Resolve ansible-lint name errors (#10253)

* project: fix ansible-lint name

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: ignore jinja template error in names

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: capitalize ansible name

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

* project: update notify after name capitalization

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

---------

Signed-off-by: Arthur Outhenin-Chalandre <arthur.outhenin-chalandre@proton.ch>

roles/container-engine/skopeo/tasks/main.yml

 ---
-- name: skopeo | check if fedora coreos
+- name: Skopeo | check if fedora coreos
   stat:
     path: /run/ostree-booted
     get_attributes: no
@@ -7,11 +7,11 @@
     get_mime: no
   register: ostree
 
-- name: skopeo | set is_ostree
+- name: Skopeo | set is_ostree
   set_fact:
     is_ostree: "{{ ostree.stat.exists }}"
 
-- name: skopeo | Uninstall skopeo package managed by package manager
+- name: Skopeo | Uninstall skopeo package managed by package manager
   package:
     name: skopeo
     state: absent
@@ -19,7 +19,7 @@
     - not (is_ostree or (ansible_distribution == "Flatcar Container Linux by Kinvolk") or (ansible_distribution == "Flatcar"))
   ignore_errors: true  # noqa ignore-errors
 
-- name: skopeo | Download skopeo binary
+- name: Skopeo | Download skopeo binary
   include_tasks: "../../../download/tasks/download_file.yml"
   vars:
     download: "{{ download_defaults | combine(downloads.skopeo) }}"

roles/container-engine/validate-container-engine/tasks/main.yml

 ---
-- name: validate-container-engine | check if fedora coreos
+- name: Validate-container-engine | check if fedora coreos
   stat:
     path: /run/ostree-booted
     get_attributes: no
@@ -9,7 +9,7 @@
   tags:
     - facts
 
-- name: validate-container-engine | set is_ostree
+- name: Validate-container-engine | set is_ostree
   set_fact:
     is_ostree: "{{ ostree.stat.exists }}"
   tags:

roles/container-engine/youki/molecule/default/prepare.yml

@@ -8,7 +8,8 @@
     - role: adduser
       user: "{{ addusers.kube }}"
   tasks:
-    - include_tasks: "../../../../download/tasks/download_file.yml"
+    - name: Download CNI
+      include_tasks: "../../../../download/tasks/download_file.yml"
       vars:
         download: "{{ download_defaults | combine(downloads.cni) }}"
 

roles/container-engine/youki/tasks/main.yml

 ---
-- name: youki | Download youki
+- name: Youki | Download youki
   include_tasks: "../../../download/tasks/download_file.yml"
   vars:
     download: "{{ download_defaults | combine(downloads.youki) }}"
 
-- name: youki | Copy youki binary from download dir
+- name: Youki | Copy youki binary from download dir
   copy:
     src: "{{ local_release_dir }}/youki_v{{ youki_version | regex_replace('\\.', '_') }}_linux/youki-v{{ youki_version }}/youki"
     dest: "{{ youki_bin_dir }}/youki"

roles/download/tasks/check_pull_required.yml

 ---
 # The image_info_command depends on the Container Runtime and will output something like the following:
 # nginx:1.15,gcr.io/google-containers/kube-proxy:v1.14.1,gcr.io/google-containers/kube-proxy@sha256:44af2833c6cbd9a7fc2e9d2f5244a39dfd2e31ad91bf9d4b7d810678db738ee9,gcr.io/google-containers/kube-apiserver:v1.14.1,etc...
-- name: check_pull_required |  Generate a list of information about the images on a node  # noqa command-instead-of-shell - image_info_command contains a pipe, therefore requiring shell
+- name: Check_pull_required |  Generate a list of information about the images on a node  # noqa command-instead-of-shell - image_info_command contains a pipe, therefore requiring shell
   shell: "{{ image_info_command }}"
   register: docker_images
   changed_when: false
   check_mode: no
   when: not download_always_pull
 
-- name: check_pull_required | Set pull_required if the desired image is not yet loaded
+- name: Check_pull_required | Set pull_required if the desired image is not yet loaded
   set_fact:
     pull_required: >-
       {%- if image_reponame | regex_replace('^docker\.io/(library/)?', '') in docker_images.stdout.split(',') %}false{%- else -%}true{%- endif -%}
   when: not download_always_pull
 
-- name: check_pull_required | Check that the local digest sha256 corresponds to the given image tag
+- name: Check_pull_required | Check that the local digest sha256 corresponds to the given image tag
   assert:
     that: "{{ download.repo }}:{{ download.tag }} in docker_images.stdout.split(',')"
   when:

roles/download/tasks/download_container.yml

 ---
 - block:
-    - name: set default values for flag variables
+    - name: Set default values for flag variables
       set_fact:
         image_is_cached: false
         image_changed: false
@@ -8,12 +8,12 @@
       tags:
         - facts
 
-    - name: download_container | Set a few facts
+    - name: Download_container | Set a few facts
       import_tasks: set_container_facts.yml
       tags:
         - facts
 
-    - name: download_container | Prepare container download
+    - name: Download_container | Prepare container download
       include_tasks: check_pull_required.yml
       when:
         - not download_always_pull
@@ -21,7 +21,7 @@
     - debug:  # noqa name[missing]
         msg: "Pull {{ image_reponame }} required is: {{ pull_required }}"
 
-    - name: download_container | Determine if image is in cache
+    - name: Download_container | Determine if image is in cache
       stat:
         path: "{{ image_path_cached }}"
         get_attributes: no
@@ -36,7 +36,7 @@
       when:
         - download_force_cache
 
-    - name: download_container | Set fact indicating if image is in cache
+    - name: Download_container | Set fact indicating if image is in cache
       set_fact:
         image_is_cached: "{{ cache_image.stat.exists }}"
       tags:
@@ -52,7 +52,7 @@
         - download_force_cache
         - not download_run_once
 
-    - name: download_container | Download image if required
+    - name: Download_container | Download image if required
       command: "{{ image_pull_command_on_localhost if download_localhost else image_pull_command }} {{ image_reponame }}"
       delegate_to: "{{ download_delegate if download_run_once else inventory_hostname }}"
       delegate_facts: yes
@@ -67,7 +67,7 @@
         - pull_required or download_run_once
         - not image_is_cached
 
-    - name: download_container | Save and compress image
+    - name: Download_container | Save and compress image
       shell: "{{ image_save_command_on_localhost if download_localhost else image_save_command }}"  # noqa command-instead-of-shell - image_save_command_on_localhost contains a pipe, therefore requires shell
       delegate_to: "{{ download_delegate }}"
       delegate_facts: no
@@ -79,7 +79,7 @@
         - not image_is_cached
         - download_run_once
 
-    - name: download_container | Copy image to ansible host cache
+    - name: Download_container | Copy image to ansible host cache
       ansible.posix.synchronize:
         src: "{{ image_path_final }}"
         dest: "{{ image_path_cached }}"
@@ -91,7 +91,7 @@
         - not download_localhost
         - download_delegate == inventory_hostname
 
-    - name: download_container | Upload image to node if it is cached
+    - name: Download_container | Upload image to node if it is cached
       ansible.posix.synchronize:
         src: "{{ image_path_cached }}"
         dest: "{{ image_path_final }}"
@@ -107,7 +107,7 @@
         - pull_required
         - download_force_cache
 
-    - name: download_container | Load image into the local container registry
+    - name: Download_container | Load image into the local container registry
       shell: "{{ image_load_command }}"  # noqa command-instead-of-shell - image_load_command uses pipes, therefore requires shell
       register: container_load_status
       failed_when: container_load_status is failed
@@ -115,7 +115,7 @@
         - pull_required
         - download_force_cache
 
-    - name: download_container | Remove container image from cache
+    - name: Download_container | Remove container image from cache
       file:
         state: absent
         path: "{{ image_path_final }}"

roles/download/tasks/download_file.yml

 ---
-- block:
-  - name: prep_download | Set a few facts
+- name: "Download_file | download {{ download.dest }}"
+  block:
+  - name: Prep_download | Set a few facts
     set_fact:
       download_force_cache: "{{ true if download_run_once else download_force_cache }}"
 
-  - name: download_file | Starting download of file
+  - name: Download_file | Starting download of file
     debug:
       msg: "{{ download.url }}"
     run_once: "{{ download_run_once }}"
 
-  - name: download_file | Set pathname of cached file
+  - name: Download_file | Set pathname of cached file
     set_fact:
       file_path_cached: "{{ download_cache_dir }}/{{ download.dest | basename }}"
     tags:
     - facts
 
-  - name: download_file | Create dest directory on node
+  - name: Download_file | Create dest directory on node
     file:
       path: "{{ download.dest | dirname }}"
       owner: "{{ download.owner | default(omit) }}"
@@ -23,7 +24,7 @@
       state: directory
       recurse: yes
 
-  - name: download_file | Create local cache directory
+  - name: Download_file | Create local cache directory
     file:
       path: "{{ file_path_cached | dirname }}"
       state: directory
@@ -38,7 +39,7 @@
     tags:
     - localhost
 
-  - name: download_file | Create cache directory on download_delegate host
+  - name: Download_file | Create cache directory on download_delegate host
     file:
       path: "{{ file_path_cached | dirname }}"
       state: directory
@@ -52,7 +53,7 @@
 
   # We check a number of mirrors that may hold the file and pick a working one at random
   # This task will avoid logging it's parameters to not leak environment passwords in the log
-  - name: download_file | Validate mirrors
+  - name: Download_file | Validate mirrors
     uri:
       url: "{{ mirror }}"
       method: HEAD
@@ -75,14 +76,14 @@
     ignore_errors: true
 
   # Ansible 2.9 requires we convert a generator to a list
-  - name: download_file | Get the list of working mirrors
+  - name: Download_file | Get the list of working mirrors
     set_fact:
       valid_mirror_urls: "{{ uri_result.results | selectattr('failed', 'eq', False) | map(attribute='mirror') | list }}"
     delegate_to: "{{ download_delegate if download_force_cache else inventory_hostname }}"
 
   # This must always be called, to check if the checksum matches. On no-match the file is re-downloaded.
   # This task will avoid logging it's parameters to not leak environment passwords in the log
-  - name: download_file | Download item
+  - name: Download_file | Download item
     get_url:
       url: "{{ valid_mirror_urls | random }}"
       dest: "{{ file_path_cached if download_force_cache else download.dest }}"
@@ -104,7 +105,7 @@
     environment: "{{ proxy_env }}"
     no_log: "{{ not (unsafe_show_logs | bool) }}"
 
-  - name: download_file | Copy file back to ansible host file cache
+  - name: Download_file | Copy file back to ansible host file cache
     ansible.posix.synchronize:
       src: "{{ file_path_cached }}"
       dest: "{{ file_path_cached }}"
@@ -115,7 +116,7 @@
     - not download_localhost
     - download_delegate == inventory_hostname
 
-  - name: download_file | Copy file from cache to nodes, if it is available
+  - name: Download_file | Copy file from cache to nodes, if it is available
     ansible.posix.synchronize:
       src: "{{ file_path_cached }}"
       dest: "{{ download.dest }}"
@@ -128,7 +129,7 @@
     when:
     - download_force_cache
 
-  - name: download_file | Set mode and owner
+  - name: Download_file | Set mode and owner
     file:
       path: "{{ download.dest }}"
       mode: "{{ download.mode | default(omit) }}"
@@ -136,7 +137,7 @@
     when:
     - download_force_cache
 
-  - name: "download_file | Extract file archives"
+  - name: "Download_file | Extract file archives"
     include_tasks: "extract_file.yml"
 
   tags:

roles/download/tasks/extract_file.yml

 ---
-- name: extract_file | Unpacking archive
+- name: Extract_file | Unpacking archive
   unarchive:
     src: "{{ download.dest }}"
     dest: "{{ download.dest | dirname }}"

roles/download/tasks/main.yml

 ---
-- name: download | Prepare working directories and variables
+- name: Download | Prepare working directories and variables
   import_tasks: prep_download.yml
   when:
     - not skip_downloads | default(false)
@@ -7,7 +7,7 @@
     - download
     - upload
 
-- name: download | Get kubeadm binary and list of required images
+- name: Download | Get kubeadm binary and list of required images
   include_tasks: prep_kubeadm_images.yml
   when:
     - not skip_downloads | default(false)
@@ -16,7 +16,7 @@
     - download
     - upload
 
-- name: download | Download files / images
+- name: Download | Download files / images
   include_tasks: "{{ include_file }}"
   loop: "{{ downloads | combine(kubeadm_images) | dict2items }}"
   vars:

roles/download/tasks/prep_download.yml

 ---
-- name: prep_download | Set a few facts
+- name: Prep_download | Set a few facts
   set_fact:
     download_force_cache: "{{ true if download_run_once else download_force_cache }}"
   tags:
     - facts
 
-- name: prep_download | On localhost, check if passwordless root is possible
+- name: Prep_download | On localhost, check if passwordless root is possible
   command: "true"
   delegate_to: localhost
   connection: local
@@ -20,7 +20,7 @@
     - localhost
     - asserts
 
-- name: prep_download | On localhost, check if user has access to the container runtime without using sudo
+- name: Prep_download | On localhost, check if user has access to the container runtime without using sudo
   shell: "{{ image_info_command_on_localhost }}"  # noqa command-instead-of-shell - image_info_command_on_localhost contains pipe, therefore requires shell
   delegate_to: localhost
   connection: local
@@ -35,7 +35,7 @@
     - localhost
     - asserts
 
-- name: prep_download | Parse the outputs of the previous commands
+- name: Prep_download | Parse the outputs of the previous commands
   set_fact:
     user_in_docker_group: "{{ not test_docker.failed }}"
     user_can_become_root: "{{ not test_become.failed }}"
@@ -45,7 +45,7 @@
     - localhost
     - asserts
 
-- name: prep_download | Check that local user is in group or can become root
+- name: Prep_download | Check that local user is in group or can become root
   assert:
     that: "user_in_docker_group or user_can_become_root"
     msg: >-
@@ -56,7 +56,7 @@
     - localhost
     - asserts
 
-- name: prep_download | Register docker images info
+- name: Prep_download | Register docker images info
   shell: "{{ image_info_command }}"  # noqa command-instead-of-shell - image_info_command contains pipe therefore requires shell
   no_log: "{{ not (unsafe_show_logs | bool) }}"
   register: docker_images
@@ -65,7 +65,7 @@
   check_mode: no
   when: download_container
 
-- name: prep_download | Create staging directory on remote node
+- name: Prep_download | Create staging directory on remote node
   file:
     path: "{{ local_release_dir }}/images"
     state: directory
@@ -75,7 +75,7 @@
   when:
     - ansible_os_family not in ["Flatcar", "Flatcar Container Linux by Kinvolk"]
 
-- name: prep_download | Create local cache for files and images on control node
+- name: Prep_download | Create local cache for files and images on control node
   file:
     path: "{{ download_cache_dir }}/images"
     state: directory

roles/download/tasks/prep_kubeadm_images.yml

 ---
-- name: prep_kubeadm_images | Check kubeadm version matches kubernetes version
+- name: Prep_kubeadm_images | Check kubeadm version matches kubernetes version
   fail:
     msg: "Kubeadm version {{ kubeadm_version }} do not matches kubernetes {{ kube_version }}"
   when:
     - not skip_downloads | default(false)
     - not kubeadm_version == downloads.kubeadm.version
 
-- name: prep_kubeadm_images | Download kubeadm binary
+- name: Prep_kubeadm_images | Download kubeadm binary
   include_tasks: "download_file.yml"
   vars:
     download: "{{ download_defaults | combine(downloads.kubeadm) }}"
@@ -14,7 +14,7 @@
     - not skip_downloads | default(false)
     - downloads.kubeadm.enabled
 
-- name: prep_kubeadm_images | Create kubeadm config
+- name: Prep_kubeadm_images | Create kubeadm config
   template:
     src: "kubeadm-images.yaml.j2"
     dest: "{{ kube_config_dir }}/kubeadm-images.yaml"
@@ -22,20 +22,20 @@
   when:
     - not skip_kubeadm_images | default(false)
 
-- name: prep_kubeadm_images | Copy kubeadm binary from download dir to system path
+- name: Prep_kubeadm_images | Copy kubeadm binary from download dir to system path
   copy:
     src: "{{ downloads.kubeadm.dest }}"
     dest: "{{ bin_dir }}/kubeadm"
     mode: 0755
     remote_src: true
 
-- name: prep_kubeadm_images | Set kubeadm binary permissions
+- name: Prep_kubeadm_images | Set kubeadm binary permissions
   file:
     path: "{{ bin_dir }}/kubeadm"
     mode: "0755"
     state: file
 
-- name: prep_kubeadm_images | Generate list of required images
+- name: Prep_kubeadm_images | Generate list of required images
   shell: "set -o pipefail && {{ bin_dir }}/kubeadm config images list --config={{ kube_config_dir }}/kubeadm-images.yaml | grep -Ev 'coredns|pause'"
   args:
     executable: /bin/bash
@@ -45,7 +45,7 @@
   when:
     - not skip_kubeadm_images | default(false)
 
-- name: prep_kubeadm_images | Parse list of images
+- name: Prep_kubeadm_images | Parse list of images
   vars:
     kubeadm_images_list: "{{ kubeadm_images_raw.stdout_lines }}"
   set_fact:
@@ -63,7 +63,7 @@
   when:
     - not skip_kubeadm_images | default(false)
 
-- name: prep_kubeadm_images | Convert list of images to dict for later use
+- name: Prep_kubeadm_images | Convert list of images to dict for later use
   set_fact:
     kubeadm_images: "{{ kubeadm_images_cooked.results | map(attribute='ansible_facts.kubeadm_image') | list | items2dict }}"
   run_once: true

roles/download/tasks/set_container_facts.yml

 ---
-- name: set_container_facts | Display the name of the image being processed
+- name: Set_container_facts | Display the name of the image being processed
   debug:
     msg: "{{ download.repo }}"
 
-- name: set_container_facts | Set if containers should be pulled by digest
+- name: Set_container_facts | Set if containers should be pulled by digest
   set_fact:
     pull_by_digest: "{{ download.sha256 is defined and download.sha256 }}"
 
-- name: set_container_facts | Define by what name to pull the image
+- name: Set_container_facts | Define by what name to pull the image
   set_fact:
     image_reponame: >-
       {%- if pull_by_digest %}{{ download.repo }}@sha256:{{ download.sha256 }}{%- else -%}{{ download.repo }}:{{ download.tag }}{%- endif -%}
 
-- name: set_container_facts | Define file name of image
+- name: Set_container_facts | Define file name of image
   set_fact:
     image_filename: "{{ image_reponame | regex_replace('/|\0|:', '_') }}.tar"
 
-- name: set_container_facts | Define path of image
+- name: Set_container_facts | Define path of image
   set_fact:
     image_path_cached: "{{ download_cache_dir }}/images/{{ image_filename }}"
     image_path_final: "{{ local_release_dir }}/images/{{ image_filename }}"

roles/etcd/handlers/main.yml

 ---
-- name: restart etcd
+- name: Restart etcd
   command: /bin/true
   notify:
     - Backup etcd data
-    - etcd | reload systemd
-    - reload etcd
-    - wait for etcd up
+    - Etcd | reload systemd
+    - Reload etcd
+    - Wait for etcd up
     - Cleanup etcd backups
 
-- name: restart etcd-events
+- name: Restart etcd-events
   command: /bin/true
   notify:
-    - etcd | reload systemd
-    - reload etcd-events
-    - wait for etcd-events up
+    - Etcd | reload systemd
+    - Reload etcd-events
+    - Wait for etcd-events up
 
-- import_tasks: backup.yml
+- name: Backup etcd
+  import_tasks: backup.yml
 
-- name: etcd | reload systemd
+- name: Etcd | reload systemd
   systemd:
     daemon_reload: true
 
-- name: reload etcd
+- name: Reload etcd
   service:
     name: etcd
     state: restarted
   when: is_etcd_master
 
-- name: reload etcd-events
+- name: Reload etcd-events
   service:
     name: etcd-events
     state: restarted
   when: is_etcd_master
 
-- name: wait for etcd up
+- name: Wait for etcd up
   uri:
     url: "https://{% if is_etcd_master %}{{ etcd_address }}{% else %}127.0.0.1{% endif %}:2379/health"
     validate_certs: no
@@ -44,9 +45,10 @@
   retries: 60
   delay: 1
 
-- import_tasks: backup_cleanup.yml
+- name: Cleanup etcd backups
+  import_tasks: backup_cleanup.yml
 
-- name: wait for etcd-events up
+- name: Wait for etcd-events up
   uri:
     url: "https://{% if is_etcd_master %}{{ etcd_address }}{% else %}127.0.0.1{% endif %}:2383/health"
     validate_certs: no
@@ -57,6 +59,6 @@
   retries: 60
   delay: 1
 
-- name: set etcd_secret_changed
+- name: Set etcd_secret_changed
   set_fact:
     etcd_secret_changed: true

roles/etcd/tasks/configure.yml

@@ -41,7 +41,8 @@
     ETCDCTL_CACERT: "{{ etcd_cert_dir }}/ca.pem"
     ETCDCTL_ENDPOINTS: "{{ etcd_events_access_addresses }}"
 
-- include_tasks: refresh_config.yml
+- name: Configure | Refresh etcd config
+  include_tasks: refresh_config.yml
   when: is_etcd_master
 
 - name: Configure | Copy etcd.service systemd file

roles/etcd/tasks/gen_certs_script.yml

@@ -56,7 +56,7 @@
   run_once: yes
   delegate_to: "{{ groups['etcd'][0] }}"
   when: gen_certs | default(false)
-  notify: set etcd_secret_changed
+  notify: Set etcd_secret_changed
 
 - name: Gen_certs | run cert generation script for all clients
   command: "bash -x {{ etcd_script_dir }}/make-ssl-etcd.sh -f {{ etcd_config_dir }}/openssl.conf -d {{ etcd_cert_dir }}"
@@ -73,7 +73,7 @@
     - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"
     - gen_certs | default(false)
-  notify: set etcd_secret_changed
+  notify: Set etcd_secret_changed
 
 - name: Gen_certs | Gather etcd member/admin and kube_control_plane client certs from first etcd node
   slurp:
@@ -97,7 +97,7 @@
     - inventory_hostname in groups['etcd']
     - sync_certs | default(false)
     - inventory_hostname != groups['etcd'][0]
-  notify: set etcd_secret_changed
+  notify: Set etcd_secret_changed
 
 - name: Gen_certs | Write etcd member/admin and kube_control_plane client certs to other etcd nodes
   copy:
@@ -129,7 +129,7 @@
     - inventory_hostname != groups['etcd'][0]
     - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"
-  notify: set etcd_secret_changed
+  notify: Set etcd_secret_changed
 
 - name: Gen_certs | Write node certs to other etcd nodes
   copy:
@@ -147,12 +147,14 @@
   loop_control:
     label: "{{ item.item }}"
 
-- include_tasks: gen_nodes_certs_script.yml
+- name: Gen_certs | Generate etcd certs
+  include_tasks: gen_nodes_certs_script.yml
   when:
     - inventory_hostname in groups['kube_control_plane'] and
         sync_certs | default(false) and inventory_hostname not in groups['etcd']
 
-- include_tasks: gen_nodes_certs_script.yml
+- name: Gen_certs | Generate etcd certs on nodes if needed
+  include_tasks: gen_nodes_certs_script.yml
   when:
     - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"

roles/etcd/tasks/install_docker.yml

 ---
-- import_tasks: install_etcdctl_docker.yml
+
+- name: Install etcdctl from docker
+  import_tasks: install_etcdctl_docker.yml
   when: etcd_cluster_setup
 
 - name: Get currently-deployed etcd version
@@ -14,14 +16,14 @@
 
 - name: Restart etcd if necessary
   command: /bin/true
-  notify: restart etcd
+  notify: Restart etcd
   when:
     - etcd_cluster_setup
     - etcd_image_tag not in etcd_current_docker_image.stdout | default('')
 
 - name: Restart etcd-events if necessary
   command: /bin/true
-  notify: restart etcd-events
+  notify: Restart etcd-events
   when:
     - etcd_events_cluster_setup
     - etcd_image_tag not in etcd_events_current_docker_image.stdout | default('')

roles/etcd/tasks/install_host.yml

@@ -8,19 +8,19 @@
 
 - name: Restart etcd if necessary
   command: /bin/true
-  notify: restart etcd
+  notify: Restart etcd
   when:
     - etcd_cluster_setup
     - etcd_version.lstrip('v') not in etcd_current_host_version.stdout | default('')
 
 - name: Restart etcd-events if necessary
   command: /bin/true
-  notify: restart etcd-events
+  notify: Restart etcd-events
   when:
     - etcd_events_cluster_setup
     - etcd_version.lstrip('v') not in etcd_current_host_version.stdout | default('')
 
-- name: install | Download etcd and etcdctl
+- name: Install | Download etcd and etcdctl
   include_tasks: "../../download/tasks/download_file.yml"
   vars:
     download: "{{ download_defaults | combine(downloads.etcd) }}"
@@ -29,7 +29,7 @@
     - never
     - etcd
 
-- name: install | Copy etcd and etcdctl binary from download dir
+- name: Install | Copy etcd and etcdctl binary from download dir
   copy:
     src: "{{ local_release_dir }}/etcd-{{ etcd_version }}-linux-{{ host_architecture }}/{{ item }}"
     dest: "{{ bin_dir }}/{{ item }}"

roles/etcd/tasks/join_etcd-events_member.yml

@@ -12,7 +12,8 @@
     ETCDCTL_CACERT: "{{ etcd_cert_dir }}/ca.pem"
     ETCDCTL_ENDPOINTS: "{{ etcd_events_access_addresses }}"
 
-- include_tasks: refresh_config.yml
+- name: Join Member | Refresh etcd config
+  include_tasks: refresh_config.yml
   vars:
     # noqa: jinja[spacing]
     etcd_events_peer_addresses: >-

roles/etcd/tasks/join_etcd_member.yml

@@ -13,7 +13,8 @@
     ETCDCTL_CACERT: "{{ etcd_cert_dir }}/ca.pem"
     ETCDCTL_ENDPOINTS: "{{ etcd_access_addresses }}"
 
-- include_tasks: refresh_config.yml
+- name: Join Member | Refresh etcd config
+  include_tasks: refresh_config.yml
   vars:
     # noqa: jinja[spacing]
     etcd_peer_addresses: >-

roles/etcd/tasks/main.yml

 ---
-- include_tasks: check_certs.yml
+- name: Check etcd certs
+  include_tasks: check_certs.yml
   when: cert_management == "script"
   tags:
     - etcd-secrets
     - facts
 
-- include_tasks: "gen_certs_script.yml"
+- name: Generate etcd certs
+  include_tasks: "gen_certs_script.yml"
   when:
     - cert_management | d('script') == "script"
   tags:
     - etcd-secrets
 
-- include_tasks: upd_ca_trust.yml
+- name: Trust etcd CA
+  include_tasks: upd_ca_trust.yml
   when:
     - inventory_hostname in groups['etcd'] | union(groups['kube_control_plane']) | unique | sort
   tags:
     - etcd-secrets
 
-- include_tasks: upd_ca_trust.yml
+- name: Trust etcd CA on nodes if needed
+  include_tasks: upd_ca_trust.yml
   when:
     - kube_network_plugin in ["calico", "flannel", "cilium"] or cilium_deploy_additionally | default(false) | bool
     - kube_network_plugin != "calico" or calico_datastore == "etcd"
@@ -49,29 +53,33 @@
     - master
     - network
 
-- include_tasks: "install_{{ etcd_deployment_type }}.yml"
+- name: Install etcd
+  include_tasks: "install_{{ etcd_deployment_type }}.yml"
   when: is_etcd_master
   tags:
     - upgrade
 
-- include_tasks: configure.yml
+- name: Configure etcd
+  include_tasks: configure.yml
   when: is_etcd_master
 
-- include_tasks: refresh_config.yml
+- name: Refresh etcd config
+  include_tasks: refresh_config.yml
   when: is_etcd_master
 
 - name: Restart etcd if certs changed
   command: /bin/true
-  notify: restart etcd
+  notify: Restart etcd
   when: is_etcd_master and etcd_cluster_setup and etcd_secret_changed | default(false)
 
 - name: Restart etcd-events if certs changed
   command: /bin/true
-  notify: restart etcd
+  notify: Restart etcd
   when: is_etcd_master and etcd_events_cluster_setup and etcd_secret_changed | default(false)
 
 # After etcd cluster is assembled, make sure that
 # initial state of the cluster is in `existing`
 # state instead of `new`.
-- include_tasks: refresh_config.yml
+- name: Refresh etcd config again for idempotency
+  include_tasks: refresh_config.yml
   when: is_etcd_master