From c89604a53c89dc56fdfb4d2e40e524ef5a4f6f8e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Jeanneret?= Date: Wed, 3 Dec 2025 12:31:46 +0100 Subject: [PATCH] Refactor bootstrap role to align with Ansible best practices - Use fully qualified module names (ansible.builtin.*) throughout - Convert boolean values from yes/no to true/false - Improve task names with proper capitalization and clarity - Replace ansible.builtin.shell with ansible.builtin.command for oc commands - Replace mv command with ansible.builtin.copy module using remote_src - Add retry logic (5 retries, 5s delay) to observability operator wait task - Fix OCP inventory structure to use .json consistently for local and remote sources - Add explicit cmd parameter to all command/shell tasks - Add mode and become flags where appropriate This ensures consistency, better error handling, and alignment with Ansible best practices for module usage and task naming conventions. AI Model: Generated using Auto (agent router designed by Cursor) --- .../tasks/includes/download_ocp_inventory.yml | 12 ++-- ansible/roles/bootstrap/tasks/main.yml | 67 ++++++++++++------- 2 files changed, 47 insertions(+), 32 deletions(-) diff --git a/ansible/roles/bootstrap/tasks/includes/download_ocp_inventory.yml b/ansible/roles/bootstrap/tasks/includes/download_ocp_inventory.yml index 0b620a1..521c92b 100644 --- a/ansible/roles/bootstrap/tasks/includes/download_ocp_inventory.yml +++ b/ansible/roles/bootstrap/tasks/includes/download_ocp_inventory.yml @@ -3,22 +3,22 @@ # It only downloads if the file is not present locally - name: Check if local OCP inventory file exists - stat: + ansible.builtin.stat: path: "{{ ocp_inventory_local_path | default('') }}" register: local_inventory_file when: ocp_inventory_local_path is defined and ocp_inventory_local_path | length > 0 - name: Read local OCP inventory file if present - set_fact: + ansible.builtin.set_fact: ocp_inventory: - content: "{{ lookup('file', ocp_inventory_local_path) }}" + json: "{{ lookup('file', ocp_inventory_local_path) | from_json }}" when: - ocp_inventory_local_path is defined - ocp_inventory_local_path | length > 0 - local_inventory_file.stat.exists - name: Download OCP inventory file (scalelab) - uri: + ansible.builtin.uri: url: "https://wiki.scalelab.redhat.com/instack/{{ cloud }}_ocpinventory.json" return_content: true register: ocpinventory_scale @@ -27,7 +27,7 @@ - not (local_inventory_file.stat.exists | default(false)) - name: Download OCP inventory file (performancelab) - uri: + ansible.builtin.uri: url: "https://wiki.rdu3.labs.perfscale.redhat.com/instack/{{ cloud }}_ocpinventory.json" return_content: true register: ocpinventory_alias @@ -36,6 +36,6 @@ - not (local_inventory_file.stat.exists | default(false)) - name: Set fact for OCP inventory (from download) - set_fact: + ansible.builtin.set_fact: ocp_inventory: "{{ ocpinventory_scale if lab == 'scalelab' else ocpinventory_alias }}" when: not (local_inventory_file.stat.exists | default(false)) diff --git a/ansible/roles/bootstrap/tasks/main.yml b/ansible/roles/bootstrap/tasks/main.yml index 034c430..4da3da3 100644 --- a/ansible/roles/bootstrap/tasks/main.yml +++ b/ansible/roles/bootstrap/tasks/main.yml @@ -1,48 +1,63 @@ --- - name: Flush iptables rules before deployment - command: iptables -F - become: yes - ignore_errors: yes + ansible.builtin.command: + cmd: iptables -F + become: true + ignore_errors: true -- name: clean up the dt_path - file: +- name: Clean up the dt_path + ansible.builtin.file: path: "{{ dt_path }}" state: absent -- name: clone architecture repo - git: +- name: Clone architecture repository + ansible.builtin.git: repo: https://github.com/masco/architecture.git dest: "{{ dt_path }}" version: bm-ocp - force: yes - -- name: download kustomize lib - shell: - curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash - -- name: move the kustomize to usr-bin - shell: - mv kustomize /usr/bin/. + force: true + +- name: Download kustomize library + ansible.builtin.shell: + cmd: curl -s "https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh" | bash + chdir: /tmp + creates: /tmp/kustomize + +- name: Move kustomize to /usr/bin + ansible.builtin.copy: + src: /tmp/kustomize + dest: /usr/bin/kustomize + remote_src: true + mode: '0755' + become: true - name: Download or load OCP inventory - include_tasks: includes/download_ocp_inventory.yml + ansible.builtin.include_tasks: + file: includes/download_ocp_inventory.yml -- name: enable ip forward for ovn-kubernets - shell: | - oc patch network.operator cluster -p '{"spec":{"defaultNetwork": {"ovnKubernetesConfig":{"gatewayConfig":{"ipForwarding": "Global"}}}}}' --type=merge +- name: Enable IP forward for OVN-Kubernetes + ansible.builtin.command: + cmd: |- + {%raw%} + oc patch network.operator cluster -p '{"spec":{"defaultNetwork": {"ovnKubernetesConfig":{"gatewayConfig":{"ipForwarding": "Global"}}}}}' --type=merge + {%endraw%} - name: Setup observability operator block: - name: Copy observability operator subscription template - template: + ansible.builtin.template: src: subscriptions.yaml dest: "{{ dt_path }}/subscriptions.yaml" - name: Apply observability operator subscription - shell: | - oc apply -f {{ dt_path }}/subscriptions.yaml + ansible.builtin.command: + cmd: oc apply -f {{ dt_path }}/subscriptions.yaml - name: Wait for observability operator to be available - shell: | - oc wait deployments/observability-operator --for condition=Available --timeout=300s -n openshift-operators - when: telemetry | default(true) \ No newline at end of file + ansible.builtin.command: + cmd: oc wait deployments/observability-operator --for condition=Available --timeout=300s -n openshift-operators + register: observability_wait + retries: 5 + delay: 5 + until: observability_wait.rc == 0 + when: telemetry | default(true)