use collections; use FQCN for all tasks

roles/aws_common/handlers/main.yml

@@ -1,14 +1,14 @@
 ---
 
 - name: Enable CloudWatch Agent
-  systemd:
+  ansible.builtin.systemd:
     name: "amazon-cloudwatch-agent.service"
     daemon_reload: true
     enabled: true
   when: atl_aws_agent_restart
 
 - name: Restart CloudWatch Agent
-  systemd:
+  ansible.builtin.systemd:
     name: "amazon-cloudwatch-agent.service"
     enabled: true
     state: restarted

roles/aws_common/tasks/amazon.yml

@@ -1,18 +1,22 @@
 ---
 
 - name: Install AWS support packages
-  yum:
+  ansible.builtin.yum:
     name:
       - amazon-efs-utils
       - amazon-ssm-agent
       - awscli
       - git
       - ec2-utils
+  vars:
+    ansible_python_interpreter: /usr/bin/python2
 
 - name: Install CloudWatch Agent
-  yum:
+  ansible.builtin.yum:
     name:
       - "{{ aws_cloudwatch_agent_rpm }}"
   when: atl_aws_enable_cloudwatch is defined and atl_aws_enable_cloudwatch
   notify:
     - Enable CloudWatch Agent
+  vars:
+    ansible_python_interpreter: /usr/bin/python2

roles/aws_common/tasks/main.yml

@@ -1,20 +1,20 @@
 ---
 
 - name: Fetch local EC2 metadata
-  ec2_metadata_facts:
+  amazon.aws.ec2_metadata_facts:
   tags:
     - notest
 
 - name: Install distro-specific prerequisites
-  include_tasks: "{{ ansible_distribution|lower }}.yml"
+  ansible.builtin.include_tasks: "{{ ansible_distribution|lower }}.yml"
 
 - name: Use EC2 instance ID for cluster node ID
-  set_fact:
+  ansible.builtin.set_fact:
     atl_cluster_node_id: "{{ ansible_ec2_instance_id }}"
     atl_local_ipv4: "{{ ansible_ec2_local_ipv4 | default(ansible_default_ipv4.address) }}"
 
 - name: Generate CloudWatch config
-  template:
+  ansible.builtin.template:
     src: "amazon-cloudwatch-agent.json.j2"
     dest: "/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json"
     owner: root
@@ -25,7 +25,7 @@
     - Restart CloudWatch Agent
 
 - name: Store some metadata about this run
-  include_tasks: "write-tags.yml"
+  ansible.builtin.include_tasks: "write-tags.yml"
 
 - name: Initiate the startup of any new AWS services now
-  meta: flush_handlers
+  ansible.builtin.meta: flush_handlers

roles/aws_common/tasks/write-tags.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Retrieve all available EC2 tags
-  ec2_tag:
+  amazon.aws.ec2_tag:
     region: "{{ ansible_ec2_placement_region }}"
     resource: "{{ ansible_ec2_instance_id }}"
     state: list
@@ -11,18 +11,18 @@
     - notest
 
 - name: Retrieve autoscaling group
-  set_fact:
+  ansible.builtin.set_fact:
     ec2_autoscaling_group: "{{ ec2_instance_tags.tags['aws:autoscaling:groupName'] | default('') }}"
 
 - block:
     # No existing timestamp, so this is a first run. Persist some metadata into the ASG.
     - name: Fetch the git revision for this repo
-      command:
+      ansible.builtin.command:
         cmd: git rev-parse HEAD
       register: git_out
 
     - name: Setup the new ASG tags
-      set_fact:
+      ansible.builtin.set_fact:
         deployment_firstrun_meta:
           - ResourceType: "auto-scaling-group"
             ResourceId: "{{ ec2_autoscaling_group }}"
@@ -41,14 +41,14 @@
     # ignore errors as it's possible we don't have the permissions,
     # and we can't check up-front.
     - name: Set the first-run tags on the ASG ("FAIL" is not critical)
-      command: "aws autoscaling
+      ansible.builtin.command: "aws autoscaling
                     create-or-update-tags
                     --region {{ ansible_ec2_placement_region }}
                     --tags '{{ deployment_firstrun_meta | to_json }}'"
       ignore_errors: true
 
     - name: Set the tags on the local instance ("FAIL" is not critical)
-      ec2_tag:
+      amazon.aws.ec2_tag:
         region: "{{ ansible_ec2_placement_region }}"
         resource: "{{ ansible_ec2_instance_id }}"
         tags:

roles/aws_shared_fs_config/tasks/main.yml

@@ -1,13 +1,13 @@
 ---
 
 - name: Create mountpoint
-  file:
+  ansible.builtin.file:
     state: directory
     path: "{{ atl_shared_mountpoint }}"
     mode: 0755
 
 - name: Enable mountpoint in fstab
-  mount:
+  ansible.posix.mount:
     path: "{{ atl_shared_mountpoint }}"
     src: "{{ efs_target }}:{{ efs_src_dir }}"
     fstype: "{{ efs_type }}"

roles/bitbucket_config/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Create Bitbucket shared dir if necessary
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_home_shared }}"
     owner: "{{ atl_product_user }}"
     group: "{{ atl_product_user }}"
@@ -9,14 +9,14 @@
     state: directory
 
 - name: Create Bitbucket config file
-  template:
+  ansible.builtin.template:
     src: bitbucket.properties.j2
     dest: "{{ atl_product_home_shared }}/bitbucket.properties"
     owner: "{{ atl_product_user }}"
     group: "{{ atl_product_user }}"
 
 - name: Remove write permissions from installation directory
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_installation_versioned }}"
     owner: "root"
     group: "root"
@@ -25,7 +25,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Create conf/Catalina directory so catalina.out logging works
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_installation_versioned }}/conf/Catalina"
     state: directory
     mode: "u=rwX,g=rX,o-rwx"

roles/bitbucket_dataset_restore/tasks/main.yml

@@ -1,24 +1,24 @@
 ---
 - name: Force all notified handlers to run at this point, not waiting for normal sync points
-  meta: flush_handlers
+  ansible.builtin.meta: flush_handlers
 
 - name: wait for port 7990 to be up
-  wait_for:
+  ansible.builtin.wait_for:
     port: 7990
     delay: 60
 
 - name: wait for path to become available
-  wait_for:
+  ansible.builtin.wait_for:
     path: "{{ atl_product_home_shared }}/data/migration/import"
     delay: 60
 
 - name: Copy Bitbucket dataset from s3
-  get_url:
+  ansible.builtin.get_url:
     url: "{{ atl_bitbucket_dataset_url }}"
     dest: "{{ atl_product_home_shared }}/data/migration/import"
 
 - name: Invoke Import API
-  uri: 
+  ansible.builtin.uri:
     url: "{{ atl_bitbucket_baseurl }}/rest/api/1.0/migration/imports"
     user: admin
     password: "{{ atl_bitbucket_admin_password }}"
@@ -36,7 +36,7 @@
   failed_when: output is defined and output.json is defined and output.json.state != 'INITIALISING'
 
 - name: get import status
-  uri: 
+  ansible.builtin.uri:
     url: "{{ atl_bitbucket_baseurl }}/rest/api/1.0/migration/imports/{{ output.json.id }}"
     user: admin
     password: "{{ atl_bitbucket_admin_password }}"
@@ -50,7 +50,7 @@
   delay: 10
 
 - name: create lock file
-  file: 
+  ansible.builtin.file: 
     path: "{{ atl_product_home_shared }}/data/migration/import/lock.file"
     state: touch
   when: import_status.json.state == 'COMPLETED'

roles/confluence_config/tasks/amazon_fonts.yml

@@ -1,13 +1,15 @@
 ---
 
 - name: Install Google Noto fonts for language coverage
-  yum:
+  ansible.builtin.yum:
     name:
       - "google-noto-*"
+  vars:
+    ansible_python_interpreter: /usr/bin/python2
 
 - name: Link the language fonts into the JDK
   # Not idiomatic, but cleaner than messing with nested lookups...
-  shell:
+  ansible.builtin.shell:
     cmd: "ln -sf /usr/share/fonts/google-noto*/* {{ item }}/"
     creates: "{{ item }}/NotoSansJavanese-Regular.ttf"
     warn: false

roles/confluence_config/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Create application directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: 0750
@@ -17,7 +17,7 @@
 # Create symlink to force single (unclustered) Confluence to store
 # shared-data and attachments in the shared drive.
 - name: Symlink local attachments to shared storage
-  file:
+  ansible.builtin.file:
     src: "{{ item.0 }}"
     dest: "{{ item.1 }}"
     force: false
@@ -33,12 +33,12 @@
     - "{{ links }}"
 
 - name: Create Tomcat server config
-  template:
+  ansible.builtin.template:
     src: server.xml.j2
     dest: "{{ atl_product_installation_versioned }}/conf/server.xml"
 
 - name: Override JVM memory settings.
-  replace:
+  ansible.builtin.replace:
     path: "{{ atl_product_installation_versioned }}/bin/setenv.sh"
     regexp: "-{{ item }}\\d+m "
     replace: "-{{ item }}{{ atl_jvm_heap }} "
@@ -47,30 +47,30 @@
     - 'Xms'
 
 - name: Set the Tomcat environment
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ atl_product_installation_versioned }}/bin/setenv.sh"
     insertafter: "EOF"
     line: 'export CATALINA_OPTS="${CATALINA_OPTS} {{ atl_catalina_opts }} {{ atl_catalina_opts_extra }}"'
 
 - name: Configure login properties
-  template:
+  ansible.builtin.template:
     src: seraph-config.xml.j2
     dest: "{{ atl_product_installation_versioned }}/confluence/WEB-INF/classes/seraph-config.xml"
 
 - name: Configure Confluence home directory
-  template:
+  ansible.builtin.template:
     src: confluence-init.properties.j2
     dest: "{{ atl_product_installation_versioned }}/confluence/WEB-INF/classes/confluence-init.properties"
 
 - name: Create Confluence configuration
-  template:
+  ansible.builtin.template:
     src: confluence.cfg.xml.j2
     dest: "{{ atl_product_home }}/confluence.cfg.xml"
     owner: "{{ atl_product_user }}"
     group: "{{ atl_product_user }}"
 
 - name: Limit permissions on the installation directory
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_installation_versioned }}"
     owner: "root"
     group: "root"
@@ -83,7 +83,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Grant access to the product working directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: "u=rwX,g=rX,o-rwx"
@@ -97,7 +97,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Create conf/Catalina directory owned by product so catalina.out logging works
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_installation_versioned }}/conf/Catalina"
     state: directory
     mode: "u=rwX,g=rX,o-rwx"
@@ -106,7 +106,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Assert baseurl to same as atl_proxy_name
-  postgresql_query:
+  community.postgresql.postgresql_query:
     login_host: "{{ atl_db_host }}"
     login_user: "{{ atl_jdbc_user }}"
     login_password: "{{ atl_jdbc_password }}"
@@ -126,11 +126,11 @@
   ignore_errors: yes  # For Molecule as it has no db test framework included
 
 - name: Create JVM font fallback directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: 0755
   with_items: "{{ atl_fonts_fallback_dirs }}"
 
 - name: Install & configure distro language fonts
-  include_tasks: "{{ ansible_distribution|lower }}_fonts.yml"
+  ansible.builtin.include_tasks: "{{ ansible_distribution|lower }}_fonts.yml"

roles/confluence_config/tasks/ubuntu_fonts.yml

@@ -1,13 +1,13 @@
 ---
 
 - name: Install Google Noto fonts for language coverage
-  package:
+  ansible.builtin.package:
     name:
       - "fonts-noto"
 
 - name: Link the language fonts into the JDK
   # Not idiomatic, but cleaner than messing with nested lookups...
-  shell:
+  ansible.builtin.shell:
     cmd: "ln -sf /usr/share/fonts/truetype/noto/* {{ item }}/"
     creates: "{{ item }}/NotoSansJavanese-Regular.ttf"
     warn: false

roles/crowd_config/tasks/main.yml

@@ -1,60 +1,60 @@
 ---
 
 - name: Create server config
-  template:
+  ansible.builtin.template:
     src: server.xml.j2
     dest: "{{ atl_product_installation_versioned }}/apache-tomcat/conf/server.xml"
 
 - name: Set the minimum heap size (Xms)
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ atl_product_installation_versioned }}/apache-tomcat/bin/setenv.sh"
     regexp: '^(.*)Xms(\d+\w)(\s.*)$'
     line: '\1Xms{{ atl_jvm_heap }}\3'
     backrefs: yes
 
 - name: Set the maxmimum heap size (Xmx)
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ atl_product_installation_versioned }}/apache-tomcat/bin/setenv.sh"
     regexp: '^(.*)Xmx(\d+\w)(\s.*)$'
     line: '\1Xmx{{ atl_jvm_heap }}\3'
     backrefs: yes
 
 - name: Set Crowd home directory in crowd-init.properties file
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ atl_product_installation_versioned }}/crowd-webapp/WEB-INF/classes/crowd-init.properties"
     line: 'crowd.home={{ atl_product_home }}'
 
 - name: Export CATALINA_OPTS in setenv.sh
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: '{{ atl_product_installation_versioned }}/apache-tomcat/bin/setenv.sh'
     line: 'export CATALINA_OPTS'
 
 - name: CATALINA_OPTS to list
-  set_fact:
+  ansible.builtin.set_fact:
     catalina_ops_list: "{{ catalina_ops_list|default([]) }} + {{ (item | trim | regex_replace('^-')).split(' -') }}"
   loop:
     - '{{ atl_catalina_opts }}'
     - '{{ atl_catalina_opts_extra }}'
 
 - name: CATALINA_OPTS unique and sorted
-  set_fact:
+  ansible.builtin.set_fact:
     catalina_opts: "{{ query('flattened', catalina_ops_list) | reject('equalto', '') | unique | sort }}"
 
 - name: Set CATALINA_OPTS in setenv.sh
-  blockinfile:
+  ansible.builtin.blockinfile:
     block: "{{ lookup('template', 'templates/catalina_opts.j2') }}"
     path: "{{ atl_product_installation_versioned }}/apache-tomcat/bin/setenv.sh"
     insertbefore: "^export CATALINA_OPTS$"
     marker: "# {mark} ANSIBLE MANAGED CATALINA_OPTS"
 
 - name: Set JAVA_HOME
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ atl_product_installation_versioned }}/apache-tomcat/bin/setenv.sh"
     insertafter: "EOF"
     line: "export JAVA_HOME={{ atl_java_home }}"
 
 - name: Create application directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: 0750
@@ -67,7 +67,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Limit permissions on the installation directory
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_installation_versioned }}"
     owner: "{{ atl_product_user }}"
     group: "{{ atl_product_user }}"
@@ -80,7 +80,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Grant access to the product working directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: "u=rwX,g=rX,o-rwx"
@@ -94,7 +94,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Create conf/Catalina directory owned by product so catalina.out logging works
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_installation_versioned }}/conf/Catalina"
     state: directory
     mode: "u=rwX,g=rX,o-rwx"
@@ -103,7 +103,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Symlink Crowd shared home directory
-  file:
+  ansible.builtin.file:
     src: "{{ atl_product_home_shared }}"
     dest: "{{ atl_product_home }}/shared"
     state: link
@@ -112,7 +112,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Assert baseurl to same as atl_proxy_name
-  postgresql_query:
+  community.postgresql.postgresql_query:
     login_host: "{{ atl_db_host }}"
     login_user: "{{ atl_jdbc_user }}"
     login_password: "{{ atl_jdbc_password }}"
@@ -131,32 +131,32 @@
   ignore_errors: yes  # For Molecule as it has no db test framework included
 
 - name: Check that crowd.cfg.xml exists
-  stat:
+  ansible.builtin.stat:
     path: "{{ atl_product_home_shared }}/crowd.cfg.xml"
   register: crowd_cfg_stat_result
 
 - block:
   - name: Assert JDBC password to same as atl_jdbc_password
-    xml:
+    community.general.xml:
       path: "{{ atl_product_home_shared }}/crowd.cfg.xml"
       xpath: "/application-configuration/properties/property[@name='hibernate.connection.password']"
       value: "{{ atl_jdbc_password }}"
 
   - name: Assert JDBC url to same as atl_jdbc_url
-    xml:
+    community.general.xml:
       path: "{{ atl_product_home_shared }}/crowd.cfg.xml"
       xpath: "/application-configuration/properties/property[@name='hibernate.connection.url']"
       value: "{{ atl_jdbc_url }}?reWriteBatchedInserts=true"
 
   - name: Assert hibernate.c3p0.max_size to same as atl_db_poolmaxsize
-    xml:
+    community.general.xml:
       path: "{{ atl_product_home_shared }}/crowd.cfg.xml"
       xpath: "/application-configuration/properties/property[@name='hibernate.c3p0.max_size']"
       value: "{{ atl_db_poolmaxsize }}"
     when: atl_db_poolmaxsize is defined
 
   - name: Assert hibernate.c3p0.min_size to same as atl_db_poolminsize
-    xml:
+    community.general.xml:
       path: "{{ atl_product_home_shared }}/crowd.cfg.xml"
       xpath: "/application-configuration/properties/property[@name='hibernate.c3p0.min_size']"
       value: "{{ atl_db_poolminsize }}"
@@ -165,6 +165,6 @@
   when: crowd_cfg_stat_result.stat.exists
 
 - name: Remove crowd.xml to prevent duplicates from appearing in cluster reporting
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_installation_versioned }}/apache-tomcat/conf/Catalina/localhost/crowd.xml"
     state: absent

roles/database_init/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Create application DB user
-  postgresql_user:
+  community.postgresql.postgresql_user:
     login_host: "{{ atl_db_host }}"
     login_user: "{{ atl_db_root_user }}"
     login_password: "{{ atl_db_root_password }}"
@@ -11,7 +11,7 @@
     expires: 'infinity'
 
 - name: Collect dbcluster db_names
-  postgresql_query:
+  community.postgresql.postgresql_query:
     login_host: "{{ atl_db_host }}"
     login_user: "{{ atl_db_root_user }}"
     login_password: "{{ atl_db_root_password }}"
@@ -22,7 +22,7 @@
 - block:
 
     - name: Update root privs for new user
-      postgresql_privs:
+      community.postgresql.postgresql_privs:
         login_host: "{{ atl_db_host }}"
         login_user: "{{ atl_db_root_user }}"
         login_password: "{{ atl_db_root_password }}"
@@ -33,7 +33,7 @@
 
 # RDS does not allow changing the collation on an existing DB, it only allows collation change on creation of db. If the db already exists, we need the “create new application database” task to be skipped, idempotence can not be relied upon as we cant be certain the collation of the existing db
     - name: Create new application database
-      postgresql_db:
+      community.postgresql.postgresql_db:
         login_host: "{{ atl_db_host }}"
         login_user: "{{ atl_db_root_user }}"
         login_password: "{{ atl_db_root_password }}"
@@ -51,7 +51,7 @@
     - new_only
 
 - name: Assert ownership of public schema
-  postgresql_query:
+  community.postgresql.postgresql_query:
     login_host: "{{ atl_db_host }}"
     login_user: "{{ atl_db_root_user }}"
     login_password: "{{ atl_db_root_password }}"
@@ -59,7 +59,7 @@
     query: "ALTER SCHEMA public OWNER to {{ atl_db_root_user }};"
 
 - name: Grant privs to root user on public schema
-  postgresql_query:
+  community.postgresql.postgresql_query:
     login_host: "{{ atl_db_host }}"
     login_user: "{{ atl_db_root_user }}"
     login_password: "{{ atl_db_root_password }}"
@@ -67,7 +67,7 @@
     query: "GRANT ALL ON SCHEMA public TO {{ atl_db_root_user }};"
 
 - name: Grant privs to application user on public schema
-  postgresql_query:
+  community.postgresql.postgresql_query:
     login_host: "{{ atl_db_host }}"
     login_user: "{{ atl_db_root_user }}"
     login_password: "{{ atl_db_root_password }}"

roles/diy_backup/molecule/default/converge.yml

@@ -20,12 +20,12 @@
 
   pre_tasks:
     - name: Create base dir
-      file:
+      ansible.builtin.file:
         path: '/opt/atlassian/bin'
         state: directory
 
     - name: Install git
-      package:
+      ansible.builtin.package:
         name: git
 
   roles:

roles/diy_backup/tasks/main.yml

@@ -2,19 +2,19 @@
 
 
 - name: Fetch the DIY backups repository
-  git:
+  ansible.builtin.git:
     repo: "{{ atl_diy_backup_repo }}"
     dest: "{{ atl_diy_backup_dir }}"
     version: "master"
 
 - name: Configure DIY backup for BB on AWS
-  template:
+  ansible.builtin.template:
     src: "bitbucket.diy-backup.vars.sh.j2"
     dest: "{{ atl_diy_backup_dir }}/bitbucket.diy-backup.vars.sh"
     mode: 0640
 
 - name: Install backup wrapper script
-  template:
+  ansible.builtin.template:
     src: "run-backup.j2"
     dest: "{{ atl_installation_base }}/bin/run-backup"
     mode: 0750

roles/jira_config/molecule/jira_config_props/converge.yml

@@ -30,11 +30,11 @@
 
   pre_tasks:
     - name: Create shared home
-      file:
+      ansible.builtin.file:
         path: '/media/atl/jira/shared/'
         state: directory
     - name: Create jira-config.properties to check copy
-      copy:
+      ansible.builtin.copy:
         dest: '/media/atl/jira/shared/jira-config.properties'
         content: "jira.projectkey.warning = testwarning"
         force: false  # For idempotency check

roles/jira_config/tasks/main.yml

@@ -2,29 +2,29 @@
 
 
 - name: Create database config
-  template:
+  ansible.builtin.template:
     src: dbconfig.xml.j2
     dest: "{{ atl_product_home }}/dbconfig.xml"
     owner: "{{ atl_product_user }}"
 
 - name: Create cluster config
-  template:
+  ansible.builtin.template:
     src: cluster.properties.j2
     dest: "{{ atl_product_home }}/cluster.properties"
     owner: "{{ atl_product_user }}"
 
 - name: Create server config
-  template:
+  ansible.builtin.template:
     src: server.xml.j2
     dest: "{{ atl_product_installation_versioned }}/conf/server.xml"
 
 - name: Check for a jira-config.properties in the shared home
-  stat:
+  ansible.builtin.stat:
     path: "{{ atl_product_home_shared }}/jira-config.properties"
   register: jira_config_properties
 
 - name: Copy jira-config.properties if exists
-  copy:
+  ansible.builtin.copy:
     remote_src: true
     src: "{{ atl_product_home_shared }}/jira-config.properties"
     dest: "{{ atl_product_home }}/jira-config.properties"
@@ -35,7 +35,7 @@
 
 - name: Override JVM memory settings.
   # Ugly but necessary as the product installs this file so we need to make the change here.
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ atl_product_installation_versioned }}/bin/setenv.sh"
     backrefs: true
     regexp: "^{{ item }}="
@@ -45,25 +45,25 @@
     - 'JVM_MAXIMUM_MEMORY'
 
 - name: Set Jira home directory
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ atl_product_installation_versioned }}/bin/setenv.sh"
     regexp: "JIRA_HOME="
     line: 'JIRA_HOME="{{ atl_product_home }}"'
 
 - name: Set the Tomcat environment
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ atl_product_installation_versioned }}/bin/setenv.sh"
     insertafter: "EOF"
     line: 'export CATALINA_OPTS="${CATALINA_OPTS} {{ atl_catalina_opts }} {{ atl_catalina_opts_extra }}"'
 
 - name: Set support recommended JVM args
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "{{ atl_product_installation_versioned }}/bin/setenv.sh"
     regexp: "JVM_SUPPORT_RECOMMENDED_ARGS="
     line: 'JVM_SUPPORT_RECOMMENDED_ARGS="{{ atl_jvm_opts }}"'
 
 - name: Create application directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: 0750
@@ -77,7 +77,7 @@
 
 
 - name: Limit permissions on the installation directory
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_installation_versioned }}"
     owner: "root"
     group: "root"
@@ -90,7 +90,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Grant access to the product working directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: "u=rwX,g=rX,o-rwx"
@@ -104,7 +104,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Create conf/Catalina directory owned by product so catalina.out logging works
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_installation_versioned }}/conf/Catalina"
     state: directory
     mode: "u=rwX,g=rX,o-rwx"
@@ -113,7 +113,7 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Assert baseurl to same as atl_proxy_name
-  postgresql_query:
+  community.postgresql.postgresql_query:
     login_host: "{{ atl_db_host }}"
     login_user: "{{ atl_jdbc_user }}"
     login_password: "{{ atl_jdbc_password }}"

roles/linux_common/tasks/amazon.yml

@@ -1,16 +1,18 @@
 ---
 
 - name: Install Amazon-Linux-specific support packages
-  yum:
+  ansible.builtin.yum:
     name:
       - dejavu-sans-fonts
       - file
       - git-{{ git_version }}
       - libxml2
       - shadow-utils
+  vars:
+    ansible_python_interpreter: /usr/bin/python2
 
 - name: Limit the SSH ciphers
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "/etc/ssh/sshd_config"
     # Drop insecure ciphers, currently 3des-cbc only. You can get the
     # full list with `sshd -T | grep -i ciphers`

roles/linux_common/tasks/main.yml

@@ -3,10 +3,10 @@
 # Note: Try and limit these to packages that are distro-specific, and
 # place commonly-named ones below.
 - name: Install distro-specific prerequisites
-  include_tasks: "{{ ansible_distribution|lower }}.yml"
+  ansible.builtin.include_tasks: "{{ ansible_distribution|lower }}.yml"
 
 - name: Install common support packages
-  package:
+  ansible.builtin.package:
     name:
       - jq
       - tar
@@ -16,19 +16,19 @@
       - python-psycopg2
 
 - name: Create product group
-  group:
+  ansible.builtin.group:
     name: "{{ atl_product_user }}"
     gid: "{{ atl_product_user_uid }}"
 
 - name: Create product user
-  user:
+  ansible.builtin.user:
     name: "{{ atl_product_user }}"
     uid: "{{ atl_product_user_uid }}"
     group: "{{ atl_product_user }}"
     comment: "Product runtime user"
 
 - name: Stop systemd-cleanup deleting the jvm socket file
-  copy:
+  ansible.builtin.copy:
     src: java.conf
     dest: "/usr/lib/tmpfiles.d/java.conf"
     owner: root
@@ -37,7 +37,7 @@
   register: systemd_config_changed
 
 - name: Force systemd to reload daemon configuration
-  systemd:
+  ansible.builtin.systemd:
     daemon_reload: yes
   when:
     - systemd_config_changed is defined

roles/linux_common/tasks/ubuntu.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Install common Ubuntu support packages
-  apt:
+  ansible.builtin.apt:
     name:
       - python3-psycopg2
       - libxml2-utils

roles/nfs_mount/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Create mountpoint
-  file:
+  ansible.builtin.file:
     state: directory
     path: "{{ atl_shared_mountpoint }}"
     mode: 0755
@@ -9,7 +9,7 @@
     group: "{{ atl_product_user }}"
 
 - name: Enable mountpoint in fstab
-  mount:
+  ansible.posix.mount:
     src: "{{ atl_fileserver_host }}:{{ atl_nfs_target }}"
     path: "{{ atl_nfs_mountpoint }}"
     fstype: nfs

roles/nfs_server/handlers/main.yml

@@ -1,6 +1,6 @@
 ---
 
 - name: Restart NFS
-  service:
+  ansible.builtin.service:
     name: "nfs.service"
     state: restarted

roles/nfs_server/tasks/amazon.yml

@@ -1,6 +1,8 @@
 ---
 
 - name: Install Amazon-Linux-specific NFS packages
-  yum:
+  ansible.builtin.yum:
     name:
       - nfs-utils
+  vars:
+    ansible_python_interpreter: /usr/bin/python2

roles/nfs_server/tasks/main.yml

@@ -1,16 +1,16 @@
 ---
 
 - name: Install distro-specific NFS packages
-  include_tasks: "{{ ansible_distribution|lower }}.yml"
+  ansible.builtin.include_tasks: "{{ ansible_distribution|lower }}.yml"
 
 
 - name: Create mountpoint
-  file:
+  ansible.builtin.file:
     path: "{{ atl_shared_mountpoint }}"
     state: directory
 
 - name: Setup the disk partition
-  parted:
+  community.general.parted:
     device: "{{ atl_nfs_server_device }}"
     label: gpt
     name: "{{ atl_nfs_fs_label }}"
@@ -22,7 +22,7 @@
 
 
 - name: Create the filesystem
-  filesystem:
+  community.general.filesystem:
     dev: "{{ atl_nfs_server_device }}"
     fstype: "{{ atl_nfs_fs_type }}"
     opts: "-L {{ atl_nfs_fs_label }}"
@@ -30,7 +30,7 @@
     - new_only
 
 - name: Setup fstab and mount the filesystem
-  mount:
+  ansible.posix.mount:
     path: "{{ atl_shared_mountpoint }}"
     src: "LABEL={{ atl_nfs_fs_label }}"
     fstype: "{{ atl_nfs_fs_type }}"
@@ -40,7 +40,7 @@
 
 
 - name: Create the shared home
-  file:
+  ansible.builtin.file:
     path: "{{ atl_shared_mountpoint }}/{{ atl_product_user }}/shared"
     state: directory
     owner: "{{ atl_product_user }}"
@@ -51,14 +51,14 @@
 
 
 - name: Create the NFS export file
-  template:
+  ansible.builtin.template:
     src: "media-atl.exports.j2"
     dest: "/etc/exports.d/20-media-atl.exports"
   notify:
     - Restart NFS
 
 - name: Enable NFS
-  service:
+  ansible.builtin.service:
     name: nfs.service
     enabled: true
     state: started

roles/nfs_server/tasks/ubuntu.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Install Ubuntu-specific NFS packages
-  apt:
+  ansible.builtin.apt:
     name:
       - nfs-kernel-server
       - libnfs-utils

roles/product_common/tasks/amazon.yml

@@ -4,7 +4,7 @@
   block:
 
     - name: Add Adoptium yum repository
-      yum_repository:
+      ansible.builtin.yum_repository:
         name: Adoptium
         file: adoptium
         description: Adoptium Repo
@@ -14,12 +14,14 @@
         state: present
 
     - name: Install Eclipse Temurin JDK
-      yum:
+      ansible.builtin.yum:
         name: "temurin-{{ java_major_version }}-jdk"
         state: present
+      vars:
+        ansible_python_interpreter: /usr/bin/python2
 
     - name: Ensure common JDK symlink exists
-      alternatives:
+      community.general.alternatives:
         link: "/usr/lib/jvm/java"
         name: "java_sdk"
         path: "/usr/lib/jvm/temurin-{{ java_major_version }}-jdk"
@@ -30,6 +32,8 @@
     - runtime_pkg
 
 - name: Install other base packages on Amazon Linux
-  yum:
+  ansible.builtin.yum:
     name:
       - dejavu-fonts-common  # Required by the installer
+  vars:
+    ansible_python_interpreter: /usr/bin/python2

roles/product_common/tasks/main.yml

@@ -1,4 +1,4 @@
 ---
 
 - name: Perform distro-specific tasks
-  include_tasks: "{{ ansible_distribution|lower }}.yml"
+  ansible.builtin.include_tasks: "{{ ansible_distribution|lower }}.yml"

roles/product_common/tasks/ubuntu.yml

@@ -4,29 +4,29 @@
   block:
 
     - name: Install gnupg
-      apt:
+      ansible.builtin.apt:
         name: gnupg
         state: present
 
     - name: Add Adoptium debian repo public key
-      apt_key:
+      ansible.builtin.apt_key:
         url: https://packages.adoptium.net/artifactory/api/gpg/key/public
         state: present
 
     - name: Add Adoptium debian repository
-      apt_repository:
+      ansible.builtin.apt_repository:
         repo: "deb https://packages.adoptium.net/artifactory/deb {{ ansible_distribution_release }} main"
         state: present
         filename: adoptium
 
     - name: Install Eclipse Temurin JDK
-      apt:
+      ansible.builtin.apt:
         name: "temurin-{{ java_major_version }}-jdk"
         update_cache: yes
         state: present
 
     - name: Ensure common JDK symlink exists
-      alternatives:
+      community.general.alternatives:
         link: "/usr/lib/jvm/java"
         name: "java_sdk"
         path: "/usr/lib/jvm/temurin-{{ java_major_version }}-jdk-{{ debian_architecture }}"
@@ -37,6 +37,6 @@
     - runtime_pkg
 
 - name: Install other base packages on Ubuntu
-  package:
+  ansible.builtin.package:
     name:
       - fonts-dejavu-core  # Required by installer

roles/product_install/molecule/jira_all/converge.yml

@@ -16,11 +16,11 @@
     atl_jdbc_template: 'template0'
   pre_tasks:
     - name: Create cache dir
-      file:
+      ansible.builtin.file:
         path: '/media/atl/jira/shared/'
         state: directory
     - name: Seed version
-      copy:
+      ansible.builtin.copy:
         dest: '/media/atl/jira/shared/jira-core.version'
         content: "8.14.0"
         force: false  # For idempotency check

roles/product_install/molecule/jira_cached_with_downgrade/converge.yml

@@ -10,11 +10,11 @@
 
   pre_tasks:
     - name: Create cache dir
-      file:
+      ansible.builtin.file:
         path: '/media/atl/jira/shared/'
         state: directory
     - name: Seed version
-      copy:
+      ansible.builtin.copy:
         dest: '/media/atl/jira/shared/jira-core.version'
         content: "7.10.2"
         force: false  # For idempotency check

roles/product_install/molecule/jira_cached_with_upgrade/converge.yml

@@ -10,11 +10,11 @@
 
   pre_tasks:
     - name: Create cache dir
-      file:
+      ansible.builtin.file:
         path: '/media/atl/jira/shared/'
         state: directory
     - name: Seed version
-      copy:
+      ansible.builtin.copy:
         dest: '/media/atl/jira/shared/jira-core.version'
         content: "7.9.0"
         force: false  # For idempotency check

roles/product_install/molecule/jira_version_from_file/converge.yml

@@ -10,11 +10,11 @@
 
   pre_tasks:
     - name: Create cache dir
-      file:
+      ansible.builtin.file:
         path: '/media/atl/jira/shared/'
         state: directory
     - name: Seed version
-      copy:
+      ansible.builtin.copy:
         dest: '/media/atl/jira/shared/jira-core.version'
         content: "7.9.0"
         force: false  # For idempotency check

roles/product_install/tasks/jira-core_version_latest.yml

@@ -1,9 +1,9 @@
 ---
 
 - name: Fetch the latest version from URL
-  set_fact:
+  ansible.builtin.set_fact:
     atl_product_version_json: "{{ lookup('url', 'https://marketplace.atlassian.com/rest/2/products/key/jira-software/versions') }}"
 
 - name: Set the local var to retrieved version
-  set_fact:
+  ansible.builtin.set_fact:
     atl_latest_version: "{{ atl_product_version_json._embedded.versions[0].name }}"

roles/product_install/tasks/jira-servicedesk_as_obr.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Check for alternate obr download url
-  set_fact:
+  ansible.builtin.set_fact:
     atl_source_obr_from_marketplace: false
   when:
     - atl_obr_download_url is defined
@@ -10,40 +10,40 @@
   block:
 
     - name: Marketplace OBR - Get the installer product version info
-      uri:
+      ansible.builtin.uri:
         url: "{{ atl_mpac_products }}/key/jira/versions/name/{{ atl_product_version }}"
         return_content: yes
       register: atl_product_version_info
 
     - name: Marketplace OBR - Show the returned build number
-      debug:
+      ansible.builtin.debug:
         msg="buildNumber={{ atl_product_version_info.json.buildNumber }}"
 
     - name: Marketplace OBR - Get the JSD build version info
-      uri:
+      ansible.builtin.uri:
         url: "{{ atl_mpac_products }}/key/jira-servicedesk/versions/latest?application=\
         jira&applicationBuild={{ atl_product_version_info.json.buildNumber }}"
         return_content: yes
       register: atl_jsd_build_info
 
     - name: Marketplace OBR - Show the returned obr binary href
-      debug:
+      ansible.builtin.debug:
         msg="obr_ref={{ atl_jsd_build_info.json._embedded.artifact._links.binary.href }}"
 
     - name: Marketplace OBR - Set atl_obr_download_url
-      set_fact:
+      ansible.builtin.set_fact:
         atl_obr_download_url: "{{ atl_jsd_build_info.json._embedded.artifact._links.binary.href }}"
 
     - name: Marketplace OBR - Set atl_jsd_build
-      set_fact:
+      ansible.builtin.set_fact:
         atl_jsd_build: "{{ atl_jsd_build_info.json.name }}"
 
     - name: Marketplace OBR - Show the obr filename
-      debug:
+      ansible.builtin.debug:
         msg="obr_name=jira-servicedesk-application-{{ atl_jsd_build }}.obr"
 
     - name: Marketplace OBR - Set the obr filename
-      set_fact:
+      ansible.builtin.set_fact:
         atl_obr_filename: "jira-servicedesk-application-{{ atl_jsd_build }}.obr"
 
   when:
@@ -56,18 +56,18 @@
   block:
 
     - name: Alternate URL OBR - Show the obr filename
-      debug:
+      ansible.builtin.debug:
         msg="obr_name=jira-servicedesk-application-{{ atl_jsd_build }}.obr"
 
     - name: Alternate OBR - Set the obr filename
-      set_fact:
+      ansible.builtin.set_fact:
         atl_obr_filename: "jira-servicedesk-application-{{ atl_jsd_build }}.obr"
 
   when:
     - not atl_source_obr_from_marketplace | bool
 
 - name: is shared_home set ?
-  debug:
+  ansible.builtin.debug:
     msg="atl_product_home_shared_download_dir={{ atl_product_home_shared_download_dir }}"
 
 # For the first run a temp obr should be downloaded but moved to
@@ -77,7 +77,7 @@
 # a directory is used as a lockfile (atomic operation) when moving obr.
 
 - name: Set assumptions to avoid race condition
-  set_fact:
+  ansible.builtin.set_fact:
     download_obr: true
     move_obr: false
     atl_obr_download: "{{ atl_installer_temp }}/{{ atl_obr_filename }}"
@@ -87,22 +87,22 @@
 
 # Check for pre-downloaded obr on shared_home and completed lock dir.
 - name: Check for completed lock directory
-  stat:
+  ansible.builtin.stat:
     path: "{{ atl_obr_completed_lock }}"
   register: completed_lock
 
 - name: Check for obr in home_shared
-  stat:
+  ansible.builtin.stat:
     path: "{{ atl_obr_shared_download }}"
   register: home_shared_download
 
 - name: debug home_shared_download
-  debug:
+  ansible.builtin.debug:
     var: home_shared_download
 
 # If obr exists and lockdir exists use this obr instead
 - name: Check lock directory and obr exists on shared_home
-  set_fact:
+  ansible.builtin.set_fact:
     download_obr: false
     atl_obr_download: "{{ atl_obr_shared_download }}"
   when:
@@ -114,14 +114,14 @@
 # Fetch obr if required - note we validate it by mimetype rather than checksum due to https://ecosystem.atlassian.net/browse/AMKT-25526
 - name: download_obr is true so fetch and do all the things
   block:
-    - debug:
+    - ansible.builtin.debug:
         var: atl_obr_download_url
-    - debug:
+    - ansible.builtin.debug:
         var: atl_obr_download
 
     # Fetch obr and copy to temp
     - name: Fetch obr
-      get_url:
+      ansible.builtin.get_url:
         url: "{{ atl_obr_download_url }}"
         dest: "{{ atl_obr_download }}"
         mode: 0755
@@ -130,12 +130,12 @@
       register: atl_obr_completed
 
     - name: Confirm the output from the download task
-      debug:
+      ansible.builtin.debug:
         var: atl_obr_completed
 
     # get details about the obr
     - name: Stat the new obr file
-      stat:
+      ansible.builtin.stat:
         path: "{{ atl_obr_completed.dest }}"
         get_mime: yes
       register: atl_obr_stats
@@ -143,14 +143,14 @@
         - atl_obr_completed.dest is defined
 
     - name: fail if the downloaded OBR is not a zip file
-      fail:
+      ansible.builtin.fail:
         msg: "The downloaded OBR was not detected as being a valid ZIP file: {{ atl_obr_stats }}"
       when:
         - (atl_obr_stats.stat.mimetype is not defined) or (atl_obr_stats.stat.mimetype is not match("application/zip"))
 
     # If obr was fetched make the lock directory
     - name: Create moving_lock.
-      file:
+      ansible.builtin.file:
         path: "{{ atl_obr_moving_lock }}"
         state: directory
       when:
@@ -160,7 +160,7 @@
     # Directory lock was created by this run?
     # If so, then set a fact intending to move obr
     - name: Move obr Scenario - lock created by this run
-      set_fact:
+      ansible.builtin.set_fact:
         move_obr: true
       when:
         - moving_lock_created is succeeded
@@ -175,21 +175,21 @@
   block:
 
     - name: Copy temp installer to home_shared
-      copy:
+      ansible.builtin.copy:
         src: "{{ atl_obr_download }}"
         dest: "{{ atl_obr_shared_download }}"
         remote_src: true
       register: copied
 
     - name: Create completed_lock once obr downloaded and copied
-      file:
+      ansible.builtin.file:
         path: "{{ atl_obr_completed_lock }}"
         state: directory
       when: copied is succeeded
       register: completed_lock_created
 
     - name: Remove moving_lock to show that obr is completed
-      file:
+      ansible.builtin.file:
         path: "{{ atl_obr_moving_lock }}"
         state: absent
       when:
@@ -198,14 +198,14 @@
       register: moving_lock_removed
 
     - name: Delete old temp installer
-      file:
+      ansible.builtin.file:
         path: "{{ atl_obr_download }}"
         state: absent
       when: moving_lock_removed is succeeded
       register: temp_deleted
 
     - name: Set install to home_shared location
-      set_fact:
+      ansible.builtin.set_fact:
         atl_obr_download: "{{ atl_obr_shared_download }}"
       when: temp_deleted is succeeded
 
@@ -215,7 +215,7 @@
 # (which is either on home_shared or temp)
 
 - name: Ensure instaled-plugins dir exists
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_home_shared }}/plugins/installed-plugins"
     state: directory
     mode: 0750
@@ -224,7 +224,7 @@
 
 # Note as ansible unarchive cant handle "-j junk paths" we need to ignore errors to bypass the path verify
 - name: Unpack the obr into the atlassian-bundled-plugins dir
-  unarchive:
+  ansible.builtin.unarchive:
     remote_src: yes
     src: "{{ atl_obr_download }}"
     dest: "{{ atl_product_installation_versioned }}/atlassian-jira/WEB-INF/atlassian-bundled-plugins"
@@ -239,14 +239,14 @@
   register: obr_unpack
 
 - name: Move JSD dependency jars into the bundled-plugins dir      # noqa 503 - ignore lint info about when changed
-  copy:
+  ansible.builtin.copy:
     remote_src: yes
     src: "{{ atl_product_installation_versioned }}/atlassian-jira/WEB-INF/atlassian-bundled-plugins/dependencies/"
     dest: "{{ atl_product_installation_versioned }}/atlassian-jira/WEB-INF/atlassian-bundled-plugins/"
   when: obr_unpack.changed
 
 - name: Remove the empty dependencies folder      # noqa 503 - ignore lint info about when changed
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_installation_versioned }}/atlassian-jira/WEB-INF/atlassian-bundled-plugins/dependencies"
     state: absent
   when: obr_unpack.changed

roles/product_install/tasks/jira-servicedesk_extra_tasks.yml

@@ -1,5 +1,5 @@
 ---
 
 - name: Set the download edition for ServiceDesk
-  set_fact:
+  ansible.builtin.set_fact:
     atl_download_edition: "servicedesk"

roles/product_install/tasks/jira-servicedesk_version_latest.yml

@@ -1,9 +1,9 @@
 ---
 
 - name: Fetch the latest version from URL
-  set_fact:
+  ansible.builtin.set_fact:
     atl_product_version_json: "{{ lookup('url', 'https://marketplace.atlassian.com/rest/2/products/key/jira-servicedesk/versions') }}"
 
 - name: Set the local var to retrieved version
-  set_fact:
+  ansible.builtin.set_fact:
     atl_latest_version: "{{ atl_product_version_json._embedded.versions[0].name }}"

roles/product_install/tasks/jira-software_version_latest.yml

@@ -1,9 +1,9 @@
 ---
 
 - name: Fetch the latest version from URL
-  set_fact:
+  ansible.builtin.set_fact:
     atl_product_version_json: "{{ lookup('url', 'https://marketplace.atlassian.com/rest/2/products/key/jira-software/versions') }}"
 
 - name: Set the local var to retrieved version
-  set_fact:
+  ansible.builtin.set_fact:
     atl_latest_version: "{{ atl_product_version_json._embedded.versions[0].name }}"

roles/product_install/tasks/main.yml

@@ -2,7 +2,7 @@
 
 
 - name: Check for existing version cache file
-  stat:
+  ansible.builtin.stat:
     path: "{{ atl_product_version_cache }}"
   register: cached
 
@@ -11,19 +11,19 @@
   block:
 
     - name: Read cached version from file
-      command: "cat {{ atl_product_version_cache }}"
+      ansible.builtin.command: "cat {{ atl_product_version_cache }}"
       register: atl_product_version_file
       changed_when: false
 
     - name: Set the local var to cached version
-      set_fact:
+      ansible.builtin.set_fact:
         atl_cached_version: "{{ atl_product_version_file.stdout }}"
 
   when: cached.stat.exists
 
 
 - name: Determine if requested version is 'latest'
-  set_fact:
+  ansible.builtin.set_fact:
     version_is_latest: "{{ atl_product_version is undefined or
                            not atl_product_version or
                            atl_product_version == 'latest' }}"
@@ -33,7 +33,7 @@
   block:
 
     - name: Fetch the latest edition version
-      include_tasks: "{{ atl_product_edition }}_version_latest.yml"
+      ansible.builtin.include_tasks: "{{ atl_product_edition }}_version_latest.yml"
 
   when: not cached.stat.exists and version_is_latest
 
@@ -63,12 +63,12 @@
   block:
 
     - name: "Case: Cached version exists, has precedence over 'latest'"
-      set_fact:
+      ansible.builtin.set_fact:
         atl_download_version: "{{ atl_cached_version }}"
       when: cached.stat.exists
 
     - name: "Case: No cached version, use latest"
-      set_fact:
+      ansible.builtin.set_fact:
         atl_download_version: "{{ atl_latest_version }}"
       when: not cached.stat.exists
 
@@ -77,24 +77,24 @@
 - name: "Case: Version is not latest"
   block:
     - name: "create atlassian z versioning for comparison"
-      set_fact:
+      ansible.builtin.set_fact:
         atl_z_product_version: "{{ atl_product_version ~ '-z' }}"
         atl_z_cached_version: "{{ atl_cached_version ~ '-z' }}"
 
     - name: "create atlassian ordered versioning for comparison"
-      set_fact:
+      ansible.builtin.set_fact:
         atl_product_normalised_version: "{{ atl_z_product_version | replace('-m', '-am') }}"
         atl_cached_normalised_version: "{{ atl_z_cached_version | replace('-m', '-am') }}"
 
     - name: "Case: No cached version, or supplied is higher; use supplied"
-      set_fact:
+      ansible.builtin.set_fact:
         atl_download_version: "{{ atl_product_version }}"
       when: force_version_update | bool or
             not cached.stat.exists or
             atl_product_normalised_version is version(atl_cached_normalised_version, '>')
 
     - name: "Case: Cached version is higher or forced, ignore supplied"
-      set_fact:
+      ansible.builtin.set_fact:
         atl_download_version: "{{ atl_cached_version }}"
       when: cached.stat.exists and
             atl_product_normalised_version is version(atl_cached_normalised_version, '<=') and
@@ -104,23 +104,22 @@
 
 
 - name: "Fallthrough guard: Use cached or supplied version if nothing set"
-  set_fact:
+  ansible.builtin.set_fact:
     atl_download_version: "{{ atl_cached_version or atl_product_version }}"
   when: atl_download_version is not defined or
         atl_download_version|length == 0
 
 - name: Override the supplied version with the calculated one
-  set_fact:
+  ansible.builtin.set_fact:
     atl_product_version: "{{ atl_download_version }}"
 
 ######################################################################
 
 - name: Perform any additional per-edition version setup
-  include_tasks: "{{ atl_product_edition }}_extra_tasks.yml"
+  ansible.builtin.include_tasks: "{{ atl_product_edition }}_extra_tasks.yml"
-
 
 - name: Create installation directories
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     state: directory
     mode: 0750
@@ -136,7 +135,7 @@
 
 # At this point atl_product_version should be set, cache if necessary.
 - name: Write override cached version when specified
-  template:
+  ansible.builtin.template:
     src: version.j2
     dest: "{{ atl_product_version_cache }}"
     force: true
@@ -148,25 +147,25 @@
 # a directory is used as a lockfile (atomic operation) when moving binary.
 
 - name: Set assumptions to avoid race condition
-  set_fact:
+  ansible.builtin.set_fact:
     download_binary: true
     move_binary: false
     atl_product_download: "{{ atl_product_temp_download }}"
 
 # Check for pre-downloaded binary on shared_home and completed lock dir.
 - name: Check for completed lock directory
-  stat:
+  ansible.builtin.stat:
     path: "{{ atl_product_home_shared_completed_lock }}"
   register: completed_lock
 
 - name: Check for product installer in home_shared
-  stat:
+  ansible.builtin.stat:
     path: "{{ atl_product_home_shared_download }}"
   register: home_shared_download
 
 # If binary exists and lockdir exists use this binary instead
 - name: Check lock directory and binary exists on shared_home
-  set_fact:
+  ansible.builtin.set_fact:
     download_binary: false
     atl_product_download: "{{ atl_product_home_shared_download }}"
   when:
@@ -180,7 +179,7 @@
 
     # Fetch binary and copy to temp
     - name: Fetch binary
-      get_url:
+      ansible.builtin.get_url:
         url: "{{ atl_product_download_url }}"
         dest: "{{ atl_product_temp_download }}"
         mode: 0755
@@ -189,7 +188,7 @@
 
     # If product installer was fetched make the lock directory
     - name: Create moving_lock.
-      file:
+      ansible.builtin.file:
         path: "{{ atl_product_home_shared_moving_lock }}"
         state: directory
       when:
@@ -199,7 +198,7 @@
     # Directory lock was created by this run?
     # If so, then set a fact intending to move binary
     - name: Move binary Scenario - lock created by this run
-      set_fact:
+      ansible.builtin.set_fact:
         move_binary: true
       when:
         - moving_lock_created is succeeded
@@ -214,7 +213,7 @@
   block:
 
     - name: Copy temp installer to home_shared
-      copy:
+      ansible.builtin.copy:
         src: "{{ atl_product_temp_download }}"
         dest: "{{ atl_product_home_shared_download }}"
         remote_src: true
@@ -224,14 +223,14 @@
       register: copied
 
     - name: Create completed_lock once product installer downloaded and copied
-      file:
+      ansible.builtin.file:
         path: "{{ atl_product_home_shared_completed_lock }}"
         state: directory
       when: copied is succeeded
       register: completed_lock_created
 
     - name: Remove moving_lock to show that binary is completed
-      file:
+      ansible.builtin.file:
         path: "{{ atl_product_home_shared_moving_lock }}"
         state: absent
       when:
@@ -240,14 +239,14 @@
       register: moving_lock_removed
 
     - name: Delete old temp installer
-      file:
+      ansible.builtin.file:
         path: "{{ atl_product_temp_download }}"
         state: absent
       when: moving_lock_removed is succeeded
       register: temp_deleted
 
     - name: Set install to home_shared location
-      set_fact:
+      ansible.builtin.set_fact:
         atl_product_download: "{{ atl_product_home_shared_download }}"
       when: temp_deleted is succeeded
 
@@ -256,17 +255,17 @@
 # At this point the binary is in {{ atl_product_download }}
 # (which is either on home_shared or temp)
 - name: Unpack the downloaded application depending on format
-  include_tasks: "unpack_{{ atl_download_format }}.yml"
+  ansible.builtin.include_tasks: "unpack_{{ atl_download_format }}.yml"
 
 - name: Symlink the installed version to current
-  file:
+  ansible.builtin.file:
     src: "{{ atl_product_installation_versioned }}"
     dest: "{{ atl_product_installation_current }}"
     state: link
     force: true
 
 - name: "Ensure catalina.out log dir exists after product is installed (except bitbucket)"
-  file:
+  ansible.builtin.file:
     path: "{{ atl_product_installation_current }}/logs"
     state: directory
     mode: 0750
@@ -276,5 +275,5 @@
   changed_when: false  # For Molecule idempotence check
 
 - name: Include if jsd is requested to be installed from OBR
-  include_tasks: "jira-servicedesk_as_obr.yml"
+  ansible.builtin.include_tasks: "jira-servicedesk_as_obr.yml"
   when: atl_install_jsd_as_obr

roles/product_install/tasks/product_version_latest.yml

@@ -5,9 +5,9 @@
 # product that supports the standard marketplace API.
 
 - name: Fetch the latest version from URL
-  set_fact:
+  ansible.builtin.set_fact:
     atl_product_version_json: "{{ lookup('url', '{{ atl_product_latest_version_url }}') }}"
 
 - name: Set the local var to retrieved version
-  set_fact:
+  ansible.builtin.set_fact:
     atl_latest_version: "{{ atl_product_version_json._embedded.versions[0].name }}"

roles/product_install/tasks/unpack_installer.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Create installer varfile
-  template:
+  ansible.builtin.template:
     src: "{{ atl_product_family }}.varfile.j2"
     dest: "{{ atl_product_varfile }}"
     mode: 0755
@@ -13,7 +13,7 @@
 # The variable {{ atl_product_download }} will be on temp for first nodes and shared_home for
 # subsequent nodes.
 - name: Run the installer
-  command: /bin/sh "{{ atl_product_download }}" -q -varfile "{{ atl_product_varfile }}"
+  ansible.builtin.command: /bin/sh "{{ atl_product_download }}" -q -varfile "{{ atl_product_varfile }}"
   args:
     creates: "{{ atl_product_installation_versioned }}/.install4j/"
   become: true

roles/product_install/tasks/unpack_tarball.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Unpack the product packages
-  unarchive:
+  ansible.builtin.unarchive:
     remote_src: true
     src: "{{ atl_product_download }}"
     dest: "{{ atl_product_installation_versioned }}"

roles/product_startup/handlers/main.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Restart Product
-  service:
+  ansible.builtin.service:
     name: "{{ atl_systemd_service_name }}"
     state: restarted
   when:
@@ -10,7 +10,7 @@
   no_log: true
 
 - name: Enable Product
-  service:
+  ansible.builtin.service:
     name: "{{ atl_systemd_service_name }}"
     enabled: true
   when:

roles/product_startup/molecule/bitbucket/converge.yml

@@ -27,7 +27,7 @@
 
   pre_tasks:
     - name: Create systemd dir if necessary
-      file:
+      ansible.builtin.file:
         path: "{{ item }}"
         state: directory
       with_items:

roles/product_startup/molecule/default/converge.yml

@@ -10,7 +10,7 @@
 
   pre_tasks:
     - name: Create systemd dir if necessary
-      file:
+      ansible.builtin.file:
         path: "{{ item }}"
         state: directory
       with_items:
@@ -21,17 +21,17 @@
     - role: product_startup
 
   post_tasks:
-    - include_vars: ../../defaults/main.yml
+    - ansible.builtin.include_vars: ../../defaults/main.yml
 
     # workaround Molecule idempotence check
     # normal pattern of setting changed_when allows file to be written twice, which takes extra time
     - name: Check if vars have already been dumped
-      stat:
+      ansible.builtin.stat:
         path: "{{ ansible_vars_dump_location }}"
       register: ansible_vars_stat_result
 
     - name: Dump vars to file for inspection
-      copy:
+      ansible.builtin.copy:
         content: |
           {{ vars | to_nice_yaml }}
         dest: "{{ ansible_vars_dump_location }}"

roles/product_startup/molecule/startup_restart_false/converge.yml

@@ -10,17 +10,17 @@
     ansible_vars_dump_location: "/tmp/ansible-vars.yml"
 
   tasks:
-    - include_vars: ../../defaults/main.yml
+    - ansible.builtin.include_vars: ../../defaults/main.yml
 
     # workaround Molecule idempotence check
     # normal pattern of setting changed_when allows file to be written twice, which takes extra time
     - name: Check if vars have already been dumped
-      stat:
+      ansible.builtin.stat:
         path: "{{ ansible_vars_dump_location }}"
       register: ansible_vars_stat_result
 
     - name: Dump vars to file for inspection
-      copy:
+      ansible.builtin.copy:
         content: |
           {{ vars | to_nice_yaml }}
         dest: "{{ ansible_vars_dump_location }}"

roles/product_startup/molecule/synchrony/converge.yml

@@ -19,7 +19,7 @@
 
   pre_tasks:
     - name: Create systemd dir if necessary
-      file:
+      ansible.builtin.file:
         path: "{{ item }}"
         state: directory
       with_items:

roles/product_startup/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: "Install systemd service file"
-  template:
+  ansible.builtin.template:
     src: "product.service.j2"
     dest: "{{ atl_systemd_service_dir }}/{{ atl_systemd_service_name }}"
     owner: root

roles/synchrony_config/tasks/main.yml

@@ -1,14 +1,14 @@
 ---
 
 - name: Install the startup wrapper script
-  copy:
+  ansible.builtin.copy:
     src: start-synchrony
     dest: "{{ atl_product_installation_current }}/bin/start-synchrony"
     group: "{{ atl_product_user }}"
     mode: "0750"
 
 - name: Install the Synchrony environment settings
-  template:
+  ansible.builtin.template:
     src: "atl.synchrony.j2"
     dest: "/etc/atl.synchrony"
     group: "{{ atl_product_user }}"