Removal of fqcn[action] rule from ansible-lint skip_list (#378)

* 🔥 chore(ansible-lint.yml): remove fqcn[action] rule from skip_list
The fqcn[action] rule was removed from the skip_list as it is no longer necessary.

* 🚚 chore(configs): update Ansible modules to use community.general and community.docker collections
The Ansible modules used in the playbook have been updated to use the community.general and community.docker collections. This is because the modules have been moved to these collections and are no longer available in the core Ansible distribution. This change ensures that the playbook remains compatible with the latest version of Ansible.

🐛 fix(roles): replace deprecated Ansible modules with their updated counterparts
✨ feat(roles): improve maintainability by using updated Ansible modules
The deprecated Ansible modules have been replaced with their updated counterparts to ensure that the roles continue to work as expected. This improves the maintainability of the roles as the updated modules are more reliable and have better support.

🚚 chore(roles): update Ansible module names to use fully qualified names
The Ansible modules used in the roles have been updated to use fully qualified names. This is to ensure that the correct modules are used and to avoid any potential conflicts with other modules. The updated modules are as follows:
- community.postgresql.postgresql_schema
- community.postgresql.postgresql_user
- ansible.posix.authorized_key
- ansible.posix.mount
- ansible.posix.sysctl
- community.general.timezone
- community.general.make

* 🔨 chore(README.md): update minimum supported Ansible version to 2.11.0
🔨 chore(config_pgcluster.yml): update minimal Ansible version to 2.11.0
🔨 chore(deploy_pgcluster.yml): update minimal Ansible version to 2.11.0
🔨 chore(meta/main.yml): update minimum supported Ansible version to 2.11.0
The minimum supported Ansible version has been updated to 2.11.0 in all relevant files. This is done to ensure compatibility with the latest version of Ansible and to take advantage of its new features and improvements.

* 🆕 chore(runtime.yml): add runtime.yml file with ansible version requirement
This commit adds a new file named runtime.yml which specifies the minimum version of Ansible required to run the application. This file is important as it helps ensure that the application is run on a compatible version of Ansible.

* 📝 chore(runtime.yml): add newline at end of file
This commit adds a newline at the end of the runtime.yml file to improve readability and ensure consistency with other files in the repository.

.config/ansible-lint.yml

@@ -3,7 +3,6 @@ skip_list:
   - command-instead-of-module # Using command rather than module where necessary
   - command-instead-of-shell # Using command rather than shell where necessary
   - experimental # all rules tagged as experimental
-  - fqcn[action]
   - fqcn[action-core]
   - ignore-errors
   - jinja[invalid] # TODO

README.md

@@ -161,7 +161,7 @@ _Table of results of daily automated testing of cluster deployment:_
 
 
 ###### Ansible version 
-Minimum supported Ansible version: 2.7
+Minimum supported Ansible version: 2.11.0
 
 ## Requirements
 This playbook requires root privileges or sudo.

config_pgcluster.yml

@@ -26,7 +26,7 @@
   roles:
     - role: pre-checks
       vars:
-        minimal_ansible_version: 2.7.0
+        minimal_ansible_version: 2.11.0
         timescale_minimal_pg_version: 12 # if enable_timescale is defined
       tags: always
 
@@ -230,7 +230,7 @@
 
     - name: "Check if there are any changed parameters that require a restart"
       become_user: postgres
-      postgresql_query:
+      community.postgresql.postgresql_query:
         login_host: "127.0.0.1"
         login_port: "{{ postgresql_port }}"
         login_user: "{{ patroni_superuser_username }}"

deploy_pgcluster.yml

@@ -42,7 +42,7 @@
   roles:
     - role: pre-checks
       vars:
-        minimal_ansible_version: 2.7.0
+        minimal_ansible_version: 2.11.0
         timescale_minimal_pg_version: 12 # if enable_timescale is defined
       tags: always
 

meta/main.yml

@@ -6,7 +6,7 @@ galaxy_info:
   author: Vitaliy Kukharik (vitabaks@gmail.com)
   license: MIT
 
-  min_ansible_version: "2.7"
+  min_ansible_version: "2.11.0"
 
   platforms:
     - name: EL

meta/runtime.yml

@@ -0,0 +1,2 @@
+---
+requires_ansible: '>=2.11.0'

molecule/default/prepare.yml

@@ -5,7 +5,7 @@
   become: false
   tasks:
     - name: "Create docker network: test_docker_network"
-      docker_network:
+      community.docker.docker_network:
         name: test_docker_network
         driver: bridge
         driver_options:

molecule/postgrespro/prepare.yml

@@ -5,7 +5,7 @@
   become: false
   tasks:
     - name: "Create docker network: test_docker_network"
-      docker_network:
+      community.docker.docker_network:
         name: test_docker_network
         driver: bridge
         driver_options:

roles/ansible-role-firewall/tasks/main.yml

@@ -44,21 +44,21 @@
 # prevents firewall initialization from severing the SSH connection
 - block:
     - name: Load the nf_conntrack_ipv4 module
-      modprobe:
+      community.general.modprobe:
         name: nf_conntrack_ipv4
         state: present
       when: ansible_kernel is version('4.19', '<') and
             not (ansible_os_family == "RedHat" and ansible_distribution_version is version('8.3', '>='))
 
     - name: Load the nf_conntrack module
-      modprobe:
+      community.general.modprobe:
         name: nf_conntrack
         state: present
       when: ansible_kernel is version('4.19', '>=') or
             (ansible_os_family == "RedHat" and ansible_distribution_version is version('8.3', '>='))
 
     - name: sysctl | keep connections alive when enabling the firewall
-      sysctl:
+      ansible.posix.sysctl:
         name: net.netfilter.nf_conntrack_tcp_be_liberal
         value: "1"
         state: present

roles/consul/handlers/restart_consul.yml

@@ -21,7 +21,7 @@
   listen: 'restart consul'
 
 - name: restart consul on windows
-  win_service:
+  ansible.windows.win_service:
     name: consul
     state: restarted
   # Some tasks with `become: true` end up calling this task. Unfortunately, the `become`

roles/consul/handlers/start_consul.yml

@@ -14,7 +14,7 @@
   listen: 'start consul'
 
 - name: start consul on windows
-  win_service:
+  ansible.windows.win_service:
     name: consul
     state: started
   when: ansible_os_family == "Windows"

roles/consul/tasks/config_windows.yml

@@ -2,7 +2,7 @@
 # File: config_windows.yml - Consul configuration tasks for Windows
 
 - name: Create configuration
-  win_copy:
+  ansible.windows.win_copy:
     dest: "{{ config_item.dest }}"
     content: "{{ lookup('template', consul_config_template_path, convert_data=True) | to_nice_json }}"
   with_items:
@@ -26,7 +26,7 @@
     - restart consul
 
 - name: Create custom configuration
-  win_copy:
+  ansible.windows.win_copy:
     dest: "{{ consul_configd_path }}/50custom.json"
     content: "{{ lookup('template', 'templates/configd_50custom.json.j2', convert_data=True) | to_nice_json }}"
   when:
@@ -35,7 +35,7 @@
     - restart consul
 
 - name: Get Windows path for custom configuration file
-  win_stat:
+  ansible.windows.win_stat:
     path: "{{ consul_configd_path }}/50custom.json"
   register: custom_config_win_path
 

roles/consul/tasks/dirs.yml

@@ -70,7 +70,7 @@
     - not consul_install_from_repo | bool
 
 - name: Create directories on Windows
-  win_file:
+  ansible.windows.win_file:
     dest: "{{ dir_item }}"
     state: directory
   with_items:

roles/consul/tasks/install.yml

@@ -21,7 +21,7 @@
   when: ansible_facts['os_family'] == "VMware Photon OS"
 
 - name: Update Alpine Package Manager (APK)
-  apk:
+  community.general.apk:
     update_cache: true
   run_once: true
   when: ansible_os_family == "Alpine"

roles/consul/tasks/install_windows.yml

@@ -2,48 +2,48 @@
 # File: install_remote.yml - package installation tasks for Consul
 
 - name: Verify TLS1.2 is used
-  win_regedit:
+  ansible.windows.win_regedit:
     path: HKLM:\SOFTWARE\Microsoft\.NETFramework\v4.0.30319
     name: SchUseStrongCrypto
     data: 1
     type: dword
 
 - name: Create temporary directory to download Consul
-  win_tempfile:
+  ansible.windows.win_tempfile:
     state: directory
     prefix: ansible-consul.
   register: consul_temp_dir
 
 - name: Download and unarchive Consul
   block:
     - name: Read Consul package checksum file
-      win_stat:
+      ansible.windows.win_stat:
         path: "{{ consul_temp_dir.path }}\\consul_{{ consul_version }}_SHA256SUMS"
       register: consul_checksum
       tags: installation
 
     - name: Download Consul package checksum file
-      win_get_url:
+      ansible.windows.win_get_url:
         url: "{{ consul_checksum_file_url }}"
         dest: "{{ consul_temp_dir.path }}\\consul_{{ consul_version }}_SHA256SUMS"
       tags: installation
       when: not consul_checksum.stat.exists | bool
 
     - name: Read Consul package checksum
-      win_shell: "findstr {{ consul_pkg }} {{ consul_temp_dir.path }}\\consul_{{ consul_version }}_SHA256SUMS"
+      ansible.windows.win_shell: "findstr {{ consul_pkg }} {{ consul_temp_dir.path }}\\consul_{{ consul_version }}_SHA256SUMS"
       args:
         chdir: "{{ consul_temp_dir.path }}"
       register: consul_pkg_checksum
       tags: installation
 
     - name: Download Consul
-      win_get_url:
+      ansible.windows.win_get_url:
         url: "{{ consul_zip_url }}"
         dest: "{{ consul_temp_dir.path }}\\{{ consul_pkg }}"
       tags: installation
 
     - name: Calculate checksum
-      win_stat:
+      ansible.windows.win_stat:
         path: "{{ consul_temp_dir.path }}\\{{ consul_pkg }}"
         checksum_algorithm: sha256
       register: consul_pkg_hash
@@ -56,13 +56,13 @@
         - consul_pkg_hash.stat.checksum != (consul_pkg_checksum.stdout.split(' ') | first)
 
     - name: Unarchive Consul and install binary
-      win_unzip:
+      community.windows.win_unzip:
         src: "{{ consul_temp_dir.path }}\\{{ consul_pkg }}"
         dest: "{{ consul_bin_path }}"
       tags: installation
   always:
     - name: Cleanup
-      win_file:
+      ansible.windows.win_file:
         path: "{{ consul_temp_dir.path }}"
         state: absent
       tags: installation

roles/consul/tasks/services.yml

@@ -22,7 +22,7 @@
   when: ansible_os_family != 'Windows'
 
 - name: Get the list of service config files [Windows]
-  win_find:
+  ansible.windows.win_find:
     paths: "{{ consul_configd_path }}"
     file_type: file
   register: services_enabled_windows
@@ -55,7 +55,7 @@
   when: ansible_os_family != 'Windows'
 
 - name: Find all service config files that we manage [Windows]
-  win_stat:
+  ansible.windows.win_stat:
     path: "{{ consul_configd_path }}/service_{{ service_config_item.id }}.json"
   with_items: "{{ consul_services }}"
   loop_control:
@@ -87,7 +87,7 @@
     - restart consul
 
 - name: Delete non declared services [Windows]
-  win_file:
+  ansible.windows.win_file:
     path: "{{ non_declared_service_item }}"
     state: absent
   when:

roles/consul/tasks/windows.yml

@@ -19,7 +19,7 @@
     consul_node_role: "{{ consul_node_role }}"
 
 - name: (Windows) Read bootstrapped state
-  win_stat:
+  ansible.windows.win_stat:
     path: "{{ consul_bootstrap_state }}"
   register: bootstrap_state
   ignore_errors: true
@@ -29,12 +29,12 @@
   import_tasks: dirs.yml
 
 - name: (Windows) Check for existing Consul binary
-  win_stat:
+  ansible.windows.win_stat:
     path: "{{ consul_binary }}"
   register: consul_binary_installed
 
 - name: (Windows) Get current Consul version
-  win_command: "{{ consul_binary }} --version"
+  ansible.windows.win_command: "{{ consul_binary }} --version"
   changed_when: false
   when:
     - not consul_force_install
@@ -92,9 +92,8 @@
 
     # Generate new key if non was found
     - block:
-
         - name: (Windows) Generate gossip encryption key
-          win_shell: "{{ consul_binary }} keygen"
+          ansible.windows.win_shell: "{{ consul_binary }} keygen"
           register: consul_keygen
 
         - name: (Windows) Write key locally to share with other nodes
@@ -152,22 +151,22 @@
 
 - block:
     - name: Convert consul_binary from Unix -> Windows
-      win_stat:
+      ansible.windows.win_stat:
         path: "{{ consul_binary }}"
       register: consul_binary_win
 
     - name: Convert consul_config_path from Unix -> Windows
-      win_stat:
+      ansible.windows.win_stat:
         path: "{{ consul_config_path }}"
       register: consul_config_path_win
 
     - name: Convert consul_configd_path from Unix -> Windows
-      win_stat:
+      ansible.windows.win_stat:
         path: "{{ consul_configd_path }}"
       register: consul_configd_path_win
 
     - name: Create Consul as a service
-      win_service:
+      ansible.windows.win_service:
         name: Consul
         path: "{{ consul_binary_win.stat.path }} agent \
           -config-file={{ consul_config_path_win.stat.path }}\\config.json \
@@ -178,12 +177,12 @@
         state: started
 
     - name: (Windows) Check Consul HTTP API
-      win_wait_for:
+      ansible.windows.win_wait_for:
         delay: 5
         port: 8500
 
     - name: (Windows) Create bootstrapped state file
-      win_file:
+      ansible.windows.win_file:
         dest: "{{ consul_bootstrap_state }}"
         state: touch
       when: ansible_os_family == "Windows"

roles/haproxy/tasks/main.yml

@@ -277,7 +277,7 @@
     - name: Build HAProxy
       become: true
       become_user: root
-      make:
+      community.general.make:
         chdir: "/tmp/{{ haproxy_src_repo.split('.tar.gz')[0] | basename }}"
         params:
           TARGET: "{{ target_linux }}"
@@ -297,7 +297,7 @@
     - name: Install HAProxy
       become: true
       become_user: root
-      make:
+      community.general.make:
         chdir: "/tmp/{{ haproxy_src_repo.split('.tar.gz')[0] | basename }}"
         target: install
   when: installation_method == "repo" and haproxy_installation_method == "src"
@@ -316,7 +316,7 @@
     - name: Build HAProxy
       become: true
       become_user: root
-      make:
+      community.general.make:
         chdir: "/tmp/{{ haproxy_src_file.split('.tar.gz')[0] | basename }}"
         params:
           TARGET: "{{ target_linux }}"
@@ -336,15 +336,15 @@
     - name: Install HAProxy
       become: true
       become_user: root
-      make:
+      community.general.make:
         chdir: "/tmp/{{ haproxy_src_file.split('.tar.gz')[0] | basename }}"
         target: install
   when: installation_method == "file" and haproxy_installation_method == "src"
   tags: haproxy, load_balancing
 
 # Configure
 - name: Make sure the kernel parameter "net.ipv4.ip_nonlocal_bind" are enabled
-  sysctl:
+  ansible.posix.sysctl:
     name: "net.ipv4.ip_nonlocal_bind"
     value: "1"
     sysctl_set: true
@@ -503,13 +503,13 @@
         - haproxy_installation_method == "rpm"
 
     - name: selinux | set haproxy_connect_any flag to enable tcp connections
-      seboolean:
+      ansible.posix.seboolean:
         name: haproxy_connect_any
         state: true
         persistent: true
 
     - name: selinux | change the haproxy_t domain to permissive
-      selinux_permissive:
+      community.general.selinux_permissive:
         name: haproxy_t
         permissive: true
   when: ansible_selinux.status is defined and ansible_selinux.status == 'enabled'