Fix tasks FQCN, Refs #35878

.lint/ansible-apt-block-check.sh

-#!/usr/bin/env bash
 
 # config
 exclude_pattern=()
 exclude_pattern+=('^./roles/elastic.elasticsearch')
 exclude_pattern+=('^./.venv')
 
-apt_regex='^[^#]*apt:'
+apt_regex='^[^#]*(ansible.builtin.|)apt:'
 until_regex='^[^#]*until: apt_status is success'
 
-# * * * 
+# * * *
 
 # go to repository root dir
 cd "$(readlink -f "$(dirname "${0}")")"/..
@@ -24,14 +23,14 @@ errors_count=0
 for f in "${yml_files[@]}"; do
 
     # count apt block
-    apt_block_count=$(grep -c "${apt_regex}" "${f}")
+    apt_block_count=$(grep -cE "${apt_regex}" "${f}")
 
     # test if file contain apt block
     if (( apt_block_count > 0 )); then
-    
+
         # get apt block, count apt: and until:
         apt_blocks="$(awk -v RS='' "/${apt_regex}/" "${f}")"
-        apt_nb="$(echo "${apt_blocks}" | grep -c "${apt_regex}")"
+        apt_nb="$(echo "${apt_blocks}" | grep -cE "${apt_regex}")"
         until_nb="$(echo "${apt_blocks}" | grep -c "${until_regex}")"
 
         # test if apt: and until: count differ
@@ -51,4 +50,3 @@ if (( errors_count != 0 )); then
 else
     exit 0
 fi
-

playbooks/bench.yml

@@ -5,7 +5,7 @@
   hosts: bench_server
   pre_tasks:
     - name: "Fail is benchmark server is not unique"
-      fail:
+      ansible.builtin.fail:
         msg: "Benchmark server must be unique"
       when: groups['bench_server'] | length > 1
   tags: bench_server
@@ -16,7 +16,7 @@
       tags:
         - never
         - prepare-bench
-      service:
+      ansible.builtin.service:
         name: bench-server
         state: restarted
 
@@ -30,7 +30,7 @@
       tags:
         - never
         - prepare-bench
-      service:
+      ansible.builtin.service:
         name: bench-worker
         state: restarted
 

playbooks/celerity.yml

@@ -9,11 +9,11 @@
   post_tasks:
     - name: configure network
       when: network_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: network
     - name: configure proxy
       when: proxy_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: proxy
 
 ...

playbooks/live/deploy-standalone.yml

@@ -30,7 +30,7 @@
         ferm_input_rules: "{{ server_ferm_input_rules }}"
         ferm_output_rules: "{{ server_ferm_output_rules }}"
         ferm_global_settings: "{{ server_ferm_global_settings }}"
-      include_role:
+      ansible.builtin.include_role:
         name: ferm-configure
 
 - import_playbook: deploy-minimal.yml

playbooks/live/functions/create-live-app.yml

@@ -6,23 +6,23 @@
   tags: live
   tasks:
     - name: Check the existence of the live configuration
-      stat:
+      ansible.builtin.stat:
         path: /etc/nginx/rtmp.d/{{ live_app_name }}.conf
       register: live_conf_live
 
     - name: Getting the live configuration content
-      shell: grep -oP '^application \K[A-Za-z0-9]+' /etc/nginx/rtmp.d/{{ live_app_name }}.conf
+      ansible.builtin.shell: grep -oP '^application \K[A-Za-z0-9]+' /etc/nginx/rtmp.d/{{ live_app_name }}.conf
       when: live_conf_live.stat.exists
       register: live_conf_secret
       changed_when: false
 
     - name: Extracting the application secret
-      set_fact:
+      ansible.builtin.set_fact:
         live_secret: "{{ live_conf_secret.stdout }}"
       when: live_conf_live.stat.exists
 
     - name: Declaring the application secret
-      set_fact:
+      ansible.builtin.set_fact:
         live_secret: ""
       when: not live_conf_live.stat.exists
 
@@ -32,23 +32,23 @@
   tags: live
   tasks:
     - name: Check the existence of the live configuration
-      stat:
+      ansible.builtin.stat:
         path: /home/{{ live_app_name }}/msinstance/conf/lives.json
       register: ms_conf_live
 
     - name: Retrieve the live configuration
-      slurp:
+      ansible.builtin.slurp:
         src: /home/{{ live_app_name }}/msinstance/conf/lives.json
       register: ms_live_config
       when: ms_conf_live.stat.exists
 
     - name: Extracting the application secret
-      set_fact:
+      ansible.builtin.set_fact:
         live_secret: "{{ ms_live_config.content|b64decode|from_json | json_query('RTMP_APP') }}"
       when: ms_conf_live.stat.exists
 
     - name: Declaring the application secret
-      set_fact:
+      ansible.builtin.set_fact:
         live_secret: ""
       when: not ms_conf_live.stat.exists
 
@@ -58,13 +58,13 @@
   tags: live
   tasks:
     - name: Retrieving the first live host configured app secret as reference
-      set_fact:
+      ansible.builtin.set_fact:
         base_live_secret: "{{ hostvars[groups['live'][0]].live_secret }}"
         app_secret_diff: false
       when: hostvars[groups['live'][0]].live_secret | length > 0
 
     - name: Comparing the app secrets from MS an live servers with the reference
-      set_fact:
+      ansible.builtin.set_fact:
         app_secret_diff: true
       when: base_live_secret is defined
             and hostvars[item].live_secret != base_live_secret
@@ -73,7 +73,7 @@
         - "{{ groups['mediaserver'] }}"
 
     - name: Generating an application secret on localhost with /dev/urandom
-      shell: >
+      ansible.builtin.shell: >
         set -o pipefail && \
         cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 30 | head -n 1
       register: secret
@@ -84,7 +84,7 @@
             or app_secret_diff
 
     - name: Deciding the application secret to use
-      set_fact:
+      ansible.builtin.set_fact:
         live_app_secret: "{{ secret.stdout | d(base_live_secret) }}"
 
 - name: Live server(s) - "{{ live_app_name }}" live application configuration
@@ -93,19 +93,19 @@
   tags: live
   tasks:
     - name: Check the existence of the RTMP app
-      command: ubicast-livectl get {{ live_app_name }} {{ hostvars['localhost'].live_app_secret }}
+      ansible.builtin.command: ubicast-livectl get {{ live_app_name }} {{ hostvars['localhost'].live_app_secret }}
       register: app_status
       changed_when: false
       failed_when: false
 
     - name: (Re)create the RTMP app configuration
       notify: Reload nginx
-      command: ubicast-livectl add {{ live_app_name }} {{ hostvars['localhost'].live_app_secret }}
+      ansible.builtin.command: ubicast-livectl add {{ live_app_name }} {{ hostvars['localhost'].live_app_secret }}
       when: app_status.rc == 1
 
     - name: Prepare the nginx RTMP temporary directory
       notify: Reload nginx
-      file:
+      ansible.builtin.file:
         path: /var/tmp/nginx-rtmp/{{ live_app_name }}
         owner: nginx
         group: root
@@ -114,7 +114,7 @@
 
     - name: Create the nginx RTMP web directory symlink
       notify: Reload nginx
-      file:
+      ansible.builtin.file:
         src: /var/tmp/nginx-rtmp/{{ live_app_name }}
         dest: /var/www/{{ live_app_name }}/streaming-rtmp
         state: link
@@ -123,7 +123,7 @@
 
   handlers:
     - name: Reload nginx
-      systemd:
+      ansible.builtin.systemd:
         name: nginx
         state: reloaded
 
@@ -133,54 +133,54 @@
   tags: live
   tasks:
     - name: Getting the current lives configuration
-      slurp:
+      ansible.builtin.slurp:
         src: /home/{{ live_app_name }}/msinstance/conf/lives.json
       register: lives_config
       when: ms_conf_live.stat.exists
 
     # The "W10K" string is decoded to an empty json file => "[]"
     - name: Store the lives configuration in a variable
-      set_fact:
+      ansible.builtin.set_fact:
         lives_config: "{{ lives_config.content | default('W10K') | b64decode | from_json }}"
 
     - name: Set the live application secret in lives configuration
       vars:
         rtmp_app_line:
           RTMP_APP: "{{ hostvars['localhost'].live_app_secret }}"
-      set_fact:
+      ansible.builtin.set_fact:
         lives_config: "{{ lives_config | combine(rtmp_app_line) }}"
 
     - name: Set the RTMP_NAME in lives configuration
       vars:
         rtmp_name_line:
           RTMP_NAME: "{{ live_app_name }}"
-      set_fact:
+      ansible.builtin.set_fact:
         lives_config: "{{ lives_config | combine(rtmp_name_line) }}"
 
     - name: Set the RTMP_HLS_PLAYBACK_URL in lives configuration
       vars:
         rtmp_hls_line:
           RTMP_HLS_PLAYBACK_URL: "{{ rtmp_hls_url }}"
-      set_fact:
+      ansible.builtin.set_fact:
         lives_config: "{{ lives_config | combine(rtmp_hls_line) }}"
 
     - name: Set the RTMP_PLAYBACK_URL in lives configuration
       vars:
         rtmp_playback_line:
           RTMP_PLAYBACK_URL: null
-      set_fact:
+      ansible.builtin.set_fact:
         lives_config: "{{ lives_config | combine(rtmp_playback_line) }}"
 
     - name: Set the RTMP_PUBLISH_URL in lives configuration
       vars:
         rtmp_publish_line:
           RTMP_PUBLISH_URL: "{{ rtmp_pub_url }}"
-      set_fact:
+      ansible.builtin.set_fact:
         lives_config: "{{ lives_config | combine(rtmp_publish_line) }}"
 
     - name: Update mediaserver lives configuration
       notify: Restart mediaserver
-      copy:
+      ansible.builtin.copy:
         content: "{{ lives_config | to_nice_json }}"
         dest: "/home/{{ live_app_name }}/msinstance/conf/lives.json"
         owner: "{{ live_app_name }}"
@@ -189,7 +189,7 @@
 
   handlers:
     - name: Restart mediaserver
-      systemd:
+      ansible.builtin.systemd:
         name: mediaserver
         state: restarted
 

playbooks/live/subplays/ha-case.yml

@@ -6,28 +6,28 @@
   gather_facts: false
   tasks:
     - name: resolve domain name to localhost
-      lineinfile:
+      ansible.builtin.lineinfile:
         path: /etc/hosts
         line: '127.0.1.1 {{ live_domain }}'
         backup: true
 
     - name: fill the vhost file
       notify: Restart nginx
-      replace:
+      ansible.builtin.replace:
         path: /etc/nginx/sites-available/live-rtmp.conf
         regexp: '^(\s+server_name)\s+.*(;)$'
         replace: '\1 {{ live_domain }}\2'
 
     - name: Activating the live vhost configuration
       notify: Restart nginx
-      file:
+      ansible.builtin.file:
         src: /etc/nginx/sites-available/live-rtmp.conf
         dest: /etc/nginx/sites-enabled/live-rtmp.conf
         state: link
 
   handlers:
     - name: Restart nginx
-      systemd:
+      ansible.builtin.systemd:
         name: nginx
         state: restarted
 
@@ -43,12 +43,12 @@
   gather_facts: false
   tasks:
     - name: Check the existence of the rtmp configuration folder
-      stat:
+      ansible.builtin.stat:
         path: /etc/nginx/rtmp.d
       register: rtmp_conf_dir
 
     - name: Remove unused MediaServer(s) rtmp configurations
-      shell: /bin/rm -f /etc/nginx/rtmp.d/*
+      ansible.builtin.shell: /bin/rm -f /etc/nginx/rtmp.d/*
       args:
         warn: false
       when: rtmp_conf_dir.stat.exists

playbooks/mediacache.yml

@@ -9,15 +9,15 @@
   post_tasks:
     - name: deploy letsencrypt certificate
       when: letsencrypt_enabled | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: letsencrypt
     - name: configure network
       when: network_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: network
     - name: configure proxy
       when: proxy_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: proxy
 
 ...

playbooks/mediacache/deploy-minimal.yml

@@ -7,12 +7,12 @@
     - mediacache
   tasks:
     - name: Getting the IP to trust in term of securelink
-      set_fact:
+      ansible.builtin.set_fact:
         securelink_ip: "{{ hostvars[inventory_hostname]['ansible_default_ipv4']['address'] }}"
 
     - name: authorize mediacache on mediaserver
       notify: restart nginx on mediaservers
-      lineinfile:
+      ansible.builtin.lineinfile:
         path: /etc/nginx/conf.d/mediaserver-securelink.conf
         line: "{{'\t'}}{{ securelink_ip }} 1;"  # noqa: no-tabs
         insertafter: '^geo'
@@ -22,7 +22,7 @@
 
   handlers:
     - name: restart nginx on mediaservers
-      systemd:
+      ansible.builtin.systemd:
         name: nginx
         state: restarted
       delegate_to: "{{ item }}"

playbooks/mediacache/deploy-standalone.yml

@@ -30,7 +30,7 @@
         ferm_input_rules: "{{ server_ferm_input_rules }}"
         ferm_output_rules: "{{ server_ferm_output_rules }}"
         ferm_global_settings: "{{ server_ferm_global_settings }}"
-      include_role:
+      ansible.builtin.include_role:
         name: ferm-configure
 
 - import_playbook: deploy-minimal.yml

playbooks/mediaimport.yml

@@ -9,11 +9,11 @@
   post_tasks:
     - name: configure network
       when: network_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: network
     - name: configure proxy
       when: proxy_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: proxy
 
 ...

playbooks/mediaserver.yml

@@ -9,15 +9,15 @@
   post_tasks:
     - name: deploy letsencrypt certificate
       when: letsencrypt_enabled | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: letsencrypt
     - name: configure network
       when: network_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: network
     - name: configure proxy
       when: proxy_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: proxy
 
 ...

playbooks/mediavault/deploy.yml

@@ -9,11 +9,11 @@
   post_tasks:
     - name: configure network
       when: network_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: network
     - name: configure proxy
       when: proxy_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: proxy
 
 ...

playbooks/mediavault/ressources/add_backup_task.yml

@@ -5,7 +5,7 @@
   register: backup_marker
 
 - name: create {{ item.name }} backup
-  shell: mediavaultctl add --backup-name "{{ item.name }}" --source-folder "{{ item.source  }}" --dest-folder "{{ item.dest }}"
+  ansible.builtin.shell: mediavaultctl add --backup-name "{{ item.name }}" --source-folder "{{ item.source  }}" --dest-folder "{{ item.dest }}"
   when: not backup_marker.stat.exists
 
 ...

playbooks/mediaworker.yml

@@ -9,11 +9,11 @@
   post_tasks:
     - name: configure network
       when: network_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: network
     - name: configure proxy
       when: proxy_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: proxy
 
 ...

playbooks/mirismanager.yml

@@ -9,15 +9,15 @@
   post_tasks:
     - name: deploy letsencrypt certificate
       when: letsencrypt_enabled | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: letsencrypt
     - name: configure network
       when: network_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: network
     - name: configure proxy
       when: proxy_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: proxy
 
 ...

playbooks/munin/munin-server.yml

@@ -6,7 +6,7 @@
   tags: munin
   pre_tasks:
     - name: gather munin_node group facts
-      setup:
+      ansible.builtin.setup:
       delegate_to: "{{ item }}"
       delegate_facts: true
       with_items: "{{ groups['munin_node'] }}"

playbooks/netcapture.yml

@@ -9,11 +9,11 @@
   post_tasks:
     - name: configure network
       when: network_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: network
     - name: configure proxy
       when: proxy_apply | d(false)
-      include_role:
+      ansible.builtin.include_role:
         name: proxy
 
 ...

playbooks/netcapture/deploy-standalone.yml

@@ -22,7 +22,7 @@
         ferm_input_rules: "{{ server_ferm_input_rules }}"
         ferm_output_rules: "{{ server_ferm_output_rules }}"
         ferm_global_settings: "{{ server_ferm_global_settings }}"
-      include_role:
+      ansible.builtin.include_role:
         name: ferm-configure
 
 - import_playbook: deploy-minimal.yml

playbooks/postgres-ha.yml

@@ -6,15 +6,15 @@
   tags: postgres
   pre_tasks:
     - name: check that repmgr_node_id is set
-      assert:
+      ansible.builtin.assert:
         that: repmgr_node_id != ""
         quiet: true
     - name: check that repmgr_primary_node is set
-      assert:
+      ansible.builtin.assert:
         that: repmgr_primary_node != ""
         quiet: true
     - name: install psycopg2
-      apt:
+      ansible.builtin.apt:
         force_apt_get: true
         install_recommends: false
         name: python3-psycopg2
@@ -29,7 +29,7 @@
   tags: ['postgres', 'mediaserver']
   pre_tasks:
     - name: check that haproxy is configured
-      assert:
+      ansible.builtin.assert:
         that: hap_config_listen != ""
         quiet: true
   roles:

playbooks/postgres-maintenance/fenced_to_standby.yml

@@ -4,23 +4,23 @@
   hosts: postgres_fenced
   tasks:
     - name: fail if node status if not fenced
-      fail:
+      ansible.builtin.fail:
         msg: "Current status {{ rephacheck['stdout'] }} must be fenced."
       when: rephacheck['stdout'] != "fenced"
 
     - name: stop postgresql
-      systemd:
+      ansible.builtin.systemd:
         name: postgresql
         state: stopped
 
     - name: delete postgresql data directory
-      file:
+      ansible.builtin.file:
         path: /var/lib/postgresql/11/main/
         state: absent
         force: true
 
     - name: copy data from primary
-      command: >
+      ansible.builtin.command: >
         repmgr -f /etc/postgresql/11/main/repmgr.conf
           --force --verbose
           standby clone
@@ -33,13 +33,13 @@
       changed_when: false
 
     - name: start postgresql
-      systemd:
+      ansible.builtin.systemd:
         name: postgresql
         state: started
       when: copy_from_primary is succeeded
 
     - name: register node as standby
-      command: "repmgr -f /etc/postgresql/11/main/repmgr.conf --force --verbose standby register"
+      ansible.builtin.command: "repmgr -f /etc/postgresql/11/main/repmgr.conf --force --verbose standby register"
       become: true
       become_user: postgres
       when: copy_from_primary is succeeded