diff --git a/ansible.cfg b/ansible.cfg index 226c188..06857ac 100644 --- a/ansible.cfg +++ b/ansible.cfg @@ -1,5 +1,4 @@ [defaults] retry_files_enabled = False -callback_whitelist = profile_tasks -conditional_bare_variables = True +callbacks_enabled = profile_tasks collections_paths = ./ diff --git a/aws_bitbucket_dc_node.yml b/aws_bitbucket_dc_node.yml index 3e75299..3242007 100644 --- a/aws_bitbucket_dc_node.yml +++ b/aws_bitbucket_dc_node.yml @@ -34,7 +34,7 @@ - role: aws_common # For Bitbucket DC clusters that store repos on Bitbucket Mesh(https://confluence.atlassian.com/bitbucketserver/bitbucket-data-center-and-server-8-0-release-notes-1115659343.html#BitbucketDataCenterandServer8.0releasenotes-mesh), # nodes may be setup to use EFS instead of NFS for shared_home by not defining 'atl_fileserver_host' - - { role: aws_shared_fs_config, when: (atl_fileserver_host is not defined or atl_fileserver_host |length == 0) and (atl_efs_id|length > 0) } + - { role: aws_shared_fs_config, when: (atl_fileserver_host is not defined or atl_fileserver_host | length == 0) and (atl_efs_id | length > 0) } - { role: nfs_mount, when : (atl_fileserver_host is defined) and (atl_fileserver_host|length > 0) } - role: product_common - role: product_install diff --git a/group_vars/aws_node_local.yml b/group_vars/aws_node_local.yml index 18cc082..fca7c2b 100644 --- a/group_vars/aws_node_local.yml +++ b/group_vars/aws_node_local.yml @@ -38,7 +38,7 @@ atl_installer_temp: "{{ atl_installation_base }}/tmp" # installed and linked to `/usr/lib/jvm/java`. # See product_common/task/ubuntu.yml for an example of apropriate # linking using `alternatives`. -atl_java_home: "{{ '/usr/lib/jvm/java' if atl_use_system_jdk else (atl_product_installation_current + '/jre') }}" +atl_java_home: "{{ '/usr/lib/jvm/java' if atl_use_system_jdk | bool else (atl_product_installation_current + '/jre') }}" atl_java_binary: "{{ atl_java_home }}/bin/java" atl_product_logs_default: &logs_default @@ -79,8 +79,8 @@ atl_aws_region: "{{ lookup('env', 'ATL_AWS_REGION') }}" atl_aws_iam_role: "{{ lookup('env', 'ATL_AWS_IAM_ROLE') }}" atl_aws_iam_role_arn: "{{ lookup('env', 'ATL_AWS_IAM_ROLE_ARN') }}" -atl_aws_enable_cloudwatch: "{{ lookup('env', 'ATL_AWS_ENABLE_CLOUDWATCH')|bool or false }}" -atl_aws_enable_cloudwatch_logs: "{{ lookup('env', 'ATL_AWS_ENABLE_CLOUDWATCH_LOGS')|bool or false }}" +atl_aws_enable_cloudwatch: "{{ lookup('env', 'ATL_AWS_ENABLE_CLOUDWATCH') | bool or false }}" +atl_aws_enable_cloudwatch_logs: "{{ lookup('env', 'ATL_AWS_ENABLE_CLOUDWATCH_LOGS') | bool or false }}" atl_db_engine: "{{ lookup('env', 'ATL_DB_ENGINE') }}" atl_db_host: "{{ lookup('env', 'ATL_DB_HOST') }}" @@ -100,7 +100,7 @@ atl_db_timebetweenevictionrunsmillis: "{{ lookup('env', 'ATL_DB_TIMEBETWEENEVICT atl_db_minevictableidletimemillis: "{{ lookup('env', 'ATL_DB_MINEVICTABLEIDLETIMEMILLIS') or '5000' }}" atl_db_removeabandoned: "{{ lookup('env', 'ATL_DB_REMOVEABANDONED') or 'true' }}" atl_db_removeabandonedtimeout: "{{ lookup('env', 'ATL_DB_REMOVEABANDONEDTIMEOUT') or '300' }}" -atl_db_testwhileidle: "{{ lookup('env', 'ATL_DB_TESTWHILEIDLE') or 'true'}}" +atl_db_testwhileidle: "{{ lookup('env', 'ATL_DB_TESTWHILEIDLE') or 'true' }}" atl_db_testonborrow: "{{ lookup('env', 'ATL_DB_TESTONBORROW') or 'false' }}" atl_db_engine_to_db_type_map: aurora_postgres: "postgresaurora96" @@ -116,7 +116,7 @@ atl_jdbc_ctype: "{{ lookup('env', 'ATL_JDBC_CTYPE') or 'en_US.UTF-8' }}" atl_jdbc_template: "{{ lookup('env', 'ATL_JDBC_TEMPLATE') or 'template1' }}" atl_jdbc_query_params_for_engine: aurora_postgres: "?targetServerType=master" -atl_jdbc_url: "jdbc:postgresql://{{ atl_db_host }}:{{ atl_db_port }}/{{ atl_jdbc_db_name }}{{ atl_jdbc_query_params_for_engine[atl_db_engine]| default('') }}" +atl_jdbc_url: "jdbc:postgresql://{{ atl_db_host }}:{{ atl_db_port }}/{{ atl_jdbc_db_name }}{{ atl_jdbc_query_params_for_engine[atl_db_engine] | default('') }}" atl_jvm_heap: "{{ lookup('env', 'ATL_JVM_HEAP') or '2048m' }}" atl_jvm_opts: "{{ lookup('env', 'ATL_JVM_OPTS') or '' }}" diff --git a/roles/aws_common/handlers/main.yml b/roles/aws_common/handlers/main.yml index 74c5079..9ca3cf0 100644 --- a/roles/aws_common/handlers/main.yml +++ b/roles/aws_common/handlers/main.yml @@ -5,11 +5,11 @@ name: "amazon-cloudwatch-agent.service" daemon_reload: true enabled: true - when: atl_aws_agent_restart + when: atl_aws_agent_restart | bool - name: Restart CloudWatch Agent ansible.builtin.systemd: name: "amazon-cloudwatch-agent.service" enabled: true state: restarted - when: atl_aws_agent_restart + when: atl_aws_agent_restart | bool diff --git a/roles/aws_common/tasks/amazon.yml b/roles/aws_common/tasks/amazon.yml index de1195a..264a773 100644 --- a/roles/aws_common/tasks/amazon.yml +++ b/roles/aws_common/tasks/amazon.yml @@ -15,7 +15,7 @@ ansible.builtin.yum: name: - "{{ aws_cloudwatch_agent_rpm }}" - when: atl_aws_enable_cloudwatch is defined and atl_aws_enable_cloudwatch + when: atl_aws_enable_cloudwatch is defined and atl_aws_enable_cloudwatch | bool notify: - Enable CloudWatch Agent vars: diff --git a/roles/aws_common/tasks/main.yml b/roles/aws_common/tasks/main.yml index dce57fb..74206e3 100644 --- a/roles/aws_common/tasks/main.yml +++ b/roles/aws_common/tasks/main.yml @@ -20,7 +20,7 @@ owner: root group: root mode: 0644 - when: atl_aws_enable_cloudwatch is defined and atl_aws_enable_cloudwatch + when: atl_aws_enable_cloudwatch is defined and atl_aws_enable_cloudwatch | bool notify: - Restart CloudWatch Agent diff --git a/roles/aws_common/tasks/write-tags.yml b/roles/aws_common/tasks/write-tags.yml index 3c43498..7d68d13 100644 --- a/roles/aws_common/tasks/write-tags.yml +++ b/roles/aws_common/tasks/write-tags.yml @@ -16,7 +16,7 @@ - block: # No existing timestamp, so this is a first run. Persist some metadata into the ASG. - - name: Fetch the git revision for this repo + - name: Fetch the git revision for this repo # noqa: command-instead-of-module no-changed-when ansible.builtin.command: cmd: git rev-parse HEAD register: git_out @@ -40,7 +40,7 @@ # Set the tags on the ASG and the local instance. We need to # ignore errors as it's possible we don't have the permissions, # and we can't check up-front. - - name: Set the first-run tags on the ASG ("FAIL" is not critical) + - name: Set the first-run tags on the ASG ("FAIL" is not critical) # noqa: no-changed-when ansible.builtin.command: "aws autoscaling create-or-update-tags --region {{ ansible_ec2_placement_region }} diff --git a/roles/aws_common/templates/amazon-cloudwatch-agent.json.j2 b/roles/aws_common/templates/amazon-cloudwatch-agent.json.j2 index cebec1e..5b86b94 100644 --- a/roles/aws_common/templates/amazon-cloudwatch-agent.json.j2 +++ b/roles/aws_common/templates/amazon-cloudwatch-agent.json.j2 @@ -4,7 +4,7 @@ "run_as_user": "root" }, - {% if atl_aws_enable_cloudwatch_logs is defined and atl_aws_enable_cloudwatch_logs %} + {% if atl_aws_enable_cloudwatch_logs is defined and atl_aws_enable_cloudwatch_logs | bool %} "logs": { "logs_collected": { "files": { diff --git a/roles/aws_shared_fs_config/meta/main.yml b/roles/aws_shared_fs_config/meta/main.yml index b0f4ac0..8644a1f 100644 --- a/roles/aws_shared_fs_config/meta/main.yml +++ b/roles/aws_shared_fs_config/meta/main.yml @@ -1,3 +1,3 @@ --- dependencies: - - aws_common + - role: aws_common diff --git a/roles/bitbucket_config/meta/main.yml b/roles/bitbucket_config/meta/main.yml index ca5ee97..ad54581 100644 --- a/roles/bitbucket_config/meta/main.yml +++ b/roles/bitbucket_config/meta/main.yml @@ -1,4 +1,4 @@ --- dependencies: - - bitbucket_common + - role: bitbucket_common diff --git a/roles/bitbucket_config/templates/bitbucket.properties.j2 b/roles/bitbucket_config/templates/bitbucket.properties.j2 index df7b88c..1a5ef04 100644 --- a/roles/bitbucket_config/templates/bitbucket.properties.j2 +++ b/roles/bitbucket_config/templates/bitbucket.properties.j2 @@ -13,7 +13,7 @@ hazelcast.network.aws.tag.value={{ atl_aws_stack_name }} hazelcast.group.name={{ atl_aws_stack_name }} hazelcast.group.password={{ atl_aws_stack_name }} plugin.search.elasticsearch.baseurl={{ atl_elasticsearch_endpoint }} -{% if elasticsearch_should_auth_with_iam %} +{% if elasticsearch_should_auth_with_iam | bool %} plugin.search.elasticsearch.aws.region={{ atl_aws_region }} {% else %} plugin.search.elasticsearch.username={{ atl_elasticsearch_username }} diff --git a/roles/bitbucket_dataset_restore/meta/main.yml b/roles/bitbucket_dataset_restore/meta/main.yml index ca5ee97..ad54581 100644 --- a/roles/bitbucket_dataset_restore/meta/main.yml +++ b/roles/bitbucket_dataset_restore/meta/main.yml @@ -1,4 +1,4 @@ --- dependencies: - - bitbucket_common + - role: bitbucket_common diff --git a/roles/confluence_config/defaults/main.yml b/roles/confluence_config/defaults/main.yml index d755769..c3fc9c1 100644 --- a/roles/confluence_config/defaults/main.yml +++ b/roles/confluence_config/defaults/main.yml @@ -33,7 +33,7 @@ atl_catalina_opts_extra: >- -Dsynchrony.proxy.enabled=false -Dconfluence.cluster.node.name={{ atl_local_ipv4 }} -Dconfluence.cluster.hazelcast.max.no.heartbeat.seconds=60 - {% if atl_synchrony_service_url|string|length %}-Dsynchrony.service.url={{ atl_synchrony_service_url }}{% endif %} + {% if atl_synchrony_service_url | string | length %}-Dsynchrony.service.url={{ atl_synchrony_service_url }}{% endif %} atl_tomcat_port: "8080" atl_tomcat_mgmt_port: "8005" diff --git a/roles/confluence_config/tasks/main.yml b/roles/confluence_config/tasks/main.yml index c23377f..be91bd3 100644 --- a/roles/confluence_config/tasks/main.yml +++ b/roles/confluence_config/tasks/main.yml @@ -18,19 +18,16 @@ # shared-data and attachments in the shared drive. - name: Symlink local attachments to shared storage ansible.builtin.file: - src: "{{ item.0 }}" - dest: "{{ item.1 }}" + src: "{{ item.src }}" + dest: "{{ item.dest }}" force: false state: link mode: 0750 owner: "{{ atl_product_user }}" group: "{{ atl_product_user }}" - vars: - - links: - - ["{{ atl_product_home_shared }}/", "{{ atl_product_home }}/shared-home"] - - ["{{ atl_product_home_shared }}/attachments/", "{{ atl_product_home }}/attachments"] - with_nested: - - "{{ links }}" + loop: + - {src: "{{ atl_product_home_shared }}/", dest: "{{ atl_product_home }}/shared-home"} + - {src: "{{ atl_product_home_shared }}/attachments/", dest: "{{ atl_product_home }}/attachments"} - name: Create Tomcat server config ansible.builtin.template: diff --git a/roles/crowd_config/tasks/main.yml b/roles/crowd_config/tasks/main.yml index 46cf6e3..26b0412 100644 --- a/roles/crowd_config/tasks/main.yml +++ b/roles/crowd_config/tasks/main.yml @@ -31,7 +31,7 @@ - name: CATALINA_OPTS to list ansible.builtin.set_fact: - catalina_ops_list: "{{ catalina_ops_list|default([]) }} + {{ (item | trim | regex_replace('^-')).split(' -') }}" + catalina_ops_list: "{{ catalina_ops_list | default([]) }} + {{ (item | trim | regex_replace('^-')).split(' -') }}" loop: - '{{ atl_catalina_opts }}' - '{{ atl_catalina_opts_extra }}' diff --git a/roles/database_init/tasks/main.yml b/roles/database_init/tasks/main.yml index 24903bb..cec9236 100644 --- a/roles/database_init/tasks/main.yml +++ b/roles/database_init/tasks/main.yml @@ -45,7 +45,7 @@ lc_ctype: "{{ atl_jdbc_ctype }}" template: "{{ atl_jdbc_template }}" register: db_created - when: "atl_jdbc_db_name not in (dbcluster_db_names.query_result | map(attribute='datname') )" + when: "atl_jdbc_db_name not in (dbcluster_db_names.query_result | map(attribute='datname'))" tags: - new_only diff --git a/roles/product_common/tasks/amazon.yml b/roles/product_common/tasks/amazon.yml index c47dfb2..950c522 100644 --- a/roles/product_common/tasks/amazon.yml +++ b/roles/product_common/tasks/amazon.yml @@ -27,7 +27,7 @@ path: "/usr/lib/jvm/temurin-{{ java_major_version }}-jdk" priority: 99 - when: atl_use_system_jdk + when: atl_use_system_jdk | bool tags: - runtime_pkg diff --git a/roles/product_common/tasks/ubuntu.yml b/roles/product_common/tasks/ubuntu.yml index ab69770..083e4fe 100644 --- a/roles/product_common/tasks/ubuntu.yml +++ b/roles/product_common/tasks/ubuntu.yml @@ -32,7 +32,7 @@ path: "/usr/lib/jvm/temurin-{{ java_major_version }}-jdk-{{ debian_architecture }}" priority: 99 - when: atl_use_system_jdk + when: atl_use_system_jdk | bool tags: - runtime_pkg diff --git a/roles/product_install/tasks/jira-servicedesk_as_obr.yml b/roles/product_install/tasks/jira-servicedesk_as_obr.yml index 43d1a85..d9ef2d7 100644 --- a/roles/product_install/tasks/jira-servicedesk_as_obr.yml +++ b/roles/product_install/tasks/jira-servicedesk_as_obr.yml @@ -168,7 +168,7 @@ # Otherwise directory lock was either already created or # could not be created. Fall back is to continue and install from temp - when: download_obr + when: download_obr | bool # If the intention is to move obr to home_shared - name: Move obr to home_shared @@ -209,7 +209,7 @@ atl_obr_download: "{{ atl_obr_shared_download }}" when: temp_deleted is succeeded - when: move_obr + when: move_obr | bool # At this point the binary is in {{ atl_obr_download }} # (which is either on home_shared or temp) @@ -238,14 +238,14 @@ mode: 0644 register: obr_unpack -- name: Move JSD dependency jars into the bundled-plugins dir # noqa 503 - ignore lint info about when changed +- name: Move JSD dependency jars into the bundled-plugins dir # noqa no-handler - ignore lint info about when changed ansible.builtin.copy: remote_src: yes src: "{{ atl_product_installation_versioned }}/atlassian-jira/WEB-INF/atlassian-bundled-plugins/dependencies/" dest: "{{ atl_product_installation_versioned }}/atlassian-jira/WEB-INF/atlassian-bundled-plugins/" when: obr_unpack.changed -- name: Remove the empty dependencies folder # noqa 503 - ignore lint info about when changed +- name: Remove the empty dependencies folder # noqa no-handler - ignore lint info about when changed ansible.builtin.file: path: "{{ atl_product_installation_versioned }}/atlassian-jira/WEB-INF/atlassian-bundled-plugins/dependencies" state: absent diff --git a/roles/product_install/tasks/main.yml b/roles/product_install/tasks/main.yml index 9a9521c..ffe3c25 100644 --- a/roles/product_install/tasks/main.yml +++ b/roles/product_install/tasks/main.yml @@ -35,7 +35,7 @@ - name: Fetch the latest edition version ansible.builtin.include_tasks: "{{ atl_product_edition }}_version_latest.yml" - when: not cached.stat.exists and version_is_latest + when: not cached.stat.exists and version_is_latest | bool ###################################################################### @@ -72,7 +72,7 @@ atl_download_version: "{{ atl_latest_version }}" when: not cached.stat.exists - when: version_is_latest + when: version_is_latest | bool - name: "Case: Version is not latest" block: @@ -100,14 +100,14 @@ atl_product_normalised_version is version(atl_cached_normalised_version, '<=') and not force_version_update | bool - when: not version_is_latest + when: not version_is_latest | bool - name: "Fallthrough guard: Use cached or supplied version if nothing set" ansible.builtin.set_fact: atl_download_version: "{{ atl_cached_version or atl_product_version }}" when: atl_download_version is not defined or - atl_download_version|length == 0 + atl_download_version | length == 0 - name: Override the supplied version with the calculated one ansible.builtin.set_fact: @@ -206,7 +206,7 @@ # Otherwise directory lock was either already created or # could not be created. Fall back is to continue and install from temp - when: download_binary + when: download_binary | bool # If the intention is to move binary to home_shared - name: Move product installer to home_shared @@ -250,7 +250,7 @@ atl_product_download: "{{ atl_product_home_shared_download }}" when: temp_deleted is succeeded - when: move_binary + when: move_binary | bool # At this point the binary is in {{ atl_product_download }} # (which is either on home_shared or temp) @@ -276,4 +276,4 @@ - name: Include if jsd is requested to be installed from OBR ansible.builtin.include_tasks: "jira-servicedesk_as_obr.yml" - when: atl_install_jsd_as_obr + when: atl_install_jsd_as_obr | bool diff --git a/roles/product_startup/defaults/main.yml b/roles/product_startup/defaults/main.yml index da7824c..7b3f329 100644 --- a/roles/product_startup/defaults/main.yml +++ b/roles/product_startup/defaults/main.yml @@ -24,7 +24,7 @@ atl_stop_exec_path: "{{ atl_product_installation_current }}/{{ atl_stop_script_m atl_systemd_service_dir_map: amazon: "/usr/lib/systemd/system" ubuntu: "/lib/systemd/system" -atl_systemd_service_dir: "{{ atl_systemd_service_dir_map[ansible_distribution|lower] }}" +atl_systemd_service_dir: "{{ atl_systemd_service_dir_map[ansible_distribution | lower] }}" atl_systemd_service_name: "{{ atl_product_edition }}.service" diff --git a/roles/product_startup/handlers/main.yml b/roles/product_startup/handlers/main.yml index d0864a8..6aad4f5 100644 --- a/roles/product_startup/handlers/main.yml +++ b/roles/product_startup/handlers/main.yml @@ -5,7 +5,7 @@ name: "{{ atl_systemd_service_name }}" state: restarted when: - - atl_startup_restart + - atl_startup_restart | bool - molecule_yml is not defined no_log: true @@ -14,6 +14,6 @@ name: "{{ atl_systemd_service_name }}" enabled: true when: - - atl_startup_enable + - atl_startup_enable | bool - molecule_yml is not defined no_log: true