roles: hosted_engine_setup: align with ansible-lint 5.0.0 (#271)

* roles: hosted_engine_setup: align with ansible-lint 5.0.0 Fixes #266 Signed-off-by: Asaf Rachmani <arachman@localhost.localdomain> * roles: hosted_engine_setup: align with ansible-lint 5.0.0 Fix "load-failure: [Errno 2]" errors Signed-off-by: Asaf Rachmani <arachman@redhat.com> * roles: hosted_engine_setup: align with ansible-lint 5.0.0 Fix "load-failure: [Errno 2]" errors Signed-off-by: Asaf Rachmani <arachman@redhat.com> * roles: hosted_engine_setup: align with ansible-lint 5.0.0 Fix "load-failure: [Errno 2]" errors Signed-off-by: Asaf Rachmani <arachman@redhat.com> * roles: hosted_engine_setup: align with ansible-lint 5.0.0 Add changelogs Signed-off-by: Asaf Rachmani <arachman@redhat.com> * roles: hosted_engine_setup: align with ansible-lint 5.0.0 Add newline at end of the changelog file Signed-off-by: Asaf Rachmani <arachman@redhat.com> Co-authored-by: Asaf Rachmani <arachman@localhost.localdomain>
oVirt · May 12, 2021 · b506a12 · b506a12
1 parent 787efe9
commit b506a12
Show file tree

Hide file tree

Showing 33 changed files with 36 additions and 172 deletions.
diff --git a/changelogs/fragments/hosted_engine_setup-ansible-lint-5.0.0-alignment b/changelogs/fragments/hosted_engine_setup-ansible-lint-5.0.0-alignment
@@ -0,0 +1,3 @@
+---
+bugfixes:
+  - hosted_engine_setup - align with ansible-lint 5.0.0 (https://github.com/oVirt/ovirt-ansible-collection/pull/271).
diff --git a/roles/hosted_engine_setup/tasks/add_engine_as_ansible_host.yml b/roles/hosted_engine_setup/tasks/add_engine_as_ansible_host.yml
@@ -3,7 +3,6 @@
   block:
   - name: Fetch the value of HOST_KEY_CHECKING
     set_fact: host_key_checking="{{ lookup('config', 'HOST_KEY_CHECKING') }}"
-  - debug: var=host_key_checking
   - name: Get the username running the deploy
     become: false
     command: whoami

diff --git a/roles/hosted_engine_setup/tasks/alter_libvirt_default_net_configuration.yml b/roles/hosted_engine_setup/tasks/alter_libvirt_default_net_configuration.yml
@@ -4,8 +4,6 @@
     command: get_xml
     name: default
   register: default_net_xml
-- debug: var=default_net_xml.stdout
-
 - name: IPv6 configuration
   block:
     - name: Remove IPv4 configuration
@@ -34,23 +32,20 @@
         attribute: prefix
         value: "64"
       register: editednet2
-    - debug: var=editednet2
     - name: Edit libvirt default network configuration, enable DHCPv6
       xml:
         xmlstring: "{{ editednet2.xmlstring }}"
         xpath: /network/ip[@family='ipv6']/dhcp/range
         attribute: start
         value: "{{ he_ipv6_subnet_prefix + '::10' }}"
       register: editednet3
-    - debug: var=editednet3
     - name: Edit libvirt default network configuration, set DHCPv6 range
       xml:
         xmlstring: "{{ editednet3.xmlstring }}"
         xpath: /network/ip[@family='ipv6']/dhcp/range
         attribute: end
         value: "{{ he_ipv6_subnet_prefix + '::ff' }}"
       register: finaledit6
-    - debug: var=finaledit
   when: ipv6_deployment|bool
 
 - name: IPv4 configuration

diff --git a/roles/hosted_engine_setup/tasks/apply_openscap_profile.yml b/roles/hosted_engine_setup/tasks/apply_openscap_profile.yml
@@ -11,7 +11,6 @@
 - name: Set OpenSCAP datastream path
   set_fact:
     oscap_datastream: "{{ oscap_dir }}/ssg-{{ oscap_dist | replace('RedHat', 'rhel') | lower }}{{ oscap_ver }}-ds.xml"
-- debug: var=oscap_datastream
 - name: Verify OpenSCAP datastream
   stat:
     path: "{{ oscap_datastream }}"
@@ -23,7 +22,6 @@
   register: oscap_profile
   changed_when: true
   when: oscap_ds_stat.stat.exists
-- debug: var=oscap_profile
 - name: Apply OpenSCAP profile
   command: >-
     oscap xccdf eval --profile {{ oscap_profile.stdout }} --remediate
@@ -44,12 +42,11 @@
   command: sysctl -n crypto.fips_enabled
   changed_when: true
   register: he_fips_enabled
-- debug: var=he_fips_enabled
 - name: Enforce FIPS mode on CentOS
   fail:
     msg: "FIPS mode is unsupported on CentOS"
-  when:  oscap_dist == "CentOS" and he_fips_enabled.stdout != "1"
+  when: oscap_dist == "CentOS" and he_fips_enabled.stdout != "1"
 - name: Enforce FIPS mode on Rhel
   fail:
     msg: "FIPS mode is not enabled as required"
-  when:  oscap_dist == "RedHat" and he_fips_enabled.stdout != "1"
+  when: oscap_dist == "RedHat" and he_fips_enabled.stdout != "1"
diff --git a/roles/hosted_engine_setup/tasks/bootstrap_local_vm/01_prepare_routing_rules.yml b/roles/hosted_engine_setup/tasks/bootstrap_local_vm/01_prepare_routing_rules.yml
@@ -7,8 +7,8 @@
         {{ true if he_host_ip not in target_address_v4.stdout_lines and
         he_host_ip in target_address_v6.stdout_lines
         else false }}
-  - include_tasks: validate_ip_prefix.yml
-  - include_tasks: alter_libvirt_default_net_configuration.yml
+  - include_tasks: ../validate_ip_prefix.yml
+  - include_tasks: ../alter_libvirt_default_net_configuration.yml
   # all of the next is a workaround for a network issue:
   # vdsm installation breaks the routing by defining separate
   # routing table for ovirtmgmt. But we need to enable communication
@@ -23,7 +23,6 @@
       name: default
       state: active
     register: virt_net_out
-  - debug: var=virt_net_out
   - name: Get libvirt interfaces
     virt_net:
       command: facts
@@ -32,14 +31,12 @@
     environment: "{{ he_cmd_lang }}"
     register: route_rules_ipv4
     changed_when: true
-  - debug: var=route_rules_ipv4
   - name: Get routing rules, IPv6
     command: ip -6 rule
     environment: "{{ he_cmd_lang }}"
     register: route_rules_ipv6
     changed_when: true
     when: ipv6_deployment|bool
-  - debug: var=route_rules_ipv6
   - name: Save bridge name
     set_fact:
       virbr_default: "{{ ansible_libvirt_networks['default']['bridge'] }}"
@@ -60,15 +57,13 @@
         {{ (hostvars[inventory_hostname]['ansible_'+virbr_default]['ipv4']['address']+'/'
         +hostvars[inventory_hostname]['ansible_'+virbr_default]['ipv4']['netmask']) |ipv4('host/prefix') }}
     when: not ipv6_deployment|bool
-  - debug: var=virbr_cidr_ipv4
   - name: Fetch IPv6 CIDR for {{ virbr_default }}
     set_fact:
       virbr_cidr_ipv6: >-
         {{ (hostvars[inventory_hostname]['ansible_'+virbr_default]['ipv6'][0]['address']+'/'+
         hostvars[inventory_hostname]['ansible_'+virbr_default]['ipv6'][0]['prefix']) |
         ipv6('host/prefix') if 'ipv6' in hostvars[inventory_hostname]['ansible_'+virbr_default] else None }}
     when: ipv6_deployment|bool
-  - debug: var=virbr_cidr_ipv6
   - name: Add IPv4 outbound route rules
     command: ip rule add from {{ virbr_cidr_ipv4 }} priority 101 table main
     environment: "{{ he_cmd_lang }}"
@@ -80,7 +75,6 @@
       selectattr('src', 'equalto', virbr_cidr_ipv4 | ipaddr('address') ) |
       list | length == 0
     changed_when: true
-  - debug: var=result
   - name: Add IPv4 inbound route rules
     command: ip rule add from all to {{ virbr_cidr_ipv4 }} priority 100 table main
     environment: "{{ he_cmd_lang }}"
@@ -92,19 +86,16 @@
       selectattr('priority', 'equalto', 100) |
       selectattr('dst', 'equalto', virbr_cidr_ipv4 | ipaddr('address') ) |
       list | length == 0
-  - debug: var=result
   - name: Add IPv6 outbound route rules
     command: ip -6 rule add from {{ virbr_cidr_ipv6 }} priority 101 table main
     environment: "{{ he_cmd_lang }}"
     register: result
     when: ipv6_deployment|bool and "\"101:\tfrom \"+virbr_cidr_ipv6+\" lookup main\" not in route_rules_ipv6.stdout"
     changed_when: true
-  - debug: var=result
   - name: Add IPv6 inbound route rules
     command: ip -6 rule add from all to {{ virbr_cidr_ipv6 }} priority 100 table main
     environment: "{{ he_cmd_lang }}"
     register: result
     changed_when: true
     when: >-
       ipv6_deployment|bool and "\"100:\tfrom all to \"+virbr_cidr_ipv6+\" lookup main\" not in route_rules_ipv6.stdout"
-  - debug: var=result
diff --git a/roles/hosted_engine_setup/tasks/bootstrap_local_vm/02_create_local_vm.yml b/roles/hosted_engine_setup/tasks/bootstrap_local_vm/02_create_local_vm.yml
@@ -1,7 +1,7 @@
 ---
 - name: Create hosted engine local vm
   block:
-  - import_tasks: add_engine_as_ansible_host.yml
+  - import_tasks: ../add_engine_as_ansible_host.yml
   - name: Initial tasks
     block:
       - name: Get host unique id
@@ -31,7 +31,7 @@
           owner: vdsm
           group: kvm
           mode: 0775
-      - include_tasks: install_appliance.yml
+      - include_tasks: ../install_appliance.yml
         when: he_appliance_ova is none or he_appliance_ova|length == 0
       - name: Register appliance PATH
         set_fact:
@@ -63,7 +63,7 @@
           src: "{{ he_appliance_ova_path }}"
           dest: "{{ he_local_vm_dir }}"
           extra_opts: ['--sparse']
-      - include_tasks: get_local_vm_disk_path.yml
+      - include_tasks: ../get_local_vm_disk_path.yml
       - name: Get appliance disk size
         command: qemu-img info --output=json {{ local_vm_disk_path }}
         environment: "{{ he_cmd_lang }}"
@@ -134,8 +134,8 @@
           delay=30
           timeout=300
     rescue:
-      - include_tasks: clean_localvm_dir.yml
-      - include_tasks: clean_local_storage_pools.yml
+      - include_tasks: ../clean_localvm_dir.yml
+      - include_tasks: ../clean_local_storage_pools.yml
       - name: Notify the user about a failure
         fail:
           msg: >

diff --git a/roles/hosted_engine_setup/tasks/bootstrap_local_vm/03_engine_initial_tasks.yml b/roles/hosted_engine_setup/tasks/bootstrap_local_vm/03_engine_initial_tasks.yml
@@ -54,16 +54,15 @@
       - "OVESETUP_DWH_DB/password=str:{{ he_dwh_db_password }}"
     when: he_dwh_db_password is defined
   - name: Import OpenSCAP task
-    import_tasks: apply_openscap_profile.yml
+    import_tasks: ../apply_openscap_profile.yml
     when: he_apply_openscap_profile|bool
   - name: Include before engine-setup custom tasks files for the engine VM
     include_tasks: "{{ item }}"
     with_fileglob: "hooks/enginevm_before_engine_setup/*.yml"
     register: include_before_engine_setup_results
-  - debug: var=include_before_engine_setup_results
   - name: Restore a backup
     block:
-      - include_tasks: restore_backup.yml
+      - include_tasks: ../restore_backup.yml
     when: he_restore_from_file is defined and he_restore_from_file
   rescue:
     - name: Sync on engine machine
@@ -77,10 +76,10 @@
       set_fact:
         he_local_vm_dir={{ hostvars[he_ansible_host_name]['he_local_vm_dir'] }}
     - name: Clean bootstrap VM
-      import_tasks: clean_localvm_dir.yml
+      import_tasks: ../clean_localvm_dir.yml
       delegate_to: "{{ he_ansible_host_name }}"
     - name: Clean local storage pools
-      import_tasks: clean_local_storage_pools.yml
+      import_tasks: ../clean_local_storage_pools.yml
       delegate_to: "{{ he_ansible_host_name }}"
     - name: Notify the user about a failure
       fail:

diff --git a/roles/hosted_engine_setup/tasks/bootstrap_local_vm/04_engine_final_tasks.yml b/roles/hosted_engine_setup/tasks/bootstrap_local_vm/04_engine_final_tasks.yml
@@ -5,7 +5,6 @@
     include_tasks: "{{ item }}"
     with_fileglob: "hooks/enginevm_after_engine_setup/*.yml"
     register: include_after_engine_setup_results
-  - debug: var=include_after_engine_setup_results
   # After a restart the engine has a 5 minute grace time,
   # other actions like electing a new SPM host or reconstructing
   # the master storage domain could require more time
@@ -18,7 +17,6 @@
     register: libgfapi_support_out
     changed_when: true
     when: he_enable_libgfapi|bool
-  - debug: var=libgfapi_support_out
   - name: Save original OvfUpdateIntervalInMinutes
     shell: "engine-config -g OvfUpdateIntervalInMinutes | cut -d' ' -f2 > /root/OvfUpdateIntervalInMinutes.txt"
     environment: "{{ he_cmd_lang }}"
@@ -43,7 +41,6 @@
       state: restarted
       name: ovirt-engine
     register: restart_out
-  - debug: var=restart_out
   - name: Mask cloud-init services to speed up future boot
     systemd:
       masked: true
@@ -63,10 +60,10 @@
       set_fact:
         he_local_vm_dir={{ hostvars[he_ansible_host_name]['he_local_vm_dir'] }}
     - name: Clean bootstrap VM
-      import_tasks: clean_localvm_dir.yml
+      import_tasks: ../clean_localvm_dir.yml
       delegate_to: "{{ he_ansible_host_name }}"
     - name: Clean local storage pools
-      import_tasks: clean_local_storage_pools.yml
+      import_tasks: ../clean_local_storage_pools.yml
       delegate_to: "{{ he_ansible_host_name }}"
     - name: Notify the user about a failure
       fail:

diff --git a/roles/hosted_engine_setup/tasks/bootstrap_local_vm/05_add_host.yml b/roles/hosted_engine_setup/tasks/bootstrap_local_vm/05_add_host.yml
@@ -9,7 +9,6 @@
     until: "'DB Up!Welcome to Health Status!' in engine_status.content"
     retries: 30
     delay: 20
-  - debug: var=engine_status
   - name: Open a port on firewalld
     firewalld:
       port: "{{ he_webui_forward_port }}/tcp"
@@ -27,25 +26,24 @@
     async: 86400
     poll: 0
     register: sshpf
-  - debug: var=sshpf
   - name: Evaluate temporary bootstrap engine URL
     set_fact: bootstrap_engine_url="https://{{ he_host_address }}:{{ he_webui_forward_port }}/ovirt-engine/"
-  - debug:
+  - name: Display the temporary bootstrap engine URL
+    debug:
       msg: >-
         The bootstrap engine is temporary accessible over {{ bootstrap_engine_url }}
   - name: Detect VLAN ID
     shell: ip -d link show {{ he_bridge_if }} | grep 'vlan ' | grep -Po 'id \K[\d]+' | cat
     environment: "{{ he_cmd_lang }}"
     register: vlan_id_out
     changed_when: true
-  - debug: var=vlan_id_out
   - name: Set Engine public key as authorized key without validating the TLS/SSL certificates
     authorized_key:
       user: root
       state: present
       key: https://{{ he_fqdn }}/ovirt-engine/services/pki-resource?resource=engine-certificate&format=OPENSSH-PUBKEY
       validate_certs: false
-  - include_tasks: auth_sso.yml
+  - include_tasks: ../auth_sso.yml
   - name: Ensure that the target datacenter is present
     ovirt_datacenter:
       state: present
@@ -128,19 +126,18 @@
     include_tasks: "{{ item }}"
     with_fileglob: "hooks/after_add_host/*.yml"
     register: include_after_add_host_results
-  - debug: var=include_after_add_host_results
   - name: Pause the execution to let the user interactively reconfigure the host
     block:
       - name: Let the user connect to the bootstrap engine to manually fix host configuration
         debug:
           msg: >-
             You can now connect to {{ bootstrap_engine_url }} and check the status of this host and
             eventually remediate it, please continue only when the host is listed as 'up'
-      - include_tasks: pause_execution.yml
+      - include_tasks: ../pause_execution.yml
     when: he_pause_host|bool
   # refresh the auth token after a long operation to avoid having it expired
-  - include_tasks: auth_revoke.yml
-  - include_tasks: auth_sso.yml
+  - include_tasks: ../auth_revoke.yml
+  - include_tasks: ../auth_sso.yml
   - name: Wait for the host to be up
     ovirt_host_info:
       pattern: name={{ he_host_name }}
@@ -156,7 +153,6 @@
     retries: 120
     delay: 10
     ignore_errors: true
-  - debug: var=host_result_up_check
   - name: Notify the user about a failure
     fail:
       msg: >-
@@ -208,16 +204,16 @@
           msg: >-
             You can now connect to {{ bootstrap_engine_url }} and check the status of this host and
             eventually remediate it, please continue only when the host is listed as 'up'
-      - include_tasks: pause_execution.yml
+      - include_tasks: ../pause_execution.yml
     when: >-
       he_pause_after_failed_add_host|bool and
       host_result_up_check is succeeded and
       host_result_up_check.ovirt_hosts|length >= 1 and
       host_result_up_check.ovirt_hosts[0].status == 'non_operational'
 
   # refresh the auth token after a long operation to avoid having it expired
-  - include_tasks: auth_revoke.yml
-  - include_tasks: auth_sso.yml
+  - include_tasks: ../auth_revoke.yml
+  - include_tasks: ../auth_sso.yml
   - name: Check if the host is up
     ovirt_host_info:
       pattern: name={{ he_host_name }}
@@ -272,8 +268,8 @@
     - name: Fetch logs from the engine VM
       include_tasks: fetch_engine_logs.yml
       ignore_errors: true
-    - include_tasks: clean_localvm_dir.yml
-    - include_tasks: clean_local_storage_pools.yml
+    - include_tasks: ../clean_localvm_dir.yml
+    - include_tasks: ../clean_local_storage_pools.yml
     - name: Notify the user about a failure
       fail:
         msg: >

diff --git a/roles/hosted_engine_setup/tasks/clean_localvm_dir.yml b/roles/hosted_engine_setup/tasks/clean_localvm_dir.yml
@@ -4,7 +4,6 @@
     path: "{{ he_local_vm_dir }}"
     state: absent
   register: rm_localvm_dir
-- debug: var=rm_localvm_dir
 - name: Remove temporary entry in /etc/hosts for the local VM
   lineinfile:
     dest: /etc/hosts