mirrors/k3s-ansible
1
0
Fork 1
mirror of https://github.com/k3s-io/k3s-ansible.git synced 2025-12-25 00:12:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix(ansible): replace deprecated entities and sync version requirements (#478)

Browse Source 
* refactor(ansible): replace deprecated with_items and ansible facts

Replace deprecated `with_items` with `loop` keyword across all roles.
Migrate from legacy `ansible_*` top-level facts to `ansible_facts['*']`
syntax to prepare for ansible-core 2.24 where INJECT_FACTS_AS_VARS
will default to False.

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Aleksei Sviridkin <f@lex.la>

* chore(ansible): sync minimum version requirements to 2.15

Align version checks in prereq and airgap roles with README requirement
of ansible-core 2.15+.

Co-Authored-By: Claude <noreply@anthropic.com>
Signed-off-by: Aleksei Sviridkin <f@lex.la>

---------

Signed-off-by: Aleksei Sviridkin <f@lex.la>
Co-authored-by: Claude <noreply@anthropic.com>
This commit is contained in:
Aleksei Sviridkin
2025-12-22 21:11:29 +03:00
committed by GitHub
parent e11ff62d8f
commit 826c53975d
10 changed files with 31 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
roles/airgap/tasks/main.yml
View File

@@ -9,8 +9,8 @@
block:
- name: Verify Ansible meets airgap version requirements.
ansible.builtin.assert:
that: "ansible_version.full is version_compare('2.12', '>=')"
msg: "The Airgap role requires at least ansible-core 2.12"
that: "ansible_version.full is version_compare('2.15', '>=')"
msg: "The Airgap role requires at least ansible-core 2.15"
- name: Check for existing install script
become: false
@@ -40,7 +40,7 @@
- name: Determine architecture and set airgap_k3s_arch
ansible.builtin.set_fact:
airgap_k3s_arch: "{{ 'arm64' if ansible_architecture == 'aarch64' else 'arm' if ansible_architecture == 'armv7l' else 'amd64' }}"
airgap_k3s_arch: "{{ 'arm64' if ansible_facts['architecture'] == 'aarch64' else 'arm' if ansible_facts['architecture'] == 'armv7l' else 'amd64' }}"
- name: Distribute K3s binary
ansible.builtin.copy:
@@ -71,7 +71,7 @@
- name: Install K3s SELinux RPM
when:
- ansible_os_family == 'RedHat'
- ansible_facts['os_family'] == 'RedHat'
- airgap_selinux_copy.skipped is false
ansible.builtin.dnf:
name: "{{ airgap_selinux_copy.results[0].dest }}"

4
roles/k3s_agent/tasks/main.yml
View File

@@ -67,7 +67,7 @@
ansible.builtin.lineinfile:
path: "{{ systemd_dir }}/k3s-agent.service.env"
line: "{{ item }}"
with_items: "{{ extra_service_envs }}"
loop: "{{ extra_service_envs }}"
- name: Delete any existing token from the environment if different from the new one
ansible.builtin.lineinfile:
@@ -80,7 +80,7 @@
ansible.builtin.lineinfile:
path: "{{ systemd_dir }}/k3s-agent.service.env"
line: "{{ item }}"
with_items:
loop:
- "K3S_TOKEN={{ token }}"
- name: Modify ExecStart in k3s-agent.service to include API endpoint and extra args

6
roles/k3s_server/tasks/main.yml
View File

@@ -127,7 +127,7 @@
ansible.builtin.lineinfile:
path: "{{ systemd_dir }}/k3s.service.env"
line: "{{ item }}"
with_items: "{{ extra_service_envs }}"
loop: "{{ extra_service_envs }}"
- name: Delete any existing token from the environment if different from the new one
ansible.builtin.lineinfile:
@@ -261,7 +261,7 @@
ansible.builtin.lineinfile:
path: "{{ systemd_dir }}/k3s.service.env"
line: "{{ item }}"
with_items: "{{ extra_service_envs }}"
loop: "{{ extra_service_envs }}"
- name: Delete any existing token from the environment if different from the new one
ansible.builtin.lineinfile:
@@ -274,7 +274,7 @@
ansible.builtin.lineinfile:
path: "{{ systemd_dir }}/k3s.service.env"
line: "{{ item }}"
with_items:
loop:
- "K3S_TOKEN={{ token }}"
# When using an external database, no join is needed, instead, users should be

28
roles/prereq/tasks/main.yml
View File

@@ -2,17 +2,17 @@
- name: Enforce minimum Ansible version
ansible.builtin.assert:
that:
- ansible_version.full is version('2.14', '>=')
msg: "Minimum ansible-core version required is 2.14"
- ansible_version.full is version('2.15', '>=')
msg: "Minimum ansible-core version required is 2.15"
- name: Install Dependent Ubuntu Packages
when: ansible_distribution in ['Ubuntu']
when: ansible_facts['distribution'] in ['Ubuntu']
ansible.builtin.apt:
name: policycoreutils # Used by install script to restore SELinux context
update_cache: "{{ airgap_dir is not defined }}"
- name: Install Dependent RHEL 10 Package
when: ansible_os_family == 'RedHat' and ansible_distribution_major_version == "10"
when: ansible_facts['os_family'] == 'RedHat' and ansible_facts['distribution_major_version'] == "10"
ansible.builtin.dnf:
name: kernel-modules-extra # Load br_netfilter module
update_cache: "{{ airgap_dir is not defined }}"
@@ -30,7 +30,7 @@
value: "1"
state: present
reload: true
when: ansible_all_ipv6_addresses | length > 0
when: ansible_facts['all_ipv6_addresses'] | length > 0
- name: Populate service facts
ansible.builtin.service_facts:
@@ -114,7 +114,7 @@
state: enabled
permanent: true
immediate: true
with_items:
loop:
- 5001/tcp # Spegel (Embedded distributed registry)
- 8472/udp # Flannel VXLAN
- 10250/tcp # Kubelet metrics
@@ -135,8 +135,8 @@
+ groups[agent_group] | default([])
)
| map('extract', hostvars)
| selectattr('ansible_default_ipv4', 'defined')
| map(attribute='ansible_default_ipv4.address')
| selectattr('ansible_facts.default_ipv4', 'defined')
| map(attribute='ansible_facts.default_ipv4.address')
| flatten | unique | list
}}
@@ -154,13 +154,13 @@
content: "br_netfilter"
dest: /etc/modules-load.d/br_netfilter.conf
mode: "u=rw,g=,o="
when: (ansible_os_family == 'RedHat' or ansible_distribution == 'Archlinux')
when: (ansible_facts['os_family'] == 'RedHat' or ansible_facts['distribution'] == 'Archlinux')
- name: Load br_netfilter
community.general.modprobe:
name: br_netfilter
state: present
when: (ansible_os_family == 'RedHat' or ansible_distribution == 'Archlinux')
when: (ansible_facts['os_family'] == 'RedHat' or ansible_facts['distribution'] == 'Archlinux')
- name: Set bridge-nf-call-iptables (just to be sure)
ansible.posix.sysctl:
@@ -168,7 +168,7 @@
value: "1"
state: present
reload: true
when: (ansible_os_family == 'RedHat' or ansible_distribution == 'Archlinux')
when: (ansible_facts['os_family'] == 'RedHat' or ansible_facts['distribution'] == 'Archlinux')
loop:
- net.bridge.bridge-nf-call-iptables
- net.bridge.bridge-nf-call-ip6tables
@@ -186,7 +186,7 @@
- name: Install Apparmor Parser [Suse]
when:
- ansible_os_family == 'Suse'
- ansible_facts['os_family'] == 'Suse'
- prereq_apparmor_status is defined
- prereq_apparmor_status.stdout == "Y"
ansible.builtin.package:
@@ -195,7 +195,7 @@
- name: Install Apparmor Parser [Debian]
when:
- ansible_distribution == 'Debian'
- ansible_facts['distribution'] == 'Debian'
- ansible_facts['distribution_major_version'] == "11"
- prereq_apparmor_status is defined
- prereq_apparmor_status.stdout == "Y"
@@ -227,7 +227,7 @@
insertafter: EOF
path: /etc/sudoers
validate: 'visudo -cf %s'
when: ansible_os_family == 'RedHat'
when: ansible_facts['os_family'] == 'RedHat'
- name: Setup alternative K3s directory
when:

4
roles/raspberrypi/tasks/main.yml
View File

@@ -43,6 +43,6 @@
ansible.builtin.include_tasks: "{{ item }}"
with_first_found:
- "prereq/{{ detected_distribution }}.yml"
- "prereq/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml"
- "prereq/{{ ansible_distribution }}.yml"
- "prereq/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
- "prereq/{{ ansible_facts['distribution'] }}.yml"
- "prereq/default.yml"

2
roles/raspberrypi/tasks/prereq/Archlinux.yml
View File

@@ -4,7 +4,7 @@
path: /boot/boot.txt
regexp: '^(setenv bootargs console=ttyS1,115200 console=tty0 root=PARTUUID=\${uuid} rw rootwait smsc95xx.macaddr="\${usbethaddr}"(?!.*\b{{ cgroup_item }}\b).*)$'
replace: '\1 {{ cgroup_item }}'
with_items:
loop:
- "cgroup_enable=cpuset"
- "cgroup_memory=1"
- "cgroup_enable=memory"

2
roles/raspberrypi/tasks/prereq/CentOS.yml
View File

@@ -4,7 +4,7 @@
path: /boot/cmdline.txt
regexp: '^([\w](?!.*\b{{ cgroup_item }}\b).*)$'
replace: '\1 {{ cgroup_item }}'
with_items:
loop:
- "cgroup_enable=cpuset"
- "cgroup_memory=1"
- "cgroup_enable=memory"

2
roles/raspberrypi/tasks/prereq/Debian.yml
View File

@@ -9,7 +9,7 @@
path: "{{ (boot_firmware_cmdline_txt.stat.exists) | ternary('/boot/firmware/cmdline.txt', '/boot/cmdline.txt') }}"
regexp: '^([\w](?!.*\b{{ cgroup_item }}\b).*)$'
replace: '\1 {{ cgroup_item }}'
with_items:
loop:
- "cgroup_enable=cpuset"
- "cgroup_memory=1"
- "cgroup_enable=memory"

2
roles/raspberrypi/tasks/prereq/Raspbian.yml
View File

@@ -9,7 +9,7 @@
path: "{{ (boot_firmware_cmdline_txt.stat.exists) | ternary('/boot/firmware/cmdline.txt', '/boot/cmdline.txt') }}"
regexp: '^([\w](?!.*\b{{ cgroup_item }}\b).*)$'
replace: '\1 {{ cgroup_item }}'
with_items:
loop:
- "cgroup_enable=cpuset"
- "cgroup_memory=1"
- "cgroup_enable=memory"

4
roles/raspberrypi/tasks/prereq/Ubuntu.yml
View File

@@ -9,7 +9,7 @@
path: "{{ (boot_firmware_cmdline_txt.stat.exists) | ternary('/boot/firmware/cmdline.txt', '/boot/firmware/current/cmdline.txt') }}"
regexp: '^([\w](?!.*\b{{ cgroup_item }}\b).*)$'
replace: '\1 {{ cgroup_item }}'
with_items:
loop:
- "cgroup_enable=cpuset"
- "cgroup_memory=1"
- "cgroup_enable=memory"
@@ -24,4 +24,4 @@
name: linux-modules-extra-raspi
update_cache: "{{ airgap_dir is not defined }}"
state: present
when: "ansible_distribution_version is version('20.10', '>=') and ansible_distribution_version is version('24.04', '<')"
when: "ansible_facts['distribution_version'] is version('20.10', '>=') and ansible_facts['distribution_version'] is version('24.04', '<')"