ansible: change when conditions to use == instead of is when checking strings.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>

playbooks/check-host.yml

@@ -17,7 +17,7 @@
   - name: Get list of active loaded services with systemctl
     shell: '/bin/systemctl -t service --no-legend | egrep "loaded active" | tr -s " " | cut -d " " -f1'
     changed_when: False
-    when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+    when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
     register: loaded_active_services_systemctl
     tags:
       - check
@@ -26,7 +26,7 @@
   - name: Get list of active loaded services with systemctl
     shell: '/bin/systemctl -t service --no-legend | egrep "loaded active" | tr -s " " | cut -d " " -f1'
     changed_when: False
-    when: ansible_distribution_major_version|int > 6 and ansible_distribution is 'RedHat'
+    when: ansible_distribution_major_version|int > 6 and ansible_distribution == 'RedHat'
     register: loaded_active_services_systemctl
     tags:
       - check
@@ -35,7 +35,7 @@
   - name: Get list of inactive loaded services with systemctl
     shell: '/bin/systemctl -t service --no-legend | egrep -v "loaded active" | tr -s " " | cut -d " " -f1'
     changed_when: False
-    when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+    when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
     register: loaded_inactive_services_systemctl
     tags:
       - check
@@ -44,7 +44,7 @@
   - name: Get list of inactive loaded services with systemctl
     shell: '/bin/systemctl -t service --no-legend | egrep -v "loaded active" | tr -s " " | cut -d " " -f1'
     changed_when: False
-    when: ansible_distribution_major_version|int > 6 and ansible_distribution is 'RedHat'
+    when: ansible_distribution_major_version|int > 6 and ansible_distribution == 'RedHat'
     register: loaded_inactive_services_systemctl
     tags:
       - check
@@ -54,7 +54,7 @@
   - name: Get list of enabled services with chkconfig at current runlevel
     shell: "chkconfig | grep \"`runlevel | cut -d ' ' -f 2`:on\" | awk '{print $1}'"
     changed_when: False
-    when: ansible_distribution_major_version|int <= 6 and ansible_distribution is 'RedHat'
+    when: ansible_distribution_major_version|int <= 6 and ansible_distribution == 'RedHat'
     register: enabled_services_chkconfig
     tags:
       - check
@@ -63,7 +63,7 @@
   - name: Get list of disabled services with chkconfig at current runlevel
     shell: "chkconfig | grep \"`runlevel | cut -d ' ' -f 2`:off\" | awk '{print $1}'"
     changed_when: False
-    when: ansible_distribution_major_version|int <= 6 and ansible_distribution is 'RedHat'
+    when: ansible_distribution_major_version|int <= 6 and ansible_distribution == 'RedHat'
     register: disabled_services_chkconfig
     tags:
       - check

playbooks/groups/maintainer-test.yml

@@ -65,7 +65,7 @@
     dnf: state=present pkg={{ item }}
     with_items:
     - fedora-packager
-    when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+    when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
     tags:
     - packages
 

playbooks/manual/update-packages.yml

@@ -17,25 +17,25 @@
 
   - name: yum update {{ package }} from main repo
     yum: name="{{ package }}" state=latest update_cache=yes
-    when: not testing and ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+    when: not testing and ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
   - name: yum update {{ package }} from testing repo
     yum: name="{{ package }}" state=latest enablerepo=infrastructure-tags-stg update_cache=yes
-    when: testing and ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+    when: testing and ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
   - name: dnf clean all (since we can't do it when updating)
     command: dnf clean all
-    when: not testing and ansible_distribution_major_version|int > 21 and ansible_distribution is 'Fedora'
+    when: not testing and ansible_distribution_major_version|int > 21 and ansible_distribution == 'Fedora'
 
   - name: dnf update {{ package }} from main repo
     dnf: name="{{ package }}" state=latest
-    when: not testing and ansible_distribution_major_version|int > 21 and ansible_distribution is 'Fedora'
+    when: not testing and ansible_distribution_major_version|int > 21 and ansible_distribution == 'Fedora'
 
   - name: dnf clean all (since we can't do it when updating)
     command: dnf clean all --enablerepo=infrastructure-tags-stg
-    when: testing and ansible_distribution_major_version|int > 21 and ansible_distribution is 'Fedora'
+    when: testing and ansible_distribution_major_version|int > 21 and ansible_distribution == 'Fedora'
 
   - name: dnf update {{ package }} from testing repo
     dnf: name="{{ package }}" state=latest enablerepo=infrastructure-tags-stg
-    when: testing and ansible_distribution_major_version|int > 21 and ansible_distribution is 'Fedora'
+    when: testing and ansible_distribution_major_version|int > 21 and ansible_distribution == 'Fedora'
 

roles/apache/tasks/main.yml

@@ -24,7 +24,7 @@
 - name: hotfix - copy over new httpd init script
   copy: src="{{ files }}/hotfix/httpd/httpd.init" dest=/etc/init.d/httpd
         owner=root group=root mode=0755
-  when: ansible_distribution_major_version|int < 30 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int < 30 and ansible_distribution == 'Fedora'
   notify:
   - reload apache
   tags:
@@ -36,7 +36,7 @@
 - name: hotfix - copy over new httpd init script
   copy: src="{{ files }}/hotfix/httpd/httpd.init" dest=/etc/init.d/httpd
         owner=root group=root mode=0755
-  when: ansible_distribution_major_version|int <= 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int <= 8 and ansible_distribution == 'RedHat'
   notify:
   - reload apache
   tags:
@@ -46,7 +46,7 @@
 
 - name: hotfix - copy over new httpd sysconfig (el6)
   copy: src="{{ files }}/hotfix/httpd/httpd.sysconfig" dest=/etc/sysconfig/httpd
-  when: ansible_distribution_major_version|int == 6 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 6 and ansible_distribution == 'RedHat'
   notify:
   - reload apache
   tags:
@@ -56,7 +56,7 @@
 
 - name: hotfix - copy over new httpd sysconfig (el7)
   copy: src="{{ files }}/hotfix/httpd/httpd.sysconfig" dest=/etc/sysconfig/httpd
-  when: ansible_distribution_major_version|int == 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 7 and ansible_distribution == 'RedHat'
   notify:
   - reload apache
   tags:

roles/base/tasks/main.yml

@@ -11,11 +11,11 @@
   - policycoreutils-python
   tags:
   - selinux
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
 - name: ensure packages required for semanage are installed (dnf)
   package: name=policycoreutils-python-utils state=present
-  when: (ansible_distribution_major_version|int > 27 and ansible_distribution is 'Fedora') or (ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat') and ansible_cmdline.ostree is not defined
+  when: (ansible_distribution_major_version|int > 27 and ansible_distribution == 'Fedora') or (ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat') and ansible_cmdline.ostree is not defined
   tags:
   - selinux
 
@@ -52,7 +52,7 @@
   ini_file: dest=/etc/NetworkManager/NetworkManager.conf section=main option=dns value=none
   notify:
   - restart NetworkManager
-  when: ansible_distribution_major_version|int >=7 and ansible_distribution is 'RedHat' and nmclitest is success and ( not ansible_ifcfg_blacklist) and not nm_controlled_resolv
+  when: ansible_distribution_major_version|int >=7 and ansible_distribution == 'RedHat' and nmclitest is success and ( not ansible_ifcfg_blacklist) and not nm_controlled_resolv
   tags:
    - config
    - resolvconf
@@ -63,7 +63,7 @@
   ini_file: dest=/etc/NetworkManager/NetworkManager.conf section=main option=dns value=none
   notify:
   - restart NetworkManager
-  when: ansible_distribution_major_version|int >=29 and ansible_distribution is 'Fedora' and nmclitest is success and ( not ansible_ifcfg_blacklist) and not nm_controlled_resolv
+  when: ansible_distribution_major_version|int >=29 and ansible_distribution == 'Fedora' and nmclitest is success and ( not ansible_ifcfg_blacklist) and not nm_controlled_resolv
   tags:
    - config
    - resolvconf
@@ -76,7 +76,7 @@
   changed_when: false
   failed_when: 'if_uuid.stdout == ""'
   check_mode: no
-  when: ansible_distribution_major_version|int >=7 and ansible_distribution is 'RedHat' and nmclitest is success and ( not ansible_ifcfg_blacklist )
+  when: ansible_distribution_major_version|int >=7 and ansible_distribution == 'RedHat' and nmclitest is success and ( not ansible_ifcfg_blacklist )
   tags:
    - config
    - ifcfg
@@ -88,7 +88,7 @@
   changed_when: false
   failed_when: 'if_uuid.stdout == ""'
   check_mode: no
-  when: ansible_distribution_major_version|int >=29 and ansible_distribution is 'Fedora' and nmclitest is success and ( not ansible_ifcfg_blacklist )
+  when: ansible_distribution_major_version|int >=29 and ansible_distribution == 'Fedora' and nmclitest is success and ( not ansible_ifcfg_blacklist )
   tags:
    - config
    - ifcfg
@@ -115,25 +115,25 @@
   tags:
   - packages
   - base
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
 - name: global default packages to install (dnf)
   dnf: state=present name="{{ global_pkgs_inst }}"
   tags:
   - packages
   - base
-  when: ansible_distribution_major_version|int >= 8 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
 
 - name: global default packages to install (dnf)
   dnf: state=present name="{{ global_pkgs_inst }}"
   tags:
   - packages
   - base
-  when: ansible_distribution_major_version|int > 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 - name: make sure hostname is set right on rhel7 hosts
   hostname: name="{{inventory_hostname}}"
-  when: ansible_distribution_major_version|int == 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 7 and ansible_distribution == 'RedHat'
 
 #
 # We set builders root password in the koji_builder role, so do not set those here
@@ -168,7 +168,7 @@
   tags:
   - packages
   - base
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
 - name: dist pkgs to install (yum)
   package: state=present name={{ item }}
@@ -177,35 +177,35 @@
   tags:
   - packages
   - base
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
 - name: dist pkgs to remove (dnf)
   dnf: state=absent name="{{ base_pkgs_erase }}"
   tags:
   - packages
   - base
-  when: ansible_distribution_major_version|int > 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 - name: dist pkgs to remove (dnf)
   dnf: state=absent name="{{ base_pkgs_erase }}"
   tags:
   - packages
   - base
-  when: ansible_distribution_major_version|int >= 8 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
 
 - name: dist pkgs to install (dnf)
   dnf: state=present name="{{ base_pkgs_inst }}"
   tags:
   - packages
   - base
-  when: ansible_distribution_major_version|int > 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 - name: dist pkgs to install (dnf)
   dnf: state=present name="{{ base_pkgs_inst }}"
   tags:
   - packages
   - base
-  when: ansible_distribution_major_version|int >= 8 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
 
 - name: dist disabled services
   service: state=stopped enabled=false name={{ item }}
@@ -279,7 +279,7 @@
 - name: enable journald persistence
   file: path=/var/log/journal state=directory
         owner=root group=systemd-journal mode=2755
-  when: ansible_distribution_major_version|int >= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int >= 7 and ansible_distribution == 'RedHat'
   tags:
   - journald
   - config
@@ -290,7 +290,7 @@
 - name: enable journald persistence
   file: path=/var/log/journal state=directory
         owner=root group=systemd-journal mode=2755
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
   tags:
   - journald
   - config
@@ -402,7 +402,7 @@
 - name: copy over our custom selinux module
   copy: src=selinux/mapchkpwd.pp dest=/usr/local/share/mapchkpwd.pp
   register: selinux_module
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
   tags:
   - config
   - selinux
@@ -411,7 +411,7 @@
 - name: copy over our custom selinux module
   copy: src=selinux/mapchkpwd.pp dest=/usr/local/share/mapchkpwd.pp
   register: selinux_module
-  when: ansible_distribution_major_version|int >= 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat'
   tags:
   - config
   - selinux

roles/basessh/tasks/main.yml

@@ -53,7 +53,7 @@
   - config
   - sshd
   - selinux
-  when: ansible_distribution_major_version|int >= 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat'
 
 - name: check if sshd port is already known by selinux
   shell: semanage port -l | grep ssh

roles/basessh/templates/sshd_config

@@ -2,7 +2,7 @@ Protocol 2
 
 Port {{ sshd_port }}
 
-{% if ansible_distribution_major_version == "6" and ansible_distribution is 'RedHat' %}
+{% if ansible_distribution_major_version == "6" and ansible_distribution == 'RedHat' %}
 KexAlgorithms diffie-hellman-group-exchange-sha256
 MACs hmac-sha2-512,hmac-sha2-256
 Ciphers aes256-ctr,aes192-ctr,aes128-ctr
@@ -31,9 +31,9 @@ AllowAgentForwarding no
 X11Forwarding no
 PermitTunnel no
 
-{% if ansible_distribution_major_version == "6" and ansible_distribution is 'RedHat' %}
+{% if ansible_distribution_major_version == "6" and ansible_distribution == 'RedHat' %}
 UsePrivilegeSeparation yes
-{% elif ansible_distribution_major_version == "7" and ansible_distribution is 'RedHat' %}
+{% elif ansible_distribution_major_version == "7" and ansible_distribution == 'RedHat' %}
 UsePrivilegeSeparation sandbox
 {% endif %}
 

roles/collectd/base/tasks/main.yml

@@ -6,35 +6,35 @@
   package: name=collectd state=present
   tags:
   - collectd
-  when: ansible_distribution_major_version|int <= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat'
 
 # install pkg
 - name: install collectd
   dnf: name=collectd state=present
   tags:
   - collectd
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat'
 
 # install pkg
 - name: install collectd
   dnf: name=collectd state=present
   tags:
   - collectd
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
 
 # install collectd-disk (it was split out)
 - name: install collectd-disk
   dnf: name=collectd-disk state=present
   tags:
   - collectd
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat'
 
 # install collectd-disk on F25+ (it was split out)
 - name: install collectd-disk
   dnf: name=collectd-disk state=present
   tags:
   - collectd
-  when: ansible_distribution_major_version|int > 24 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int > 24 and ansible_distribution == 'Fedora'
 
 # install collected.conf
 - name: /etc/collectd.conf
@@ -69,7 +69,7 @@
   - collectd
   notify:
   - restart collectd
-  when: collectd_apache and ansible_distribution_major_version|int <= 7 and ansible_distribution is 'RedHat'
+  when: collectd_apache and ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat'
 
 - name: install collectd-apache (dnf)
   dnf: state=present name=collectd-apache
@@ -77,7 +77,7 @@
   - collectd
   notify:
   - restart collectd
-  when: collectd_apache and ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat'
+  when: collectd_apache and ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat'
 
 - name: install collectd-apache (dnf)
   dnf: state=present name=collectd-apache
@@ -85,7 +85,7 @@
   - collectd
   notify:
   - restart collectd
-  when: collectd_apache and ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+  when: collectd_apache and ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
 
 - name: /etc/collectd/apache.conf
   copy: src=apache.conf dest=/etc/collectd.d/apache.conf
@@ -99,7 +99,7 @@
   package: name=libsemanage-python state=present
   tags:
   - collectd
-  when: collectd_apache is defined and ansible_distribution_major_version|int <= 7 and ansible_distribution is 'RedHat'
+  when: collectd_apache is defined and ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat'
 
 - name: Let collectd talk to things over tcp
   seboolean: name=collectd_tcp_network_connect state=yes persistent=yes

roles/dnf-automatic/tasks/main.yml

@@ -23,7 +23,7 @@
 
   - name: enable and start dnf-automatic
     command: systemctl enable dnf-automatic.timer
-    when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+    when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
     args:
       creates: /etc/systemd/system/basic.target.wants/dnf-automatic.timer
     tags:
@@ -35,15 +35,15 @@
     check_mode: no
     changed_when: 1 != 1
     ignore_errors: true
-    when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+    when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
   - name: start dnf-automatic.timer if it is not active
     command: systemctl start dnf-automatic.timer
-    when: automaticative is failed and ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+    when: automaticative is failed and ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
   - name: enable and start dnf-automatic f26+
     command: systemctl enable dnf-automatic-install.timer
-    when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+    when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
     register: dnfautomaticenable
     changed_when: dnfautomaticenable.rc != 0
     tags:
@@ -51,7 +51,7 @@
 
   - name: enable and start dnf-automatic RHEL8+
     command: systemctl enable dnf-automatic-install.timer
-    when: ansible_distribution_major_version|int >= 8 and ansible_distribution is 'RedHat'
+    when: ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat'
     register: dnfautomaticenable
     changed_when: dnfautomaticenable.rc != 0
     tags:
@@ -63,7 +63,7 @@
     check_mode: no
     changed_when: 1 != 1
     ignore_errors: true
-    when: ansible_distribution_major_version|int >= 8 and ansible_distribution is 'RedHat'
+    when: ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat'
 
   - name: check if dnf-automatic-install.timer is active
     command: systemctl is-active dnf-automatic-install.timer
@@ -71,15 +71,15 @@
     check_mode: no
     changed_when: 1 != 1
     ignore_errors: true
-    when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+    when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
 
   - name: start dnf-automatic-install.timer if it is not active
     command: systemctl start dnf-automatic-install.timer
-    when: automaticative is failed and ansible_distribution_major_version|int >= 8 and ansible_distribution is 'RedHat'
+    when: automaticative is failed and ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat'
 
   - name: start dnf-automatic-install.timer if it is not active
     command: systemctl start dnf-automatic-install.timer
-    when: automaticative is failed and ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+    when: automaticative is failed and ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
 
   - name: disable silly makecache timer
     systemd: name=dnf-makecache masked=yes

roles/fas_client/tasks/main.yml

@@ -21,7 +21,7 @@
 
 - name: install nss_db on rhel or fedora 25 or greater hosts only
   package: state=present name=nss_db
-  when: ansible_distribution is 'RedHat' or ansible_distribution is 'Fedora'
+  when: ansible_distribution == 'RedHat' or ansible_distribution == 'Fedora'
   tags:
   - packages
   - fas_client

roles/git/server/tasks/main.yml

@@ -8,12 +8,12 @@
 # If NOT using xinetd
 - name: delete stock git daemon config
   file: path="/usr/lib/systemd/system/git.service" state=absent
-  when: ansible_distribution_major_version|int >= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int >= 7 and ansible_distribution == 'RedHat'
   tags: git/server
 
 - name: delete stock git daemon config
   file: path="/usr/lib/systemd/system/git.service" state=absent
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
   tags: git/server
 
 - name: configure git daemon
@@ -21,7 +21,7 @@
     src="git@.service.j2"
     dest="/usr/lib/systemd/system/git@.service"
     mode=0644
-  when: ansible_distribution_major_version|int >= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int >= 7 and ansible_distribution == 'RedHat'
   tags: git/server
 
 - name: configure git daemon
@@ -29,13 +29,13 @@
     src="git@.service.j2"
     dest="/usr/lib/systemd/system/git@.service"
     mode=0644
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
   tags: git/server
 
 # If using xinetd
 - name: install xinetd
   package: name=xinetd state=present
-  when: ansible_distribution_major_version|int == 6 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 6 and ansible_distribution == 'RedHat'
   tags: git/server
 
 - name: install the xinetd config file
@@ -43,7 +43,7 @@
     src="git.j2"
     dest="/etc/xinetd.d/git"
     mode=0644
-  when: ansible_distribution_major_version|int == 6 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 6 and ansible_distribution == 'RedHat'
   tags: git/server
   notify:
   - restart xinetd

roles/kerneltest/templates/kerneltest.conf

@@ -1,5 +1,5 @@
 
-{% if ansible_distribution_major_version == '6 and ansible_distribution is 'RedHat' %}
+{% if ansible_distribution_major_version == '6 and ansible_distribution == 'RedHat' %}
 Alias /kerneltest/static /usr/lib/python2.6/site-packages/kerneltest/static/
 {% else %}
 Alias /kerneltest/static /usr/lib/python2.7/site-packages/kerneltest/static/

roles/nagios_client/tasks/main.yml

@@ -77,7 +77,7 @@
 
 - name: install our custom selinux module
   command: semodule -i /usr/share/nrpe/fi-nrpe.pp
-  when: ansible_distribution_major_version|int == 7 and ansible_distribution is 'RedHat' and selinux_module is changed
+  when: ansible_distribution_major_version|int == 7 and ansible_distribution == 'RedHat' and selinux_module is changed
   tags:
   - config
   - nagios_client

roles/nfs/client/tasks/main.yml

@@ -1,6 +1,6 @@
 - name: install network-scripts package
   package: name=network-scripts state=installed
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
   tags:
   - nfs/client
 
@@ -56,7 +56,7 @@
   with_items:
   - rpcbind
   - nfs-lock
-  when: ansible_distribution_major_version|int >= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int >= 7 and ansible_distribution == 'RedHat'
   tags:
   - nfs/client
 
@@ -67,7 +67,7 @@
   - rpcbind
   - nfs
   - nfslock
-  when: ansible_distribution_major_version|int == 6 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 6 and ansible_distribution == 'RedHat'
   tags:
   - nfs/client
 

roles/openqa/worker/tasks/tap-setup.yml

@@ -11,7 +11,7 @@
     state: present
   tags:
   - packages
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
 
 - name: Enable ipv4_forward in sysctl
   sysctl: name=net.ipv4.ip_forward value=1 state=present sysctl_set=yes reload=yes

roles/openvpn/base/tasks/main.yml

@@ -9,7 +9,7 @@
   tags:
   - openvpn
   - packages
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
 - name: Install needed package (dnf)
   package:
@@ -30,7 +30,7 @@
   - openvpn
   #notify:
   #- restart openvpn (RHEL6)
-  when: ansible_distribution_major_version|int == 6 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 6 and ansible_distribution == 'RedHat'
 
 - name: Install certificate and key (rhel7+) for client
   copy: src={{ private }}/files/vpn/pki/ca.crt
@@ -41,7 +41,7 @@
   - openvpn
   #notify:
   #- restart openvpn (RHEL7+)
-  when: ( ansible_distribution_major_version|int >= 7 and ansible_distribution is 'RedHat' ) and ansible_cmdline.ostree is not defined
+  when: ( ansible_distribution_major_version|int >= 7 and ansible_distribution == 'RedHat' ) and ansible_cmdline.ostree is not defined
 
 - name: Install certificate and key (Fedora) for client
   copy: src={{ private }}/files/vpn/pki/ca.crt
@@ -52,7 +52,7 @@
   - openvpn
   #notify:
   #- restart openvpn (Fedora)
-  when: ( ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' ) and ansible_cmdline.ostree is not defined
+  when: ( ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' ) and ansible_cmdline.ostree is not defined
 
 - name: Install certificate and key (fedora) for server
   copy: src={{ private }}/files/vpn/pki/ca.crt
@@ -63,7 +63,7 @@
   - openvpn
   #notify:
   #- restart openvpn (Fedora)
-  when: ( ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' ) and ansible_cmdline.ostree is not defined
+  when: ( ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' ) and ansible_cmdline.ostree is not defined
 
 - name: Install certificate and key (rhel7+) for server
   copy: src={{ private }}/files/vpn/pki/ca.crt
@@ -74,7 +74,7 @@
   - openvpn
   #notify:
   #- restart openvpn (RHEL7+)
-  when: ( ansible_distribution_major_version|int >= 7 and ansible_distribution is 'RedHat' ) and ansible_cmdline.ostree is not defined
+  when: ( ansible_distribution_major_version|int >= 7 and ansible_distribution == 'RedHat' ) and ansible_cmdline.ostree is not defined
 
 - name: Install certificate and key (rhel7 or fedora) for server
   copy: src={{ private }}/files/vpn/pki/ca.crt

roles/openvpn/client/tasks/main.yml

@@ -9,7 +9,7 @@
   tags:
   - packages
   - openvpn
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
 - name: Install needed packages
   package:
@@ -19,7 +19,7 @@
   tags:
   - packages
   - openvpn
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
 
 - name: Install needed packages
   package:
@@ -29,7 +29,7 @@
   tags:
   - packages
   - openvpn
-  when: ansible_distribution_major_version|int > 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 - name: Install main config file (rhel7 and fedora)
   template: src=client.conf
@@ -41,7 +41,7 @@
 #  notify:
 #  - restart openvpn (Fedora)
 #  - restart openvpn (RHEL6+)
-  when: (ansible_distribution is 'RedHat' or ansible_distribution is 'Fedora') and ansible_cmdline.ostree is not defined
+  when: (ansible_distribution == 'RedHat' or ansible_distribution == 'Fedora') and ansible_cmdline.ostree is not defined
 
 - name: Install configuration files (rhel7 and fedora)
   copy: src={{ item.file }}
@@ -60,7 +60,7 @@
 #  notify:
 #  - restart openvpn (Fedora)
 #  - restart openvpn (RHEL7)
-  when: (ansible_distribution_major_version|int >= 7 and ansible_distribution is 'RedHat') or (ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora') and ansible_cmdline.ostree is not defined
+  when: (ansible_distribution_major_version|int >= 7 and ansible_distribution == 'RedHat') or (ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora') and ansible_cmdline.ostree is not defined
 
 - name: Install configuration files (rhel6)
   copy: src={{ item.file }}
@@ -81,25 +81,25 @@
   - openvpn
 #  notify:
 #  - restart openvpn (RHEL6)
-  when: (ansible_distribution_major_version|int == 6 and ansible_distribution is 'RedHat') and ansible_cmdline.ostree is not defined
+  when: (ansible_distribution_major_version|int == 6 and ansible_distribution == 'RedHat') and ansible_cmdline.ostree is not defined
 
 - name: enable openvpn service for rhel 6
   service: name=openvpn state=started enabled=true
-  when: ansible_distribution_major_version|int == 6 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 6 and ansible_distribution == 'RedHat'
   tags:
   - service
   - openvpn
 
 - name: Make sure old openvpn is not running in rhel 7
   service: name=openvpn@openvpn state=stopped enabled=false
-  when: ansible_distribution_major_version|int == 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 7 and ansible_distribution == 'RedHat'
   tags:
   - service
   - openvpn
 
 - name: Make sure openvpn is running in rhel 7+
   service: name=openvpn-client@openvpn state=started enabled=true
-  when: ansible_distribution_major_version|int >= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int >= 7 and ansible_distribution == 'RedHat'
   tags:
   - service
   - openvpn
@@ -114,7 +114,7 @@
 - name: Create directories for post-vpn service configs
   file: path="/etc/systemd/system/{{item}}.service.d" state=directory
   with_items: "{{postvpnservices}}"
-  when: is_fedora is defined or (ansible_distribution_major_version|int >= 7 and ansible_distribution is 'RedHat')
+  when: is_fedora is defined or (ansible_distribution_major_version|int >= 7 and ansible_distribution == 'RedHat')
   tags:
   - service
   - openvpn
@@ -122,7 +122,7 @@
 - name: Deploy postvpn.conf for post-vpn services
   copy: src=postvpn.conf dest="/etc/systemd/system/{{item}}.service.d/postvpn.conf"
   with_items: "{{postvpnservices}}"
-  when: is_fedora is defined or (ansible_distribution_major_version|int >= 7 and ansible_distribution is 'RedHat')
+  when: is_fedora is defined or (ansible_distribution_major_version|int >= 7 and ansible_distribution == 'RedHat')
   tags:
   - service
   - openvpn

roles/packages3/web/tasks/main.yml

@@ -92,7 +92,7 @@
   tags:
   - packages
   - packages/web
-  when: ansible_distribution_major_version|int < 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 7 and ansible_distribution == 'RedHat'
 
 # Here's the indexer stuff
 - name: Create cache structure
@@ -135,7 +135,7 @@
   - packages
   - packages/web
   - hotfix
-  when: ansible_distribution_major_version|int < 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 7 and ansible_distribution == 'RedHat'
 
 # Lastly, here's some selinux stuff.
 - name: set some selinux booleans
@@ -164,4 +164,4 @@
   - packages
   - packages/web
   - selinux
-  when: ansible_distribution_major_version|int > 6 and (ansible_distribution is 'RedHat' or ansible_distribution is 'Fedora')
+  when: ansible_distribution_major_version|int > 6 and (ansible_distribution == 'RedHat' or ansible_distribution == 'Fedora')

roles/postgresql_server/tasks/main.yml

@@ -11,7 +11,7 @@
     - postgresql-plpython
     - python-psycopg2
     - pxz
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
   tags:
   - packages
   - postgresql
@@ -25,7 +25,7 @@
     - postgresql-plpython
     - python-psycopg2
     - pxz
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
   tags:
   - packages
   - postgresql
@@ -39,7 +39,7 @@
     - postgresql-plpython
     - python-psycopg2
     - pxz
-  when: ansible_distribution_major_version|int >= 8 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
   tags:
   - packages
   - postgresql

roles/postgresql_server_bdr/tasks/main.yml

@@ -21,7 +21,7 @@
   - postgresql-bdr94-bdr
   - postgresql-bdr94-plpython
   - python-psycopg2
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
   tags:
   - packages
   - postgresql-bdr

roles/rkhunter/tasks/main.yml

@@ -6,7 +6,7 @@
   tags:
   - rkhunter
   - packages
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 
 - name: rkhunter.conf

roles/rsyncd/tasks/main.yml

@@ -13,7 +13,7 @@
   tags:
   - packages
   - rsyncd
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
 - name: install necessary packages
   package:
@@ -25,7 +25,7 @@
   tags:
   - packages
   - rsyncd
-  when: ansible_distribution_major_version|int >= 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat'
 
 - name: install necessary packages
   package:
@@ -37,7 +37,7 @@
   tags:
   - packages
   - rsyncd
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
 
 - name: rsyncd.conf file
   copy: src={{ item }} dest=/etc/rsyncd.conf mode=0644

roles/sigul/server/tasks/main.yml

@@ -30,7 +30,7 @@
   package: state=present name={{ item }}
   with_items:
   - gnupg1
-  when: ansible_distribution_major_version|int == 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 7 and ansible_distribution == 'RedHat'
   tags:
   - packages
 
@@ -38,7 +38,7 @@
   package: state=present name={{ item }}
   with_items:
   - gnupg
-  when: ansible_distribution_major_version|int >= 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int >= 8 and ansible_distribution == 'RedHat'
   tags:
   - packages
 
@@ -46,7 +46,7 @@
   package: state=present name={{ item }}
   with_items:
   - gnupg
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
   tags:
   - packages
 
@@ -58,7 +58,7 @@
 
 - name: Setup gpg link on rhel7
   file: state=link src=/usr/bin/gpg1 dest=/usr/bin/gpg
-  when: ansible_distribution_major_version|int == 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 7 and ansible_distribution == 'RedHat'
 
 - name: add polkit rules to allow sigul user to access the smartcard/yubikey
   copy: src=00-sigul.rules dest=/etc/polkit-1/rules.d/00-sigul.rules

roles/taskotron/grokmirror/tasks/main.yml

@@ -5,21 +5,21 @@
     name:
       - git
       - python-grokmirror
-  when: ansible_distribution_major_version|int <= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat'
 
 - name: ensure grokmirror packages are installed (dnf)
   dnf: name={{ item }} state=present
   with_items:
       - git
       - python-grokmirror
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 - name: ensure grokmirror packages are installed (dnf)
   dnf: name={{ item }} state=present
   with_items:
       - git
       - python-grokmirror
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
 
 - name: create grokmirror user
   user: name={{ grokmirror_user }}

roles/taskotron/resultsdb-backend/tasks/main.yml

@@ -10,7 +10,7 @@
     - mod_wsgi
     - python-psycopg2
     - libsemanage-python
-  when: ansible_distribution_major_version|int <= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat'
 
 - name: ensure packages required for resultsdb are installed (dnf)
   dnf: name={{ item }} state=present
@@ -19,7 +19,7 @@
     - python3-mod_wsgi
     - python3-psycopg2
     - python2-libsemanage
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 - name: ensure packages required for resultsdb are installed (dnf)
   dnf: name={{ item }} state=present
@@ -28,7 +28,7 @@
     - python3-mod_wsgi
     - python3-psycopg2
     - python2-libsemanage
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
 
 - name: ensure database is created
   delegate_to: "{{ resultsdb_db_host_machine }}"

roles/taskotron/resultsdb-frontend/tasks/main.yml

@@ -8,21 +8,21 @@
     name:
     - resultsdb_frontend
     - mod_wsgi
-  when: ansible_distribution_major_version|int <= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat'
 
 - name: ensure packages required for resultsdb_frontend are installed (dnf)
   dnf: name={{ item }} state=present
   with_items:
     - resultsdb_frontend
     - python3-mod_wsgi
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 - name: ensure packages required for resultsdb_frontend are installed (dnf)
   dnf: name={{ item }} state=present
   with_items:
     - resultsdb_frontend
     - python3-mod_wsgi
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
 
 - name: ensure selinux lets httpd talk to the network
   seboolean: name=httpd_can_network_connect persistent=yes state=yes

roles/taskotron/ssl-taskotron/tasks/main.yml

@@ -4,19 +4,19 @@
     state: present
     name:
       - mod_ssl
-  when: ansible_distribution_major_version|int <= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat'
 
 - name: ensure ssl related packages are installed (dnf)
   dnf: name={{ item }} state=present
   with_items:
       - mod_ssl
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 - name: ensure ssl related packages are installed (dnf)
   dnf: name={{ item }} state=present
   with_items:
       - mod_ssl
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
 
 #- name: copy ssl key
 #  copy: src={{ private }}/files/taskotron/certs/{{ inventory_hostname }}/{{ inventory_hostname }}.key dest=/etc/pki/tls/private/{{ inventory_hostname }}.key

roles/taskotron/taskotron-frontend/tasks/main.yml

@@ -4,19 +4,19 @@
     state: present
     name:
     - httpd
-  when: ansible_distribution_major_version|int <= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat'
 
 - name: ensure packages required for taskotron-frontend are installed (dnf)
   dnf: name={{ item }} state=present
   with_items:
     - httpd
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 - name: ensure packages required for taskotron-frontend are installed (dnf)
   dnf: name={{ item }} state=present
   with_items:
     - httpd
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
 
 - name: create dirs for static files
   file: path=/var/www/html/{{ item }} state=directory owner=apache group=apache mode=1755

roles/taskotron/taskotron-master/tasks/main.yml

@@ -6,13 +6,13 @@
   dnf: name={{ item }} state=present
   with_items:
     - tmpwatch
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 - name: ensure packages required for buildmaster are installed (dnf)
   dnf: name={{ item }} state=present
   with_items:
     - tmpwatch
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
 
 - name: create artifacts directory
   file: path={{ item }} state=directory owner=buildmaster group=buildmaster mode=0775 setype=httpd_sys_content_t

roles/taskotron/taskotron-proxy/tasks/main.yml

@@ -11,19 +11,19 @@
     state: present
     name:
     - libsemanage-python
-  when: ansible_distribution_major_version|int <= 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int <= 7 and ansible_distribution == 'RedHat'
 
 - name: ensure packages required for proxying are installed (dnf)
   dnf: name={{ item }} state=present
   with_items:
     - libsemanage-python
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
 
 - name: ensure packages required for proxying are installed (dnf)
   dnf: name={{ item }} state=present
   with_items:
     - libsemanage-python
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
 
 - name: allow httpd tcp connections with selinux
   seboolean: name=httpd_can_network_connect state=true persistent=yes

roles/varnish/tasks/main.yml

@@ -22,7 +22,7 @@
   - restart varnish
   tags:
   - varnish
-  when: ansible_distribution_major_version|int == 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int == 7 and ansible_distribution == 'RedHat'
 
 - name: install varnish /etc/systemd/system/varnish.service file (fedora 29+)
   template: src=varnish.f29.j2 dest=/etc/systemd/system/varnish.service owner=root group=root
@@ -31,7 +31,7 @@
   - restart varnish
   tags:
   - varnish
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora'
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora'
 
 - name: install /etc/varnish/default.vcl (proxies)
   template: src={{ varnish_group }}.vcl.j2 dest=/etc/varnish/default.vcl owner=root group=root

tasks/2fa_client.yml

@@ -3,19 +3,19 @@
   package: name=pam_url state=present
   tags:
   - packages
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
 
 - name: install pam_url
   dnf: name=pam_url state=present
   tags:
   - packages
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat'
 
 - name: install pam_url
   dnf: name=pam_url state=present
   tags:
   - packages
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'RedHat'
 
 - name: /etc/pki/tls/private/totpcgi.pem
   copy: src="{{ private }}/files/2fa-certs/keys/{{ inventory_hostname }}.pem" dest=/etc/pki/tls/private/totpcgi.pem mode=0400

tasks/cloud_setup_basic.yml

@@ -6,7 +6,7 @@
   - ntp
   - libsemanage-python
   - libselinux-python
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
   tags:
   - packages
 
@@ -15,7 +15,7 @@
   with_items:
   - ntpdate
   - libselinux-python
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
   tags:
   - packages
 
@@ -24,7 +24,7 @@
   with_items:
   - ntpdate
   - libselinux-python
-  when: ansible_distribution_major_version|int >=29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >=29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
   tags:
   - packages
 
@@ -66,21 +66,21 @@
 - name: update all
   command: yum -y update creates=/etc/sysconfig/global-update-applied
   register: updated
-  when: ansible_distribution_major_version|int < 8 and ansible_distribution is 'RedHat'
+  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
   tags:
   - packages
 
 - name: update all
   command: dnf -y update creates=/etc/sysconfig/global-update-applied
   register: updated
-  when: ansible_distribution_major_version|int > 7 and ansible_distribution is 'RedHat' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int > 7 and ansible_distribution == 'RedHat' and ansible_cmdline.ostree is not defined
   tags:
   - packages
 
 - name: update all
   command: dnf -y update creates=/etc/sysconfig/global-update-applied
   register: updated
-  when: ansible_distribution_major_version|int >= 29 and ansible_distribution is 'Fedora' and ansible_cmdline.ostree is not defined
+  when: ansible_distribution_major_version|int >= 29 and ansible_distribution == 'Fedora' and ansible_cmdline.ostree is not defined
   tags:
   - packages