sap_*_preconfigure, sap_ha_pacemaker_cluster: Vars loading reworked, Linting fixes for yes/no

roles/sap_general_preconfigure/tasks/RedHat/assert-installation.yml

@@ -49,7 +49,7 @@
     - name: Assert - Get info about enabled repos
       ansible.builtin.shell: set -o pipefail && subscription-manager repos --list-enabled | awk '/Repo ID:/{print $NF}'
       register: __sap_general_preconfigure_register_enabled_repos_assert
-      changed_when: no
+      changed_when: false
 
     - name: Assert that all required repos are enabled
       ansible.builtin.assert:
@@ -69,8 +69,8 @@
     - name: Detect if and how the minor RHEL release is set
       ansible.builtin.shell: set -o pipefail && subscription-manager release | awk 'NF==2{printf $NF}NF!=2{print}'
       register: __sap_general_preconfigure_register_subscription_manager_release_assert
-      changed_when: no
-      ignore_errors: yes
+      changed_when: false
+      ignore_errors: true
 
     - name: Assert that the RHEL release is locked correctly
       ansible.builtin.assert:
@@ -104,7 +104,7 @@
     - name: Check if required RHEL 7 package groups are installed # noqa command-instead-of-shell
       ansible.builtin.shell: "{{ __sap_general_preconfigure_fact_yum_group_list_installed_command_assert }}"
       register: __sap_general_preconfigure_register_yum_group_assert
-      changed_when: no
+      changed_when: false
 
     - name: Assert that all required RHEL 7 package groups are installed
       ansible.builtin.assert:
@@ -133,7 +133,7 @@
     - name: Check if required RHEL 8 environment groups are installed # noqa command-instead-of-shell
       ansible.builtin.shell: "{{ __sap_general_preconfigure_fact_yum_envgroup_list_installed_command_assert }}"
       register: __sap_general_preconfigure_register_yum_envgroup_assert
-      changed_when: no
+      changed_when: false
 
     - name: Assert that all required RHEL 8 environment groups are installed
       ansible.builtin.assert:
@@ -162,7 +162,7 @@
     set -o pipefail && yum info installed {{ __sap_general_preconfigure_required_ppc64le | map('quote') | join(' ') }} |
     awk '/Name/{n=$NF}/Version/{v=$NF}/Release/{r=$NF}/Description/{printf ("%s\n", n)}'
   register: __sap_general_preconfigure_register_required_ppc64le_packages_assert
-  changed_when: no
+  changed_when: false
   when: ansible_architecture == "ppc64le"
   ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}"
 
@@ -223,9 +223,9 @@
       with_list: "{{ __sap_general_preconfigure_min_pkgs }}"
       loop_control:
         loop_var: pkg
-      check_mode: no
+      check_mode: false
       register: __sap_general_preconfigure_register_minpkglist_assert
-      changed_when: no
+      changed_when: false
 
     - name: Assert that minimum required package versions are installed
 # If the output includes the string "is already installed" (case 2b), we have a PASS. Otherwise, it's a FAIL.
@@ -237,12 +237,12 @@
       loop_control:
         loop_var: line_item
         label: ""
-      ignore_errors: yes
+      ignore_errors: true
 
 - name: Report if no minimum required package version is defined for this RHEL release
   ansible.builtin.debug:
     msg: "INFO: No minimum required package version defined (variable __sap_general_preconfigure_min_pkgs)."
-  ignore_errors: yes
+  ignore_errors: true
   when: not __sap_general_preconfigure_min_pkgs | d([])
 
 # Reason for noqa: The yum module appears to not support the check-update option
@@ -265,7 +265,7 @@
 - name: Report if checking for possible package updates is not requested
   ansible.builtin.debug:
     msg: "INFO: Not checking for possible package updates (variable sap_general_preconfigure_update)."
-  ignore_errors: yes
+  ignore_errors: true
   when: not sap_general_preconfigure_update
 
 - name: "Assert - Set needs-restarting command in case of RHEL 7"

roles/sap_general_preconfigure/tasks/RedHat/generic/assert-dns-name-resolution.yml

@@ -7,7 +7,7 @@
     fail_msg: "FAIL: The DNS domain is not configured! So variable 'sap_general_preconfigure_domain' needs to be configured!"
     success_msg: "PASS: The DNS domain is configured."
 #  ignore_errors: "{{ sap_general_preconfigure_assert_ignore_errors | d(false) }}"
-  ignore_errors: yes
+  ignore_errors: true
 
 - name: Assert that variable sap_general_preconfigure_domain is set
   ansible.builtin.assert:
@@ -25,8 +25,8 @@
 - name: Check if IP address for sap_general_preconfigure_hostname.sap_general_preconfigure_domain is resolved correctly
   ansible.builtin.command: dig {{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }} +short
   register: __sap_general_preconfigure_register_dig_short_assert
-  ignore_errors: yes
-  changed_when: no
+  ignore_errors: true
+  changed_when: false
   when: "'bind-utils' in ansible_facts.packages"
 
 - name: Assert that ansible_default_ipv4.address is set

roles/sap_general_preconfigure/tasks/RedHat/generic/assert-etc-hosts.yml

@@ -11,8 +11,8 @@
 - name: Check if ipv4 address, FQDN, and hostname are once in /etc/hosts
   ansible.builtin.command: awk 'BEGIN{a=0}/^{{ sap_general_preconfigure_ip }}\s/&&/\s{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}\s/&&(/\s{{ sap_general_preconfigure_hostname }}\s/||/\s{{ sap_general_preconfigure_hostname }}$/){a++}END{print a}' /etc/hosts
   register: __sap_general_preconfigure_register_ipv4_fqdn_sap_hostname_once_assert
-  ignore_errors: yes
-  changed_when: no
+  ignore_errors: true
+  changed_when: false
 
 - name: Assert that ipv4 address, FQDN, and hostname are once in /etc/hosts
   ansible.builtin.assert:
@@ -25,8 +25,8 @@
 - name: Count the number of sap_general_preconfigure_ip ({{ sap_general_preconfigure_ip }}) entries in /etc/hosts
   ansible.builtin.command: awk 'BEGIN{a=0}/^{{ sap_general_preconfigure_ip }}\s/{a++}END{print a}' /etc/hosts
   register: __sap_general_preconfigure_register_sap_ip_once_assert
-  ignore_errors: yes
-  changed_when: no
+  ignore_errors: true
+  changed_when: false
 
 - name: Assert that there is exactly one line containing {{ sap_general_preconfigure_ip }} in /etc/hosts
   ansible.builtin.assert:
@@ -40,8 +40,8 @@
                 /\s{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}\s/||
                 /\s{{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }}$/{a++}END{print a}' /etc/hosts
   register: __sap_general_preconfigure_register_fqdn_once_assert
-  ignore_errors: yes
-  changed_when: no
+  ignore_errors: true
+  changed_when: false
 
 - name: Assert that there is just one line containing {{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }} in /etc/hosts
   ansible.builtin.assert:
@@ -55,8 +55,8 @@
                 /\s{{ sap_general_preconfigure_hostname }}\s/||
                 /\s{{ sap_general_preconfigure_hostname }}$/{a++}END{print a}' /etc/hosts
   register: __sap_general_preconfigure_register_sap_hostname_once_assert
-  ignore_errors: yes
-  changed_when: no
+  ignore_errors: true
+  changed_when: false
 
 - name: Assert that there is just one line containing {{ sap_general_preconfigure_hostname }} in /etc/hosts
   ansible.builtin.assert:
@@ -68,8 +68,8 @@
 - name: Test hostname -s
   ansible.builtin.shell: test "$(hostname -s)" = "$(hostname)"
   register: __sap_general_preconfigure_register_hostname_s_assert
-  ignore_errors: yes
-  changed_when: no
+  ignore_errors: true
+  changed_when: false
 
 - name: Assert that hostname -s matches the output of hostname
   ansible.builtin.assert:
@@ -81,8 +81,8 @@
 - name: Test hostname -f
   ansible.builtin.shell: test "$(hostname -f)" = "$(hostname).$(hostname -d)"
   register: __sap_general_preconfigure_register_hostname_f_assert
-  ignore_errors: yes
-  changed_when: no
+  ignore_errors: true
+  changed_when: false
 
 - name: Assert that hostname -f matches the output of hostname.hostname -d
   ansible.builtin.assert:

roles/sap_general_preconfigure/tasks/RedHat/generic/assert-firewall.yml

@@ -18,9 +18,9 @@
     - name: Get status of firewalld # noqa command-instead-of-module
       ansible.builtin.command: systemctl status firewalld
       register: __sap_general_preconfigure_register_firewalld_status_assert
-      ignore_errors: yes
-      changed_when: no
-      no_log: yes
+      ignore_errors: true
+      changed_when: false
+      no_log: true
 
     - name: Assert that firewalld is disabled
       ansible.builtin.assert:

roles/sap_general_preconfigure/tasks/RedHat/generic/assert-hostname.yml

@@ -4,8 +4,8 @@
 - name: Check if hostname is set
   ansible.builtin.command: hostname
   register: __sap_general_preconfigure_register_hostname_assert
-  ignore_errors: yes
-  changed_when: no
+  ignore_errors: true
+  changed_when: false
 
 - name: Assert that the output of hostname matches the content of variable sap_general_preconfigure_hostname
   ansible.builtin.assert:

roles/sap_general_preconfigure/tasks/RedHat/generic/assert-kernel-parameters-loop-block.yml

@@ -6,8 +6,8 @@
 - name: Get {{ line_item.name }} from {{ sap_general_preconfigure_etc_sysctl_sap_conf }}
   ansible.builtin.shell: awk 'BEGIN{FS="="}/{{ line_item.name }}/{gsub ("^\\s*", "", $NF); print $NF}' {{ sap_general_preconfigure_etc_sysctl_sap_conf }}
   register: __sap_general_preconfigure_register_sysctl_sap_conf_kernel_parameter_assert
-  changed_when: no
-  ignore_errors: yes
+  changed_when: false
+  ignore_errors: true
   when: __sap_general_preconfigure_register_stat_sysctl_sap_conf_assert.stat.exists
 
 - name: Assert that {{ line_item.name }} is set correctly in {{ sap_general_preconfigure_etc_sysctl_sap_conf }}
@@ -23,8 +23,8 @@
 - name: Get {{ line_item.name }} from sysctl
   ansible.builtin.shell: sysctl -n {{ line_item.name }} | awk '{gsub ("\t", " "); print}'
   register: __sap_general_preconfigure_register_sysctl_kernel_parameter_assert
-  changed_when: no
-  ignore_errors: yes
+  changed_when: false
+  ignore_errors: true
 
 - name: Assert that {{ line_item.name }} is set correctly as per sysctl
   ansible.builtin.assert:

roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nofile-limits.yml

@@ -4,8 +4,8 @@
 - name: Check if the hard limit of nofile for group sapsys is 1048576
   ansible.builtin.command: awk '!/^#/&&/sapsys/&&/nofile/&&/hard/{print $NF}' /etc/security/limits.d/99-sap.conf
   register: __sap_general_preconfigure_register_limits_sap_conf_nofile_hard_assert
-  changed_when: no
-  ignore_errors: yes
+  changed_when: false
+  ignore_errors: true
   when:
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg
@@ -25,8 +25,8 @@
 - name: Check if the soft limit of nofile for group sapsys is 1048576
   ansible.builtin.command: awk '!/^#/&&/sapsys/&&/nofile/&&/soft/{print $NF}' /etc/security/limits.d/99-sap.conf
   register: __sap_general_preconfigure_register_limits_sap_conf_nofile_soft_assert
-  changed_when: no
-  ignore_errors: yes
+  changed_when: false
+  ignore_errors: true
   when:
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg
@@ -46,8 +46,8 @@
 - name: Get the hard limit of nofile for the database group
   ansible.builtin.command: awk '!/^#/&&/@{{ sap_general_preconfigure_db_group_name }}/&&/nofile/&&/hard/{print $NF}' /etc/security/limits.d/99-sap.conf
   register: __sap_general_preconfigure_register_limits_sap_conf_db_group_nofile_hard_assert
-  changed_when: no
-  ignore_errors: yes
+  changed_when: false
+  ignore_errors: true
   when:
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg
@@ -67,8 +67,8 @@
 - name: Get the soft limit of nofile for the database group
   ansible.builtin.command: awk '!/^#/&&/@{{ sap_general_preconfigure_db_group_name }}/&&/nofile/&&/soft/{print $NF}' /etc/security/limits.d/99-sap.conf
   register: __sap_general_preconfigure_register_limits_sap_conf_db_group_nofile_soft_assert
-  changed_when: no
-  ignore_errors: yes
+  changed_when: false
+  ignore_errors: true
   when:
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg

roles/sap_general_preconfigure/tasks/RedHat/generic/assert-nproc-limits.yml

@@ -4,8 +4,8 @@
 - name: Check if the hard limit of nproc for group sapsys is unlimited
   ansible.builtin.command: awk '/sapsys/&&/nproc/&&/hard/{print $NF}' /etc/security/limits.d/99-sap.conf
   register: __sap_general_preconfigure_register_limits_sap_conf_nproc_hard_assert
-  changed_when: no
-  ignore_errors: yes
+  changed_when: false
+  ignore_errors: true
   when:
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg
@@ -25,8 +25,8 @@
 - name: Check if the soft limit of nproc for group sapsys is unlimited
   ansible.builtin.command: awk '/sapsys/&&/nproc/&&/soft/{print $NF}' /etc/security/limits.d/99-sap.conf
   register: __sap_general_preconfigure_register_limits_sap_conf_nproc_soft_assert
-  changed_when: no
-  ignore_errors: yes
+  changed_when: false
+  ignore_errors: true
   when:
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg
@@ -46,8 +46,8 @@
 - name: Get the hard limit of nproc for the database group
   ansible.builtin.command: awk '/@{{ sap_general_preconfigure_db_group_name }}/&&/nproc/&&/hard/{print $NF}' /etc/security/limits.d/99-sap.conf
   register: __sap_general_preconfigure_register_limits_sap_conf_db_group_nproc_hard_assert
-  changed_when: no
-  ignore_errors: yes
+  changed_when: false
+  ignore_errors: true
   when:
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg
@@ -69,8 +69,8 @@
 - name: Get the soft limit of nproc for the database group
   ansible.builtin.command: awk '/@{{ sap_general_preconfigure_db_group_name }}/&&/nproc/&&/soft/{print $NF}' /etc/security/limits.d/99-sap.conf
   register: __sap_general_preconfigure_register_limits_sap_conf_db_group_nproc_soft_assert
-  changed_when: no
-  ignore_errors: yes
+  changed_when: false
+  ignore_errors: true
   when:
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.exists
     - __sap_general_preconfigure_register_stat_limits_sap_conf_assert.stat.isreg

roles/sap_general_preconfigure/tasks/RedHat/generic/assert-selinux.yml

@@ -16,21 +16,21 @@
 - name: Info about SELinux being set to 'enforcing'
   ansible.builtin.debug:
     msg: "INFO: The SELinux state has been set to 'enforcing' (variable sap_general_preconfigure_selinux_state)."
-  ignore_errors: yes
+  ignore_errors: true
   when: "sap_general_preconfigure_selinux_state == 'enforcing'"
 
 - name: Warn about how SELinux would be set when role is run in normal mode
   ansible.builtin.debug:
     msg: "INFO: When running in normal mode, the role will set the SELinux state to '{{ sap_general_preconfigure_selinux_state }}'
           (variable sap_general_preconfigure_selinux_state)."
-  ignore_errors: yes
+  ignore_errors: true
   when: "sap_general_preconfigure_selinux_state != 'enforcing'"
 
 - name: "Check if the permanent configuration of the SELinux state is '{{ sap_general_preconfigure_selinux_state }}'"
   ansible.builtin.command: awk 'BEGIN{FS="="}/^SELINUX=/{print $NF}' /etc/selinux/config
   register: __sap_general_preconfigure_register_selinux_conf_assert
   changed_when: false
-  ignore_errors: yes
+  ignore_errors: true
   when: __sap_general_preconfigure_register_stat_selinux_conf_assert.stat.isreg
 
 - name: "Assert that the permanent configuration of the SELinux state is set to '{{ sap_general_preconfigure_selinux_state }}'"

roles/sap_general_preconfigure/tasks/RedHat/generic/assert-tmpfs.yml

@@ -4,8 +4,8 @@
 - name: Check the size of tmpfs
   ansible.builtin.command: awk '/\/dev\/shm/&&/tmpfs/{gsub ("defaults,size=", "", $4); print $4}' /etc/fstab
   register: __sap_general_preconfigure_register_fstab_tmpfs_size_gb_assert
-  ignore_errors: yes
-  changed_when: no
+  ignore_errors: true
+  changed_when: false
 
 - name: Assert that there is an entry for tmpfs in /etc/fstab
   ansible.builtin.assert:
@@ -26,8 +26,8 @@
 - name: Check if /dev/shm is available and has the expected size
   ansible.builtin.shell: df -kl /dev/shm | awk '/\/dev\/shm/&&/tmpfs/{printf ("%.0fG\n", $2/1024/1024)}'
   register: __sap_general_preconfigure_register_df_shm_assert
-  ignore_errors: yes
-  changed_when: no
+  ignore_errors: true
+  changed_when: false
 
 - name: Assert that the current size of tmpfs is large enough as per df output
   ansible.builtin.assert:

roles/sap_general_preconfigure/tasks/RedHat/generic/assert-uuidd.yml

@@ -20,8 +20,8 @@
 - name: Get status of uuidd.socket # noqa command-instead-of-module
   ansible.builtin.command: systemctl status uuidd.socket
   register: __sap_general_preconfigure_register_uuidd_socket_status_assert
-  ignore_errors: yes
-  changed_when: no
+  ignore_errors: true
+  changed_when: false
 
 - name: Report uuidd.socket service status
   ansible.builtin.debug:

roles/sap_general_preconfigure/tasks/RedHat/generic/configure-etc-hosts.yml

@@ -67,7 +67,7 @@
     fi
   register: __sap_general_preconfigure_register_duplicate_ip_check
   changed_when: false
-  ignore_errors: yes
+  ignore_errors: true
   when: not ansible_check_mode
 
 - name: Verify that variable sap_general_preconfigure_domain is set
@@ -89,7 +89,7 @@
     path: /etc/hosts
     regexp: '^{{ sap_general_preconfigure_ip }}\s'
     line: "{{ sap_general_preconfigure_ip }} {{ sap_general_preconfigure_hostname }}.{{ sap_general_preconfigure_domain }} {{ sap_general_preconfigure_hostname }}{{ __sap_general_preconfigure_register_sap_hostname_aliases.stdout }}"
-    backup: yes
+    backup: true
   when:
     - not ansible_check_mode
     - sap_general_preconfigure_domain | length > 0

roles/sap_general_preconfigure/tasks/RedHat/generic/configure-firewall.yml

@@ -5,5 +5,5 @@
   ansible.builtin.systemd:
     name: firewalld
     state: stopped
-    enabled: no
+    enabled: false
   when: "'firewalld' in ansible_facts.packages"

roles/sap_general_preconfigure/tasks/RedHat/generic/configure-kernel-parameters.yml

@@ -4,7 +4,7 @@
 - name: Set kernel parameters
   ansible.builtin.lineinfile:
     path: "{{ sap_general_preconfigure_etc_sysctl_sap_conf }}"
-    create: yes
+    create: true
     mode: '0644'
     regexp: ^{{ line_item.name }}.*
     line: "{{ line_item.name }}={{ line_item.value }}"