yamllint: Make all files in awx pass yamllint

This commit updates all files that weren't passing yamllint for them to
pass.

A new yamllint target has been added. One can run `tox -e yamllint` or
`yamllint -s .` locally to ensure yaml files are still passing.

This check will be enabled in the CI so it can get on every new
contributions, and prevent merging non-compliant code.

Signed-off-by: Yanis Guenane <yguenane@redhat.com>

.github/BOTMETA.yml

@@ -1,3 +1,4 @@
+---
 files:
     awx/ui/:
         labels: component:ui

.yamllint

@@ -0,0 +1,12 @@
+---
+ignore: |
+  .tox
+  awx/main/tests/data/inventory/plugins/**
+  # vault files
+  awx/main/tests/data/ansible_utils/playbooks/valid/vault.yml
+  awx/ui/test/e2e/tests/smoke-vars.yml
+
+extends: default
+
+rules:
+  line-length: disable

awx/main/tests/data/ansible_utils/playbooks/valid/hello_world.yaml

@@ -1,7 +1,7 @@
+---
 - name: Hello World Sample
   hosts: all
   tasks:
     - name: Hello Message
       debug:
         msg: "Hello World!"
-

awx/main/tests/data/ansible_utils/playbooks/valid/hello_world.yml

@@ -1,7 +1,7 @@
+---
 - name: Hello World Sample
   hosts: all
   tasks:
     - name: Hello Message
       debug:
         msg: "Hello World!"
-

awx/main/tests/data/ansible_utils/playbooks/valid/hosts.yml

@@ -1 +1,2 @@
+---
 - hosts: all

awx/main/tests/data/ansible_utils/playbooks/valid/import.yml

@@ -1 +1,2 @@
+---
 - import_playbook: foo

awx/main/tests/data/ansible_utils/playbooks/valid/include.yml

@@ -1 +1,2 @@
+---
 - include: foo

awx/playbooks/check_isolated.yml

@@ -18,8 +18,8 @@
         src: "{{src}}/artifacts/"
         dest: "{{src}}/artifacts/"
         mode: pull
-        delete: yes
-        recursive: yes
+        delete: true
+        recursive: true
       when: ansible_kubectl_config is not defined
 
     - name: Copy daemon log from the isolated host
@@ -34,9 +34,9 @@
         src: "{{src}}/artifacts/"
         dest: "{{src}}/artifacts/"
         mode: pull
-        delete: yes
-        recursive: yes
-        set_remote_user: no
+        delete: true
+        recursive: true
+        set_remote_user: false
         rsync_opts:
           - "--rsh=$RSH"
       environment:
@@ -49,7 +49,7 @@
         src: "{{src}}/daemon.log"
         dest: "{{src}}/daemon.log"
         mode: pull
-        set_remote_user: no
+        set_remote_user: false
         rsync_opts:
           - "--rsh=$RSH"
       environment:

awx/playbooks/clean_isolated.yml

@@ -12,14 +12,14 @@
 
     - name: cancel the job
       command: "ansible-runner stop {{private_data_dir}}"
-      ignore_errors: yes
+      ignore_errors: true
 
     - name: remove build artifacts
       file: path="{{item}}" state=absent
       register: result
       with_items: "{{cleanup_dirs}}"
       until: result is succeeded
-      ignore_errors: yes
+      ignore_errors: true
       retries: 3
       delay: 5
 

awx/playbooks/project_update.yml

@@ -141,7 +141,7 @@
           when: doesRequirementsExist.stat.exists
           changed_when: "'was installed successfully' in galaxy_result.stdout"
           environment:
-          ANSIBLE_FORCE_COLOR: False
+            ANSIBLE_FORCE_COLOR: false
 
       when: roles_enabled|bool
       tags:
@@ -160,7 +160,7 @@
           when: doesCollectionRequirementsExist.stat.exists
           changed_when: "'Installing ' in galaxy_collection_result.stdout"
           environment:
-          ANSIBLE_FORCE_COLOR: False
+            ANSIBLE_FORCE_COLOR: false
             ANSIBLE_COLLECTIONS_PATHS: "{{ collections_destination }}"
 
       when:

awx/playbooks/run_isolated.yml

@@ -13,17 +13,17 @@
   tasks:
     - name: synchronize job environment with isolated host
       synchronize:
-        copy_links: yes
+        copy_links: true
         src: "{{ src }}"
         dest: "{{ dest }}"
       when: ansible_kubectl_config is not defined
 
     - name: synchronize job environment with remote job container
       synchronize:
-        copy_links: yes
+        copy_links: true
         src: "{{ src }}"
         dest: "{{ dest }}"
-        set_remote_user: no
+        set_remote_user: false
         rsync_opts:
           - "--rsh=$RSH"
       environment:
@@ -51,4 +51,4 @@
         content: "{{secret}}"
         path: "{{src}}/env/ssh_key"
       when: key.stat.exists
-      no_log: True
+      no_log: true

awx/playbooks/scan_facts.yml

@@ -1,3 +1,4 @@
+---
 - hosts: all
   vars:
     scan_use_checksum: false
@@ -33,4 +34,3 @@
         get_checksum: '{{ scan_use_checksum }}'
         recursive: '{{ scan_use_recursive }}'
       when: scan_file_paths is defined and ansible_os_family == "Windows"
-

awx/plugins/inventory/openstack.yml

@@ -1,3 +1,4 @@
+---
 clouds:
   vexxhost:
     profile: vexxhost
@@ -19,6 +20,6 @@ clouds:
       password: stack
       project_name: stack
 ansible:
-  use_hostnames: True
-  expand_hostvars: False
-  fail_on_errors: True
+  use_hostnames: true
+  expand_hostvars: false
+  fail_on_errors: true

awx_collection/template_galaxy.yml

@@ -1,3 +1,4 @@
+---
 - hosts: localhost
   gather_facts: false
   connection: local

docs/container_groups/service-account.yml

@@ -21,10 +21,10 @@ kind: Role
 metadata:
   name: pod-manager
 rules:
-- apiGroups: [""] # "" indicates the core API group
+  - apiGroups: [""]  # "" indicates the core API group
     resources: ["pods"]
     verbs: ["get", "list", "watch", "create", "update", "patch", "delete"]
-- apiGroups: [""]
+  - apiGroups: [""]
     resources: ["pods/exec"]
     verbs: ["create"]
 
@@ -34,7 +34,7 @@ apiVersion: rbac.authorization.k8s.io/v1beta1
 metadata:
   name: awx-pod-manager
 subjects:
-- kind: ServiceAccount
+  - kind: ServiceAccount
     name: awx
 roleRef:
   apiGroup: rbac.authorization.k8s.io

installer/build.yml

@@ -3,5 +3,5 @@
   hosts: all
   gather_facts: false
   roles:
-    - { role: image_build }
-    - { role: image_push, when: "docker_registry is defined" }
+    - {role: image_build}
+    - {role: image_push, when: "docker_registry is defined"}

installer/install.yml

@@ -2,8 +2,8 @@
 - name: Build and deploy AWX
   hosts: all
   roles:
-    - { role: check_vars }
-    - { role: image_build, when: "dockerhub_base is not defined" }
-    - { role: image_push, when: "docker_registry is defined and dockerhub_base is not defined" }
-    - { role: kubernetes, when: "openshift_host is defined or kubernetes_context is defined" }
-    - { role: local_docker, when: "openshift_host is not defined and kubernetes_context is not defined" }
+    - {role: check_vars}
+    - {role: image_build, when: "dockerhub_base is not defined"}
+    - {role: image_push, when: "docker_registry is defined and dockerhub_base is not defined"}
+    - {role: kubernetes, when: "openshift_host is defined or kubernetes_context is defined"}
+    - {role: local_docker, when: "openshift_host is not defined and kubernetes_context is not defined"}

installer/roles/image_build/tasks/main.yml

@@ -37,7 +37,7 @@
   shell: make clean
   args:
     chdir: ..
-  ignore_errors: yes
+  ignore_errors: true
   when: not sdist.stat.exists
   delegate_to: localhost
 
@@ -46,7 +46,7 @@
     build:
       path: "{{ role_path }}/files"
       dockerfile: Dockerfile.sdist
-      pull: no
+      pull: false
       args:
         http_proxy: "{{ http_proxy | default('') }}"
         https_proxy: "{{ https_proxy | default('') }}"
@@ -178,7 +178,7 @@
     build:
       path: "{{ docker_base_path }}"
       dockerfile: Dockerfile
-      pull: no
+      pull: false
       args:
         http_proxy: "{{ http_proxy | default('') }}"
         https_proxy: "{{ https_proxy | default('') }}"
@@ -186,7 +186,7 @@
     name: "{{ web_image }}"
     tag: "{{ awx_version }}"
     source: 'build'
-    force_source: yes
+    force_source: true
   delegate_to: localhost
 
 - name: Build base task image
@@ -194,7 +194,7 @@
     build:
       path: "{{ docker_base_path }}"
       dockerfile: Dockerfile.task
-      pull: no
+      pull: false
       args:
         http_proxy: "{{ http_proxy | default('') }}"
         https_proxy: "{{ https_proxy | default('') }}"
@@ -202,7 +202,7 @@
     name: "{{ task_image }}"
     tag: "{{ awx_version }}"
     source: 'build'
-    force_source: yes
+    force_source: true
   delegate_to: localhost
 
 - name: Tag task and web images as latest

installer/roles/image_push/tasks/main.yml

@@ -4,7 +4,7 @@
     registry: "{{ docker_registry }}"
     username: "{{ docker_registry_username }}"
     password: "{{ docker_registry_password | quote }}"
-    reauthorize: yes
+    reauthorize: true
   when: docker_registry is defined and docker_registry_password is defined
   delegate_to: localhost
 
@@ -30,7 +30,7 @@
         name: "{{ web_image }}"
         repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ web_image }}"
         tag: "{{ item }}"
-        push: yes
+        push: true
       with_items:
         - "latest"
         - "{{ awx_version }}"
@@ -40,7 +40,7 @@
         name: "{{ task_image }}"
         repository: "{{ docker_registry }}/{{ docker_registry_repository }}/{{ task_image }}"
         tag: "{{ item }}"
-        push: yes
+        push: true
       with_items:
         - "latest"
         - "{{ awx_version }}"

installer/roles/kubernetes/defaults/main.yml

@@ -1,6 +1,6 @@
 ---
 dockerhub_version: "{{ lookup('file', playbook_dir + '/../VERSION') }}"
-create_preload_data: True
+create_preload_data: true
 
 admin_user: 'admin'
 admin_email: 'root@localhost'
@@ -36,7 +36,7 @@ kubernetes_rabbitmq_image: "ansible/awx_rabbitmq"
 kubernetes_memcached_version: "latest"
 kubernetes_memcached_image: "memcached"
 
-openshift_pg_emptydir: no
+openshift_pg_emptydir: false
 openshift_pg_pvc_name: postgresql
 
 kubernetes_deployment_name: awx
@@ -55,6 +55,6 @@ custom_venvs_path: "/opt/custom-venvs"
 custom_venvs_python: "python2"
 
 ca_trust_bundle: "/etc/pki/tls/certs/ca-bundle.crt"
-rabbitmq_use_ssl: False
+rabbitmq_use_ssl: false
 
 container_groups_image: "ansible/ansible-runner"

installer/roles/kubernetes/tasks/backup.yml

@@ -55,7 +55,7 @@
           --port={{ pg_port | default('5432') }} \
           --username='{{ pg_username }}' \
           --dbname='{{ pg_database }}'" > {{ playbook_dir }}/tower-openshift-backup-{{ now }}/tower.db
-  no_log: yes
+  no_log: true
 
 - name: Copy inventory into backup directory
   copy:

installer/roles/kubernetes/tasks/kubernetes.yml

@@ -2,7 +2,7 @@
 - name: Get Namespace Detail
   shell: "kubectl get namespace {{ kubernetes_namespace }}"
   register: namespace_details
-  ignore_errors: yes
+  ignore_errors: true
 
 - name: Create AWX Kubernetes Project
   shell: "kubectl create namespace {{ kubernetes_namespace }}"
@@ -12,4 +12,3 @@
   set_fact:
     postgresql_service_name: "{{ kubernetes_deployment_name }}-postgresql"
   when: "pg_hostname is not defined or pg_hostname == ''"
-

installer/roles/kubernetes/tasks/main.yml

@@ -32,7 +32,7 @@
       {{ kubernetes_deployment_name }} \
       -n {{ kubernetes_namespace }} -o=jsonpath='{.status.replicas}'
   register: deployment_details
-  ignore_errors: yes
+  ignore_errors: true
 
 - name: Set expected post-deployment Replicas value
   set_fact:
@@ -48,7 +48,7 @@
 - name: Get Postgres Service Detail
   shell: "{{ kubectl_or_oc }} describe svc {{ postgresql_service_name }} -n {{ kubernetes_namespace }}"
   register: postgres_svc_details
-  ignore_errors: yes
+  ignore_errors: true
   when: "pg_hostname is not defined or pg_hostname == ''"
 
 - name: Deploy PostgreSQL (OpenShift)
@@ -72,7 +72,7 @@
           -e POSTGRESQL_VERSION=10 \
           -n {{ kubernetes_namespace }}
       register: openshift_pg_activate
-      no_log: yes
+      no_log: true
   when:
     - pg_hostname is not defined or pg_hostname == ''
     - postgres_svc_details is defined and postgres_svc_details.rc != 0
@@ -83,7 +83,7 @@
     - name: Template PostgreSQL Deployment (Kubernetes)
       set_fact:
         pg_values: "{{ lookup('template', 'postgresql-values.yml.j2') }}"
-      no_log: yes
+      no_log: true
 
     - name: Deploy and Activate Postgres (Kubernetes)
       shell: |
@@ -95,7 +95,7 @@
           --values - \
           stable/postgresql
       register: kubernetes_pg_activate
-      no_log: yes
+      no_log: true
   when:
     - pg_hostname is not defined or pg_hostname == ''
     - postgres_svc_details is defined and postgres_svc_details.rc != 0
@@ -206,7 +206,7 @@
     - 'configmap'
     - 'deployment'
     - 'secret'
-  no_log: yes
+  no_log: true
 
 - name: Apply Deployment
   shell: |
@@ -215,7 +215,7 @@
     - "{{ configmap }}"
     - "{{ deployment }}"
     - "{{ secret }}"
-  no_log: yes
+  no_log: true
 
 - name: Delete any existing management pod
   shell: |
@@ -249,21 +249,21 @@
     {{ kubectl_or_oc }} -n {{ kubernetes_namespace }} exec ansible-tower-management -- \
       bash -c "echo 'from django.contrib.auth.models import User; nsu = User.objects.filter(is_superuser=True).count(); exit(0 if nsu > 0 else 1)' | awx-manage shell"
   register: super_check
-  ignore_errors: yes
+  ignore_errors: true
   changed_when: super_check.rc > 0
 
 - name: create django super user if it does not exist
   shell: |
     {{ kubectl_or_oc }} -n {{ kubernetes_namespace }} exec ansible-tower-management -- \
       bash -c "echo \"from django.contrib.auth.models import User; User.objects.create_superuser('{{ admin_user }}', '{{ admin_email }}', '{{ admin_password }}')\" | awx-manage shell"
-  no_log: yes
+  no_log: true
   when: super_check.rc > 0
 
 - name: update django super user password
   shell: |
     {{ kubectl_or_oc }} -n {{ kubernetes_namespace }} exec ansible-tower-management -- \
       bash -c "awx-manage update_password --username='{{ admin_user }}' --password='{{ admin_password }}'"
-  no_log: yes
+  no_log: true
   register: result
   changed_when: "'Password updated' in result.stdout"
 

installer/roles/kubernetes/tasks/openshift.yml

@@ -2,7 +2,7 @@
 - name: Get Project Detail
   shell: "{{ openshift_oc_bin }} get project {{ openshift_project }}"
   register: project_details
-  ignore_errors: yes
+  ignore_errors: true
 
 - name: Create AWX Openshift Project
   shell: "{{ openshift_oc_bin }} new-project {{ openshift_project }}"
@@ -13,7 +13,7 @@
     - name: Check PVC status
       command: "{{ openshift_oc_bin }} get pvc {{ openshift_pg_pvc_name }} -n {{ openshift_project }} -o=jsonpath='{.status.phase}'"
       register: pg_pvc_status
-      ignore_errors: yes
+      ignore_errors: true
 
     - name: Ensure PostgreSQL PVC is available
       assert:

installer/roles/kubernetes/tasks/openshift_auth.yml

@@ -54,4 +54,3 @@
   fail:
     msg: "{{ openshift_auth_result.stderr | default('Invalid token') }}"
   when: openshift_auth_result.rc is defined and openshift_auth_result.rc != 0
-

installer/roles/local_docker/defaults/main.yml

@@ -18,4 +18,3 @@ memcached_image: "memcached"
 memcached_version: "alpine"
 memcached_hostname: "memcached"
 memcached_port: "11211"
-

installer/roles/local_docker/tasks/main.yml

@@ -17,7 +17,7 @@
   file:
     state: directory
     path: "{{ item }}"
-    recurse: yes
+    recurse: true
   when: upgrade_postgres | bool
   with_items:
     - "{{ postgres_data_dir }}/10/data"
@@ -25,7 +25,7 @@
 - name: Stop AWX before upgrading postgres
   docker_service:
     project_src: "{{ docker_compose_dir }}"
-    stopped: yes
+    stopped: true
   when: upgrade_postgres | bool
 
 - name: Upgrade Postgres

setup.cfg

@@ -19,3 +19,11 @@ exclude=.tox,venv,awx/lib/site-packages,awx/plugins/inventory/ec2.py,awx/plugins
 max-line-length=160
 ignore=E201,E203,E221,E225,E231,E241,E251,E261,E265,E303,W291,W391,W293,E731,W504
 exclude=.tox,venv,awx/lib/site-packages,awx/plugins/inventory,awx/ui,awx/api/urls.py,awx/main/migrations,awx/main/tests/data,node_modules/,awx/projects/,tools/docker,awx/settings/local_*.py,installer/openshift/settings.py,build/,installer/,awxkit/test,awx_collection/
+
+[testenv:linters]
+deps =
+  flake8
+  yamllint
+commands =
+  - flake8
+  - yamllint -s .

tools/clusterdevel/roles/minishift/tasks/main.yml

@@ -49,12 +49,12 @@
     - name: Get Project Detail
       shell: "oc get project {{ awx_dev_project }}"
       register: project_details
-      ignore_errors: yes
+      ignore_errors: true
 
     - name: Get Postgres Service Detail
       shell: "oc describe svc postgresql -n {{ awx_dev_project }}"
       register: postgres_svc_details
-      ignore_errors: yes
+      ignore_errors: true
 
     - name: Create AWX Openshift Project
       shell: "oc new-project {{ awx_dev_project }}"

tools/clusterdevel/start_minishift_dev.yml

@@ -8,4 +8,4 @@
     - awx_task_cpu_request: 500
     - awx_task_mem_request: 512
   roles:
-    - { role: minishift }
+    - {role: minishift}

tools/docker-compose-cluster.yml

@@ -1,3 +1,4 @@
+---
 version: '2'
 services:
   haproxy:

tools/docker-compose.yml

@@ -1,3 +1,4 @@
+---
 version: '2'
 services:
   # Primary AWX Development Container

tools/docker-credential-plugins-override.yml

@@ -1,3 +1,4 @@
+---
 version: '2'
 services:
   # Primary Tower Development Container link
@@ -21,7 +22,8 @@ services:
     environment:
       DATABASE_URL: postgres://postgres@postgres/postgres
       CONJUR_DATA_KEY: 'dveUwOI/71x9BPJkIgvQRRBF3SdASc+HP4CUGL7TKvM='
-    depends_on: [ postgres ]
+    depends_on:
+      - postgres
     links:
       - postgres
     ports:

tools/docker-isolated-override.yml

@@ -1,3 +1,4 @@
+---
 version: '2'
 services:
   # Primary Tower Development Container link

tools/elastic/docker-compose.elastic-override.yml

@@ -1,3 +1,4 @@
+---
 # Structure for the Elastic Stack docker configuration came from docker-elk:
 # https://github.com/deviantony/docker-elk
 # docker-elk is under the MIT License,

tools/elastic/docker-compose.logstash-link-cluster.yml

@@ -1,3 +1,4 @@
+---
 version: '2'
 services:
   # Tower Development Cluster

tools/elastic/docker-compose.logstash-link.yml

@@ -1,3 +1,4 @@
+---
 version: '2'
 services:
   # Primary Tower Development Container

tools/elastic/kibana/config/kibana.yml

@@ -1,3 +1,4 @@
+---
 # Kibana is served by a back end server. This setting specifies the port to use.
 server.port: 5601
 

tools/prometheus/prometheus.yml

@@ -1,3 +1,4 @@
+---
 # prometheus.yml
 # my global config
 global:
@@ -14,8 +15,8 @@ alerting:
 
 # Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
 rule_files:
-    # - "first_rules.yml"
-    # - "second_rules.yml"
+# - "first_rules.yml"
+# - "second_rules.yml"
 
 
 # A scrape configuration containing exactly one endpoint to scrape:
@@ -30,7 +31,7 @@ scrape_configs:
 
   - job_name: 'awx'
     tls_config:
-      insecure_skip_verify: True
+      insecure_skip_verify: true
     metrics_path: /api/v2/metrics
     scrape_interval: 5s
     scheme: http