Do not use ‘yes/no’ for boolean values (#11472)

Consistent boolean values in ansible playbooks
2026-02-28 09:39:12 +03:00 · 2024-08-28 01:30:56 -04:00
parent 5c5421e453
commit 9a7b021eb8
162 changed files with 507 additions and 508 deletions
--- a/roles/kubernetes/control-plane/tasks/define-first-kube-control.yml
+++ b/roles/kubernetes/control-plane/tasks/define-first-kube-control.yml
@@ -3,7 +3,7 @@
 - name: Check which kube-control nodes are already members of the cluster
  command: "{{ bin_dir }}/kubectl get nodes --selector=node-role.kubernetes.io/control-plane -o json"
  register: kube_control_planes_raw
-  ignore_errors: yes
+  ignore_errors: true
  changed_when: false

 - name: Set fact joined_control_planes
@@ -12,7 +12,7 @@
  delegate_to: "{{ item }}"
  loop: "{{ groups['kube_control_plane'] }}"
  when: kube_control_planes_raw is succeeded
-  run_once: yes
+  run_once: true

 - name: Set fact first_kube_control_plane
  set_fact:
--- a/roles/kubernetes/control-plane/tasks/encrypt-at-rest.yml
+++ b/roles/kubernetes/control-plane/tasks/encrypt-at-rest.yml
@@ -2,9 +2,9 @@
 - name: Check if secret for encrypting data at rest already exist
  stat:
    path: "{{ kube_cert_dir }}/secrets_encryption.yaml"
-    get_attributes: no
-    get_checksum: no
-    get_mime: no
+    get_attributes: false
+    get_checksum: false
+    get_mime: false
  register: secrets_encryption_file

 - name: Slurp secrets_encryption file if it exists
--- a/roles/kubernetes/control-plane/tasks/kubeadm-backup.yml
+++ b/roles/kubernetes/control-plane/tasks/kubeadm-backup.yml
@@ -4,7 +4,7 @@
    src: "{{ kube_cert_dir }}/{{ item }}"
    dest: "{{ kube_cert_dir }}/{{ item }}.old"
    mode: preserve
-    remote_src: yes
+    remote_src: true
  with_items:
    - apiserver.crt
    - apiserver.key
@@ -19,7 +19,7 @@
    src: "{{ kube_config_dir }}/{{ item }}"
    dest: "{{ kube_config_dir }}/{{ item }}.old"
    mode: preserve
-    remote_src: yes
+    remote_src: true
  with_items:
    - admin.conf
    - controller-manager.conf
--- a/roles/kubernetes/control-plane/tasks/kubeadm-fix-apiserver.yml
+++ b/roles/kubernetes/control-plane/tasks/kubeadm-fix-apiserver.yml
@@ -5,7 +5,7 @@
    dest: "{{ kube_config_dir }}/{{ item }}"
    regexp: '^    server: https'
    line: '    server: {{ kube_apiserver_endpoint }}'
-    backup: yes
+    backup: true
  with_items:
    - admin.conf
    - controller-manager.conf
--- a/roles/kubernetes/control-plane/tasks/kubeadm-secondary.yml
+++ b/roles/kubernetes/control-plane/tasks/kubeadm-secondary.yml
@@ -25,7 +25,7 @@
 - name: Parse certificate key if not set
  set_fact:
    kubeadm_certificate_key: "{{ hostvars[groups['kube_control_plane'][0]]['kubeadm_upload_cert'].stdout_lines[-1] | trim }}"
-  run_once: yes
+  run_once: true
  when:
    - hostvars[groups['kube_control_plane'][0]]['kubeadm_upload_cert'] is defined
    - hostvars[groups['kube_control_plane'][0]]['kubeadm_upload_cert'] is not skipped
@@ -35,7 +35,7 @@
    src: "kubeadm-controlplane.{{ kubeadmConfig_api_version }}.yaml.j2"
    dest: "{{ kube_config_dir }}/kubeadm-controlplane.yaml"
    mode: "0640"
-    backup: yes
+    backup: true
  when:
    - inventory_hostname != first_kube_control_plane
    - not kubeadm_already_run.stat.exists
--- a/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml
+++ b/roles/kubernetes/control-plane/tasks/kubeadm-setup.yml
@@ -13,9 +13,9 @@
 - name: Kubeadm | Check if kubeadm has already run
  stat:
    path: "/var/lib/kubelet/config.yaml"
-    get_attributes: no
-    get_checksum: no
-    get_mime: no
+    get_attributes: false
+    get_checksum: false
+    get_mime: false
  register: kubeadm_already_run

 - name: Kubeadm | Backup kubeadm certs / kubeconfig
--- a/roles/kubernetes/control-plane/tasks/kubelet-fix-client-cert-rotation.yml
+++ b/roles/kubernetes/control-plane/tasks/kubelet-fix-client-cert-rotation.yml
@@ -4,7 +4,7 @@
    path: "{{ kube_config_dir }}/kubelet.conf"
    regexp: '^    client-certificate-data: '
    line: '    client-certificate: /var/lib/kubelet/pki/kubelet-client-current.pem'
-    backup: yes
+    backup: true
  notify:
    - "Master | reload kubelet"

@@ -13,6 +13,6 @@
    path: "{{ kube_config_dir }}/kubelet.conf"
    regexp: '^    client-key-data: '
    line: '    client-key: /var/lib/kubelet/pki/kubelet-client-current.pem'
-    backup: yes
+    backup: true
  notify:
    - "Master | reload kubelet"
--- a/roles/kubernetes/control-plane/tasks/main.yml
+++ b/roles/kubernetes/control-plane/tasks/main.yml
@@ -120,7 +120,7 @@
 - name: Renew K8S control plane certificates monthly 2/2
  systemd_service:
    name: k8s-certs-renew.timer
-    enabled: yes
+    enabled: true
    state: started
    daemon_reload: "{{ k8s_certs_units is changed }}"
  when: auto_renew_certificates