshift-apps/testdays/templates/imagestream.yml @@ -18,4 +18,3 @@ spec: local: false status: dockerImageRepository: "" - diff --git a/roles/openshift-apps/the-new-hotness/templates/buildconfig.yml b/roles/openshift-apps/the-new-hotness/templates/buildconfig.yml index 1e75d4a5e6..96b62a01e9 100644 --- a/roles/openshift-apps/the-new-hotness/templates/buildconfig.yml +++ b/roles/openshift-apps/the-new-hotness/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 items: - apiVersion: build.openshift.io/v1 diff --git a/roles/openshift-apps/the-new-hotness/templates/deploymentconfig.yml b/roles/openshift-apps/the-new-hotness/templates/deploymentconfig.yml index 16db51dced..4b8e321555 100644 --- a/roles/openshift-apps/the-new-hotness/templates/deploymentconfig.yml +++ b/roles/openshift-apps/the-new-hotness/templates/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 items: - apiVersion: apps.openshift.io/v1 diff --git a/roles/openshift-apps/toddlers/templates/secret.yml b/roles/openshift-apps/toddlers/templates/secret.yml index 57de87dbee..e466b6051c 100644 --- a/roles/openshift-apps/toddlers/templates/secret.yml +++ b/roles/openshift-apps/toddlers/templates/secret.yml @@ -11,4 +11,3 @@ stringData: {{ load_file('fedora-messaging.toml') | indent }} email_overrides.toml: |- {{ load_file('email_overrides.toml') | indent }} - diff --git a/roles/openshift-apps/transtats/files/deploymentconfig.yml b/roles/openshift-apps/transtats/files/deploymentconfig.yml index d503992671..7acdbd4413 100644 --- a/roles/openshift-apps/transtats/files/deploymentconfig.yml +++ b/roles/openshift-apps/transtats/files/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: diff --git a/roles/openshift-apps/transtats/files/imagestream.yml b/roles/openshift-apps/transtats/files/imagestream.yml index 90216aab46..1c8ff954c5 100644 --- a/roles/openshift-apps/transtats/files/imagestream.yml +++ b/roles/openshift-apps/transtats/files/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: diff --git a/roles/openshift-apps/transtats/files/service.yml b/roles/openshift-apps/transtats/files/service.yml index ca5a770c4e..ce0166545e 100644 --- a/roles/openshift-apps/transtats/files/service.yml +++ b/roles/openshift-apps/transtats/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/transtats/templates/buildconfig.yml b/roles/openshift-apps/transtats/templates/buildconfig.yml index 4312103909..ec0058ebb0 100644 --- a/roles/openshift-apps/transtats/templates/buildconfig.yml +++ b/roles/openshift-apps/transtats/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/transtats/templates/secret.yml b/roles/openshift-apps/transtats/templates/secret.yml index 8c7560ea7b..5d9387e774 100644 --- a/roles/openshift-apps/transtats/templates/secret.yml +++ b/roles/openshift-apps/transtats/templates/secret.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/waiverdb/files/route.yml b/roles/openshift-apps/waiverdb/files/route.yml index 4f77d8730a..4651eb12c5 100644 --- a/roles/openshift-apps/waiverdb/files/route.yml +++ b/roles/openshift-apps/waiverdb/files/route.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Route metadata: @@ -5,7 +6,7 @@ metadata: labels: app: waiverdb spec: - #host: waiverdb.stg.fedoraproject.org + # host: waiverdb.stg.fedoraproject.org port: targetPort: web to: diff --git a/roles/openshift-apps/waiverdb/files/service.yml b/roles/openshift-apps/waiverdb/files/service.yml index aab5f637ab..324a37f108 100644 --- a/roles/openshift-apps/waiverdb/files/service.yml +++ b/roles/openshift-apps/waiverdb/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/waiverdb/templates/buildconfig.yml b/roles/openshift-apps/waiverdb/templates/buildconfig.yml index 0c3777a373..e12d7ac7a0 100644 --- a/roles/openshift-apps/waiverdb/templates/buildconfig.yml +++ b/roles/openshift-apps/waiverdb/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: @@ -17,7 +18,7 @@ spec: kind: "ImageStreamTag" name: "waiverdb-upstream:latest" triggers: - - type: ImageChange + - type: ImageChange output: to: kind: ImageStreamTag diff --git a/roles/openshift-apps/waiverdb/templates/imagestream.yml b/roles/openshift-apps/waiverdb/templates/imagestream.yml index aa9df7fcc6..d65d3b66bc 100644 --- a/roles/openshift-apps/waiverdb/templates/imagestream.yml +++ b/roles/openshift-apps/waiverdb/templates/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: @@ -6,7 +7,7 @@ metadata: apiVersion: image.openshift.io/v1 kind: ImageStream metadata: - name: "waiverdb-upstream" + name: "waiverdb-upstream" spec: tags: - name: latest diff --git a/roles/openshift-apps/waiverdb/templates/secret.yml b/roles/openshift-apps/waiverdb/templates/secret.yml index c95cc5a1e0..b9b113deee 100644 --- a/roles/openshift-apps/waiverdb/templates/secret.yml +++ b/roles/openshift-apps/waiverdb/templates/secret.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift-apps/webhook2fedmsg/files/service.yml b/roles/openshift-apps/webhook2fedmsg/files/service.yml index 29c49d0201..42ddb7e745 100644 --- a/roles/openshift-apps/webhook2fedmsg/files/service.yml +++ b/roles/openshift-apps/webhook2fedmsg/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/webhook2fedmsg/templates/buildconfig.yml b/roles/openshift-apps/webhook2fedmsg/templates/buildconfig.yml index dc063876a6..ee195a47e6 100644 --- a/roles/openshift-apps/webhook2fedmsg/templates/buildconfig.yml +++ b/roles/openshift-apps/webhook2fedmsg/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/webhook2fedmsg/templates/logging.yaml b/roles/openshift-apps/webhook2fedmsg/templates/logging.yaml index d18c497f96..91d4c9fe77 100644 --- a/roles/openshift-apps/webhook2fedmsg/templates/logging.yaml +++ b/roles/openshift-apps/webhook2fedmsg/templates/logging.yaml @@ -1,3 +1,4 @@ +--- version: 1 disable_existing_loggers: false diff --git a/roles/openshift-apps/websites/files/obc.yml b/roles/openshift-apps/websites/files/obc.yml index 359dfdea2d..9f48a75516 100644 --- a/roles/openshift-apps/websites/files/obc.yml +++ b/roles/openshift-apps/websites/files/obc.yml @@ -1,3 +1,4 @@ +--- apiVersion: objectbucket.io/v1alpha1 kind: ObjectBucketClaim metadata: diff --git a/roles/openshift-apps/websites/files/pvc.yml b/roles/openshift-apps/websites/files/pvc.yml index a9537c1955..69bec916e3 100644 --- a/roles/openshift-apps/websites/files/pvc.yml +++ b/roles/openshift-apps/websites/files/pvc.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: PersistentVolumeClaim metadata: diff --git a/roles/openshift-apps/websites/templates/buildconfig.yml b/roles/openshift-apps/websites/templates/buildconfig.yml index 077df6fb50..8f6da7ec15 100644 --- a/roles/openshift-apps/websites/templates/buildconfig.yml +++ b/roles/openshift-apps/websites/templates/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/websites/templates/deployment.yml b/roles/openshift-apps/websites/templates/deployment.yml index 2480dca2c8..51c5a38bac 100644 --- a/roles/openshift-apps/websites/templates/deployment.yml +++ b/roles/openshift-apps/websites/templates/deployment.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps/v1 kind: Deployment metadata: diff --git a/roles/openshift-apps/websites/templates/fedora-websites-bc.yml b/roles/openshift-apps/websites/templates/fedora-websites-bc.yml index e1713d0559..2a2a3d956b 100644 --- a/roles/openshift-apps/websites/templates/fedora-websites-bc.yml +++ b/roles/openshift-apps/websites/templates/fedora-websites-bc.yml @@ -1,3 +1,4 @@ +--- apiVersion: build.openshift.io/v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/websites/templates/fedora-websites-cron.yml b/roles/openshift-apps/websites/templates/fedora-websites-cron.yml index 46530924a8..04fb5e36fb 100644 --- a/roles/openshift-apps/websites/templates/fedora-websites-cron.yml +++ b/roles/openshift-apps/websites/templates/fedora-websites-cron.yml @@ -1,3 +1,4 @@ +--- apiVersion: batch/v1 kind: CronJob metadata: diff --git a/roles/openshift-apps/zezere/files/buildconfig.yml b/roles/openshift-apps/zezere/files/buildconfig.yml index 84bdd6d0c7..553c01c683 100644 --- a/roles/openshift-apps/zezere/files/buildconfig.yml +++ b/roles/openshift-apps/zezere/files/buildconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: BuildConfig metadata: diff --git a/roles/openshift-apps/zezere/files/service.yml b/roles/openshift-apps/zezere/files/service.yml index 3e020330b9..6089011c66 100644 --- a/roles/openshift-apps/zezere/files/service.yml +++ b/roles/openshift-apps/zezere/files/service.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Service metadata: diff --git a/roles/openshift-apps/zezere/templates/deploymentconfig.yml b/roles/openshift-apps/zezere/templates/deploymentconfig.yml index 6ed0ffdca8..aefb98fc2a 100644 --- a/roles/openshift-apps/zezere/templates/deploymentconfig.yml +++ b/roles/openshift-apps/zezere/templates/deploymentconfig.yml @@ -1,3 +1,4 @@ +--- apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: diff --git a/roles/openshift-apps/zezere/templates/secret.yml b/roles/openshift-apps/zezere/templates/secret.yml index 35a56d697d..f276476548 100644 --- a/roles/openshift-apps/zezere/templates/secret.yml +++ b/roles/openshift-apps/zezere/templates/secret.yml @@ -1,3 +1,4 @@ +--- apiVersion: v1 kind: Secret metadata: diff --git a/roles/openshift/imagestream/templates/imagestream.yml b/roles/openshift/imagestream/templates/imagestream.yml index acc2eeb681..4e1af50e2a 100644 --- a/roles/openshift/imagestream/templates/imagestream.yml +++ b/roles/openshift/imagestream/templates/imagestream.yml @@ -1,3 +1,4 @@ +--- apiVersion: image.openshift.io/v1 kind: ImageStream metadata: diff --git a/roles/openshift/import-image/tasks/main.yml b/roles/openshift/import-image/tasks/main.yml index fa4e8b16f0..7a6557c57e 100644 --- a/roles/openshift/import-image/tasks/main.yml +++ b/roles/openshift/import-image/tasks/main.yml @@ -1,2 +1,3 @@ +--- - name: Run `oc import-image` shell: oc -n {{app}} import-image {{imagestreamname}} diff --git a/roles/openshift/ipa-client/defaults/main.yml b/roles/openshift/ipa-client/defaults/main.yml index 2decaf2251..552c55bd6f 100644 --- a/roles/openshift/ipa-client/defaults/main.yml +++ b/roles/openshift/ipa-client/defaults/main.yml @@ -1 +1,2 @@ +--- public_hostname: "{{ inventory_hostname }}" diff --git a/roles/openshift/ipa-client/tasks/main.yml b/roles/openshift/ipa-client/tasks/main.yml index ab7c1571fe..ca99af6d10 100644 --- a/roles/openshift/ipa-client/tasks/main.yml +++ b/roles/openshift/ipa-client/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Get the IPA CA cert slurp: src: /etc/ipa/ca.crt diff --git a/roles/openshift/job/defaults/main.yml b/roles/openshift/job/defaults/main.yml index de4dc17659..0906cb3deb 100644 --- a/roles/openshift/job/defaults/main.yml +++ b/roles/openshift/job/defaults/main.yml @@ -1,2 +1,3 @@ +--- os_app: "{{app}}" template: job.yml diff --git a/roles/openshift/job/tasks/main.yml b/roles/openshift/job/tasks/main.yml index 8fc31d7371..84cb523a50 100644 --- a/roles/openshift/job/tasks/main.yml +++ b/roles/openshift/job/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Validate the job name {{ jobname }} assert: that: diff --git a/roles/openshift/keytab/defaults/main.yml b/roles/openshift/keytab/defaults/main.yml index 08687d00e7..531b5d4648 100644 --- a/roles/openshift/keytab/defaults/main.yml +++ b/roles/openshift/keytab/defaults/main.yml @@ -1 +1,2 @@ +--- ocp4: false diff --git a/roles/openshift/keytab/tasks/main.yml b/roles/openshift/keytab/tasks/main.yml index 1bb2190bc9..7410583a51 100644 --- a/roles/openshift/keytab/tasks/main.yml +++ b/roles/openshift/keytab/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Acquire a keytab include_role: name: keytab/service diff --git a/roles/openshift/object-delete/tasks/main.yml b/roles/openshift/object-delete/tasks/main.yml index b53db1a4c5..8f07b5b0ec 100644 --- a/roles/openshift/object-delete/tasks/main.yml +++ b/roles/openshift/object-delete/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Delete object file ({{tmpfile.path}}) file: path=/etc/openshift_apps/{{app}}/{{objectname}}.yml diff --git a/roles/openshift/object/defaults/main.yml b/roles/openshift/object/defaults/main.yml index 1a82b2bfb7..b6cd869d8f 100644 --- a/roles/openshift/object/defaults/main.yml +++ b/roles/openshift/object/defaults/main.yml @@ -1,2 +1,3 @@ +--- os_app: "{{app}}" always_apply: false diff --git a/roles/openshift/object/tasks/main.yml b/roles/openshift/object/tasks/main.yml index c31819f82a..2025304565 100644 --- a/roles/openshift/object/tasks/main.yml +++ b/roles/openshift/object/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy template {{template}} to temporary file ({{tmpfile.path}}) template: src={{roles_path}}/openshift-apps/{{app}}/templates/{{template}} dest=/etc/openshift_apps/{{os_app}}/{{objectname}} when: template is defined diff --git a/roles/openshift/project/tasks/main.yml b/roles/openshift/project/tasks/main.yml index 7bd0de3c91..f67e418350 100644 --- a/roles/openshift/project/tasks/main.yml +++ b/roles/openshift/project/tasks/main.yml @@ -5,7 +5,7 @@ state: directory owner: root group: root - mode: 0750 + mode: "0750" - name: Determine if project already exists command: oc get project {{app}} diff --git a/roles/openshift/project/templates/alertmanager.yml b/roles/openshift/project/templates/alertmanager.yml index 5c3e5dcdb3..1bba28a134 100644 --- a/roles/openshift/project/templates/alertmanager.yml +++ b/roles/openshift/project/templates/alertmanager.yml @@ -1,3 +1,4 @@ +--- apiVersion: monitoring.coreos.com/v1beta1 kind: AlertmanagerConfig metadata: diff --git a/roles/openshift/project/templates/appowners.yml b/roles/openshift/project/templates/appowners.yml index d08f054709..01155e0572 100644 --- a/roles/openshift/project/templates/appowners.yml +++ b/roles/openshift/project/templates/appowners.yml @@ -1,3 +1,4 @@ +--- apiVersion: authorization.openshift.io/v1 kind: RoleBinding metadata: diff --git a/roles/openshift/project/templates/deployer.yml b/roles/openshift/project/templates/deployer.yml index 5234284b86..736e69ce27 100644 --- a/roles/openshift/project/templates/deployer.yml +++ b/roles/openshift/project/templates/deployer.yml @@ -1,3 +1,4 @@ +--- apiVersion: authorization.openshift.io/v1 groupNames: [] kind: RoleBinding diff --git a/roles/openshift/project/templates/imagebuilder.yml b/roles/openshift/project/templates/imagebuilder.yml index a145f5d0e3..05da74afb3 100644 --- a/roles/openshift/project/templates/imagebuilder.yml +++ b/roles/openshift/project/templates/imagebuilder.yml @@ -1,3 +1,4 @@ +--- apiVersion: authorization.openshift.io/v1 groupNames: [] kind: RoleBinding diff --git a/roles/openshift/project/templates/imagepuller.yml b/roles/openshift/project/templates/imagepuller.yml index 6af5a0fe2e..7ea30f73e1 100644 --- a/roles/openshift/project/templates/imagepuller.yml +++ b/roles/openshift/project/templates/imagepuller.yml @@ -1,3 +1,4 @@ +--- apiVersion: authorization.openshift.io/v1 groupNames: - system:serviceaccounts:{{app}} diff --git a/roles/openshift/project/templates/project.yml b/roles/openshift/project/templates/project.yml index 9c9cccb06e..b04b76f3c5 100644 --- a/roles/openshift/project/templates/project.yml +++ b/roles/openshift/project/templates/project.yml @@ -1,3 +1,4 @@ +--- apiVersion: project.openshift.io/v1 kind: Project metadata: diff --git a/roles/openshift/project/templates/prometheusRules.yml b/roles/openshift/project/templates/prometheusRules.yml index 0d36427ad1..67be7d7dc5 100644 --- a/roles/openshift/project/templates/prometheusRules.yml +++ b/roles/openshift/project/templates/prometheusRules.yml @@ -1,4 +1,4 @@ -#jinja2:variable_start_string:'@@',variable_end_string:'@@' +# jinja2:variable_start_string:'@@',variable_end_string:'@@' --- apiVersion: monitoring.coreos.com/v1 kind: PrometheusRule diff --git a/roles/openshift/project/templates/role-appowners.yml b/roles/openshift/project/templates/role-appowners.yml index 5848c2ae2d..ad5a95bed6 100644 --- a/roles/openshift/project/templates/role-appowners.yml +++ b/roles/openshift/project/templates/role-appowners.yml @@ -1,3 +1,4 @@ +--- apiVersion: authorization.openshift.io/v1 kind: Role metadata: diff --git a/roles/openshift/rollout/tasks/main.yml b/roles/openshift/rollout/tasks/main.yml index a49e01360b..b417dea964 100644 --- a/roles/openshift/rollout/tasks/main.yml +++ b/roles/openshift/rollout/tasks/main.yml @@ -1,2 +1,3 @@ +--- - name: Run `oc rollout latest` shell: oc -n {{app}} rollout latest {{dcname}} diff --git a/roles/openshift/route/templates/route.yml b/roles/openshift/route/templates/route.yml index 6966c8e446..0386aa9723 100644 --- a/roles/openshift/route/templates/route.yml +++ b/roles/openshift/route/templates/route.yml @@ -1,3 +1,4 @@ +--- apiVersion: route.openshift.io/v1 kind: Route metadata: diff --git a/roles/openshift/secret-file/defaults/main.yml b/roles/openshift/secret-file/defaults/main.yml index 20592a659f..84c8da5b3b 100644 --- a/roles/openshift/secret-file/defaults/main.yml +++ b/roles/openshift/secret-file/defaults/main.yml @@ -1,2 +1,3 @@ +--- os_app: "{{app}}" ocp4: false diff --git a/roles/openshift/secret-file/tasks/main.yml b/roles/openshift/secret-file/tasks/main.yml index 49784111ae..6e98fc7b36 100644 --- a/roles/openshift/secret-file/tasks/main.yml +++ b/roles/openshift/secret-file/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy template {{template}} template: src={{roles_path}}/openshift-apps/{{app}}/templates/{{template}} dest=/etc/openshift_apps/{{os_app}}/{{key}} when: template is defined diff --git a/roles/openshift/secret-tls/tasks/main.yml b/roles/openshift/secret-tls/tasks/main.yml index ebda1de031..9ecd4fbe86 100644 --- a/roles/openshift/secret-tls/tasks/main.yml +++ b/roles/openshift/secret-tls/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Copy private tlscert {{privatefile}} copy: src={{private}}/files/{{ private_cert }} dest=/etc/openshift_apps/{{app}}/{{key}}.crt register: secret_privatecert diff --git a/roles/openshift/start-build/tasks/main.yml b/roles/openshift/start-build/tasks/main.yml index a15529cabe..e746067c7a 100644 --- a/roles/openshift/start-build/tasks/main.yml +++ b/roles/openshift/start-build/tasks/main.yml @@ -1,2 +1,3 @@ +--- - name: Run `oc start-build` shell: oc -n {{app}} start-build {{buildname}} diff --git a/roles/openshift/sysadmin-openshift/defaults/main.yaml b/roles/openshift/sysadmin-openshift/defaults/main.yaml index 815afb21cd..31a5d42843 100644 --- a/roles/openshift/sysadmin-openshift/defaults/main.yaml +++ b/roles/openshift/sysadmin-openshift/defaults/main.yaml @@ -1,3 +1,4 @@ +--- appowners: [] project_name: sysadmin-openshift project_templates: diff --git a/roles/openshift/sysadmin-openshift/tasks/main.yaml b/roles/openshift/sysadmin-openshift/tasks/main.yaml index 33d90fdeaf..7ff687b507 100644 --- a/roles/openshift/sysadmin-openshift/tasks/main.yaml +++ b/roles/openshift/sysadmin-openshift/tasks/main.yaml @@ -1,3 +1,3 @@ +--- - import_tasks: resources.yaml - import_tasks: upgrade.yaml - diff --git a/roles/openshift/sysadmin-openshift/tasks/resources.yaml b/roles/openshift/sysadmin-openshift/tasks/resources.yaml index 8d990d8bdc..f7a9fc5227 100644 --- a/roles/openshift/sysadmin-openshift/tasks/resources.yaml +++ b/roles/openshift/sysadmin-openshift/tasks/resources.yaml @@ -1,10 +1,11 @@ +--- - name: Create the directories to hold the templates file: path: "/root/ocp4/openshift-apps/{{project_name}}" state: directory owner: root group: root - mode: 0770 + mode: "0770" recurse: yes tags: - create-resources @@ -14,7 +15,7 @@ template: src: "{{ item }}" dest: "/root/ocp4/openshift-apps/{{project_name}}/{{ item }}" - mode: 0770 + mode: "0770" with_items: "{{ project_templates }}" tags: - create-resources @@ -25,4 +26,3 @@ with_items: "{{ project_templates }}" tags: - create-resources - diff --git a/roles/openshift/sysadmin-openshift/tasks/upgrade.yaml b/roles/openshift/sysadmin-openshift/tasks/upgrade.yaml index 3427b17533..5e16b9fa26 100644 --- a/roles/openshift/sysadmin-openshift/tasks/upgrade.yaml +++ b/roles/openshift/sysadmin-openshift/tasks/upgrade.yaml @@ -1,7 +1,8 @@ +--- - name: Install oc-client.rpm package. yum: - name: /srv/web/infra/bigfiles/openshiftboot/oc-client/oc-client.rpm - state: present + name: /srv/web/infra/bigfiles/openshiftboot/oc-client/oc-client.rpm + state: present delegate_to: 127.0.0.1 tags: - upgrade-rpm diff --git a/roles/openshift/sysadmin-openshift/templates/group.yaml b/roles/openshift/sysadmin-openshift/templates/group.yaml index f009677abe..be4523c199 100644 --- a/roles/openshift/sysadmin-openshift/templates/group.yaml +++ b/roles/openshift/sysadmin-openshift/templates/group.yaml @@ -1,3 +1,4 @@ +--- kind: Group apiVersion: user.openshift.io/v1 metadata: diff --git a/roles/openshift/sysadmin-openshift/templates/rolebinding.yaml b/roles/openshift/sysadmin-openshift/templates/rolebinding.yaml index 19ac13a64c..b8e6ea22af 100644 --- a/roles/openshift/sysadmin-openshift/templates/rolebinding.yaml +++ b/roles/openshift/sysadmin-openshift/templates/rolebinding.yaml @@ -1,3 +1,4 @@ +--- kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: diff --git a/roles/openvpn/base/tasks/main.yml b/roles/openvpn/base/tasks/main.yml index 6208395784..9b9fd8a065 100644 --- a/roles/openvpn/base/tasks/main.yml +++ b/roles/openvpn/base/tasks/main.yml @@ -25,8 +25,8 @@ tags: - install - openvpn - #notify: - #- restart openvpn (Fedora) + # notify: + # - restart openvpn (Fedora) - name: Install certificate and key (rhel or fedora) for server copy: src={{ private }}/files/vpn/pki/ca.crt @@ -35,8 +35,8 @@ tags: - install - openvpn - #notify: - #- restart openvpn (Fedora) + # notify: + # - restart openvpn (Fedora) when: inventory_hostname.startswith('bastion0') - name: install fix-routes.sh script diff --git a/roles/openvpn/server/tasks/main.yml b/roles/openvpn/server/tasks/main.yml index f879893d58..35de8b3012 100644 --- a/roles/openvpn/server/tasks/main.yml +++ b/roles/openvpn/server/tasks/main.yml @@ -43,8 +43,8 @@ - openvpn - name: Install the ccd files - synchronize: - src: ccd/ + synchronize: + src: ccd/ dest: /etc/openvpn/server/ccd/ delete: yes tags: diff --git a/roles/packager_alias/tasks/main.yml b/roles/packager_alias/tasks/main.yml index e34994291f..008f85a608 100644 --- a/roles/packager_alias/tasks/main.yml +++ b/roles/packager_alias/tasks/main.yml @@ -6,7 +6,7 @@ dest: /usr/local/bin/owner-email.py owner: root group: root - mode: 0755 + mode: "0755" tags: - install - packager_alias @@ -17,7 +17,7 @@ dest: /usr/local/bin/package-owner-aliases.sh owner: root group: root - mode: 0755 + mode: "0755" tags: - install - packager_alias diff --git a/roles/packages3/bugz.fp.o/tasks/main.yml b/roles/packages3/bugz.fp.o/tasks/main.yml index 675232eda7..52eadb5fb6 100644 --- a/roles/packages3/bugz.fp.o/tasks/main.yml +++ b/roles/packages3/bugz.fp.o/tasks/main.yml @@ -1,3 +1,4 @@ +--- - copy: > src=bugz.conf dest=/etc/httpd/conf.d/{{website}}/bugz.conf owner=root group=root mode=0644 diff --git a/roles/packages3/web/tasks/main.yml b/roles/packages3/web/tasks/main.yml index 1e6d1ae439..2c85d68478 100644 --- a/roles/packages3/web/tasks/main.yml +++ b/roles/packages3/web/tasks/main.yml @@ -12,11 +12,11 @@ - name: Create some directories file: - path={{ item }} - state=directory - owner=apache - group=fedmsg - mode=775 + path={{ item }} + state=directory + owner=apache + group=fedmsg + mode=775 with_items: - /etc/fedoracommunity - /var/cache/fedoracommunity # the gluster role usually creates this one diff --git a/roles/pagure/tasks/main.yml b/roles/pagure/tasks/main.yml index d13ed5782b..ab86f781a0 100644 --- a/roles/pagure/tasks/main.yml +++ b/roles/pagure/tasks/main.yml @@ -181,19 +181,19 @@ - name: create the `paguremirroring` group group: - name: paguremirroring - state: present + name: paguremirroring + state: present tags: - pagure - mirror - name: create the `paguremirroring` user user: - name: paguremirroring - group: paguremirroring - groups: paguremirroring,git - shell: /bin/nologin - home: /srv/mirror + name: paguremirroring + group: paguremirroring + groups: paguremirroring,git + shell: /bin/nologin + home: /srv/mirror tags: - pagure - mirror @@ -280,8 +280,8 @@ - name: install the configuration file for fedora-messaging template: - src=fedora-messaging.toml - dest=/etc/fedora-messaging/config.toml + src=fedora-messaging.toml + dest=/etc/fedora-messaging/config.toml tags: - pagure - fedora-messaging diff --git a/roles/people/tasks/main.yml b/roles/people/tasks/main.yml index 8f00863899..790a27285c 100644 --- a/roles/people/tasks/main.yml +++ b/roles/people/tasks/main.yml @@ -300,7 +300,7 @@ dest: /etc/sssd/sssd.conf owner: root group: root - mode: 0600 + mode: "0600" tags: - ipa/client - config diff --git a/roles/planet/tasks/main.yml b/roles/planet/tasks/main.yml index 377885c518..c04bc74a95 100644 --- a/roles/planet/tasks/main.yml +++ b/roles/planet/tasks/main.yml @@ -18,7 +18,7 @@ - planet_server - name: install the planet packages (and fedora-messaging) - package: pkg={{item}} state=present + package: pkg={{item}} state=present with_items: - venus - fedora-messaging @@ -293,7 +293,7 @@ - name: Create /etc/pki/fedora-messaging file: dest: /etc/pki/fedora-messaging - mode: 0775 + mode: "0775" owner: root group: root state: directory @@ -305,7 +305,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/ca.crt" dest: /etc/pki/fedora-messaging/rabbitmq-ca.crt - mode: 0644 + mode: "0644" owner: root group: root tags: @@ -316,7 +316,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/issued/planet{{env_suffix}}.crt" dest: /etc/pki/fedora-messaging/planet.crt - mode: 0644 + mode: "0644" owner: planet-user group: planet-user tags: @@ -327,7 +327,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/private/planet{{env_suffix}}.key" dest: /etc/pki/fedora-messaging/planet.key - mode: 0600 + mode: "0600" owner: planet-user group: planet-user tags: @@ -340,7 +340,7 @@ dest: /etc/fedora-messaging/config.toml owner: planet-user group: planet-user - mode: 0600 + mode: "0600" tags: - config - planet_server diff --git a/roles/postgresql_server/tasks/datanommer.yml b/roles/postgresql_server/tasks/datanommer.yml index ebb7a1cfce..5ceef7ec92 100644 --- a/roles/postgresql_server/tasks/datanommer.yml +++ b/roles/postgresql_server/tasks/datanommer.yml @@ -1,3 +1,4 @@ +--- - name: Install timescaledb dnf: name: diff --git a/roles/push-container-registry/tasks/main.yml b/roles/push-container-registry/tasks/main.yml index aab7ec31dd..6e48080be8 100644 --- a/roles/push-container-registry/tasks/main.yml +++ b/roles/push-container-registry/tasks/main.yml @@ -27,7 +27,7 @@ dest: "{{cert_dest_dir}}/client.cert" owner: root group: "{{ certs_group }}" - mode: 0640 + mode: "0640" tags: - push-container-registry @@ -36,6 +36,6 @@ src: "{{key_src}}" dest: "{{cert_dest_dir}}/client.key" group: "{{ certs_group }}" - mode: 0640 + mode: "0640" tags: - push-container-registry diff --git a/roles/rabbit/queue/defaults/main.yml b/roles/rabbit/queue/defaults/main.yml index 6f479eeb7f..3cc1bff324 100644 --- a/roles/rabbit/queue/defaults/main.yml +++ b/roles/rabbit/queue/defaults/main.yml @@ -1,3 +1,4 @@ +--- rabbitmq_server: "rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org" vhost: /pubsub default_exchange: amq.topic @@ -5,6 +6,6 @@ routing_keys: [] message_ttl: null max_priority: null thresholds: - warning: 10000 + warning: 10000 critical: 100000 nagios_server: noc01.iad2.fedoraproject.org diff --git a/roles/rabbit/queue/handlers/main.yml b/roles/rabbit/queue/handlers/main.yml index 55c71a083e..6b7b92664a 100644 --- a/roles/rabbit/queue/handlers/main.yml +++ b/roles/rabbit/queue/handlers/main.yml @@ -1,3 +1,4 @@ +--- - name: restart nagios on noc shell: nagios -v /etc/nagios/nagios.cfg && systemctl restart nagios delegate_to: "{{ nagios_server }}" @@ -6,4 +7,4 @@ service: name: nrpe state: restarted - delegate_to: "{{ rabbitmq_server }}" \ No newline at end of file + delegate_to: "{{ rabbitmq_server }}" diff --git a/roles/rabbit/queue/tasks/main.yml b/roles/rabbit/queue/tasks/main.yml index 332c78109b..596502e844 100644 --- a/roles/rabbit/queue/tasks/main.yml +++ b/roles/rabbit/queue/tasks/main.yml @@ -99,7 +99,7 @@ dest: /etc/nrpe.d/check_rabbitmq_queue_{{ queue_name }}.cfg owner: root group: root - mode: 0644 + mode: "0644" notify: restart nrpe on rabbitmq tags: - fedora-messaging diff --git a/roles/rabbit/user/defaults/main.yml b/roles/rabbit/user/defaults/main.yml index 83c8d74150..2146f29ca7 100644 --- a/roles/rabbit/user/defaults/main.yml +++ b/roles/rabbit/user/defaults/main.yml @@ -1,3 +1,4 @@ +--- rabbitmq_server: "rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org" vhost: /pubsub publish_only: true diff --git a/roles/rabbit/vhost/defaults/main.yml b/roles/rabbit/vhost/defaults/main.yml index 7f8d3fe590..68abe8ae74 100644 --- a/roles/rabbit/vhost/defaults/main.yml +++ b/roles/rabbit/vhost/defaults/main.yml @@ -1 +1,2 @@ +--- rabbitmq_server: "rabbitmq01{{ env_suffix }}.{{ datacenter }}.fedoraproject.org" diff --git a/roles/rabbitmq/tasks/main.yml b/roles/rabbitmq/tasks/main.yml index 1399313139..61b34c6893 100644 --- a/roles/rabbitmq/tasks/main.yml +++ b/roles/rabbitmq/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: install needed packages package: name={{ item }} state=present with_items: diff --git a/roles/rabbitmq_cluster/defaults/main.yml b/roles/rabbitmq_cluster/defaults/main.yml index b58d653934..563fccd753 100644 --- a/roles/rabbitmq_cluster/defaults/main.yml +++ b/roles/rabbitmq_cluster/defaults/main.yml @@ -1,2 +1,3 @@ +--- # https://www.rabbitmq.com/production-checklist.html#resource-limits-file-handle-limit rabbitmq_cluster_file_limit: 500000 diff --git a/roles/rabbitmq_cluster/tasks/apps.yml b/roles/rabbitmq_cluster/tasks/apps.yml index 6a90171394..11ce968f8f 100644 --- a/roles/rabbitmq_cluster/tasks/apps.yml +++ b/roles/rabbitmq_cluster/tasks/apps.yml @@ -4,6 +4,7 @@ # +--- - name: CoreOS user run_once: true include_role: @@ -60,9 +61,9 @@ include_role: name: rabbit/queue vars: - username: fedora-build-checks{{ env_suffix }} - queue_name: fedora-build-checks{{ env_suffix }} - routing_keys: + username: fedora-build-checks{{ env_suffix }} + queue_name: fedora-build-checks{{ env_suffix }} + routing_keys: - "org.centos.ci.#" - name: copr @@ -168,7 +169,7 @@ # ELN CS BEGIN # -#- name: eln cs queue +# - name: eln cs queue # run_once: true # include_role: # name: rabbit/queue diff --git a/roles/rabbitmq_cluster/tasks/main.yml b/roles/rabbitmq_cluster/tasks/main.yml index 4852cb19fc..2a0782cfa7 100644 --- a/roles/rabbitmq_cluster/tasks/main.yml +++ b/roles/rabbitmq_cluster/tasks/main.yml @@ -1,3 +1,4 @@ +--- # Openstack has a newer version of rabbitmq - name: Install RHOSP13 repo file copy: src="{{ files }}/common/rhos13.repo" dest=/etc/yum.repos.d/rhos13.repo @@ -227,7 +228,7 @@ copy: dest: /root/.rabbitmqpass content: "{{ (env == 'production')|ternary(rabbitmq_admin_password_production, rabbitmq_admin_password_staging) }}" - mode: 0600 + mode: "0600" owner: root group: root tags: @@ -464,7 +465,7 @@ copy: src: selinux-load.sh dest: /etc/nagios/selinux-load.sh - mode: 0755 + mode: "0755" - name: copy over our custom selinux module copy: diff --git a/roles/rabbitmq_cluster/tasks/vhost-centos-odcs.yml b/roles/rabbitmq_cluster/tasks/vhost-centos-odcs.yml index 0d6143df96..634237e6f2 100644 --- a/roles/rabbitmq_cluster/tasks/vhost-centos-odcs.yml +++ b/roles/rabbitmq_cluster/tasks/vhost-centos-odcs.yml @@ -1,3 +1,4 @@ +--- - name: Configure the centos-odcs virtual host run_once: true delegate_to: "rabbitmq01{{ env_suffix }}.iad2.fedoraproject.org" @@ -58,7 +59,7 @@ copy: dest: /root/.centos-odcs-rabbitmqpass content: "{{ (env == 'production')|ternary(rabbitmq_centos_odcs_admin_password_production, rabbitmq_centos_odcs_admin_password_staging) }}" - mode: 0600 + mode: "0600" owner: root group: root tags: @@ -102,4 +103,3 @@ state: present tags: - centos-odcs - diff --git a/roles/redis/tasks/main.yml b/roles/redis/tasks/main.yml index 543495757b..62acb107ee 100644 --- a/roles/redis/tasks/main.yml +++ b/roles/redis/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: install needed packages package: name={{ item }} state=present with_items: diff --git a/roles/relvalconsumer/defaults/main.yml b/roles/relvalconsumer/defaults/main.yml index ac6445eb0b..2145efc845 100644 --- a/roles/relvalconsumer/defaults/main.yml +++ b/roles/relvalconsumer/defaults/main.yml @@ -1,3 +1,4 @@ +--- relvalconsumer_prod: false relvalconsumer_amqp_passive: false relvalconsumer_amqp_url: "amqps://fedora:@rabbitmq.fedoraproject.org/%2Fpublic_pubsub" @@ -9,7 +10,7 @@ relvalconsumer_amqp_mailfrom: "root@{{ external_hostname }}" relvalconsumer_amqp_smtp: localhost relvalconsumer_disabled: false relvalamiconsumer_amqp_routing_keys: [ - "org.fedoraproject.prod.fedora_image_uploader.published.v1.aws", - "org.fedoraproject.prod.fedora_image_uploader.published.v1.aws.#" + "org.fedoraproject.prod.fedora_image_uploader.published.v1.aws", + "org.fedoraproject.prod.fedora_image_uploader.published.v1.aws.#" ] relvalamiconsumer_disabled: false diff --git a/roles/relvalconsumer/handlers/main.yml b/roles/relvalconsumer/handlers/main.yml index e1874d114e..8d57f1f1f5 100644 --- a/roles/relvalconsumer/handlers/main.yml +++ b/roles/relvalconsumer/handlers/main.yml @@ -1,4 +1,5 @@ # Restart handler for our fedora-messaging consumers +--- - name: Conditionally restart relvalconsumer consumer service command: /usr/local/bin/conditional-restart.sh fm-consumer@relvalconsumer listen: diff --git a/roles/relvalconsumer/tasks/main.yml b/roles/relvalconsumer/tasks/main.yml index d72bd5226b..ba39e7d7a0 100644 --- a/roles/relvalconsumer/tasks/main.yml +++ b/roles/relvalconsumer/tasks/main.yml @@ -95,13 +95,14 @@ ## instance should have this set. # note: kept around for when we need packages from u-t -#- name: Install required packages (testing) +# - name: Install required packages (testing) # dnf: # name: ['python3-fedfind', 'python3-wikitcms'] # state: present # enablerepo: "updates-testing" # tags: # - packages +--- - name: Install required packages package: # 'relval' itself is needed as we call it directly for size @@ -128,7 +129,7 @@ - name: Create /root/.openidc (token file location for manual runs as root) file: path=/root/.openidc state=directory owner=root group=root mode=0700 -#- name: Write wikitcms token file for root +# - name: Write wikitcms token file for root # copy: src={{ wikitcms_token }} dest=/root/.openidc/oidc_wikitcms.json owner=root group=root mode=0600 # when: "wikitcms_token is defined" # tags: @@ -156,7 +157,7 @@ - name: Create /etc/pki/fedora-messaging file: dest: /etc/pki/fedora-messaging - mode: 0775 + mode: "0775" owner: root group: root state: directory @@ -171,7 +172,7 @@ copy: src: "{{ private }}/files/rabbitmq/production/pki/issued/{{ openqa_amqp_prod_username }}.crt" dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_prod_username }}-cert.pem" - mode: 0644 + mode: "0644" owner: root group: root when: "deployment_type is defined" @@ -186,7 +187,7 @@ copy: src: "{{ private }}/files/rabbitmq/production/pki/private/{{ openqa_amqp_prod_username }}.key" dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_prod_username }}-key.pem" - mode: 0640 + mode: "0640" owner: root group: geekotest when: "deployment_type is defined" @@ -196,7 +197,7 @@ - name: Create python-bugzilla configuration directory file: dest: /root/.config/python-bugzilla - mode: 0700 + mode: "0700" owner: root group: root state: directory diff --git a/roles/review-stats/proxy/tasks/main.yml b/roles/review-stats/proxy/tasks/main.yml index e95fe48845..78c5d68618 100644 --- a/roles/review-stats/proxy/tasks/main.yml +++ b/roles/review-stats/proxy/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Ensure dir for content exists file: dest=/srv/web/review-stats owner=root group=root mode=0755 state=directory tags: diff --git a/roles/robosignatory/handlers/main.yml b/roles/robosignatory/handlers/main.yml index 2ba5725acd..10f1d79294 100644 --- a/roles/robosignatory/handlers/main.yml +++ b/roles/robosignatory/handlers/main.yml @@ -3,4 +3,3 @@ service: name: robosignatory state: restarted - diff --git a/roles/robosignatory/tasks/main.yml b/roles/robosignatory/tasks/main.yml index 71abd54197..5e8ee481c5 100644 --- a/roles/robosignatory/tasks/main.yml +++ b/roles/robosignatory/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Install packages package: state=present name={{ item }} with_items: @@ -40,7 +41,7 @@ state: directory owner: robosignatory group: robosignatory - mode: 0750 + mode: "0750" tags: - config - robosignatory @@ -51,7 +52,7 @@ state: directory owner: robosignatory group: robosignatory - mode: 0750 + mode: "0750" tags: - config - robosignatory @@ -62,7 +63,7 @@ dest: /etc/sigul/client.conf owner: robosignatory group: robosignatory - mode: 0640 + mode: "0640" notify: - restart robosignatory tags: @@ -83,7 +84,7 @@ dest: /etc/robosignatory/koji.config owner: robosignatory group: robosignatory - mode: 0640 + mode: "0640" tags: - config - robosignatory @@ -94,7 +95,7 @@ dest: /etc/robosignatory/serverca.cert owner: robosignatory group: robosignatory - mode: 0640 + mode: "0640" notify: - restart robosignatory tags: @@ -106,7 +107,7 @@ - name: Create /etc/pki/fedora-messaging file: dest: /etc/pki/fedora-messaging - mode: 0775 + mode: "0775" owner: root group: root state: directory @@ -118,7 +119,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/ca.crt" dest: /etc/pki/fedora-messaging/cacert.pem - mode: 0644 + mode: "0644" owner: root group: root tags: @@ -129,7 +130,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/issued/robosignatory{{env_suffix}}.crt" dest: /etc/pki/fedora-messaging/robosignatory-cert.pem - mode: 0644 + mode: "0644" owner: robosignatory group: robosignatory notify: @@ -142,7 +143,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/private/robosignatory{{env_suffix}}.key" dest: /etc/pki/fedora-messaging/robosignatory-key.pem - mode: 0600 + mode: "0600" owner: robosignatory group: robosignatory notify: @@ -157,7 +158,7 @@ dest: /etc/fedora-messaging/robosignatory.toml owner: robosignatory group: robosignatory - mode: 0640 + mode: "0640" notify: - restart robosignatory tags: @@ -171,7 +172,7 @@ path: /etc/systemd/system/fm-consumer@.service.d owner: root group: root - mode: 0755 + mode: "0755" when: env == 'staging' tags: - config @@ -183,7 +184,7 @@ dest: /etc/systemd/system/fm-consumer@.service.d/local.conf owner: root group: root - mode: 0644 + mode: "0644" when: env == 'staging' notify: - reload systemd @@ -208,7 +209,7 @@ dest: /usr/local/bin/sigul-add-key owner: root group: root - mode: 0755 + mode: "0755" when: env != 'staging' notify: - reload systemd @@ -222,7 +223,7 @@ dest: /etc/systemd/system/robosignatory.service owner: root group: root - mode: 0644 + mode: "0644" when: env != 'staging' notify: - reload systemd @@ -236,7 +237,7 @@ dest: /etc/tmpfiles.d/ask-password-robosignatory.conf owner: root group: root - mode: 0644 + mode: "0644" tags: - config - robosignatory diff --git a/roles/rsnapshot-push/tasks/main.yml b/roles/rsnapshot-push/tasks/main.yml index a17899668a..a9ec3ca17a 100644 --- a/roles/rsnapshot-push/tasks/main.yml +++ b/roles/rsnapshot-push/tasks/main.yml @@ -5,7 +5,7 @@ dest: "/usr/local/bin/{{ item.value.command }}" owner: "{{ item.value.user }}" group: "{{ item.value.user }}" - mode: 0700 + mode: "0700" with_dict: - "{{ rsnapshot_push.cases }}" tags: rsnapshot_push @@ -23,7 +23,7 @@ state: directory owner: "{{ item.value.user }}" group: "{{ item.value.user }}" - mode: 0700 + mode: "0700" with_dict: - "{{ rsnapshot_push.cases }}" delegate_to: "{{ rsnapshot_push.server_host }}" @@ -35,7 +35,7 @@ dest: "{{ '/'.join([rsnapshot_push.backup_dir, item.key, 'sync-daemon']) }}" owner: "{{ item.value.user }}" group: "{{ item.value.user }}" - mode: 0700 + mode: "0700" with_dict: - "{{ rsnapshot_push.cases }}" delegate_to: "{{ rsnapshot_push.server_host }}" @@ -58,7 +58,7 @@ dest: "{{ '/'.join([rsnapshot_push.backup_dir, item.key, 'rsnapshot']) }}" owner: "{{ item.value.user }}" group: "{{ item.value.user }}" - mode: 0700 + mode: "0700" with_dict: - "{{ rsnapshot_push.cases }}" delegate_to: "{{ rsnapshot_push.server_host }}" diff --git a/roles/rsyncd/tasks/main.yml b/roles/rsyncd/tasks/main.yml index b7c6edef4f..96a8b69514 100644 --- a/roles/rsyncd/tasks/main.yml +++ b/roles/rsyncd/tasks/main.yml @@ -100,7 +100,7 @@ tags: - services - rsyncd - + - name: set sebooleans so rsync can read dirs seboolean: name=rsync_export_all_ro state=true diff --git a/roles/selinux/module/tasks/main.yml b/roles/selinux/module/tasks/main.yml index d3ff9dc24f..b61d6a59dc 100644 --- a/roles/selinux/module/tasks/main.yml +++ b/roles/selinux/module/tasks/main.yml @@ -11,8 +11,6 @@ # - policy_name (str): the name of the custom SELinux policy to build and # install. - - - name: copy over our custom selinux module for {{ policy_name }} copy: src="{{ policy_file }}" dest="/usr/local/share/{{ policy_name }}.te" register: selinux_module diff --git a/roles/serial-console/tasks/main.yml b/roles/serial-console/tasks/main.yml index 39e16c3bb7..2ee25b9a7d 100644 --- a/roles/serial-console/tasks/main.yml +++ b/roles/serial-console/tasks/main.yml @@ -1,6 +1,7 @@ # # This role sets up serial console on ttyS1 # +--- - name: check for grub serial setup command: grub2-editenv list register: serial diff --git a/roles/sigul/bridge/tasks/main.yml b/roles/sigul/bridge/tasks/main.yml index c250fcf0b7..acf7412ad5 100644 --- a/roles/sigul/bridge/tasks/main.yml +++ b/roles/sigul/bridge/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Install sigul bridge package: state=present name=sigul-bridge tags: diff --git a/roles/sigul/server/tasks/main.yml b/roles/sigul/server/tasks/main.yml index 5ff6132600..9d642342b2 100644 --- a/roles/sigul/server/tasks/main.yml +++ b/roles/sigul/server/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: put rhel AH repos on rhel systems copy: src="{{ files }}/common/rhel7ah.repo" dest="/etc/yum.repos.d/rhel7ah.repo" when: ansible_distribution == 'RedHat' @@ -16,7 +17,7 @@ - openssl-pkcs11 - gnutls-utils - ykpers - #- yubico-piv-tool + # - yubico-piv-tool - pcsc-lite - opensc - tar diff --git a/roles/smtp-auth-relay/tasks/main.yml b/roles/smtp-auth-relay/tasks/main.yml index e8cb2968c5..81340823c5 100644 --- a/roles/smtp-auth-relay/tasks/main.yml +++ b/roles/smtp-auth-relay/tasks/main.yml @@ -12,7 +12,7 @@ copy: dest: /etc/postfix/sasl_passwd content: "{{ smtp_auth_relay_host }} {{ smtp_auth_relay_user }}:{{ smtp_auth_relay_password }}" - mode: 0600 + mode: "0600" register: smtp_relay_password_file tags: - smtp_auth_relay diff --git a/roles/spamassassin/handlers/main.yml b/roles/spamassassin/handlers/main.yml index 5abb3ffb75..34a588a7e6 100644 --- a/roles/spamassassin/handlers/main.yml +++ b/roles/spamassassin/handlers/main.yml @@ -1,3 +1,3 @@ +--- - name: restart spamassassin action: service name=spamassassin state=restarted - diff --git a/roles/supybot/tasks/main.yml b/roles/supybot/tasks/main.yml index bb5754f0a2..26091cc1d0 100644 --- a/roles/supybot/tasks/main.yml +++ b/roles/supybot/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: install limnoria package package: name={{ item }} state=present enablerepo=epel-testing with_items: @@ -50,7 +51,7 @@ tags: supybot - name: teams cron job - cron: + cron: name: archive hour: "23" minute: "30" @@ -106,7 +107,7 @@ - name: Create /etc/pki/fedora-messaging file: dest: /etc/pki/fedora-messaging - mode: 0775 + mode: "0775" state: directory when: - inventory_hostname.startswith('value02') @@ -117,7 +118,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/ca.crt" dest: /etc/pki/fedora-messaging/rabbitmq-ca.crt - mode: 0644 + mode: "0644" owner: daemon group: daemon when: @@ -128,8 +129,8 @@ - name: Deploy the fedora-messaging cert copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/issued/{{ botname }}.crt" - dest: /etc/pki/fedora-messaging/{{ botname }}.crt - mode: 0644 + dest: /etc/pki/fedora-messaging/{{ botname }}.crt + mode: "0644" owner: daemon group: daemon when: @@ -141,7 +142,7 @@ copy: src: "{{ private }}/files/rabbitmq/{{env}}/pki/private/{{ botname }}.key" dest: /etc/pki/fedora-messaging/{{ botname }}.key - mode: 0600 + mode: "0600" owner: daemon group: daemon when: @@ -155,14 +156,12 @@ dest: /etc/fedora-messaging/{{ botname }}.toml owner: daemon group: daemon - mode: 0600 + mode: "0600" when: - inventory_hostname.startswith('value02') tags: - config - - - name: setup zodbot systemd service file (prod) copy: src=zodbot.service dest=/etc/systemd/system/zodbot.service when: env == "production" diff --git a/roles/supybot/vars/main.yml b/roles/supybot/vars/main.yml index 6e3df9985c..63d7478269 100644 --- a/roles/supybot/vars/main.yml +++ b/roles/supybot/vars/main.yml @@ -1,3 +1,4 @@ +--- botnames: staging: ursabot production: zodbot diff --git a/roles/tang/tasks/main.yml b/roles/tang/tasks/main.yml index d1d40dfab8..8a98aff3d1 100644 --- a/roles/tang/tasks/main.yml +++ b/roles/tang/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: install tang package: name=tang state=present tags: diff --git a/roles/testcase_stats/tasks/main.yml b/roles/testcase_stats/tasks/main.yml index 8d86a5d568..941adf124f 100644 --- a/roles/testcase_stats/tasks/main.yml +++ b/roles/testcase_stats/tasks/main.yml @@ -17,6 +17,7 @@ # We seem to need this to get FedoraCycleNumber in Fedora infra. If # you're running this role elsewhere, make your own arrangements +--- - name: Include vars include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README when: "deployment_type is defined" diff --git a/roles/testdays/tasks/main.yml b/roles/testdays/tasks/main.yml index 9cf95a9050..f390a4f6b6 100644 --- a/roles/testdays/tasks/main.yml +++ b/roles/testdays/tasks/main.yml @@ -31,4 +31,3 @@ template: src=testdays.conf.j2 dest=/etc/httpd/conf.d/testdays.conf owner=root group=root mode=0644 notify: - reload httpd - diff --git a/roles/tftp_server/tasks/main.yml b/roles/tftp_server/tasks/main.yml index 0f8ef3d947..b6610c9ff7 100644 --- a/roles/tftp_server/tasks/main.yml +++ b/roles/tftp_server/tasks/main.yml @@ -22,7 +22,7 @@ tags: - config - tftp_server - when: datacenter != 'iad2' + when: datacenter != 'iad2' - name: enable tftp socket service service: state=started enabled=true name=tftp.socket @@ -37,12 +37,12 @@ - tftp_server - name: Set permissions on the rhcos tftpboot folder - file: + file: path: /var/lib/tftpboot/rhcos mode: '0755' tags: - tftp_server - when: datacenter == 'iad2' + when: datacenter == 'iad2' - name: Copy rhcos files to images folder copy: diff --git a/roles/torrent/tasks/main.yml b/roles/torrent/tasks/main.yml index 57503c9bf3..9d83232dfd 100644 --- a/roles/torrent/tasks/main.yml +++ b/roles/torrent/tasks/main.yml @@ -87,4 +87,3 @@ - selinux - httpd - httpd/website - diff --git a/roles/varnish/handlers/main.yml b/roles/varnish/handlers/main.yml index ce6018b90d..5c7854da6b 100644 --- a/roles/varnish/handlers/main.yml +++ b/roles/varnish/handlers/main.yml @@ -1,2 +1,3 @@ +--- - name: restart varnish service: name=varnish state=restarted diff --git a/roles/virthost/tasks/main.yml b/roles/virthost/tasks/main.yml index 0008474a49..935eb8bdee 100644 --- a/roles/virthost/tasks/main.yml +++ b/roles/virthost/tasks/main.yml @@ -60,7 +60,7 @@ # # On some hosts in the fedorainfracloud network we want to add some users to be able to manage -# their own vms. +# their own vms. - name: add copr user to some virthosts that will run copr builders user: name=copr password_lock=true group=libvirt when: copr_build_virthost diff --git a/roles/web-data-analysis/tasks/main.yml b/roles/web-data-analysis/tasks/main.yml index 43615d73a7..80c9645ee2 100644 --- a/roles/web-data-analysis/tasks/main.yml +++ b/roles/web-data-analysis/tasks/main.yml @@ -197,7 +197,7 @@ copy: src: sync-http-logs.py dest: /usr/local/bin/sync-http-logs.py - mode: 0755 + mode: "0755" when: inventory_hostname.startswith('log01') tags: - web-data @@ -241,7 +241,7 @@ copy: src: sync-http-logs-and-merge.sh dest: /etc/cron.daily - mode: 0755 + mode: "0755" tags: - web-data - cron diff --git a/roles/web-data-analysis/templates/sync-http-logs.yaml.j2 b/roles/web-data-analysis/templates/sync-http-logs.yaml.j2 index 7aebb8bfa1..aa4b437577 100644 --- a/roles/web-data-analysis/templates/sync-http-logs.yaml.j2 +++ b/roles/web-data-analysis/templates/sync-http-logs.yaml.j2 @@ -47,7 +47,7 @@ synced_hosts: - dl04.iad2.fedoraproject.org - dl05.iad2.fedoraproject.org - download-ib01.vpn.fedoraproject.org - #- download-cc-rdu01.vpn.fedoraproject.org + # - download-cc-rdu01.vpn.fedoraproject.org - sundries01.iad2.fedoraproject.org # - sundries02.iad2.fedoraproject.org # - sundries01.stg.iad2.fedoraproject.org diff --git a/roles/weblate-backup/tasks/main.yml b/roles/weblate-backup/tasks/main.yml index 59dc13e8ad..f67c30e19b 100644 --- a/roles/weblate-backup/tasks/main.yml +++ b/roles/weblate-backup/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Install packages package: name: @@ -15,7 +16,7 @@ - name: create a .ssh dir for that user file: dest: "/home/_backup_weblate/.ssh" - mode: 0700 + mode: "0700" state: directory owner: _backup_weblate group: _backup_weblate @@ -28,7 +29,7 @@ dest: ~_backup_weblate/.ssh/id_rsa owner: _backup_weblate group: _backup_weblate - mode: 0600 + mode: "0600" tags: - weblate_backup @@ -38,17 +39,17 @@ dest: ~_backup_weblate/.borgpass owner: _backup_weblate group: _backup_weblate - mode: 0600 + mode: "0600" tags: - weblate_backup - + - name: Install backup script template: src: weblate-backup dest: /usr/local/bin/weblate-backup owner: root group: root - mode: 0755 + mode: "0755" tags: - weblate_backup @@ -58,14 +59,14 @@ dest: /etc/cron.d/cron-weblate-backup owner: root group: root - mode: 0644 + mode: "0644" tags: - weblate_backup - name: Create directory to mirror backups to file: dest: "{{ weblate_backup_topdir }}" - mode: 0755 + mode: "0755" state: directory owner: _backup_weblate tags: diff --git a/roles/yubikey/tasks/main.yml b/roles/yubikey/tasks/main.yml index 8e7ad423c4..def07ac93e 100644 --- a/roles/yubikey/tasks/main.yml +++ b/roles/yubikey/tasks/main.yml @@ -35,4 +35,3 @@ seboolean: name=httpd_can_network_connect state=yes persistent=yes tags: - config - diff --git a/roles/zabbix/zabbix_agent/defaults/main.yml b/roles/zabbix/zabbix_agent/defaults/main.yml index 8f25b7c454..49a8d2610a 100644 --- a/roles/zabbix/zabbix_agent/defaults/main.yml +++ b/roles/zabbix/zabbix_agent/defaults/main.yml @@ -1,3 +1,4 @@ +--- # Defaults variables for role zabbix-agent zabbix_server: "zabbix01{{env_suffix}}.iad2.fedoraproject.org" zabbix_agent_hostname: "{{ ansible_hostname }}" @@ -7,4 +8,3 @@ zabbix_tls_connect: "psk" zabbix_tls_accept: "psk" zabbix_tls_psk_identity: "Fedora" # OVERRIDEME zabbix_tls_psk_file: "/etc/zabbix/fedora.psk" # `openssl rand -hex 32` Overridden in ansible private repo - diff --git a/roles/zabbix/zabbix_agent/handlers/main.yml b/roles/zabbix/zabbix_agent/handlers/main.yml index ce03f98b54..8276f6a9be 100644 --- a/roles/zabbix/zabbix_agent/handlers/main.yml +++ b/roles/zabbix/zabbix_agent/handlers/main.yml @@ -1,3 +1,4 @@ +--- - name: restart_zabbix_agent service: name=zabbix-agent state=restarted diff --git a/roles/zabbix/zabbix_agent/tasks/main.yml b/roles/zabbix/zabbix_agent/tasks/main.yml index dfbb2ed26a..2387edde19 100644 --- a/roles/zabbix/zabbix_agent/tasks/main.yml +++ b/roles/zabbix/zabbix_agent/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Importing specific distro variables include_vars: "{{ item }}" with_first_found: @@ -69,9 +70,9 @@ dest: /etc/zabbix/fedora.psk owner: zabbix group: zabbix - mode: 0600 + mode: "0600" with_fileglob: - - "{{ private }}/files/zabbix/fedora{{env_suffix}}.psk" + - "{{ private }}/files/zabbix/fedora{{env_suffix}}.psk" tags: - zabbix_agent @@ -79,7 +80,7 @@ file: state: directory path: /usr/lib/zabbix - mode: 0770 + mode: "0770" owner: zabbix group: zabbix tags: @@ -89,7 +90,7 @@ file: state: directory path: /var/log/zabbix - mode: 0770 + mode: "0770" owner: zabbix group: zabbix tags: @@ -100,7 +101,7 @@ src: "{{ item }}.j2" dest: "{{ zabbix_agentd_dir }}/{{ item }}" owner: zabbix - mode: 0666 + mode: "0666" notify: restart_zabbix_agent with_items: - interface-alias.conf diff --git a/roles/zabbix/zabbix_agent/tasks/tools.yml b/roles/zabbix/zabbix_agent/tasks/tools.yml index fbb06c7de7..f60e8e1a8d 100644 --- a/roles/zabbix/zabbix_agent/tasks/tools.yml +++ b/roles/zabbix/zabbix_agent/tasks/tools.yml @@ -1,8 +1,9 @@ +--- - name: Some basic wrapper scripts for zabbix-sender copy: src: "scripts/{{ item }}" dest: "/usr/lib/zabbix/{{ item }}" - mode: 0755 + mode: "0755" with_items: - zabbix-hw-raid-check.sh - zabbix-mdstat-check.sh @@ -23,4 +24,3 @@ - zabbix-check-eth-settings.sh - zabbix-check-iptables.sh - zabbix-check-ro.sh - diff --git a/roles/zabbix/zabbix_agent/vars/CentOS-7.yml b/roles/zabbix/zabbix_agent/vars/CentOS-7.yml index 8376b14cc6..aed90466d5 100644 --- a/roles/zabbix/zabbix_agent/vars/CentOS-7.yml +++ b/roles/zabbix/zabbix_agent/vars/CentOS-7.yml @@ -1,3 +1,4 @@ +--- pkgs_list: - policycoreutils-python diff --git a/roles/zabbix/zabbix_agent/vars/CentOS-8.yml b/roles/zabbix/zabbix_agent/vars/CentOS-8.yml index 871c145122..b909167489 100644 --- a/roles/zabbix/zabbix_agent/vars/CentOS-8.yml +++ b/roles/zabbix/zabbix_agent/vars/CentOS-8.yml @@ -1,3 +1,4 @@ +--- pkgs_list: - policycoreutils-python-utils diff --git a/roles/zabbix/zabbix_agent/vars/CentOS-9.yml b/roles/zabbix/zabbix_agent/vars/CentOS-9.yml index 871c145122..b909167489 100644 --- a/roles/zabbix/zabbix_agent/vars/CentOS-9.yml +++ b/roles/zabbix/zabbix_agent/vars/CentOS-9.yml @@ -1,3 +1,4 @@ +--- pkgs_list: - policycoreutils-python-utils diff --git a/roles/zabbix/zabbix_agent/vars/Fedora.yml b/roles/zabbix/zabbix_agent/vars/Fedora.yml index 9a4496798f..5b780a6d44 100644 --- a/roles/zabbix/zabbix_agent/vars/Fedora.yml +++ b/roles/zabbix/zabbix_agent/vars/Fedora.yml @@ -1,3 +1,4 @@ +--- pkgs_list: - policycoreutils-python-utils diff --git a/roles/zabbix/zabbix_agent/vars/common.yml b/roles/zabbix/zabbix_agent/vars/common.yml index 5c68df415b..a72ac72971 100644 --- a/roles/zabbix/zabbix_agent/vars/common.yml +++ b/roles/zabbix/zabbix_agent/vars/common.yml @@ -1,3 +1,4 @@ +--- pkgs_list: - libsemanage-python - policycoreutils-python diff --git a/roles/zabbix/zabbix_server/defaults/main.yml b/roles/zabbix/zabbix_server/defaults/main.yml index b337fe562d..0c0b7852a8 100644 --- a/roles/zabbix/zabbix_server/defaults/main.yml +++ b/roles/zabbix/zabbix_server/defaults/main.yml @@ -19,4 +19,3 @@ zabbix_server_pkgs: - python3-psycopg2 - nmap - php-openssl - diff --git a/roles/zabbix/zabbix_server/tasks/create_keytab.yml b/roles/zabbix/zabbix_server/tasks/create_keytab.yml index 8048a8f712..78f7baf653 100644 --- a/roles/zabbix/zabbix_server/tasks/create_keytab.yml +++ b/roles/zabbix/zabbix_server/tasks/create_keytab.yml @@ -1,10 +1,11 @@ +--- - name: Create the zabbix keytab path file: path: "/etc/openshift_apps/zabbix/" state: directory owner: root group: root - mode: 0750 + mode: "0750" tags: - create-keytab diff --git a/roles/zabbix/zabbix_server/tasks/db.yml b/roles/zabbix/zabbix_server/tasks/db.yml index d1a08ac4b8..586e018f4b 100644 --- a/roles/zabbix/zabbix_server/tasks/db.yml +++ b/roles/zabbix/zabbix_server/tasks/db.yml @@ -4,7 +4,7 @@ ansible.builtin.shell: postgresql-setup initdb args: executable: /bin/bash - ignore_errors: True + ignore_errors: true tags: - db-configure @@ -12,7 +12,7 @@ ansible.builtin.copy: src: postgresql.conf dest: /var/lib/pgsql/data/postgresql.conf - mode: 0600 + mode: "0600" owner: postgres group: postgres tags: @@ -23,7 +23,7 @@ ansible.builtin.service: name: postgresql state: reloaded - enabled: True + enabled: true tags: - zabbix-services @@ -39,7 +39,7 @@ - name: Configure the zabbix db ansible.builtin.shell: "sudo -u postgres createdb -O {{ zabbix_db_user }} {{ zabbix_db_name }}" - ignore_errors: True + ignore_errors: true tags: - db-configure @@ -47,7 +47,6 @@ ansible.builtin.shell: "zcat /usr/share/zabbix-sql-scripts/postgresql/server.sql.gz | sudo -u zabbix psql zabbix" args: executable: /bin/bash - ignore_errors: True + ignore_errors: true tags: - db-configure - diff --git a/roles/zabbix/zabbix_server/tasks/install.yml b/roles/zabbix/zabbix_server/tasks/install.yml index f1b758bbaf..e763e4154f 100644 --- a/roles/zabbix/zabbix_server/tasks/install.yml +++ b/roles/zabbix/zabbix_server/tasks/install.yml @@ -17,7 +17,7 @@ - name: Install the zabbix rpm command: "rpm -Uvh https://repo.zabbix.com/zabbix/6.0/rhel/9/x86_64/zabbix-release-6.0-4.el9.noarch.rpm" - ignore_errors: True + ignore_errors: true tags: - packages @@ -34,7 +34,7 @@ ansible.builtin.template: src: pg_hba.conf.j2 dest: /var/lib/pgsql/data/pg_hba.conf - mode: 0600 + mode: "0600" tags: - zabbix-configuration @@ -42,7 +42,7 @@ ansible.builtin.template: src: zabbix_server.conf.j2 dest: /etc/zabbix/zabbix_server.conf - mode: 0600 + mode: "0600" tags: - zabbix-configuration @@ -58,7 +58,7 @@ ansible.builtin.template: src: zabbix.conf.php.j2 dest: /etc/zabbix/web/zabbix.conf.php - mode: 0600 + mode: "0600" owner: nginx group: nginx tags: @@ -71,7 +71,7 @@ | regex_search('-----BEGIN CERTIFICATE-----\n[^-]*\n-----END CERTIFICATE-----', multiline=True) }}\n" dest: /usr/share/zabbix/conf/certs/idp.crt - mode: 0644 + mode: "0644" owner: nginx group: nginx tags: @@ -81,7 +81,7 @@ ansible.builtin.template: src: nginx.conf.j2 dest: /etc/nginx/nginx.conf - mode: 0644 + mode: "0644" owner: nginx group: nginx tags: @@ -91,7 +91,7 @@ ansible.builtin.template: src: nginx_zabbix.conf.j2 dest: /etc/nginx/conf.d/zabbix.conf - mode: 0644 + mode: "0644" owner: nginx group: nginx tags: @@ -101,7 +101,7 @@ ansible.builtin.copy: src: php-fpm_www.conf dest: /etc/php-fpm.d/www.conf - mode: 0600 + mode: "0600" owner: nginx group: nginx tags: @@ -111,7 +111,7 @@ ansible.builtin.copy: src: php-fpm_zabbix.conf dest: /etc/php-fpm.d/zabbix.conf - mode: 0600 + mode: "0600" owner: nginx group: nginx tags: diff --git a/roles/zabbix/zabbix_server/tasks/main.yml b/roles/zabbix/zabbix_server/tasks/main.yml index a0f90aa4f7..babbc057c5 100644 --- a/roles/zabbix/zabbix_server/tasks/main.yml +++ b/roles/zabbix/zabbix_server/tasks/main.yml @@ -6,4 +6,3 @@ # - include_tasks: plugins.yml - include_tasks: start_services.yml - diff --git a/roles/zabbix/zabbix_server/tasks/plugins.yml b/roles/zabbix/zabbix_server/tasks/plugins.yml index 8bc807947a..873a554570 100644 --- a/roles/zabbix/zabbix_server/tasks/plugins.yml +++ b/roles/zabbix/zabbix_server/tasks/plugins.yml @@ -8,10 +8,9 @@ copy: src: "{{ item }}" dest: /usr/lib/zabbix/ - mode: 0755 + mode: "0755" with_items: - alertscripts - externalscripts tags: - plugin-scripts - diff --git a/roles/zabbix/zabbix_server/tasks/start_services.yml b/roles/zabbix/zabbix_server/tasks/start_services.yml index f6556c2786..7c87410b97 100644 --- a/roles/zabbix/zabbix_server/tasks/start_services.yml +++ b/roles/zabbix/zabbix_server/tasks/start_services.yml @@ -3,7 +3,7 @@ ansible.builtin.service: name: postgresql state: reloaded - enabled: True + enabled: true tags: - zabbix-services @@ -11,7 +11,7 @@ ansible.builtin.service: name: zabbix-server state: restarted - enabled: True + enabled: true tags: zabbix-services @@ -19,7 +19,7 @@ ansible.builtin.service: name: zabbix-agent state: restarted - enabled: True + enabled: true tags: zabbix-services @@ -27,7 +27,7 @@ ansible.builtin.service: name: nginx state: reloaded - enabled: True + enabled: true tags: zabbix-services @@ -35,7 +35,6 @@ ansible.builtin.service: name: php-fpm state: reloaded - enabled: True + enabled: true tags: zabbix-services - diff --git a/roles/zabbix/zabbix_templates/tasks/templates.yml b/roles/zabbix/zabbix_templates/tasks/templates.yml index a2a77287f5..98d7c05cbe 100644 --- a/roles/zabbix/zabbix_templates/tasks/templates.yml +++ b/roles/zabbix/zabbix_templates/tasks/templates.yml @@ -1,12 +1,12 @@ --- -#- name: Get Zabbix template as JSON +# - name: Get Zabbix template as JSON # community.zabbix.zabbix_template_info: # template_name: fedora releng compose cronjobs # format: json # omit_date: yes # register: zabbix_template_json -#- name: Write Zabbix templte to JSON file +# - name: Write Zabbix templte to JSON file # local_action: # module: copy # content: "{{ zabbix_template_json['template_json'] }}" diff --git a/roles/zanata/tasks/main.yml b/roles/zanata/tasks/main.yml index ab73e26779..35dd2ed4da 100644 --- a/roles/zanata/tasks/main.yml +++ b/roles/zanata/tasks/main.yml @@ -1,3 +1,4 @@ +--- - name: Install needed packages package: name={{ item }} state=present with_items: diff --git a/tasks/cloud_setup_basic.yml b/tasks/cloud_setup_basic.yml index 30e7e9f78b..81dfd1d307 100644 --- a/tasks/cloud_setup_basic.yml +++ b/tasks/cloud_setup_basic.yml @@ -14,7 +14,7 @@ - name: Install desired extra packages (dnf) dnf: state: present - pkg: + pkg: - chrony - python3-libselinux when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined @@ -24,7 +24,7 @@ - name: Include basessh include_role: name=basessh -#- name: edit hostname to be instance name - prefix hostbase var if it exists +# - name: edit hostname to be instance name - prefix hostbase var if it exists # shell: hostname {{ hostbase }}`curl -s http://169.254.169.254/latest/meta-data/instance-id` # tags: # - config @@ -40,7 +40,7 @@ - name: add root keys for sysadmin-main and other allowed users authorized_key: user=root key="{{ item }}" with_lines: - - "/srv/web/infra/ansible/scripts/auth-keys-from-fas @sysadmin-main {{ root_auth_users }}" + - "/srv/web/infra/ansible/scripts/auth-keys-from-fas @sysadmin-main {{ root_auth_users }}" tags: - config - sshkeys diff --git a/tasks/happy_birthday.yml b/tasks/happy_birthday.yml index 95d78b1ee2..927b4ba555 100644 --- a/tasks/happy_birthday.yml +++ b/tasks/happy_birthday.yml @@ -1,6 +1,7 @@ +--- - name: gather ssh host key from new instance local_action: command ssh-keyscan -t rsa {{ inventory_hostname }} - ignore_errors: True + ignore_errors: true register: hostkey when: birthday is defined diff --git a/tasks/openvpn_client.yml b/tasks/openvpn_client.yml index 0758fff89e..abb5fc6fd2 100644 --- a/tasks/openvpn_client.yml +++ b/tasks/openvpn_client.yml @@ -12,7 +12,7 @@ notify: - restart openvpn -#- name: /etc/openvpn/crl.pem from vpn/openvpn/keys/crl.pem +# - name: /etc/openvpn/crl.pem from vpn/openvpn/keys/crl.pem # copy: src="{{ private }}/vpn/openvpn/keys/crl.pem" dest=/etc/openvpn/crl.pem mode=0644 owner=root group=root # tags: # - config diff --git a/tasks/openvpn_client_7.yml b/tasks/openvpn_client_7.yml index 15bd57755b..d91b18165a 100644 --- a/tasks/openvpn_client_7.yml +++ b/tasks/openvpn_client_7.yml @@ -12,7 +12,7 @@ notify: - restart openvpn 7 -#- name: /etc/openvpn/crl.pem from vpn/openvpn/keys/crl.pem +# - name: /etc/openvpn/crl.pem from vpn/openvpn/keys/crl.pem # copy: src="{{ private }}/vpn/openvpn/keys/crl.pem" dest=/etc/openvpn/crl.pem mode=0644 owner=root group=root # tags: # - config diff --git a/tasks/persistent_cloud.yml b/tasks/persistent_cloud.yml index 103bb1d82f..f672287148 100644 --- a/tasks/persistent_cloud.yml +++ b/tasks/persistent_cloud.yml @@ -1,5 +1,5 @@ # New tasks to spin up instance in https://fedorainfracloud.org - +--- - include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README - name: check it out @@ -10,23 +10,23 @@ check_mode: no - name: spin UP VM using nova_compute - become: False + become: false local_action: - module: nova_compute - auth_url: "{{os_auth_url}}" - login_username: "admin" - login_password: "{{ADMIN_PASS}}" - login_tenant_name: "{{inventory_tenant}}" - name: "{{inventory_instance_name}}" - image_id: "{{ image|image_name_to_id('admin', ADMIN_PASS, inventory_tenant, os_auth_url) }}" - wait_for: 600 - flavor_id: "{{ instance_type|flavor_name_to_id('admin', ADMIN_PASS, inventory_tenant, os_auth_url) }}" - security_groups: "{{security_group}}" - key_name: "{{ keypair }}" - nics: "{{ cloud_networks }}" - user_data: "#cloud-config\ndisable_root: 0" - floating_ips: - - "{{public_ip}}" + module: nova_compute + auth_url: "{{os_auth_url}}" + login_username: "admin" + login_password: "{{ADMIN_PASS}}" + login_tenant_name: "{{inventory_tenant}}" + name: "{{inventory_instance_name}}" + image_id: "{{ image|image_name_to_id('admin', ADMIN_PASS, inventory_tenant, os_auth_url) }}" + wait_for: 600 + flavor_id: "{{ instance_type|flavor_name_to_id('admin', ADMIN_PASS, inventory_tenant, os_auth_url) }}" + security_groups: "{{security_group}}" + key_name: "{{ keypair }}" + nics: "{{ cloud_networks }}" + user_data: "#cloud-config\ndisable_root: 0" + floating_ips: + - "{{public_ip}}" register: nova_result when: host_is_up is failed @@ -40,7 +40,7 @@ register: volume_available failed_when: volume_available.rc == 2 changed_when: volume_available.rc == 0 - ignore_errors: True + ignore_errors: true when: volumes is defined check_mode: no @@ -49,8 +49,8 @@ # - local_action: shell nova --os-auth-url="{{os_auth_url}}" --os-username="admin" --os-password="{{ADMIN_PASS}}" --os-tenant-name={{inventory_tenant}} volume-attach "{{inventory_instance_name}}" "{{item.volume_id}}" "{{item.device}}" with_items: "{{ volume_available.results|default([]) }}" - ignore_errors: True - failed_when: False + ignore_errors: true + failed_when: false when: volumes is defined and volume_available is defined and item.changed - name: wait for he host to be hot @@ -66,13 +66,13 @@ - name: gather ssh host key from new instance local_action: command ssh-keyscan -t rsa {{ inventory_hostname }} - ignore_errors: True + ignore_errors: true register: hostkey when: host_is_up is failed - name: add new ssh host key (until we can sign it) local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}" host={{ inventory_hostname }} state=present - ignore_errors: True + ignore_errors: true with_items: - /root/.ssh/known_hosts when: host_is_up is failed @@ -84,7 +84,7 @@ - name: gather facts setup: check_mode: no - ignore_errors: True + ignore_errors: true register: facts # @@ -97,13 +97,13 @@ # TODO - somehow guess when keypair is finally deployed and return little bit earlier ## We need to specify user, here we trying with fedora or root -#- name: wait until ssh is available +# - name: wait until ssh is available # # local_action: shell false; until [ "$?" -eq "0" ]; do sleep 2; ssh -o PasswordAuthentication=no fedora@{{ public_ip }} 'echo foobar' || ssh -o PasswordAuthentication=no root@{{ public_ip }} 'echo foobar'; done # # local_action: shell false; until [ "$?" -eq "0" ]; do sleep 2; ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PasswordAuthentication=no fedora@{{ public_ip }} 'echo foobar'; done # local_action: shell whoami && ssh -vvvv -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o PasswordAuthentication=no fedora@{{ public_ip }} 'echo foobar' # # async: 20 # # poll: 5 -# ignore_errors: True +# ignore_errors: true # - name: Include SSH config import_role: name=basessh diff --git a/tasks/postfix_basic.yml b/tasks/postfix_basic.yml index 4bd6a7dcb1..da430325a4 100644 --- a/tasks/postfix_basic.yml +++ b/tasks/postfix_basic.yml @@ -1,3 +1,4 @@ +--- - name: install postfix package: name=postfix state=present tags: diff --git a/tasks/reg-server.yml b/tasks/reg-server.yml index 6fb6b04e90..c40ffcf2c7 100644 --- a/tasks/reg-server.yml +++ b/tasks/reg-server.yml @@ -1,3 +1,4 @@ +--- - name: install reg-server package: name: reg diff --git a/tasks/swap.yml b/tasks/swap.yml index d37d2afabb..3fd5ee80e1 100644 --- a/tasks/swap.yml +++ b/tasks/swap.yml @@ -2,6 +2,7 @@ # swap_file_size_mb # swap_file_path +--- - name: Touch an empty file that we will use for swap copy: content: "" @@ -41,7 +42,7 @@ - name: Check swap file type command: file {{ swap_file_path }} register: swapfile - changed_when: False + changed_when: false tags: - swap.file.mkswap - swap @@ -70,7 +71,7 @@ - name: Mount swap command: "swapon -a" - #when: ansible_swaptotal_mb|int < 1 + # when: ansible_swaptotal_mb|int < 1 when: swap_fstab_added.changed tags: - swap.file.swapon diff --git a/tasks/virt_instance_create.yml b/tasks/virt_instance_create.yml index 6973040f92..59aa220cbe 100644 --- a/tasks/virt_instance_create.yml +++ b/tasks/virt_instance_create.yml @@ -1,6 +1,7 @@ # # This task is the thing that creates a vm for later use # +--- - include_vars: dir=/srv/web/infra/ansible/vars/all/ ignore_files=README - name: get vm list @@ -40,7 +41,7 @@ - name: make sure there is no old ssh host key for the host still around local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent - ignore_errors: True + ignore_errors: true with_items: - /root/.ssh/known_hosts when: inventory_hostname not in result.list_vms @@ -51,13 +52,13 @@ - name: gather ssh host key from new instance local_action: command ssh-keyscan -t rsa {{ inventory_hostname }} - ignore_errors: True + ignore_errors: true register: hostkey when: inventory_hostname not in result.list_vms - name: add new ssh host key (until we can sign it) local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}" host={{ inventory_hostname }} state=present - ignore_errors: True + ignore_errors: true with_items: - /root/.ssh/known_hosts when: inventory_hostname not in result.list_vms @@ -65,6 +66,6 @@ - name: gather facts setup: check_mode: no - ignore_errors: True + ignore_errors: true register: facts when: inventory_hostname not in result.list_vms diff --git a/vars/CentOS.yml b/vars/CentOS.yml index bd4c73c7b3..5c327b9db7 100644 --- a/vars/CentOS.yml +++ b/vars/CentOS.yml @@ -1,7 +1,7 @@ --- dist_tag: el{{ ansible_distribution_version[0] }} base_pkgs_inst: [] -base_pkgs_erase: ['firstboot-tui','bluez-utils', 'sendmail'] +base_pkgs_erase: ['firstboot-tui', 'bluez-utils', 'sendmail'] service_disabled: [] service_enabled: [] -is_rhel: True +is_rhel: true diff --git a/vars/Fedora.yml b/vars/Fedora.yml index b4291a717b..6864353a95 100644 --- a/vars/Fedora.yml +++ b/vars/Fedora.yml @@ -4,4 +4,4 @@ base_pkgs_inst: ['iptables-services', 'cronie'] base_pkgs_erase: ['firewalld', 'sendmail', 'at', 'pam_sss'] service_disabled: [] service_enabled: ['auditd', 'logrotate.timer'] -is_fedora: True +is_fedora: true diff --git a/vars/RedHat.yml b/vars/RedHat.yml index f9a6f620b8..88b4bb1355 100644 --- a/vars/RedHat.yml +++ b/vars/RedHat.yml @@ -1,7 +1,7 @@ --- dist_tag: el{{ ansible_distribution_version[0] }} base_pkgs_inst: ['iptables', 'iptables-services'] -base_pkgs_erase: ['firstboot-tui','bluez-utils', 'sendmail','firewalld'] +base_pkgs_erase: ['firstboot-tui', 'bluez-utils', sendmail', 'firewalld'] service_disabled: [] service_enabled: [] -is_rhel: True +is_rhel: true diff --git a/vars/all/00-EPELCycleNumber.yaml b/vars/all/00-EPELCycleNumber.yaml index 7fbf664d8c..c5d9bc2c6a 100644 --- a/vars/all/00-EPELCycleNumber.yaml +++ b/vars/all/00-EPELCycleNumber.yaml @@ -1 +1,2 @@ +--- EPELCycleNumber: 9 diff --git a/vars/all/00-FedoraCycleNumber.yaml b/vars/all/00-FedoraCycleNumber.yaml index 371ffc61ed..d2af20c51a 100644 --- a/vars/all/00-FedoraCycleNumber.yaml +++ b/vars/all/00-FedoraCycleNumber.yaml @@ -1 +1,2 @@ +--- FedoraCycleNumber: 41 diff --git a/vars/all/EPELBootstrapNumber.yaml b/vars/all/EPELBootstrapNumber.yaml index 151d524f80..7a767b0bbd 100644 --- a/vars/all/EPELBootstrapNumber.yaml +++ b/vars/all/EPELBootstrapNumber.yaml @@ -1 +1,2 @@ +--- EPELBootstrapNumber: "{{ EPELCycleNumber|int + 1 }}.0" diff --git a/vars/all/FedoraBranched.yaml b/vars/all/FedoraBranched.yaml index 14b99820be..1520e826ef 100644 --- a/vars/all/FedoraBranched.yaml +++ b/vars/all/FedoraBranched.yaml @@ -1 +1,2 @@ -FedoraBranched: False +--- +FedoraBranched: false diff --git a/vars/all/FedoraBranchedBodhi.yaml b/vars/all/FedoraBranchedBodhi.yaml index 1e152cfba7..5d10619450 100644 --- a/vars/all/FedoraBranchedBodhi.yaml +++ b/vars/all/FedoraBranchedBodhi.yaml @@ -3,4 +3,5 @@ # prebeta: After bodhi enablement/beta freeze and before beta release # postbeta: After beta release and before final release # current: After final release +--- FedoraBranchedBodhi: current diff --git a/vars/all/FedoraBranchedNumber.yaml b/vars/all/FedoraBranchedNumber.yaml index a203c73131..fa8fac9e7b 100644 --- a/vars/all/FedoraBranchedNumber.yaml +++ b/vars/all/FedoraBranchedNumber.yaml @@ -1 +1,2 @@ +--- FedoraBranchedNumber: "{{ FedoraCycleNumber|int + 1 if FedoraBranched else 0 }}" diff --git a/vars/all/FedoraPreviousCycleNumber.yaml b/vars/all/FedoraPreviousCycleNumber.yaml index d12f90d231..2aaa623cc2 100644 --- a/vars/all/FedoraPreviousCycleNumber.yaml +++ b/vars/all/FedoraPreviousCycleNumber.yaml @@ -1 +1,2 @@ +--- FedoraPreviousCycleNumber: "{{ FedoraCycleNumber|int - 1 }}" diff --git a/vars/all/FedoraPreviousPrevious.yaml b/vars/all/FedoraPreviousPrevious.yaml index a8e3d3b4bc..ede5126809 100644 --- a/vars/all/FedoraPreviousPrevious.yaml +++ b/vars/all/FedoraPreviousPrevious.yaml @@ -1 +1,2 @@ -FedoraPreviousPrevious: False +--- +FedoraPreviousPrevious: false diff --git a/vars/all/FedoraPreviousPreviousCycleNumber.yaml b/vars/all/FedoraPreviousPreviousCycleNumber.yaml index e1854b215b..66979c3132 100644 --- a/vars/all/FedoraPreviousPreviousCycleNumber.yaml +++ b/vars/all/FedoraPreviousPreviousCycleNumber.yaml @@ -1 +1,2 @@ +--- FedoraPreviousPreviousCycleNumber: "{{ FedoraCycleNumber|int - 2 if FedoraPreviousPrevious else 0 }}" diff --git a/vars/all/FedoraRawhideNumber.yaml b/vars/all/FedoraRawhideNumber.yaml index 3397ac993b..39d849b525 100644 --- a/vars/all/FedoraRawhideNumber.yaml +++ b/vars/all/FedoraRawhideNumber.yaml @@ -1 +1,2 @@ +--- FedoraRawhideNumber: "{{ FedoraBranchedNumber|int + 1 if FedoraBranched else FedoraCycleNumber|int + 1 }}" diff --git a/vars/all/Frozen.yaml b/vars/all/Frozen.yaml index 97d3bc39d2..5058809d30 100644 --- a/vars/all/Frozen.yaml +++ b/vars/all/Frozen.yaml @@ -1 +1,2 @@ -Frozen: True +--- +Frozen: true diff --git a/vars/all/RelEngFrozen.yaml b/vars/all/RelEngFrozen.yaml index 5836689199..8e81295cc3 100644 --- a/vars/all/RelEngFrozen.yaml +++ b/vars/all/RelEngFrozen.yaml @@ -1 +1,2 @@ -RelEngFrozen: False +--- +RelEngFrozen: false diff --git a/vars/newcloud.yml b/vars/newcloud.yml index f828022e1d..55ea26b765 100644 --- a/vars/newcloud.yml +++ b/vars/newcloud.yml @@ -1,3 +1,4 @@ +--- all_projects: - copr - coprdev