ENVRI-Hub ansible linting

406db392 · František Dvořák · ace26e65 · 406db392 · 406db392 · 406db392
Commit 406db392 authored 5 months ago by František Dvořák
--- a/common/playbooks/notebooks-redirect.yaml
+++ b/common/playbooks/notebooks-redirect.yaml
@@ -51,4 +51,5 @@
                path: /(.*)
                pathType: Prefix
        EOF
+      changed_when: true
      when: notebooks_redirect is defined
--- a/envri-hub/inventory/99-all.yaml
+++ b/envri-hub/inventory/99-all.yaml
@@ -9,9 +9,12 @@ allnodes:

 all:
  vars:
-    ansible_become: yes
+    ansible_become: true
    ansible_user: ubuntu
-    ansible_ssh_common_args: '-o ProxyCommand="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -W %h:%p -q ubuntu@admin.envri-vre.cloud.cesnet.cz" -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'
+    ansible_ssh_common_args: >-
+      -o ProxyCommand="ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -W %h:%p -q ubuntu@admin.envri-vre.cloud.cesnet.cz"
+      -o StrictHostKeyChecking=no
+      -o UserKnownHostsFile=/dev/null'

    site_name: envri-hub
    vault_mount_point: secrets/users/e1662e20-e34b-468c-b0ce-d899bc878364@egi.eu/envri-hub

--- a/envri-hub/playbooks/k8s.yaml
+++ b/envri-hub/playbooks/k8s.yaml
@@ -4,7 +4,7 @@
  become: true
  tasks:
    - name: Add SSH keys
-      authorized_key:
+      ansible.posix.authorized_key:
        user: ubuntu
        state: present
        key: '{{ item }}'
@@ -43,6 +43,7 @@
      delay: 10
      environment:
        KUBECONFIG: /etc/kubernetes/admin.conf
+      changed_when: false
      when: true
    - name: Create custom fact directory
      file:
@@ -80,6 +81,7 @@
      environment:
        KUBECONFIG: /etc/kubernetes/admin.conf
        PATH: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
+      changed_when: true
      when: true
    - name: Cluster issuer file
      copy:
@@ -107,12 +109,14 @@
      environment:
        KUBECONFIG: /etc/kubernetes/admin.conf
        PATH: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
+      changed_when: true
      when: true
    # Accounting / monitoring needs
    - name: Helm repo add prometheus-community
      shell: |-
        helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
        helm repo update
+      changed_when: true
      when: "'prometheus-community' not in ansible_local.helm_repos | map(attribute='name') | list"
    - name: Prometheus configuration
      copy:
@@ -145,6 +149,7 @@
      environment:
        KUBECONFIG: /etc/kubernetes/admin.conf
        PATH: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
+      changed_when: true
      when: true
    - name: Grafana configuration
      copy:
@@ -163,17 +168,17 @@
              - "{{ grafana_hostname }}"
              secretName: acme-tls-grafana
          datasources:
-           datasources.yaml:
-             apiVersion: 1
-             datasources:
-              - name: Prometheus
-                type: prometheus
-                access: Server
-                orgId: 1
-                url: http://prometheus-server.prometheus.svc.cluster.local
-                isDefault: true
-                version: 1
-                editable: false
+            datasources.yaml:
+              apiVersion: 1
+              datasources:
+                - name: Prometheus
+                  type: prometheus
+                  access: Server
+                  orgId: 1
+                  url: http://prometheus-server.prometheus.svc.cluster.local
+                  isDefault: true
+                  version: 1
+                  editable: false
          sidecar:
            dashboards:
              enabled: true
@@ -196,4 +201,5 @@
      environment:
        KUBECONFIG: /etc/kubernetes/admin.conf
        PATH: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
+      changed_when: true
      when: true
--- a/envri-hub/playbooks/notebooks.yaml
+++ b/envri-hub/playbooks/notebooks.yaml
@@ -8,14 +8,15 @@
        helm repo add jupyterhub https://jupyterhub.github.io/helm-chart/
        helm repo add eginotebooks https://egi-federation.github.io/egi-notebooks-chart/
        helm repo update
+      changed_when: true
      when: "'jupyterhub' not in ansible_local.helm_repos | map(attribute='name') | list or
-             'eginotebooks' not in ansible_local.helm_repos | map(attribute='name') | list"
+            'eginotebooks' not in ansible_local.helm_repos | map(attribute='name') | list"
    - name: Get Secrets from Vault for notebooks
      vars:
        name: "{{ item | basename | splitext | first }}"
      set_fact:
-        deployment_secrets: "{{ deployment_secrets|default({}) | combine({name: lookup('community.hashi_vault.hashi_vault',
-          (vault_mount_point, 'deployment-' + name)  | join('/'),  token_validate=false)}) }}"
+        deployment_secrets: "{{ deployment_secrets | default({}) | combine({name: lookup('community.hashi_vault.hashi_vault',
+          (vault_mount_point, 'deployment-' + name) | join('/'), token_validate=false)}) }}"
      with_fileglob:
        - "../deployments/*.yaml"
    - name: Debug Deployments Secrets
@@ -35,13 +36,14 @@
    - name: Deploy/upgrade notebook instance
      vars:
        name: "{{ item | basename | splitext | first }}"
+        # keep in sync with ../deployments/*.yaml (original k8s-hub image version)
        version: "3.2.1" # app 4.0.2 (2023-11-27)
      shell: |-
        helm status --namespace {{ name }} {{ name }}
        if [ $? -ne 0 ]; then
            helm install --create-namespace --namespace {{ name }} \
                -f /tmp/{{ item | basename }} --version {{ version }} --timeout 2h \
-                 {{ name }} jupyterhub/jupyterhub
+                {{ name }} jupyterhub/jupyterhub
        else
            helm upgrade --version {{ version }} -f /tmp/{{ item | basename }} --timeout 2h \
                --namespace {{ name }} {{ name }} jupyterhub/jupyterhub
@@ -49,6 +51,7 @@
      environment:
        KUBECONFIG: /etc/kubernetes/admin.conf
        PATH: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
+      changed_when: true
      when: true
      with_fileglob:
        - "../deployments/*.yaml"
@@ -70,6 +73,7 @@
      environment:
        KUBECONFIG: /etc/kubernetes/admin.conf
        PATH: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
+      changed_when: true
      when: true
      with_fileglob:
        - "../deployments/*.yaml"
@@ -106,6 +110,7 @@
      environment:
        KUBECONFIG: /etc/kubernetes/admin.conf
        PATH: /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
+      changed_when: true
      when: true
      with_fileglob:
        - "../deployments/*.yaml"
@@ -127,4 +132,5 @@
        KUBECONFIG: /etc/kubernetes/admin.conf
      with_fileglob:
        - "../extra/*.yaml"
+      changed_when: true
      when: true