Fix majority of remaining yamllint warnings and errors

Signed-off-by: Ryan Lerch <rlerch@redhat.com>
2024-11-27 13:48:08 +10:00 · 2024-11-27 13:48:08 +10:00 · 89f6f1fc32
commit 89f6f1fc32
parent 1073f70bce
591 changed files with 1491 additions and 1168 deletions
--- a/.yamllint.yaml
+++ b/.yamllint.yaml
@ -14,9 +14,10 @@ rules:
    spaces: 2
    indent-sequences: whatever
    level: warning
-  line-length:
+  line-length: disable
-    max: 100
+  # line-length:
-    level: warning
+    # max: 100
    # level: warning
  truthy:
    allowed-values: ['true', 'false', 'yes', 'no']
 ...
--- a/files/communishift/objects/oidc_cm.yml
+++ b/files/communishift/objects/oidc_cm.yml
@ -1,3 +1,4 @@
 ---
 apiVersion: config.openshift.io/v1
 kind: OAuth
 metadata:
--- a/handlers/restart_services.yml
+++ b/handlers/restart_services.yml
@ -1,7 +1,7 @@
 ########################################
 # Handlers for restarting services
 #
-
+---
 - name: reload systemd
  command: systemctl daemon-reload
--- a/playbooks/groups/pkgs.yml
+++ b/playbooks/groups/pkgs.yml
@ -76,8 +76,7 @@
    mnt_dir: '/srv/cache/lookaside',
    nfs_src_dir:
      'fedora_sourcecache',
-      # yamllint disable rule:commas
+      nfs_mount_opts='rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3' # yamllint disable-line rule:commas rule:indentation
      nfs_mount_opts='rw,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3'
  }
  - {
    role: nfs/client,
@ -86,8 +85,7 @@
    mnt_dir: '/srv/cache/lookaside_prod',
    nfs_src_dir:
      'fedora_sourcecache',
-      # yamllint disable rule:commas
+      nfs_mount_opts='ro,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3' # yamllint disable-line rule:commas rule:indentation
      nfs_mount_opts='ro,hard,bg,intr,noatime,nodev,nosuid,sec=sys,nfsvers=3'
  }
  - role: distgit/pagure
  - role: distgit
--- a/roles/abrt/faf-post/tasks/main.yml
+++ b/roles/abrt/faf-post/tasks/main.yml
@ -9,7 +9,7 @@
    state: directory
    owner: faf
    group: faf
-    mode: 0750
+    mode: "0750"
  when: env != 'staging'
 - import_tasks: cron.yml
--- a/roles/abrt/faf-pre/tasks/main.yml
+++ b/roles/abrt/faf-pre/tasks/main.yml
@ -28,7 +28,7 @@
    - { src: "{{private}}/files/rabbitmq/{{env}}/pki/ca.crt",
        dest: "ca.crt",
        owner: faf,
-        mode: 0644
+        mode: "0644"
    }
    - { src: "{{private}}/files/rabbitmq/{{env}}/pki/private/faf{{env_suffix}}.key",
        dest: "faf.key",
@ -38,7 +38,7 @@
    - { src: "{{private}}/files/rabbitmq/{{env}}/pki/issued/faf{{env_suffix}}.crt",
        dest: "faf.crt",
        owner: faf,
-        mode: 0644
+        mode: "0644"
    }
 # landing page
--- a/roles/abrt/faf/.github/workflows/ansible-lint.yml
+++ b/roles/abrt/faf/.github/workflows/ansible-lint.yml
@ -1,6 +1,7 @@
 ---
 name: Check Ansible Role
-on:
+on: # yamllint disable-line rule:truthy
  push:
    branches: [master]
  pull_request:
--- a/roles/abrt/faf/defaults/main.yml
+++ b/roles/abrt/faf/defaults/main.yml
@ -39,7 +39,7 @@ faf_web_on_root: false
 # [MAIN]
 faf_plugins_dir: /etc/faf/plugins/
 faf_templates_dir: /etc/faf/templates/
-faf_autoenableplugins: False
+faf_autoenableplugins: false
 # [STORAGE]
 # variables used to automatically create a connectstring
@ -62,11 +62,11 @@ faf_from: no-reply@localhost
 # [uREPORT]
 faf_spool_dir: /var/spool/faf
-faf_create_components: False
+faf_create_components: false
 # Allow uReports without affected package - meaning that crashing code was
 # not packaged
-faf_allow_unpackaged: False
+faf_allow_unpackaged: false
 ###########################
 # faf-webui configuration #
--- a/roles/abrt/faf/tasks/celery.yml
+++ b/roles/abrt/faf/tasks/celery.yml
@ -1,3 +1,4 @@
 ---
 - name: install faf web celery packages
  package:
    name: "{{ faf_web_celery_packages }}"
--- a/roles/abrt/faf/tasks/check_web.yml
+++ b/roles/abrt/faf/tasks/check_web.yml
@ -1,6 +1,6 @@
 # check web functionality
 #
 ---
 - name: Set URL facts
  set_fact:
    main_url: "https://{{ ansible_default_ipv4.address }}{{ url_suffix }}"
--- a/roles/abrt/faf/tasks/config.yml
+++ b/roles/abrt/faf/tasks/config.yml
@ -11,7 +11,7 @@
    path: /etc/fedora-messaging/
    owner: root
    group: root
-    mode: 0755
+    mode: "0755"
    state: directory
  when: faf_with_fedmsg|bool
--- a/roles/abrt/faf/tasks/main.yml
+++ b/roles/abrt/faf/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - import_tasks: install.yml
  tags: [faf, faf_install, packages]
--- a/roles/abrt/faf/tasks/web.yml
+++ b/roles/abrt/faf/tasks/web.yml
@ -1,4 +1,4 @@
-
+---
 - name: Set url_suffix fact
  set_fact:
    url_suffix: ""
--- a/roles/abrt/requirements.yml
+++ b/roles/abrt/requirements.yml
@ -1,4 +1,5 @@
 # Install a role from GitHub
 ---
 - name: faf
  src: https://github.com/abrt/ansible-role-faf.git
  version: master
--- a/roles/abrt/retrace-post/tasks/retrace_setup.yml
+++ b/roles/abrt/retrace-post/tasks/retrace_setup.yml
@ -20,20 +20,20 @@
 - file:
    path: /srv/retrace/repos
    state: directory
-    mode: 0755
+    mode: "0755"
    owner: retrace
    group: retrace
 - file:
    path: /srv/retrace/tasks
    state: directory
-    mode: 0755
+    mode: "0755"
    owner: retrace
    group: retrace
 - file:
    path: /srv/retrace/hardlink-local
    state: directory
-    mode: 0755
+    mode: "0755"
    owner: retrace
    group: retrace
--- a/roles/abrt/retrace-pre/tasks/main.yml
+++ b/roles/abrt/retrace-pre/tasks/main.yml
@ -47,7 +47,7 @@
  file:
    path: /srv/retrace/repos
    state: directory
-    mode: 0755
+    mode: "0755"
    owner: retrace
    group: retrace
@ -55,13 +55,13 @@
  file:
    path: /srv/retrace/tasks
    state: directory
-    mode: 0755
+    mode: "0755"
    owner: retrace
    group: retrace
 - file:
    path: /srv/retrace/hardlink-local
    state: directory
-    mode: 0755
+    mode: "0755"
    owner: retrace
    group: retrace
--- a/roles/abrt/retrace/.github/workflows/ansible-lint.yml
+++ b/roles/abrt/retrace/.github/workflows/ansible-lint.yml
@ -1,6 +1,7 @@
 ---
 name: Check Ansible Role
-on:
+on: # yamllint disable-line rule:truthy
  push:
    branches: [master]
  pull_request:
--- a/roles/abrt/retrace/tasks/config.yml
+++ b/roles/abrt/retrace/tasks/config.yml
@ -3,19 +3,19 @@
  template:
    src: etc-retrace-server.conf.j2
    dest: /etc/retrace-server/retrace-server.conf
-    mode: 0644
+    mode: "0644"
  notify: restart httpd
 - name: retrace-server http config
  template:
    src: retrace-server-httpd.conf.j2
    dest: /etc/httpd/conf.d/retrace-server-httpd.conf
-    mode: 0644
+    mode: "0644"
  notify: restart httpd
 - name: configure retrace-server hooks config
  template:
    src: etc-retrace-server-hooks.conf.j2
    dest: /etc/retrace-server/retrace-server-hooks.conf
-    mode: 0644
+    mode: "0644"
  notify: restart httpd
--- a/roles/ansible-osbuild-worker/meta/main.yml
+++ b/roles/ansible-osbuild-worker/meta/main.yml
@ -1,3 +1,4 @@
 ---
 galaxy_info:
  role_name: osbuild_worker
  namespace: osbuild
--- a/roles/apache/handlers/main.yml
+++ b/roles/apache/handlers/main.yml
@ -1,2 +1,3 @@
 ---
 - name: restart apache
  command: /usr/local/bin/conditional-restart.sh httpd httpd
--- a/roles/apps-fp-o/files/apps.yaml
+++ b/roles/apps-fp-o/files/apps.yaml
@ -1,7 +1,4 @@
 %YAML 1.2
 # This file is managed in two places, please keep them synchronised:
 # - https://pagure.io/fedora-infra/ansible/blob/main/f/roles/apps-fp-o/files/apps.yaml
 # - https://github.com/fedora-infra/apps.fp.o/blob/develop/data/apps.yaml
 ---
 name: Fedora Apps
 data:
@ -20,7 +17,7 @@ children:
        data:
          url: https://fedorapeople.org
          user_url: https://{user}.fedorapeople.org
-        status_mappings: ['people']
+          status_mappings: [people]
          description: >
            Being a community member you gain access to fedorapeople which
            provides you with a space on the web where you can upload
@ -37,7 +34,7 @@ children:
            - https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/fas-openid.html
            - https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/accountdeletion.html
            - https://fedora-infra-docs.readthedocs.io/en/latest/sysadmin-guide/sops/nonhumanaccounts.html
-        status_mappings: ['fas']
+          status_mappings: [fas]
          description: >
            Fedora Accounts. Update your profile
            information and apply for membership in groups.
@ -48,14 +45,13 @@ children:
          source_url: https://github.com/fedora-infra/fmn/
          bugs_url: https://github.com/fedora-infra/fmn/issues/
          docs_url: https://fmn.readthedocs.io/
-        sops:
+          sops: [https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/fmn/]
-        - https://docs.fedoraproject.org/en-US/infra/sysadmin_guide/fmn/
+          status_mappings: [fedmsg]
        status_mappings: ['fedmsg']
          description: >
            Centrally managed preferences for Fedora Infrastructure
            notifications to your inbox, irc client, and mobile device.
      - name: Badges
-      status_mappings: ['badges']
+        status_mappings: [badges]
        data:
          icon: badges.png
          url: https://badges.fedoraproject.org
@ -63,8 +59,7 @@ children:
          source_url: https://github.com/fedora-infra/tahrir/
          bugs_url: https://github.com/fedora-infra/tahrir/issues/
          docs_url: https://tahrir.readthedocs.org/en/latest/
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/badges.rst]
        - https://infrastructure.fedoraproject.org/infra/docs/badges.rst
          description: >
            An achievements system for Fedora Contributors!  "Badges"
            are awarded based on activity in the community.  Can you
@ -86,9 +81,8 @@ children:
          source_url: https://github.com/askbot/askbot-devel
          bugs_url: https://github.com/askbot/askbot-devel/issues/
          docs_url: http://askbot.org/doc/index.html
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/askbot.rst]
-        - https://infrastructure.fedoraproject.org/infra/docs/askbot.rst
+          status_mappings: [ask]
        status_mappings: ['ask']
          description: >
            Any question at all about Fedora?  Ask it here.
      - name: The Wiki
@ -99,9 +93,8 @@ children:
          source_url: https://www.mediawiki.org/
          bugs_url: https://www.mediawiki.org/wiki/Phabricator#Get_started
          docs_url: https://www.mediawiki.org/wiki/Sysadmin_hub
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/wiki.rst]
-        - https://infrastructure.fedoraproject.org/infra/docs/wiki.rst
+          status_mappings: [wiki]
        status_mappings: ['wiki']
          description: >
            Maintain your own user profile page, contribute to
            documents about features, process, and governance.
@ -132,7 +125,7 @@ children:
      - name: Docs
        data:
          url: https://docs.fedoraproject.org
-        status_mappings: ['docs']
+          status_mappings: [docs]
        # TODO - add the docs_url.  I asked pete travis for info on this
        # docs_url: put the url here
        # TODO - add a sop.
@ -177,7 +170,7 @@ children:
          docs_url: https://tflink.fedorapeople.org/blockerbugs/docs/
          sops:
            - https://infrastructure.fedoraproject.org/infra/docs/blockerbugs.rst
-        status_mappings: ['blockerbugs']
+          status_mappings: [blockerbugs]
          description: >
            The Fedora Blocker Bug Tracker tracks release blocking bugs
            and related updates in Fedora releases currently under
@ -230,9 +223,8 @@ children:
          source_url: https://github.com/fedora-infra/koschei
          bugs_url: https://github.com/fedora-infra/koschei/issues
          docs_url: https://fedoraproject.org/wiki/Koschei
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/koschei.rst]
-        - https://infrastructure.fedoraproject.org/infra/docs/koschei.rst
+          status_mappings: [koschei]
        status_mappings: ['koschei']
          description: >
            Koschei is a continuous integration system for RPM packages. It
            tracks dependency changes done in Koji repositories and rebuilds
@ -268,9 +260,8 @@ children:
          source_url: https://github.com/fedora-infra/elections
          bugs_url: https://github.com/fedora-infra/elections/issues
          docs_url: https://github.com/fedora-infra/elections/blob/develop/README.md
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/voting.rst]
-        - https://infrastructure.fedoraproject.org/infra/docs/voting.rst
+          status_mappings: [elections]
        status_mappings: ['elections']
          description: >
            As a member of the community, you can now vote for the
            different steering committees and for this you will use the
@ -284,9 +275,8 @@ children:
          source_url: https://gitlab.com/mailman/hyperkitty
          bugs_url: https://gitlab.com/mailman/hyperkitty/issues
          docs_url: https://hyperkitty.readthedocs.org/en/latest/
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/mailman.rst]
-        - https://infrastructure.fedoraproject.org/infra/docs/mailman.rst
+          status_mappings: [mailinglists]
        status_mappings: ['mailinglists']
          description: >
            Mailing lists are used for communication within the community.
            There are lists for generic topics and lists more dedicated
@ -298,9 +288,8 @@ children:
          source_url: https://github.com/fedora-infra/fedocal
          bugs_url: https://github.com/fedora-infra/fedocal/issues
          docs_url: https://fedocal.readthedocs.org/en/latest/
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/fedocal.rst]
-        - https://infrastructure.fedoraproject.org/infra/docs/fedocal.rst
+          status_mappings: [fedocal]
        status_mappings: ['fedocal']
          description: >
            The Fedora Calendar (or <strong>fedocal</strong>), you might
            have already guessed, is a public calendar service.  You can
@ -317,19 +306,17 @@ children:
          sops:
            - https://infrastructure.fedoraproject.org/infra/docs/mote.rst
            - https://infrastructure.fedoraproject.org/infra/docs/zodbot.rst
-        status_mappings: ['zodbot']
+          status_mappings: [zodbot]
          description: >
            Fedora Infrastructure runs a friendly IRC bot that you may
            know named <a href="https://fedoraproject.org/wiki/Zodbot">zodbot</a>.
            Among its many and varied functions is logging IRC meetings,
            the archives of which you can find here.
  - name: Packaging
    data:
    description: >
      Tools for packagers -- where the pieces of the distribution get
      built.
    children:
      - name: Packages
        data:
@ -340,7 +327,7 @@ children:
          docs_url: http://threebean.org/blog/history-of-fedora-packages/
          sops:
            - https://infrastructure.fedoraproject.org/infra/docs/fedorapackages.rst
-        status_mappings: ['packages']
+          status_mappings: [packages]
          description: >
            A meta-app over the other packaging apps; the best place to
            find out what is in the Fedora repositories.  Which
@ -349,7 +336,8 @@ children:
            reported against them. All these kind of questions can be
            answered here.
            It is sometimes called "Fedora Community v2" after the old
-            <a href="https://admin.fedoraproject.org/community">Fedora Community</a> site.
+            <a href="https://admin.fedoraproject.org/community">Fedora Community</a>
            site.
      - name: COPR
        data:
          icon: copr.png
@ -362,9 +350,8 @@ children:
        # Also:
        # - https://copr-keygen.readthedocs.org/
        # - https://copr-rest-api.readthedocs.org/
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/copr.rst]
-        - https://infrastructure.fedoraproject.org/infra/docs/copr.rst
+          status_mappings: [copr]
        status_mappings: ['copr']
          description: >
            Copr is an easy-to-use automatic build system providing a
            package repository as its output.  You can make your **own** repositories!
@ -381,7 +368,7 @@ children:
          sops:
            - https://infrastructure.fedoraproject.org/infra/docs/koji.rst
            - https://infrastructure.fedoraproject.org/infra/docs/koji-builder-setup.rst
-        status_mappings: ['koji']
+          status_mappings: [koji]
          description: >
            Koji is the software that builds RPM packages for the
            Fedora project.  It uses Mock to create chroot
@ -396,9 +383,8 @@ children:
          source_url: https://github.com/fedora-infra/bodhi
          bugs_url: https://github.com/fedora-infra/bodhi/issues
          docs_url: https://bodhi.fedoraproject.org/docs
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/bodhi.rst]
-        - https://infrastructure.fedoraproject.org/infra/docs/bodhi.rst
+          status_mappings: [bodhi]
        status_mappings: ['bodhi']
          description: >
            The tool you will use to push your packages to the Fedora
            repositories as an update, first an update to be tested
@ -413,7 +399,7 @@ children:
          source_url: https://pagure.io/pagure
          bugs_url: https://pagure.io/pagure/issues
          docs_url: https://pagure.io/docs/pagure/
-        status_mappings: ['pkgs']
+          status_mappings: [pkgs]
          description: >
            Ever wonder <em>exactly</em> what is in the new release
            of a Fedora package?  This is where the change histories
@ -425,14 +411,12 @@ children:
          description: >
            mdapi is a small API exposing the metadata contained in
            different RPM repositories.
  - name: Upstream
    data:
    description: >
      Tools for <a
      href="https://fedoraproject.org/wiki/Staying_close_to_upstream_projects">upstream</a>
      developers -- because we love you.
    children:
      - name: Release Monitoring
        data:
@ -475,7 +459,7 @@ children:
        data:
          icon: pagure.png
          url: https://pagure.io/
-        status_mappings: ['pagure']
+          status_mappings: [pagure]
          description: >
            Pagure is a git-centered forge, python based using pygit2.
            With pagure you can host your project with its documentation,
@ -483,7 +467,6 @@ children:
            the ticketing system and build your community of contributors
            by allowing them to fork your projects and contribute to it
            via the now-popular pull-request mechanism.
  - name: Infrastructure
    data:
    description: >
@ -526,16 +509,14 @@ children:
          source_url: https://github.com/fedora-infra/datagrepper
          bugs_url: https://github.com/fedora-infra/datagrepper/issues
          docs_url: https://github.com/fedora-infra/datagrepper/blob/develop/README.rst
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/datanommer.rst]
-        - https://infrastructure.fedoraproject.org/infra/docs/datanommer.rst
+          status_mappings: [fedmsg]
        status_mappings: ['fedmsg']
          description: >
            DataGrepper is an HTTP API for querying the datanommer
            database.  You can use it to dig into the history of the
            <a href="https://fedmsg.readthedocs.io/">fedmsg</a> message bus.  You
            can grab events by username, by package, by message
            source, by topic... you name it.
      - name: Status
        data:
          icon: status-good.png
@ -565,7 +546,7 @@ children:
            - https://infrastructure.fedoraproject.org/infra/docs/mastermirror.rst
            - https://infrastructure.fedoraproject.org/infra/docs/mirrorhiding.rst
            - https://infrastructure.fedoraproject.org/infra/docs/mirrormanager-S3-EC2-netblocks.rst
-        status_mappings: ['mirrormanager', 'mirrorlist']
+          status_mappings: [mirrormanager, mirrorlist]
          description: >
            Fedora is distributed to millions of systems globally.
            This would not be possible without the donations of time,
@ -582,8 +563,7 @@ children:
          source_url: https://github.com/NagiosEnterprises/nagioscore
          bugs_url: https://pagure.io/fedora-infrastructure/issues
          docs_url: https://www.nagios.org/documentation/
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/nagios.rst]
        - https://infrastructure.fedoraproject.org/infra/docs/nagios.rst
          description: >
            "Is telia down?"  The answer can most definitively be
            found here (and in detail).  The Fedora Infrastructure
@ -597,8 +577,7 @@ children:
          source_url: https://github.com/collectd/collectd
          bugs_url: https://github.com/collectd/collectd/issues
          docs_url: https://collectd.org/documentation.shtml
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/collectd.rst]
        - https://infrastructure.fedoraproject.org/infra/docs/collectd.rst
          description: >
            Tracks and displays statistics on the Fedora
            Infrastructure machines over time.  Useful for debugging
@ -609,8 +588,7 @@ children:
          source_url: https://git.haproxy.org/
          bugs_url: https://www.haproxy.org/knownbugs-1.3.html
          docs_url: https://www.haproxy.org/#docs
-        sops:
+          sops: [https://infrastructure.fedoraproject.org/infra/docs/haproxy.rst]
        - https://infrastructure.fedoraproject.org/infra/docs/haproxy.rst
          description: >
            Shows the health of our proxies.  How many bytes?
            Concurrent sessions?  Health checks?
@ -625,7 +603,7 @@ children:
      - name: Ipsilon
        data:
          url: https://pagure.io/ipsilon
-        description: >
+          description: >-
            Ipsilon is our central authentication agent that is used to
            authenticate users agains FAS. It is seperate from FAS. The
            only service that is not using this currently is the wiki.
--- a/roles/apps-fp-o/handlers/main.yml
+++ b/roles/apps-fp-o/handlers/main.yml
@ -1,3 +1,4 @@
 ---
 - name: rebuild apps-fp-o html
  shell: /usr/bin/apps-fp-o-yaml2html.py > /srv/web/apps-fp-o/apps-yaml.html
--- a/roles/apps-fp-o/tasks/main.yml
+++ b/roles/apps-fp-o/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: Install that apps-fp-o rpm package
  package: name=apps-fp-o state=present
  tags:
--- a/roles/awx/podman/tasks/main.yml
+++ b/roles/awx/podman/tasks/main.yml
@ -10,7 +10,7 @@
  ansible.builtin.file:
    path: "~{{ podman_user }}/.config/containers"
    state: directory
-    mode: 0700
+    mode: "0700"
    owner: "{{ podman_user }}"
    group: "{{ podman_group }}"
@ -23,7 +23,7 @@
    dest: "~{{ podman_user }}/.config/containers/containers.conf"
    owner: "{{ podman_user }}"
    group: "{{ podman_group }}"
-    mode: 0600
+    mode: "0600"
 - name: Create empty mounts config file to avoid permissions error message
  ansible.builtin.copy:
@ -32,17 +32,17 @@
    force: false
    owner: "{{ podman_user }}"
    group: "{{ podman_group }}"
-    mode: 0600
+    mode: "0600"
 - name: Ensure registries.conf.d exists
  ansible.builtin.file:
    path: /etc/containers/registries.conf.d/
    state: directory
-    mode: 0755
+    mode: "0755"
 - name: Force fully qualified image names to be provided to podman pull
  ansible.builtin.copy:
    content: |
      unqualified-search-registries = []
    dest: /etc/containers/registries.conf.d/force-fully-qualified-images.conf
-    mode: 0644
+    mode: "0644"
--- a/roles/base/tasks/crypto-policies.yml
+++ b/roles/base/tasks/crypto-policies.yml
@ -1,3 +1,4 @@
 ---
 - name: Check current crypto-policy
  command: "update-crypto-policies --show"
  register: currentcryptopolicy
--- a/roles/base/tasks/postfix.yml
+++ b/roles/base/tasks/postfix.yml
@ -1,3 +1,4 @@
 ---
 - name: /etc/postfix/main.cf
  copy: src={{ item }} dest=/etc/postfix/main.cf
  with_first_found:
--- a/roles/base/tasks/watchdog.yml
+++ b/roles/base/tasks/watchdog.yml
@ -1,3 +1,4 @@
 ---
 - name: See if theres a watchdog device
  stat: path=/dev/watchdog
  when: ansible_virtualization_role is defined and ansible_virtualization_role == 'guest'
--- a/roles/basessh/tasks/main.yml
+++ b/roles/basessh/tasks/main.yml
@ -7,20 +7,20 @@
 - name: make sure there is no old ssh host key for the host still around
  local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent
-  ignore_errors: True
+  ignore_errors: true
  with_items:
  - /root/.ssh/known_hosts
  when: birthday is defined
 - name: gather ssh host key from new instance
  local_action: command ssh-keyscan -t rsa {{ inventory_hostname }}
-  ignore_errors: True
+  ignore_errors: true
  register: hostkey
  when: birthday is defined
 - name: add new ssh host key (until we can sign it)
  local_action: known_hosts path={{item}} key="{{ hostkey.stdout }}" host={{ inventory_hostname }} state=present
-  ignore_errors: True
+  ignore_errors: true
  with_items:
  - /root/.ssh/known_hosts
  when: birthday is defined
@ -163,7 +163,7 @@
        state=directory
  delegate_to: localhost
  run_once: true
-  changed_when: False
+  changed_when: false
  tags:
  - basessh
  - sshd_cert
@ -249,6 +249,6 @@
 - name: make sure there is no old ssh host key for the host still around
  local_action: known_hosts path={{item}} host={{ inventory_hostname }} state=absent
-  ignore_errors: True
+  ignore_errors: true
  with_items:
  - /root/.ssh/known_hosts
--- a/roles/batcave/tasks/main.yml
+++ b/roles/batcave/tasks/main.yml
@ -6,6 +6,7 @@
 # make directory for nfs mounts to live in
 #
 ---
 - name: create /srv/web/pub for nfs mounts
  file: dest=/srv/web/pub state=directory mode=0755
  tags:
@ -94,7 +95,7 @@
  copy:
    src: make-rabbitmq-certs-public.sh
    dest: /etc/cron.daily/make-rabbitmq-certs-public
-    mode: 0755
+    mode: "0755"
  tags:
  - batcave
  - config
@ -404,7 +405,7 @@
  template:
    src: geoip-download-databases
    dest: /usr/local/bin/geoip-download-databases
-    mode: 0700
+    mode: "0700"
  tags:
  - batcave
  - config
@ -413,7 +414,7 @@
  copy:
    src: geoip-download-databases.cron
    dest: /etc/cron.d/geoip-download-databases.cron
-    mode: 0644
+    mode: "0644"
  tags:
  - batcave
  - config
--- a/roles/bkernel/tasks/main.yml
+++ b/roles/bkernel/tasks/main.yml
@ -63,7 +63,7 @@
  template:
    src: bkernel-site-defaults.cfg
    dest: /etc/mock/site-defaults.cfg
-    mode: 0644
+    mode: "0644"
    owner: root
    group: mock
  tags:
--- a/roles/bodhi2/backend/tasks/main.yml
+++ b/roles/bodhi2/backend/tasks/main.yml
@ -131,7 +131,7 @@
      - -c
      - "from sys import version_info as vi; print(f'{vi[0]}.{vi[1]}')"
  register: _python3_version_result
-  changed_when: False
+  changed_when: false
 - name: Set Python version fact
  set_fact:
--- a/roles/btrfs/tasks/main.yml
+++ b/roles/btrfs/tasks/main.yml
@ -12,7 +12,7 @@
    path: /etc/systemd/system/btrfs-balance.timer.d
    owner: root
    group: root
-    mode: 0755
+    mode: "0755"
 - name: Configure btrfs-balance timer
@ -21,7 +21,7 @@
    dest: /etc/systemd/system/btrfs-balance.timer.d/schedule.conf
    owner: root
    group: root
-    mode: 0644
+    mode: "0644"
  notify:
  - reload systemd
  - restart btrfs-balance
--- a/roles/builder_repo/tasks/main.yml
+++ b/roles/builder_repo/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: add builder infra yum repo
  file: dest=/etc/yum.repos.d/builder-infrastructure.repo state=absent
  tags:
--- a/roles/centosci-keytab/tasks/main.yml
+++ b/roles/centosci-keytab/tasks/main.yml
@ -5,7 +5,7 @@
    state: directory
    owner: root
    group: root
-    mode: 0750
+    mode: "0750"
 - name: Acquire a keytab for staging
  include_role:
--- a/roles/check-compose/defaults/main.yml
+++ b/roles/check-compose/defaults/main.yml
@ -1,3 +1,4 @@
 ---
 checkcompose_prod: false
 checkcompose_amqp_passive: false
 checkcompose_amqp_url: "amqps://fedora:@rabbitmq.fedoraproject.org/%2Fpublic_pubsub"
--- a/roles/check-compose/handlers/main.yml
+++ b/roles/check-compose/handlers/main.yml
@ -1,4 +1,5 @@
 # Restart handler for our fedora-messaging consumer
 ---
 - name: Conditionally restart check-compose consumer service
  command: /usr/local/bin/conditional-restart.sh fm-consumer@check-compose
  listen:
--- a/roles/check-compose/tasks/main.yml
+++ b/roles/check-compose/tasks/main.yml
@ -108,6 +108,7 @@
 #  tags:
 #  - packages
 ---
 - name: Install required packages
  package:
    name: ['fedora-messaging', 'python3-fedfind', 'python3-openqa_client', 'python3-pip',
@ -138,7 +139,7 @@
 - name: Create /etc/pki/fedora-messaging
  file:
    dest: /etc/pki/fedora-messaging
-    mode: 0775
+    mode: "0775"
    owner: root
    group: root
    state: directory
@ -153,7 +154,7 @@
  copy:
    src: "{{ private }}/files/rabbitmq/{{ checkcompose_env }}/pki/issued/{{ openqa_amqp_this_username }}.crt"
    dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_this_username }}-cert.pem"
-    mode: 0644
+    mode: "0644"
    owner: root
    group: root
  when: "deployment_type is defined"
@ -168,7 +169,7 @@
  copy:
    src: "{{ private }}/files/rabbitmq/{{ checkcompose_env }}/pki/private/{{ openqa_amqp_this_username }}.key"
    dest: "/etc/pki/fedora-messaging/{{ openqa_amqp_this_username }}-key.pem"
-    mode: 0640
+    mode: "0640"
    owner: root
    group: geekotest
  when: "deployment_type is defined"
--- a/roles/chrony/tasks/main.yml
+++ b/roles/chrony/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: install chrony
  package: name=chrony state=present
  tags:
--- a/roles/cloudstats/tasks/main.yml
+++ b/roles/cloudstats/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: Install the cloud-image-stat script
  copy: >
    src=cloud-image-stat.py dest=/usr/local/bin/cloud-image-stat.py
--- a/roles/collectd/base/tasks/main.yml
+++ b/roles/collectd/base/tasks/main.yml
@ -1,8 +1,7 @@
 # collectd client setup
 # install pkg
 ---
 - name: install collectd
  package: name=collectd state=present
  tags:
@ -106,7 +105,7 @@
  seboolean: name=collectd_tcp_network_connect state=yes persistent=yes
  tags:
  - collectd
-  ignore_errors: True
+  ignore_errors: true
  notify:
  - restart collectd
  when: ( collectd_apache is defined ) and ansible_selinux.status != "disabled"
@ -182,8 +181,6 @@
  - collectd
  - selinux
 # each of the below should move to a separate task list
 # since they are odd-balls and one-offs
--- a/roles/collectd/fedmsg-activation/tasks/main.yml
+++ b/roles/collectd/fedmsg-activation/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: Copy in /usr/local/bin/fedmsg-map
  copy: src=fedmsg-map.py dest=/usr/local/bin/fedmsg-map mode=0755
  tags:
--- a/roles/collectd/fedmsg-service/vars/main.yml
+++ b/roles/collectd/fedmsg-service/vars/main.yml
@ -1,2 +1,3 @@
 ---
 user: fedmsg
 process: fedmsg-hub
--- a/roles/collectd/rabbitmq/tasks/main.yml
+++ b/roles/collectd/rabbitmq/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: install collectd-rabbitmq
  package:
    state: present
@ -20,7 +21,7 @@
    dest: "/etc/collectd.d/rabbitmq.conf"
    owner: root
    group: root
-    mode: 0640
+    mode: "0640"
  tags:
  - collectd
  - config
--- a/roles/collectd/web-service/tasks/main.yml
+++ b/roles/collectd/web-service/tasks/main.yml
@ -21,4 +21,4 @@
  seboolean: name=collectd_tcp_network_connect state=yes persistent=yes
  tags:
  - collectd
-  ignore_errors: True
+  ignore_errors: true
--- a/roles/communishift/default/main.yml
+++ b/roles/communishift/default/main.yml
@ -1,7 +1,7 @@
 ---
 communishift_efs_access_key: "OVERRIDEME"
 communishift_efs_secret_key: "OVERRIDEME"
 communishift_project_name: "OVERRIDEME"
 communishift_region: "OVERRIDEME"
 communishift_subnet_id: "OVERRIDEME"
 communishift_security_group: "OVERRIDEME"
--- a/roles/copr/backend/files/provision/create_swap_file.yml
+++ b/roles/copr/backend/files/provision/create_swap_file.yml
@ -1,3 +1,4 @@
 ---
 - name: install enable-swap.service
  copy:
    src: files/enable-swap.service
--- a/roles/copr/backend/files/provision/playbook-prepare-builder-to-create-images.yml
+++ b/roles/copr/backend/files/provision/playbook-prepare-builder-to-create-images.yml
@ -96,7 +96,7 @@
          --run-command "chcon -v -R -h system_u:object_r:ssh_home_t:s0 /root/.ssh" )
          EIMG_DOUBLECHECK_WAITING_FOR_IPV4=true
        dest: /etc/eimg/eimg.sh
-        mode: 0644
+        mode: "0644"
    - stat: path={{ private_key_file }}
      register: key_stat
--- a/roles/copr/backend/files/provision/provision_builder_tasks.yml
+++ b/roles/copr/backend/files/provision/provision_builder_tasks.yml
@ -259,7 +259,7 @@
    dest: /etc/security/limits.d/50-copr-fds.conf
    owner: root
    group: root
-    mode: 0644
+    mode: "0644"
  when:
    - preparing_image
--- a/roles/copr/backend/handlers/main.yml
+++ b/roles/copr/backend/handlers/main.yml
@ -1,3 +1,4 @@
 ---
 - name: chmod_key
  file: path=/etc/lighttpd/copr-be.fedoraproject.org.pem owner=root group=root mode=0600
--- a/roles/copr/backend/tasks/copr-ping.yml
+++ b/roles/copr/backend/tasks/copr-ping.yml
@ -35,7 +35,7 @@
    src: "{{ ping_script }}.j2"
    owner: "{{ ping_user }}"
    group: "{{ ping_user }}"
-    mode: 0700
+    mode: "0700"
  tags: copr_ping
 - name: install the check script
@ -44,7 +44,7 @@
    src: "copr-ping-check.py.j2"
    owner: "{{ ping_user }}"
    group: "nagios"
-    mode: 0750
+    mode: "0750"
  tags: copr_ping
 - name: selinux - allow nrpe_t to read ping_log
@ -65,7 +65,7 @@
    path: "{{ ping_homedir }}/.config"
    owner: "{{ ping_user }}"
    group: "{{ ping_user }}"
-    mode: 0755
+    mode: "0755"
    state: directory
  tags: copr_ping
@ -78,7 +78,7 @@
      token = {{ copr_ping_bot_token }}
      copr_url = https://copr.fedorainfracloud.org
    dest: "{{ ping_homedir }}/.config/copr"
-    mode: 0600
+    mode: "0600"
    owner: "{{ ping_user }}"
    group: "{{ ping_user }}"
  tags: copr_ping
--- a/roles/copr/backend/tasks/install_cloud_cert.yml
+++ b/roles/copr/backend/tasks/install_cloud_cert.yml
@ -1,3 +1,4 @@
 ---
 - name: copy .pem
  copy: src=../../files/fedora-cloud/fed-cloud09.pem  dest=/etc/pki/ca-trust/source/anchors/
  register: cloud_pem_copied
--- a/roles/copr/backend/tasks/main.yml
+++ b/roles/copr/backend/tasks/main.yml
@ -64,7 +64,7 @@
    dest: /home/copr/.ssh/config
    owner: copr
    group: copr
-    mode: 0600
+    mode: "0600"
  tags:
    - backend_to_hv_ssh_config
    - provision_config
@ -85,7 +85,7 @@
 - name: auth_key so we can login to localhost as the copr user from the copr user
  authorized_key: user=copr key="{{ item }}"
-  no_log: True
+  no_log: true
  with_file:
  - "provision/files/buildsys.pub"
@ -139,13 +139,13 @@
    src: cgi-resalloc
    dest: /var/www/
    setype: httpd_sys_script_exec_t
-    mode: 0755
+    mode: "0755"
 - name: install the helper scripts for lighttpd log rotation
  copy:
    src: "{{ item }}"
    dest: /usr/local/bin/{{ item }}
-    mode: 0755
+    mode: "0755"
    owner: root
    group: root
  with_items:
@ -278,7 +278,7 @@
 - command: "ls -dZ /var/lib/copr/public_html/"
  register: public_html_ls
  check_mode: no
-  changed_when: False
+  changed_when: false
 - name: update selinux context for results if root folder does not have proper type
  command: "restorecon -vvRF /var/lib/copr/public_html/"
@ -304,7 +304,7 @@
  copy:
    content: "{{ copr_red_hat_subscription_offline_token }}"
    dest: "{{ rhn_offline_token_file }}"
-    mode: 0600
+    mode: "0600"
    owner: resalloc
    group: resalloc
  tags:
@ -314,7 +314,7 @@
  template:
    src: "{{ item }}"
    dest: /usr/local/bin/{{ item }}
-    mode: 0755
+    mode: "0755"
  loop:
    - cleanup-unused-vms-from-redis
    - cleanup-unused-redhat-subscriptions
--- a/roles/copr/backend/tasks/network.yml
+++ b/roles/copr/backend/tasks/network.yml
@ -1,3 +1,4 @@
 ---
 - name: copy ifcfg-eth1
  copy: src="ifcfg-eth1" dest=/etc/sysconfig/network-scripts/  owner=root group=root mode=644
--- a/roles/copr/backend/tasks/pulp.yml
+++ b/roles/copr/backend/tasks/pulp.yml
@ -10,7 +10,7 @@
    path: /home/copr/.config/pulp/
    owner: copr
    group: copr
-    mode: 0700
+    mode: "0700"
 - name: Install Pulp auth certificates
  copy:
@ -18,7 +18,7 @@
    dest: "/home/copr/.config/pulp/"
    owner: copr
    group: copr
-    mode: 0600
+    mode: "0600"
  with_items:
  - copr-pulp-prod.crt
  - copr-pulp-prod.key
@ -30,4 +30,4 @@
    dest: "/home/copr/.config/pulp/cli.toml"
    owner: copr
    group: copr
-    mode: 0600
+    mode: "0600"
--- a/roles/copr/backend/tasks/resalloc.yml
+++ b/roles/copr/backend/tasks/resalloc.yml
@ -33,7 +33,7 @@
    line: "{{ item }}"
    owner: postgres
    group: postgres
-    mode: 0600
+    mode: "0600"
  with_items:
    - "all postgres postgres"
    - "all resalloc resalloc"
@ -101,7 +101,7 @@
  file:
    path: /var/lib/resallocserver/.ssh
    state: directory
-    mode: 0700
+    mode: "0700"
    owner: resalloc
    group: resalloc
@ -111,7 +111,7 @@
    dest: /var/lib/resallocserver/.ssh/id_rsa
    owner: resalloc
    group: resalloc
-    mode: 0600
+    mode: "0600"
 - name: resalloc, ssh config file
  template:
@ -119,7 +119,7 @@
    dest: /var/lib/resallocserver/.ssh/config
    owner: resalloc
    group: resalloc
-    mode: 0600
+    mode: "0600"
  tags:
    - backend_to_hv_ssh_config
    - provision_config
@ -128,7 +128,7 @@
  template:
    src: "resalloc/{{ item }}"
    dest: "/etc/resallocserver/{{ item }}"
-    mode: 0640
+    mode: "0640"
    owner: resalloc
    group: resalloc
  with_items:
@ -160,7 +160,7 @@
  copy:
    src: copr-prepare-s390x-image-builder
    dest: /usr/local/bin/copr-prepare-s390x-image-builder
-    mode: 0755
+    mode: "0755"
  tags:
    - images_s390x
@ -173,6 +173,6 @@
    dest: "{{ ibmcloud_token_file }}"
    owner: resalloc
    group: resalloc
-    mode: 0600
+    mode: "0600"
  tags:
  - provision_config
--- a/roles/copr/backend/tasks/setup_provisioning_environment.yml
+++ b/roles/copr/backend/tasks/setup_provisioning_environment.yml
@ -35,7 +35,7 @@
  template:
    src: "{{ roles_path }}/copr/backend/templates/provision/{{ item }}"
    dest: "{{ provision_directory }}/{{ item }}"
-    mode: 0755
+    mode: "0755"
  with_items:
  - upload-qcow2-images
  tags:
@ -48,7 +48,7 @@
  template:
    src: "{{ roles_path }}/copr/backend/templates/provision/{{ item }}"
    dest: "{{ provision_directory }}/{{ item }}"
-    mode: 0755
+    mode: "0755"
  with_items:
  - libvirt-new
  tags:
@ -93,6 +93,6 @@
    dest: "{{ provision_directory }}/.rc-osuosl.sh"
    owner: "{{ provision_user }}"
    group: "{{ provision_user }}"
-    mode: 0600
+    mode: "0600"
  tags:
  - provision_config
--- a/roles/copr/backend/templates/provision/aws_cloud_vars.yml
+++ b/roles/copr/backend/templates/provision/aws_cloud_vars.yml
@ -1,3 +1,4 @@
 ---
 aws_access_key: {{ copr_aws_access_key_id }}
 aws_secret_key: {{ copr_aws_secret_access_key }}
--- a/roles/copr/backend/templates/resalloc/server.yaml
+++ b/roles/copr/backend/templates/resalloc/server.yaml
@ -1,3 +1,4 @@
 ---
 db_url: 'postgresql://resalloc@/resalloc'
 logdir: '/var/log/resallocserver'
 # Listen only on localhost!
--- a/roles/copr/certbot/tasks/letsencrypt.yml
+++ b/roles/copr/certbot/tasks/letsencrypt.yml
@ -133,7 +133,7 @@
  file:
    path: "{{ le_backup_path }}"
    # nobody, except for root, can step into this directory (on batcave)
-    mode: 0700
+    mode: "0700"
    owner: root
    group: root
    state: directory
--- a/roles/copr/certbot/tasks/main.yml
+++ b/roles/copr/certbot/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - include_tasks: letsencrypt.yml
  when:
  - letsencrypt is defined
--- a/roles/copr/dist_git/handlers/main.yml
+++ b/roles/copr/dist_git/handlers/main.yml
@ -1,3 +1,4 @@
 ---
 - name: reload httpd
  service: name="httpd" state="restarted"
--- a/roles/copr/dist_git/tasks/main.yml
+++ b/roles/copr/dist_git/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - import_tasks: "mount_fs.yml"
 # pre-create users/groups and copy uids/gids from the current prod copr-dist-git
--- a/roles/copr/dist_git/tasks/mount_fs.yml
+++ b/roles/copr/dist_git/tasks/mount_fs.yml
@ -1,3 +1,4 @@
 ---
 - name: prepare mount point
  file: state=directory path=/var/lib/dist-git
--- a/roles/copr/frontend/handlers/main.yml
+++ b/roles/copr/frontend/handlers/main.yml
@ -1,3 +1,4 @@
 ---
 - import_tasks: "{{ handlers_path }}/restart_services.yml"
 - name: restart postgresql
--- a/roles/copr/frontend/tasks/main.yml
+++ b/roles/copr/frontend/tasks/main.yml
@ -4,7 +4,7 @@
 - name: register security context for pgsql directory
  command: "ls -dZ /var/lib/pgsql"
  register: pgsql_ls
-  changed_when: False  # `ls' command is not changing anything
+  changed_when: false  # `ls' command is not changing anything
 - name: update selinux context for postgress db dir if it's wrong
  command: "restorecon -vvRF /var/lib/pgsql"
@ -47,7 +47,7 @@
  copy:
    src: copr-frontend-prometheus-monitoring.py
    dest: /usr/bin/copr-frontend-prometheus-monitoring.py
-    mode: 0750
+    mode: "0750"
    owner: root
    group: root
  tags:
@ -164,8 +164,8 @@
  become: yes
  become_user: copr-fe
  register: update_indexes_required_result
-  changed_when: False
+  changed_when: false
-  failed_when: False
+  failed_when: false
 - name: rebuild indexes
  command: ./manage.py update_indexes
@ -229,7 +229,7 @@
    dest: "/usr/bin/copr-cdn-check.py"
    src: "copr-cdn-check.py.j2"
    group: "nagios"
-    mode: 0750
+    mode: "0750"
  vars:
    api_key: "{{ copr_uptimerobot_api_key_ro | default('not-configured') }}"
  tags: copr_cdn
--- a/roles/copr/frontend/tasks/mount_fs.yml
+++ b/roles/copr/frontend/tasks/mount_fs.yml
@ -1,6 +1,6 @@
 ---
 - name: mount up disk of copr fe
  mount: name=/srv/copr-fe src='LABEL=copr-fe' fstype=ext4 state=mounted
 - name: mount up bind mount for postgres
  mount: src=/srv/copr-fe/pgsqldb name=/var/lib/pgsql fstype=auto opts=bind state=mounted
--- a/roles/copr/frontend/tasks/psql_setup.yml
+++ b/roles/copr/frontend/tasks/psql_setup.yml
@ -1,3 +1,4 @@
 ---
 - name: install postresql
  package: state=present pkg={{ item }}
  with_items:
@ -131,7 +132,7 @@
    dest: "{{ copr_fe_homedir }}/.psqlrc"
    owner: copr-fe
    group: copr-fe
-    mode: 0600
+    mode: "0600"
 - name: install pgpass file
  copy:
@ -140,7 +141,7 @@
    dest: "{{ copr_fe_homedir }}/.pgpass"
    owner: copr-fe
    group: copr-fe
-    mode: 0400
+    mode: "0400"
 - stat: path="{{ copr_fe_homedir }}/.psql_history"
  register: history_file
--- a/roles/copr/hypervisor/tasks/main.yml
+++ b/roles/copr/hypervisor/tasks/main.yml
@ -159,7 +159,7 @@
    src: "{{ private }}/files/copr/buildsys.priv"
    dest: /home/copr/.ssh/id_rsa
    owner: copr
-    mode: 0600
+    mode: "0600"
 - name: provide pub key, too, so we can install them to generated builder images
  copy: src=buildsys.pub dest=/home/copr/.ssh/id_rsa.pub
--- a/roles/copr/keygen/tasks/setup_backup.yml
+++ b/roles/copr/keygen/tasks/setup_backup.yml
@ -1,3 +1,4 @@
 ---
 - name: ensure /backup dir
  file: path=/backup state=directory
--- a/roles/debug_env/tasks/main.yml
+++ b/roles/debug_env/tasks/main.yml
@ -3,5 +3,6 @@
 # the env from ansible to see what variables and facts are.
 # Taken from https://coderwall.com/p/13lh6w
 #
 ---
 - name: Dump all ansible vars
  template: src=dumpall.j2 dest=/tmp/debug_env.out
--- a/roles/developer/build/tasks/main.yml
+++ b/roles/developer/build/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: Create directories
  file: state=directory
        path=/srv/web/{{item}}
--- a/roles/developer/website/tasks/main.yml
+++ b/roles/developer/website/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: Copy in the sync-developer cronjob
  copy: src=cron-sync-developer dest=/etc/cron.d/sync-developer
  tags:
--- a/roles/distgit/templates/repospanner-admin.yml
+++ b/roles/distgit/templates/repospanner-admin.yml
@ -4,4 +4,3 @@ admin:
  ca: /etc/pagure/ca.crt
  cert: /etc/pagure/fedora_rpms_admin.crt
  key: /etc/pagure/fedora_rpms_admin.key
--- a/roles/docker-distribution/defaults/main.yml
+++ b/roles/docker-distribution/defaults/main.yml
@ -7,7 +7,7 @@ conf_path: "/etc/docker-distribution/registry/config.yml"
 # Config directives
 tls:
-  enabled: False
+  enabled: false
  certificate: "PATH_TO_CERT"
  key: "PATH_TO_KEY"
 log:
@ -28,4 +28,3 @@ cert:
  cert_dest: "ca.crt"
  key_src: "ca.key"
  key_dest: "ca.key"
--- a/roles/docker-distribution/meta/main.yml
+++ b/roles/docker-distribution/meta/main.yml
@ -144,4 +144,3 @@ dependencies: []
  # List your role dependencies here, one per line.
  # Be sure to remove the '[]' above if you add dependencies
  # to this list.
--- a/roles/easyfix/proxy/tasks/main.yml
+++ b/roles/easyfix/proxy/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: Ensure dir for content exists
  file: dest=/srv/web/gather-easyfix owner=root group=root mode=0755 state=directory
  tags:
--- a/roles/fas2discourse/default/main.yml
+++ b/roles/fas2discourse/default/main.yml
@ -1,3 +1,4 @@
 ---
 fas2discourse_hostname: "fas2discourse.hostna.me"
 fas2discourse_namespace: "fas2discourse-operator"
 fas2discourse_project_description: "The fas2discourse-operator is responsible for synchronising group membership for users between Discourse and IPA."
--- a/roles/fas2discourse/tasks/administration-tasks.yml
+++ b/roles/fas2discourse/tasks/administration-tasks.yml
@ -5,11 +5,10 @@
    state: directory
    owner: root
    group: root
-    mode: 0770
+    mode: "0770"
    recurse: yes
 - include_tasks: create-operator-namespace.yml
 - include_tasks: create-keytab-secret.yml
 - include_tasks: create-discourse-apikey-secret.yml
 - include_tasks: deploy-fas2discourse-operator.yml
--- a/roles/fas2discourse/tasks/create-discourse-apikey-secret.yml
+++ b/roles/fas2discourse/tasks/create-discourse-apikey-secret.yml
@ -4,9 +4,8 @@
  template:
    src: "secret-discourse-apikey.yml"
    dest: "/root/ocp4/openshift-apps/fas2discourse-operator/secret-discourse-apikey.yml"
-    mode: 0770
+    mode: "0770"
 # apply created openshift resources
 - name: oc apply resources
  command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/secret-discourse-apikey.yml"
--- a/roles/fas2discourse/tasks/create-keytab-secret.yml
+++ b/roles/fas2discourse/tasks/create-keytab-secret.yml
@ -4,15 +4,15 @@
  ansible.builtin.fetch:
    src: "/etc/openshift_apps/fas2discourse/fas2discourse{{ env_suffix }}-keytab.kt"
    dest: "/etc/openshift_apps/fas2discourse/fas2discourse{{ env_suffix }}-keytab.kt"
-    flat: True
+    flat: true
-    mode: 0600
+    mode: "0600"
 # generate the templates for project to be created
 - name: copy the templates to the host
  template:
    src: "secret-keytab.yml"
    dest: "/root/ocp4/openshift-apps/fas2discourse-operator/secret-keytab.yml"
-    mode: 0770
+    mode: "0770"
  vars:
    fas2discourse_keytab_file:
      "{{ lookup('file',
@ -22,4 +22,3 @@
 # apply created openshift resources
 - name: oc apply resources
  command: "/root/bin/oc apply -f /root/ocp4/openshift-apps/fas2discourse-operator/secret-keytab.yml"
--- a/roles/fas2discourse/tasks/create-keytab.yml
+++ b/roles/fas2discourse/tasks/create-keytab.yml
@ -6,7 +6,7 @@
    state: directory
    owner: root
    group: root
-    mode: 0750
+    mode: "0750"
  tags:
    - create-keytab
@ -21,4 +21,3 @@
    host: "{{ fas2discourse_hostname }}"
  tags:
    - create-keytab
--- a/roles/fas2discourse/tasks/create-operator-namespace.yml
+++ b/roles/fas2discourse/tasks/create-operator-namespace.yml
@ -4,7 +4,7 @@
  template:
    src: "namespace.yml"
    dest: "/root/ocp4/openshift-apps/fas2discourse-operator/namespace.yml"
-    mode: 0770
+    mode: "0770"
 # apply created openshift resources
 - name: oc apply resources
--- a/roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml
+++ b/roles/fas2discourse/tasks/deploy-fas2discourse-operator.yml
@ -15,4 +15,3 @@
  make:
    chdir: "/root/ocp4/openshift-apps/fas2discourse-operator/fas2discourse-operator/"
    target: "deploy"
--- a/roles/fas2discourse/templates/namespace.yml
+++ b/roles/fas2discourse/templates/namespace.yml
@ -6,4 +6,3 @@ metadata:
  annotations:
    openshift.io/description: "{{ fas2discourse_project_description }}"
    openshift.io/display-name: "{{ fas2discourse_namespace }}"
--- a/roles/fas2discourse/templates/secret-discourse-apikey.yml
+++ b/roles/fas2discourse/templates/secret-discourse-apikey.yml
@ -1,3 +1,4 @@
 ---
 apiVersion: v1
 kind: Secret
 metadata:
@ -12,4 +13,3 @@ data:
    "{{ (env == 'production')|ternary(fas2discourse_fasjson_hostname, fas2discourse_stg_fasjson_hostname) | b64encode }}"
  fas2discourse-principal:
    "{{ (env == 'production')|ternary(fas2discourse_principal, fas2discourse_stg_principal) | b64encode }}"
--- a/roles/fas2discourse/templates/secret-keytab.yml
+++ b/roles/fas2discourse/templates/secret-keytab.yml
@ -1,3 +1,4 @@
 ---
 apiVersion: v1
 kind: Secret
 metadata:
@ -6,4 +7,3 @@ metadata:
 data:
  fas2discourse-keytab:
    "{{ fas2discourse_keytab_file | b64encode }}"
--- a/roles/fasjson/tasks/main.yml
+++ b/roles/fasjson/tasks/main.yml
@ -33,4 +33,3 @@
  - config
  - fasjson
  when: fasjson_aliases is defined
--- a/roles/fedmsg/crl/tasks/main.yml
+++ b/roles/fedmsg/crl/tasks/main.yml
@ -3,6 +3,7 @@
 # repo and throw it into fedoraproject.org/fedmsg/crl.pem
 # See https://infrastructure.fedoraproject.org/infra/docs/fedmsg-certs.txt
 ---
 - name: Ensure dir for content exists
  file: dest=/srv/web/fedmsg owner=apache group=apache mode=0755 state=directory
  tags:
--- a/roles/fedmsg/gateway/slave/tasks/main.yml
+++ b/roles/fedmsg/gateway/slave/tasks/main.yml
@ -135,4 +135,3 @@
  ignore_errors: true
  tags:
  - fedmsgmonitor
--- a/roles/fedmsg/gateway/tasks/main.yml
+++ b/roles/fedmsg/gateway/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: install fedmsg-gateway
  package: name=fedmsg-gateway state=present
  tags:
--- a/roles/fedmsg/hub/defaults/main.yml
+++ b/roles/fedmsg/hub/defaults/main.yml
@ -1,9 +1,10 @@
 # This is false by default.  You have to override it when including the role.
-enable_websocket_server: False
+---
 enable_websocket_server: false
 # Absolute memory limit in megabytes for fedmsg-hub and fedmsg-bub-3
 # services.  Zero means infinity (no limit).
 fedmsg_hub_memory_limit_mb: 0
 # Restart fedmsg-hub.service on failure.
-fedmsg_hub_auto_restart: False
+fedmsg_hub_auto_restart: false
--- a/roles/fedmsg/irc/tasks/main.yml
+++ b/roles/fedmsg/irc/tasks/main.yml
@ -1,4 +1,4 @@
-
+---
 - name: install package for fedmsg-irc
  package:
    state: present
--- a/roles/fedmsg/relay/tasks/main.yml
+++ b/roles/fedmsg/relay/tasks/main.yml
@ -1,6 +1,7 @@
 # This is a *very* simple role.  The config needed for fedmsg-relay to operate
 # correctly is actually included as part of the fedmsg/base role.
 ---
 - name: install fedmsg-relay (yum)
  package: name=fedmsg-relay state=present
  tags:
--- a/roles/fedora-budget/build/tasks/main.yml
+++ b/roles/fedora-budget/build/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - file: dest=/srv/web/budget.fedoraproject.org state=directory
 - template: >
--- a/roles/fedora-budget/proxy/tasks/main.yml
+++ b/roles/fedora-budget/proxy/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: Copy in the sync-budget cronjob
  copy: src=cron-sync-budget dest=/etc/cron.d/sync-budget
  tags:
--- a/roles/fedora-docs/build/tasks/main.yml
+++ b/roles/fedora-docs/build/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - template: >
    src=docs-sync.j2 dest=/usr/local/bin/docs-sync
    owner=root group=root mode=0755
--- a/roles/fedora-docs/proxy/tasks/main.yml
+++ b/roles/fedora-docs/proxy/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - copy: >
    src=docs-rsync.stg dest=/usr/local/bin/docs-rsync
    owner=root group=root mode=0755
--- a/roles/fedora-docs/translation/tasks/main.yml
+++ b/roles/fedora-docs/translation/tasks/main.yml
@ -54,7 +54,7 @@
    dest: ~_update_docs_trans/.ssh/config
    owner: _update_docs_trans
    group: _update_docs_trans
-    mode: 0644
+    mode: "0644"
  tags:
  - fedora-docs-translation
@ -63,7 +63,7 @@
    dest: /usr/local/bin/docs-translation-update
    owner: root
    group: root
-    mode: 0755
+    mode: "0755"
  tags:
  - fedora-docs-translation
@ -72,7 +72,7 @@
    dest: /etc/cron.d/cron-docs-translation-update
    owner: root
    group: root
-    mode: 0644
+    mode: "0644"
  tags:
  - fedora-docs-translation
  when: env == "production" and inventory_hostname.startswith('sundries01')
--- a/roles/fedora-messaging-utils/tasks/crontab_path.yml
+++ b/roles/fedora-messaging-utils/tasks/crontab_path.yml
@ -2,6 +2,7 @@
 # Ensure PATH in /etc/crontab contains /usr/local/bin
 #####################################################
 ---
 - name: check if PATH is set in crontab
  lineinfile:
    path: /etc/crontab
--- a/roles/fedora-messaging-utils/tasks/main.yml
+++ b/roles/fedora-messaging-utils/tasks/main.yml
@ -1,3 +1,4 @@
 ---
 - name: install messaging script for our improvized tracing
  copy: src=simple_message_to_bus dest=/usr/local/bin/ mode=0755
  tags:
--- a/Show more
+++ b/Show more