From 87193fd270a189dd882763381a1efa6e52ff2faa Mon Sep 17 00:00:00 2001
From: Erwan Miran <mirwan@users.noreply.github.com>
Date: Wed, 17 Oct 2018 21:27:11 +0200
Subject: [PATCH] Fix ansible syntax to avoid ansible warnings (one more)
 (#3536)

* warning on meta flush_handlers

* avoid rm

* avoid "Module remote_tmp /root/.ansible/tmp did not exist and was created with a mode of 0700, this may cause issues when running as another user. To avoid this, create the remote_tmp dir with the correct permissions manually" warning on subsequent tasks using blockinfile

* is match
---
 roles/bootstrap-os/tasks/main.yml                     |  6 ++++++
 .../master/tasks/kubeadm-cleanup-old-certs.yml        | 11 ++++++++++-
 .../preinstall/tasks/0020-verify-settings.yml         |  2 +-
 roles/kubernetes/preinstall/tasks/0090-etchosts.yml   |  2 +-
 .../preinstall/tasks/0110-dhclient-hooks-undo.yml     |  4 ----
 roles/kubernetes/preinstall/tasks/main.yml            |  4 ++++
 roles/network_plugin/calico/tasks/check.yml           |  2 +-
 7 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/roles/bootstrap-os/tasks/main.yml b/roles/bootstrap-os/tasks/main.yml
index c8e63a211..2c42f2d66 100644
--- a/roles/bootstrap-os/tasks/main.yml
+++ b/roles/bootstrap-os/tasks/main.yml
@@ -41,6 +41,12 @@
 
 - import_tasks: setup-pipelining.yml
 
+- name: Create remote_tmp for it is used by another module
+  file:
+    path: "{{ lookup('config', 'DEFAULT_REMOTE_TMP', on_missing='skip', wantlist=True) | first | default('~/.ansible/tmp') }}"
+    state: directory
+    mode: 0700
+
 - name: Gather nodes hostnames
   setup:
     gather_subset: '!all'
diff --git a/roles/kubernetes/master/tasks/kubeadm-cleanup-old-certs.yml b/roles/kubernetes/master/tasks/kubeadm-cleanup-old-certs.yml
index e1e85e205..10363a2c9 100644
--- a/roles/kubernetes/master/tasks/kubeadm-cleanup-old-certs.yml
+++ b/roles/kubernetes/master/tasks/kubeadm-cleanup-old-certs.yml
@@ -1,3 +1,12 @@
 ---
+- name: kubeadm | Retrieve files to purge
+  find:
+    paths: "{{kube_cert_dir }}"
+    patterns: '*.pem'
+  register: files_to_purge_for_kubeadm
+
 - name: kubeadm | Purge old certs
-  command: "rm -f {{kube_cert_dir }}/*.pem"
+  file:
+    path: "{{ item.path }}"
+    state: absent
+  with_items: "{{ files_to_purge_for_kubeadm.files }}"
diff --git a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
index 868240b71..8ce7da7ee 100644
--- a/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
+++ b/roles/kubernetes/preinstall/tasks/0020-verify-settings.yml
@@ -120,7 +120,7 @@
 
 - name: Stop if bad hostname
   assert:
-    that: inventory_hostname | match("[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$")
+    that: inventory_hostname is match("[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$")
     msg: "Hostname must consist of lower case alphanumeric characters, '.' or '-', and must start and end with an alphanumeric character"
   ignore_errors: "{{ ignore_assert_errors }}"
 
diff --git a/roles/kubernetes/preinstall/tasks/0090-etchosts.yml b/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
index 405c885f0..69626833f 100644
--- a/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
+++ b/roles/kubernetes/preinstall/tasks/0090-etchosts.yml
@@ -37,7 +37,7 @@
   with_items: "{{ (etc_hosts_content['content'] | b64decode).split('\n') }}"
   when:
     - etc_hosts_content.content is defined
-    - (item|match('^::1 .*') or item|match('^127.0.0.1 .*'))
+    - (item is match('^::1 .*') or item is match('^127.0.0.1 .*'))
 
 - name: Hosts | Update target hosts file entries dict with required entries
   set_fact:
diff --git a/roles/kubernetes/preinstall/tasks/0110-dhclient-hooks-undo.yml b/roles/kubernetes/preinstall/tasks/0110-dhclient-hooks-undo.yml
index 91fb9c694..652223a94 100644
--- a/roles/kubernetes/preinstall/tasks/0110-dhclient-hooks-undo.yml
+++ b/roles/kubernetes/preinstall/tasks/0110-dhclient-hooks-undo.yml
@@ -19,7 +19,3 @@
     state: absent
   when: dhclienthookfile is defined
   notify: Preinstall | restart network
-
-# We need to make sure the network is restarted early enough so that docker can later pick up the correct system
-# nameservers and search domains
-- meta: flush_handlers
diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml
index 96cde3bb2..2505101e8 100644
--- a/roles/kubernetes/preinstall/tasks/main.yml
+++ b/roles/kubernetes/preinstall/tasks/main.yml
@@ -59,6 +59,10 @@
     - bootstrap-os
     - resolvconf
 
+# We need to make sure the network is restarted early enough so that docker can later pick up the correct system
+# nameservers and search domains
+- meta: flush_handlers
+
 - name: Check if we are running inside a Azure VM
   stat:
     path: /var/lib/waagent/
diff --git a/roles/network_plugin/calico/tasks/check.yml b/roles/network_plugin/calico/tasks/check.yml
index 0482432d7..bcfe25236 100644
--- a/roles/network_plugin/calico/tasks/check.yml
+++ b/roles/network_plugin/calico/tasks/check.yml
@@ -3,7 +3,7 @@
   assert:
     that:
       - "calico_pool_name is defined"
-      - "calico_pool_name | match('^[a-zA-Z0-9-_\\\\.]{2,63}$')"
+      - "calico_pool_name is match('^[a-zA-Z0-9-_\\\\.]{2,63}$')"
       - "ipip_mode is defined"
       - "ipip_mode in ['Always', 'CrossSubnet', 'Never']"
     msg: "Check variable definitions seems something is wrong"
-- 
GitLab