diff --git a/.yamllint b/.yamllint new file mode 100644 index 000000000..90c14192d --- /dev/null +++ b/.yamllint @@ -0,0 +1,12 @@ +extends: default + +rules: + braces: + min-spaces-inside: 1 + max-spaces-inside: 1 + indentation: + indent-sequences: whatever + line-length: + max: 125 + truthy: + allowed-values: ['true', 'false', 'yes', 'no'] diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/host_vars/default.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/host_vars/default.yml index 1561c04f3..34960ebfa 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/host_vars/default.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/host_vars/default.yml @@ -70,8 +70,8 @@ management_multicast_subnet: 239.1.1.0/28 # mangement_multicast_start_address: # management_multicast_end_address: -# Management network address allocation (True = dynamic, False = static) -dynamic_address_allocation: True +# Management network address allocation (true = dynamic, false = static) +dynamic_address_allocation: true # DOCKER PROXIES # ============== @@ -128,7 +128,7 @@ docker_registries: docker.io: # unified: example.domain -#is_secure_registry: True +# is_secure_registry: True # Certificates # ================= @@ -144,7 +144,7 @@ docker_registries: # The supported certificates are: # - ssl_ca_cert # -#ssl_ca_cert: /path/to/ssl_ca_cert_file +# ssl_ca_cert: /path/to/ssl_ca_cert_file # ADMIN CREDENTIALS # ================= diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/bringup_flock_services.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/bringup_flock_services.yml index 59b1eca2a..462e1c205 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/bringup_flock_services.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/bringup_flock_services.yml @@ -48,6 +48,6 @@ - name: Restart Maintenance Client command: /etc/init.d/mtcClient restart - environment: # block environment + environment: # block environment OCF_ROOT: "/usr/lib/ocf" OCF_RESKEY_state: "active" diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/bringup_helm.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/bringup_helm.yml index f14e96e81..f73afa600 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/bringup_helm.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/bringup_helm.yml @@ -40,7 +40,7 @@ recurse: yes owner: www group: root - #mode: 1700 + # mode: 1700 - name: Ensure /www/var exists file: diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/load_images_from_archive.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/load_images_from_archive.yml index bb07419b8..76ad29063 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/load_images_from_archive.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/load_images_from_archive.yml @@ -30,8 +30,8 @@ paths: "{{ images_dir }}" patterns: "*.tar" register: archive_find_output - #run_once: true - #delegate_to: localhost + # run_once: true + # delegate_to: localhost - name: Load system images # Due to docker_image module deficiency, resort to shell diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/main.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/main.yml index 80582fd91..6713d421c 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/main.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/bringup-essential-services/tasks/main.yml @@ -70,7 +70,9 @@ timeout: "{{ pods_wait_time }}" - name: Start parallel tasks to wait for Kubernetes component, Networking and Tiller pods to reach ready state - command: kubectl --kubeconfig=/etc/kubernetes/admin.conf wait --namespace=kube-system --for=condition=Ready pods --selector {{ item }} --timeout=30s + command: >- + kubectl --kubeconfig=/etc/kubernetes/admin.conf wait --namespace=kube-system + --for=condition=Ready pods --selector {{ item }} --timeout=30s async: 30 poll: 0 with_items: diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/persist-config/tasks/main.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/persist-config/tasks/main.yml index 4934c2ec7..63985efe9 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/persist-config/tasks/main.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/persist-config/tasks/main.yml @@ -189,8 +189,8 @@ - block: - name: Copy ssl_ca certificate copy: - src: "{{ ssl_ca_cert }}" - dest: "{{ temp_ssl_ca }}" + src: "{{ ssl_ca_cert }}" + dest: "{{ temp_ssl_ca }}" - name: Remove ssl_ca complete flag file: diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/persist-config/tasks/shutdown_services.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/persist-config/tasks/shutdown_services.yml index bfa81ea8f..ee5624c94 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/persist-config/tasks/shutdown_services.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/persist-config/tasks/shutdown_services.yml @@ -9,7 +9,7 @@ # against loopback interface upon network/docker config changes. # -- block: # Shut down essential flock services +- block: # Shut down essential flock services - name: Shutdown Maintenance services command: /usr/lib/ocf/resource.d/platform/mtcAgent stop @@ -24,7 +24,7 @@ OCF_RESKEY_state: "active" -- block: # Revert changes done by kubeadm init, clear data cache +- block: # Revert changes done by kubeadm init, clear data cache - name: Shut down and remove Kubernetes components command: kubeadm reset -f @@ -43,10 +43,16 @@ - name: Set facts derived from previous network configurations set_fact: prev_management_subnet_prefix: "{{ prev_management_subnet | ipaddr('prefix') }}" - prev_controller_floating_address: "{{ (prev_management_subnet | ipaddr(2)).split('/')[0] if prev_management_start_address == 'derived' else prev_management_start_address }}" - prev_cluster_floating_address: "{{ (prev_cluster_host_subnet | ipaddr(2)).split('/')[0] if prev_cluster_host_start_address == 'derived' else prev_cluster_host_start_address }}" + prev_controller_floating_address: + "{{ (prev_management_subnet | ipaddr(2)).split('/')[0] + if prev_management_start_address == 'derived' else prev_management_start_address }}" + prev_cluster_floating_address: + "{{ (prev_cluster_host_subnet | ipaddr(2)).split('/')[0] + if prev_cluster_host_start_address == 'derived' else prev_cluster_host_start_address }}" prev_cluster_subnet_prefix: "{{ prev_cluster_host_subnet | ipaddr('prefix') }}" - prev_controller_pxeboot_floating_address: "{{ (prev_pxeboot_subnet | ipaddr(2)).split('/')[0] if prev_pxeboot_start_address == 'derived' else prev_pxeboot_start_address }}" + prev_controller_pxeboot_floating_address: + "{{ (prev_pxeboot_subnet | ipaddr(2)).split('/')[0] + if prev_pxeboot_start_address == 'derived' else prev_pxeboot_start_address }}" prev_pxe_subnet_prefix: "{{ prev_pxeboot_subnet | ipaddr('prefix') }}" - name: Set facts derived from previous floating addresses diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/prepare-env/handlers/main.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/prepare-env/handlers/main.yml index 127f8e845..9035b8cc4 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/prepare-env/handlers/main.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/prepare-env/handlers/main.yml @@ -1,3 +1,9 @@ +--- +# +# Copyright (c) 2019 Wind River Systems, Inc. +# +# SPDX-License-Identifier: Apache-2.0 +# - name: 'Fail if cgts-vg group is not found' fail: msg='Volume groups not configured.' when: vg_result.rc != 0 diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/prepare-env/tasks/main.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/prepare-env/tasks/main.yml index 6a8b90961..50e4f06ec 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/prepare-env/tasks/main.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/prepare-env/tasks/main.yml @@ -266,7 +266,7 @@ failed_when: false register: host_check - - block: # system has been configured + - block: # system has been configured - name: Set flag to indicate that this host has been previously configured set_fact: reconfigured: true @@ -396,7 +396,7 @@ when: last_config_file.stat.exists when: host_check.rc == 0 - when: replayed # bootstrap manifest has been applied + when: replayed # bootstrap manifest has been applied - name: Check volume groups command: vgdisplay cgts-vg diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/store-passwd/tasks/main.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/store-passwd/tasks/main.yml index 1651d36a4..9d8a7faae 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/store-passwd/tasks/main.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/store-passwd/tasks/main.yml @@ -61,7 +61,7 @@ - name: Set password regex description fact set_fact: - password_regex_desc: "ADMIN_PASSWORD: Password does not meet complexity criteria." + password_regex_desc: "ADMIN_PASSWORD: Password does not meet complexity criteria." when: description_result.stdout == "" - name: Validate admin password diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/validate-config/tasks/main.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/validate-config/tasks/main.yml index 7faad1d4d..243d59799 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/validate-config/tasks/main.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/validate-config/tasks/main.yml @@ -190,55 +190,110 @@ set_fact: address_pairs: pxeboot: - start: "{{ pxeboot_start_address if pxeboot_start_address != 'derived' else default_pxeboot_start_address }}" - end: "{{ pxeboot_end_address if pxeboot_end_address != 'derived' else default_pxeboot_end_address }}" + start: + "{{ pxeboot_start_address if pxeboot_start_address != 'derived' + else default_pxeboot_start_address }}" + end: + "{{ pxeboot_end_address if pxeboot_end_address != 'derived' + else default_pxeboot_end_address }}" subnet: "{{ network_params.pxeboot_subnet }}" - use_default: "{{ true if pxeboot_start_address == 'derived' and pxeboot_end_address == 'derived' else false }}" + use_default: + "{{ true if pxeboot_start_address == 'derived' and + pxeboot_end_address == 'derived' else false }}" management: - start: "{{ management_start_address if management_start_address != 'derived' else default_management_start_address }}" - end: "{{ management_end_address if management_end_address != 'derived' else default_management_end_address }}" + start: + "{{ management_start_address if management_start_address != 'derived' + else default_management_start_address }}" + end: + "{{ management_end_address if management_end_address != 'derived' + else default_management_end_address }}" subnet: "{{ network_params.management_subnet }}" - use_default: "{{ true if management_start_address == 'derived' and management_end_address == 'derived' else false }}" + use_default: + "{{ true if management_start_address == 'derived' and + management_end_address == 'derived' else false }}" cluster_host: - start: "{{ cluster_host_start_address if cluster_host_start_address != 'derived' else default_cluster_host_start_address }}" - end: "{{ cluster_host_end_address if cluster_host_end_address != 'derived' else default_cluster_host_end_address}}" + start: + "{{ cluster_host_start_address if cluster_host_start_address != 'derived' + else default_cluster_host_start_address }}" + end: + "{{ cluster_host_end_address if cluster_host_end_address != 'derived' + else default_cluster_host_end_address}}" subnet: "{{ network_params.cluster_host_subnet }}" - use_default: "{{ true if cluster_host_start_address == 'derived' and cluster_host_end_address == 'derived' else false }}" + use_default: + "{{ true if cluster_host_start_address == 'derived' and + cluster_host_end_address == 'derived' else false }}" cluster_pod: - start: "{{ cluster_pod_start_address if cluster_pod_start_address != 'derived' else default_cluster_pod_start_address }}" - end: "{{ cluster_pod_end_address if cluster_pod_end_address != 'derived' else default_cluster_pod_end_address }}" + start: + "{{ cluster_pod_start_address if cluster_pod_start_address != 'derived' + else default_cluster_pod_start_address }}" + end: + "{{ cluster_pod_end_address if cluster_pod_end_address != 'derived' + else default_cluster_pod_end_address }}" subnet: "{{ network_params.cluster_pod_subnet }}" - use_default: "{{ true if cluster_pod_start_address == 'derived' and cluster_pod_end_address == 'derived' else false }}" + use_default: + "{{ true if cluster_pod_start_address == 'derived' and + cluster_pod_end_address == 'derived' else false }}" cluster_service: - start: "{{ cluster_service_start_address if cluster_service_start_address != 'derived' else default_cluster_service_start_address }}" - end: "{{ cluster_service_end_address if cluster_service_end_address != 'derived' else default_cluster_service_end_address }}" + start: + "{{ cluster_service_start_address if cluster_service_start_address != 'derived' + else default_cluster_service_start_address }}" + end: + "{{ cluster_service_end_address if cluster_service_end_address != 'derived' + else default_cluster_service_end_address }}" subnet: "{{ network_params.cluster_service_subnet }}" - use_default: "{{ true if cluster_service_start_address == 'derived' and cluster_service_end_address == 'derived' else false }}" + use_default: + "{{ true if cluster_service_start_address == 'derived' and + cluster_service_end_address == 'derived' else false }}" oam: - start: "{{ external_oam_start_address if external_oam_start_address != 'derived' else default_external_oam_start_address }}" - end: "{{ external_oam_end_address if external_oam_end_address != 'derived' else default_external_oam_end_address }}" + start: + "{{ external_oam_start_address if external_oam_start_address != 'derived' + else default_external_oam_start_address }}" + end: + "{{ external_oam_end_address if external_oam_end_address != 'derived' + else default_external_oam_end_address }}" subnet: "{{ network_params.external_oam_subnet }}" - use_default: "{{ true if external_oam_start_address == 'derived' and external_oam_end_address == 'derived' else false }}" + use_default: + "{{ true if external_oam_start_address == 'derived' and + external_oam_end_address == 'derived' else false }}" multicast: - start: "{{ management_multicast_start_address if management_multicast_start_address != 'derived' else default_management_multicast_start_address }}" - end: "{{ management_multicast_end_address if management_multicast_end_address != 'derived' else default_management_multicast_end_address }}" + start: + "{{ management_multicast_start_address if management_multicast_start_address != 'derived' + else default_management_multicast_start_address }}" + end: + "{{ management_multicast_end_address if management_multicast_end_address != 'derived' + else default_management_multicast_end_address }}" subnet: "{{ network_params.management_multicast_subnet }}" - use_default: "{{ true if management_multicast_start_address == 'derived' and management_multicast_end_address == 'derived' else false }}" + use_default: + "{{ true if management_multicast_start_address == 'derived' and + management_multicast_end_address == 'derived' else false }}" oam_node: - start: "{{ external_oam_node_0_address if external_oam_node_0_address != 'derived' else default_external_oam_node_0_address }}" - end: "{{ external_oam_node_1_address if external_oam_node_1_address != 'derived' else default_external_oam_node_1_address }}" + start: + "{{ external_oam_node_0_address if external_oam_node_0_address != 'derived' + else default_external_oam_node_0_address }}" + end: + "{{ external_oam_node_1_address if external_oam_node_1_address != 'derived' + else default_external_oam_node_1_address }}" subnet: "{{ network_params.external_oam_subnet }}" - use_default: "{{ true if external_oam_node_0_address == 'derived' and external_oam_node_1_address == 'derived' else false }}" + use_default: + "{{ true if external_oam_node_0_address == 'derived' and + external_oam_node_1_address == 'derived' else false }}" - include: validate_address_range.yml with_dict: "{{ address_pairs }}" - name: Set floating addresses based on subnets or start addresses set_fact: - # Not sure why ipaddr('address') and ipsubnet filter did not extract the IP from CIDR input. Resort to string split for now. - controller_floating_address: "{{ (management_subnet | ipaddr(2)).split('/')[0] if management_start_address == 'derived' else management_start_address }}" - controller_pxeboot_floating_address: "{{ (pxeboot_subnet | ipaddr(2)).split('/')[0] if pxeboot_start_address == 'derived' else pxeboot_start_address }}" - cluster_floating_address: "{{ (cluster_host_subnet | ipaddr(2)).split('/')[0] if cluster_host_start_address == 'derived' else cluster_host_start_address }}" + # Not sure why ipaddr('address') and ipsubnet filter did not extract + # the IP from CIDR input. Resort to string split for now. + controller_floating_address: + "{{ (management_subnet | ipaddr(2)).split('/')[0] if management_start_address == 'derived' + else management_start_address }}" + controller_pxeboot_floating_address: + "{{ (pxeboot_subnet | ipaddr(2)).split('/')[0] if pxeboot_start_address == 'derived' + else pxeboot_start_address }}" + cluster_floating_address: + "{{ (cluster_host_subnet | ipaddr(2)).split('/')[0] if cluster_host_start_address == 'derived' + else cluster_host_start_address }}" - name: Set derived facts for subsequent tasks/roles set_fact: @@ -280,10 +335,18 @@ - block: - set_fact: use_default_registries: true - k8s_registry: "{{ docker_registries[default_k8s_registry] if docker_registries[default_k8s_registry] is not none else default_k8s_registry }}" - gcr_registry: "{{ docker_registries[default_gcr_registry] if docker_registries[default_gcr_registry] is not none else default_gcr_registry }}" - quay_registry: "{{ docker_registries[default_quay_registry] if docker_registries[default_quay_registry] is not none else default_quay_registry }}" - docker_registry: "{{ docker_registries[default_docker_registry] if docker_registries[default_docker_registry] is not none else default_docker_registry }}" + k8s_registry: + "{{ docker_registries[default_k8s_registry] if docker_registries[default_k8s_registry] is not none + else default_k8s_registry }}" + gcr_registry: + "{{ docker_registries[default_gcr_registry] if docker_registries[default_gcr_registry] is not none + else default_gcr_registry }}" + quay_registry: + "{{ docker_registries[default_quay_registry] if docker_registries[default_quay_registry] is not none + else default_quay_registry }}" + docker_registry: + "{{ docker_registries[default_docker_registry] if docker_registries[default_docker_registry] is not none + else default_docker_registry }}" default_no_proxy: - localhost - 127.0.0.1 @@ -331,13 +394,13 @@ - name: Default the unified registry to secure if not specified set_fact: - is_secure_registry: True + is_secure_registry: true when: is_secure_registry is not defined - name: Turn on use_unified_registry flag set_fact: use_unified_registry: true - k8s_registry: "{{ docker_registries['unified'] }}" + k8s_registry: "{{ docker_registries['unified'] }}" gcr_registry: "{{ docker_registries['unified'] }}" quay_registry: "{{ docker_registries['unified'] }}" docker_registry: "{{ docker_registries['unified'] }}" diff --git a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/validate-config/vars/main.yml b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/validate-config/vars/main.yml index 7c994d46f..d4c0c47f1 100644 --- a/playbookconfig/playbookconfig/playbooks/bootstrap/roles/validate-config/vars/main.yml +++ b/playbookconfig/playbookconfig/playbooks/bootstrap/roles/validate-config/vars/main.yml @@ -9,4 +9,4 @@ minimum_ipv6_prefix_length: 64 private_pxeboot_subnet: 169.254.202.0/24 pxecontroller_floating_hostname: pxecontroller -use_entire_pxeboot_subnet: True +use_entire_pxeboot_subnet: true diff --git a/tox.ini b/tox.ini index 54de3c2d8..90ae01a79 100644 --- a/tox.ini +++ b/tox.ini @@ -25,6 +25,7 @@ commands = bash -c "find {toxinidir} \ -path '{toxinidir}/.tox' -a -prune \ -o -name '*.yaml' \ + -o -name '*.yml' \ -print0 | xargs -0 yamllint" [testenv:pep8]