Add Ansible 12 compatibility (#1279)

Co-authored-by: Vitaliy Kukharik <[email protected]>

Author: Copilot

.config/python/dev/requirements.txt

@@ -1,4 +1,4 @@
-ansible==11.10.0
+ansible==12.1.0
 ansible-lint==25.9.1
 ansible-compat==25.8.1
 yamllint==1.37.1

automation/playbooks/pg_upgrade.yml

@@ -1,5 +1,5 @@
 ---
-- name: "vitabaks.autobase.pg_upgrade | Upgrade PostgreSQL {{ pg_old_version }} to the new version {{ pg_new_version }}"
+- name: "vitabaks.autobase.pg_upgrade | Upgrade PostgreSQL to the new major version"
   hosts: postgres_cluster
   gather_facts: true
   become: true

automation/requirements.txt

@@ -1,4 +1,4 @@
-ansible==11.10.0
+ansible==12.1.0
 boto3==1.40.44
 dopy==0.3.7
 google-auth==2.41.1

automation/roles/add_repository/tasks/main.yml

@@ -152,7 +152,7 @@
           when: ansible_architecture in ["x86_64", "amd64"]
 
         # Check if the repository entry exists in the file
-        - name: Check if pgdg{{ postgresql_version }}-debuginfo exists in repo file
+        - name: Check if pgdg{{ postgresql_version | default('') }}-debuginfo exists in repo file
           ansible.builtin.lineinfile:
             path: "{{ pgdg_redhat_repo_path }}"
             regexp: '^\[pgdg{{ postgresql_version }}-debuginfo\]'
@@ -164,7 +164,7 @@
             pgdg_redhat_repo_path: "/etc/yum.repos.d/pgdg-redhat-all.repo"
 
         # If the entry does not exist, try to add the repository
-        - name: Add pgdg{{ postgresql_version }}-debuginfo repo if not present
+        - name: Add pgdg{{ postgresql_version | default('') }}-debuginfo repo if not present
           ansible.builtin.yum_repository: # yamllint disable rule:line-length
             name: "pgdg{{ postgresql_version }}-debuginfo"
             description: "PostgreSQL {{ postgresql_version }} for RHEL {{ ansible_distribution_major_version }} - {{ pgdg_architecture_map[ansible_architecture] }} - Debuginfo"

automation/roles/authorized_keys/tasks/main.yml

@@ -6,7 +6,7 @@
       register: system_user
       changed_when: false
 
-    - name: "Add public keys to ~{{ system_user.stdout }}/.ssh/authorized_keys"
+    - name: "Add public keys to ~{{ system_user.stdout | default('') }}/.ssh/authorized_keys"
       ansible.posix.authorized_key:
         user: "{{ system_user.stdout }}"
         key: "{{ item }}"

automation/roles/cloud_resources/tasks/aws.yml

@@ -55,7 +55,7 @@
 # SSH key
 - block:
     # Delete the temporary ssh key from the cloud (if exists)
-    - name: "AWS: Remove temporary SSH key '{{ ssh_key_name }}' from cloud (if any)"
+    - name: "AWS: Remove temporary SSH key '{{ ssh_key_name | default('') }}' from cloud (if any)"
       amazon.aws.ec2_key:
         access_key: "{{ lookup('ansible.builtin.env', 'AWS_ACCESS_KEY_ID') }}"
         secret_key: "{{ lookup('ansible.builtin.env', 'AWS_SECRET_ACCESS_KEY') }}"
@@ -68,7 +68,7 @@
         - ssh_key_name == tmp_ssh_key_name
 
     # if ssh_key_name and ssh_key_content is specified, add this ssh key to the cloud
-    - name: "AWS: Add SSH key '{{ ssh_key_name }}' to cloud"
+    - name: "AWS: Add SSH key '{{ ssh_key_name | default('') }}' to cloud"
       amazon.aws.ec2_key:
         access_key: "{{ lookup('ansible.builtin.env', 'AWS_ACCESS_KEY_ID') }}"
         secret_key: "{{ lookup('ansible.builtin.env', 'AWS_SECRET_ACCESS_KEY') }}"
@@ -86,7 +86,7 @@
 - block:
     # if server_network is specified, get vpc id for this subnet
     - block:
-        - name: "AWS: Gather information about VPC for '{{ server_network }}'"
+        - name: "AWS: Gather information about VPC for '{{ server_network | default('') }}'"
           amazon.aws.ec2_vpc_subnet_info:
             region: "{{ server_location }}"
             subnet_ids: "{{ server_network }}"
@@ -509,7 +509,7 @@
         (item in ['sync', 'async'] and server_count | int > 1 and synchronous_mode | bool))
 
     # S3 bucket (Backups)
-    - name: "AWS: Create S3 bucket '{{ aws_s3_bucket_name }}'"
+    - name: "AWS: Create S3 bucket '{{ aws_s3_bucket_name | default('') }}'"
       amazon.aws.s3_bucket:
         access_key: "{{ lookup('ansible.builtin.env', 'AWS_ACCESS_KEY_ID') }}"
         secret_key: "{{ lookup('ansible.builtin.env', 'AWS_SECRET_ACCESS_KEY') }}"
@@ -595,7 +595,7 @@
     - server_result.results | selectattr('instances', 'defined')
 
 # Delete the temporary ssh key from the cloud after creating the EC2 instance
-- name: "AWS: Remove temporary SSH key '{{ ssh_key_name }}' from cloud"
+- name: "AWS: Remove temporary SSH key '{{ ssh_key_name | default('') }}' from cloud"
   amazon.aws.ec2_key:
     access_key: "{{ lookup('ansible.builtin.env', 'AWS_ACCESS_KEY_ID') }}"
     secret_key: "{{ lookup('ansible.builtin.env', 'AWS_SECRET_ACCESS_KEY') }}"
@@ -686,7 +686,7 @@
       delay: 10
       retries: 3
 
-    - name: "AWS: Delete S3 bucket '{{ aws_s3_bucket_name }}'"
+    - name: "AWS: Delete S3 bucket '{{ aws_s3_bucket_name | default('') }}'"
       amazon.aws.s3_bucket:
         access_key: "{{ lookup('ansible.builtin.env', 'AWS_ACCESS_KEY_ID') }}"
         secret_key: "{{ lookup('ansible.builtin.env', 'AWS_SECRET_ACCESS_KEY') }}"

automation/roles/cloud_resources/tasks/azure.yml

@@ -417,7 +417,7 @@
 
     # Azure Blob Storage (Backups)
     - block:
-        - name: "Azure: Create Storage Account '{{ azure_blob_storage_account_name }}'"
+        - name: "Azure: Create Storage Account '{{ azure_blob_storage_account_name | default('') }}'"
           azure.azcollection.azure_rm_storageaccount:
             resource_group: "{{ azure_resource_group | default('postgres-cluster-resource-group' ~ '-' ~ server_location) }}"
             name: "{{ azure_blob_storage_account_name }}"
@@ -441,7 +441,7 @@
             azure_storage_account_key: "{{ azure_storage_account_info.storageaccounts[0].primary_endpoints.key }}"
           no_log: true # do not output storage account contents to the ansible log
 
-        - name: "Azure: Create Blob Storage container '{{ azure_blob_storage_name }}'"
+        - name: "Azure: Create Blob Storage container '{{ azure_blob_storage_name | default('') }}'"
           azure.azcollection.azure_rm_storageblob:
             resource_group: "{{ azure_resource_group | default('postgres-cluster-resource-group' ~ '-' ~ server_location) }}"
             account_name: "{{ azure_blob_storage_account_name }}"
@@ -615,14 +615,14 @@
         state: absent
 
     - block:
-        - name: "Azure: Delete Blob Storage '{{ azure_blob_storage_name }}'"
+        - name: "Azure: Delete Blob Storage '{{ azure_blob_storage_name | default('') }}'"
           azure.azcollection.azure_rm_storageblob:
             resource_group: "{{ azure_resource_group | default('postgres-cluster-resource-group' ~ '-' ~ server_location) }}"
             storage_account_name: "{{ azure_blob_storage_account_name }}"
             container: "{{ azure_blob_storage_name }}"
             state: absent
 
-        - name: "Azure: Delete Storage Account '{{ azure_blob_storage_account_name }}'"
+        - name: "Azure: Delete Storage Account '{{ azure_blob_storage_account_name | default('') }}'"
           azure.azcollection.azure_rm_storageaccount:
             resource_group: "{{ azure_resource_group | default('postgres-cluster-resource-group' ~ '-' ~ server_location) }}"
             name: "{{ azure_blob_storage_account_name }}"

automation/roles/cloud_resources/tasks/digitalocean.yml

@@ -70,7 +70,7 @@
 # SSH key
 - block:
     # Delete the temporary ssh key from the cloud (if exists)
-    - name: "DigitalOcean: Remove temporary SSH key '{{ ssh_key_name }}' from cloud (if any)"
+    - name: "DigitalOcean: Remove temporary SSH key '{{ ssh_key_name | default('') }}' from cloud (if any)"
       community.digitalocean.digital_ocean_sshkey:
         oauth_token: "{{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }}"
         name: "{{ ssh_key_name }}"
@@ -82,7 +82,7 @@
         - ssh_key_name == tmp_ssh_key_name
 
     # if ssh_key_name and ssh_key_content is specified, add this ssh key to the cloud
-    - name: "DigitalOcean: Add SSH key '{{ ssh_key_name }}' to cloud"
+    - name: "DigitalOcean: Add SSH key '{{ ssh_key_name | default('') }}' to cloud"
       community.digitalocean.digital_ocean_sshkey:
         oauth_token: "{{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }}"
         name: "{{ ssh_key_name }}"
@@ -99,7 +99,7 @@
 
     # if ssh_key_name is specified, get the fingerprint of one ssh key
     # or if tmp_ssh_key_name is used and ssh_public_keys is difined
-    - name: "DigitalOcean: Get fingerprint for SSH key '{{ ssh_key_name }}'"
+    - name: "DigitalOcean: Get fingerprint for SSH key '{{ ssh_key_name | default('') }}'"
       ansible.builtin.set_fact:
         ssh_key_fingerprint: "{{ [item.fingerprint] }}"
       loop: "{{ ssh_keys.data | lower }}"
@@ -111,7 +111,7 @@
         - item.name == ssh_key_name | lower
 
     # Stop, if the ssh key is not found
-    - name: "DigitalOcean: Fail if SSH key '{{ ssh_key_name }}' is not found"
+    - name: "DigitalOcean: Fail if SSH key '{{ ssh_key_name | default('') }}' is not found"
       ansible.builtin.fail:
         msg: "SSH key {{ ssh_key_name }} not found. Ensure that key has been added to DigitalOcean."
       when:
@@ -154,7 +154,7 @@
         - vpc_info.data | selectattr('region', 'equalto', server_location) | selectattr('default', 'equalto', true) | list | length > 0
 
     # if server_network is not specified and there is no default VPC, create a network
-    - name: "DigitalOcean: Create a VPC '{{ digital_ocean_vpc_name | default('network-' + server_location) }}'"
+    - name: "DigitalOcean: Create a VPC '{{ digital_ocean_vpc_name | default('network-' + server_location | default('')) }}'"
       community.digitalocean.digital_ocean_vpc:
         oauth_token: "{{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }}"
         name: "{{ digital_ocean_vpc_name | default('network-' + server_location) }}"
@@ -184,7 +184,7 @@
         - server_network | length > 0
         - vpc_info.data | selectattr('region', 'equalto', server_location) | selectattr('name', 'equalto', server_network) | list | length == 0
 
-    - name: Extract ip_range from VPC "{{ server_network }}"
+    - name: Extract ip_range from VPC "{{ server_network | default('') }}"
       ansible.builtin.set_fact:
         vpc_ip_range: >-
           {{
@@ -196,7 +196,7 @@
           }}
       when: server_network | length > 0
 
-    - name: Extract id from VPC "{{ server_network }}"
+    - name: Extract id from VPC "{{ server_network | default('') }}"
       ansible.builtin.set_fact:
         vpc_id: >-
           {{
@@ -208,7 +208,7 @@
           }}
       when: server_network | length > 0
 
-    - name: "DigitalOcean: Create a tag '{{ patroni_cluster_name }}'"
+    - name: "DigitalOcean: Create a tag '{{ patroni_cluster_name | default('') }}'"
       community.digitalocean.digital_ocean_tag:
         oauth_token: "{{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }}"
         name: "{{ patroni_cluster_name }}"
@@ -615,7 +615,7 @@
       when: cloud_load_balancer | bool
 
     # Spaces Object Storage (Backups)
-    - name: "DigitalOcean: Create Spaces Bucket '{{ digital_ocean_spaces_name }}'"
+    - name: "DigitalOcean: Create Spaces Bucket '{{ digital_ocean_spaces_name | default('') }}'"
       community.digitalocean.digital_ocean_spaces:
         oauth_token: "{{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }}"
         name: "{{ digital_ocean_spaces_name }}"
@@ -700,7 +700,7 @@
     - droplet_result.results | selectattr('data', 'defined')
 
 # Delete the temporary SSH key from the cloud after creating the droplet
-- name: "DigitalOcean: Remove temporary SSH key '{{ ssh_key_name }}' from cloud"
+- name: "DigitalOcean: Remove temporary SSH key '{{ ssh_key_name | default('') }}' from cloud"
   community.digitalocean.digital_ocean_sshkey:
     oauth_token: "{{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }}"
     name: "{{ ssh_key_name }}"
@@ -774,7 +774,7 @@
         state: "absent"
         name: "{{ patroni_cluster_name }}-private-firewall"
 
-    - name: "DigitalOcean: Delete Spaces Bucket '{{ digital_ocean_spaces_name }}'"
+    - name: "DigitalOcean: Delete Spaces Bucket '{{ digital_ocean_spaces_name | default('') }}'"
       community.digitalocean.digital_ocean_spaces:
         oauth_token: "{{ lookup('ansible.builtin.env', 'DO_API_TOKEN') }}"
         name: "{{ digital_ocean_spaces_name }}"

automation/roles/cloud_resources/tasks/gcp.yml

@@ -110,7 +110,7 @@
           - name = "{{ gcp_network_name }}"
       register: subnetwork_info
 
-    - name: "GCP: Extract ip_range for network '{{ gcp_network_name }}'"
+    - name: "GCP: Extract ip_range for network '{{ gcp_network_name | default('default') }}'"
       ansible.builtin.set_fact:
         gcp_network_ip_range: "{{ subnetwork_info.resources[0].ipCidrRange }}"
 
@@ -489,7 +489,7 @@
       when: cloud_load_balancer | bool
 
     # GCS Bucket (Backups)
-    - name: "GCP: Create bucket '{{ gcp_bucket_name }}'"
+    - name: "GCP: Create bucket '{{ gcp_bucket_name | default('') }}'"
       google.cloud.gcp_storage_bucket:
         auth_kind: "serviceaccount"
         service_account_contents: "{{ gcp_service_account_contents }}"
@@ -725,7 +725,7 @@
         name: "{{ patroni_cluster_name }}-lb-firewall-rule"
         state: absent
 
-    - name: "GCP: Delete bucket '{{ gcp_bucket_name }}'"
+    - name: "GCP: Delete bucket '{{ gcp_bucket_name | default('') }}'"
       google.cloud.gcp_storage_bucket:
         auth_kind: "serviceaccount"
         service_account_contents: "{{ gcp_service_account_contents }}"

automation/roles/cloud_resources/tasks/hetzner.yml

@@ -71,7 +71,7 @@
 # SSH key
 - block:
     # Delete the temporary ssh key from the cloud (if exists)
-    - name: "Hetzner Cloud: Remove temporary SSH key '{{ ssh_key_name }}' from cloud (if any)"
+    - name: "Hetzner Cloud: Remove temporary SSH key '{{ ssh_key_name | default('') }}' from cloud (if any)"
       hetzner.hcloud.ssh_key:
         api_token: "{{ lookup('ansible.builtin.env', 'HCLOUD_API_TOKEN') }}"
         name: "{{ ssh_key_name }}"
@@ -82,7 +82,7 @@
         - ssh_key_name == tmp_ssh_key_name
 
     # if ssh_key_name and ssh_key_content is specified, add this ssh key to the cloud
-    - name: "Hetzner Cloud: Add SSH key '{{ ssh_key_name }}' to cloud"
+    - name: "Hetzner Cloud: Add SSH key '{{ ssh_key_name | default('') }}' to cloud"
       hetzner.hcloud.ssh_key:
         api_token: "{{ lookup('ansible.builtin.env', 'HCLOUD_API_TOKEN') }}"
         name: "{{ ssh_key_name }}"
@@ -93,7 +93,7 @@
         - ssh_key_content | length > 0
 
     # if ssh_key_name is specified
-    - name: "Hetzner Cloud: Gather information about SSH key '{{ ssh_key_name }}'"
+    - name: "Hetzner Cloud: Gather information about SSH key '{{ ssh_key_name | default('') }}'"
       hetzner.hcloud.ssh_key_info:
         api_token: "{{ lookup('ansible.builtin.env', 'HCLOUD_API_TOKEN') }}"
         name: "{{ ssh_key_name }}"
@@ -169,7 +169,7 @@
       retries: 3
 
     # if server_network is specified
-    - name: "Hetzner Cloud: Check if network '{{ server_network }}' exists for given location"
+    - name: "Hetzner Cloud: Check if network '{{ server_network | default('') }}' exists for given location"
       ansible.builtin.fail:
         msg: "No network with name '{{ server_network }}' in location '{{ target_network_zone }}'"
       when:
@@ -182,7 +182,7 @@
           | selectattr("network_zone", "equalto", target_network_zone)
           | list | length > 0)
 
-    - name: "Hetzner Cloud: Extract ip_range for network '{{ server_network }}'"
+    - name: "Hetzner Cloud: Extract ip_range for network '{{ server_network | default('') }}'"
       ansible.builtin.set_fact:
         server_network_ip_range: "{{ item.ip_range }}"
       loop: "{{ network_info.hcloud_network_info }}"
@@ -194,14 +194,14 @@
 
     # if server_network is not specified, create a network and subnet
     - block:
-        - name: "Hetzner Cloud: Create a network '{{ hcloud_network_name | default('postgres-cluster-network-' + target_network_zone) }}'"
+        - name: "Hetzner Cloud: Create a postgres cluster network"
           hetzner.hcloud.network:
             api_token: "{{ lookup('ansible.builtin.env', 'HCLOUD_API_TOKEN') }}"
             name: "{{ hcloud_network_name | default('postgres-cluster-network-' + target_network_zone) }}"
             ip_range: "{{ hcloud_network_ip_range | default('10.0.0.0/16') }}"
             state: present
 
-        - name: "Hetzner Cloud: Create a subnetwork in network '{{ hcloud_network_name | default('postgres-cluster-network-' + target_network_zone) }}'"
+        - name: "Hetzner Cloud: Create a subnetwork in postgres cluster network"
           hetzner.hcloud.subnetwork:
             api_token: "{{ lookup('ansible.builtin.env', 'HCLOUD_API_TOKEN') }}"
             network: "{{ hcloud_network_name | default('postgres-cluster-network-' + target_network_zone) }}"
@@ -444,7 +444,7 @@
         - cloud_firewall | bool
 
     # Object Storage (S3 bucket for backups)
-    - name: "Hetzner Cloud: Create Object Storage (S3 bucket) '{{ hetzner_object_storage_name }}'"
+    - name: "Hetzner Cloud: Create Object Storage (S3 bucket) '{{ hetzner_object_storage_name | default('') }}'"
       amazon.aws.s3_bucket:
         endpoint_url: "{{ hetzner_object_storage_endpoint }}"
         ceph: true
@@ -504,7 +504,7 @@
             ([patroni_cluster_name + '-firewall'] if cloud_firewall | bool else [])
           }}
 
-    - name: "Hetzner Cloud: Add server to network '{{ server_network }}'"
+    - name: "Hetzner Cloud: Add server to network '{{ server_network | default('') }}'"
       hetzner.hcloud.server_network:
         api_token: "{{ lookup('ansible.builtin.env', 'HCLOUD_API_TOKEN') }}"
         network: "{{ server_network }}"
@@ -583,7 +583,7 @@
         (item == 'replica' and server_count | int > 1) or
         (item in ['sync', 'async'] and server_count | int > 1 and synchronous_mode | bool))
 
-    - name: "Hetzner Cloud: Add Load Balancer to network '{{ server_network }}'"
+    - name: "Hetzner Cloud: Add Load Balancer to network '{{ server_network | default('') }}'"
       hetzner.hcloud.load_balancer_network:
         api_token: "{{ lookup('ansible.builtin.env', 'HCLOUD_API_TOKEN') }}"
         load_balancer: "{{ patroni_cluster_name }}-{{ item }}"
@@ -642,7 +642,7 @@
         (item == 'replica' and server_count | int > 1) or
         (item in ['sync', 'async'] and server_count | int > 1 and synchronous_mode | bool))
 
-    - name: "Hetzner Cloud: Add servers to Load Balancer (use label_selector 'cluster={{ patroni_cluster_name }}')"
+    - name: "Hetzner Cloud: Add servers to Load Balancer (use label_selector 'cluster={{ patroni_cluster_name | default('postgres-cluster') }}')"
       hetzner.hcloud.load_balancer_target:
         api_token: "{{ lookup('ansible.builtin.env', 'HCLOUD_API_TOKEN') }}"
         load_balancer: "{{ patroni_cluster_name }}-{{ item }}"
@@ -736,7 +736,7 @@
     - server_result.results | selectattr('hcloud_server', 'defined')
 
 # Delete the temporary ssh key from the cloud after creating the server
-- name: "Hetzner Cloud: Remove temporary SSH key {{ ssh_key_name }} from cloud"
+- name: "Hetzner Cloud: Remove temporary SSH key {{ ssh_key_name | default('') }} from cloud"
   hetzner.hcloud.ssh_key:
     api_token: "{{ lookup('ansible.builtin.env', 'HCLOUD_API_TOKEN') }}"
     name: "{{ ssh_key_name }}"
@@ -817,7 +817,7 @@
         state: "absent"
         name: "{{ patroni_cluster_name }}-firewall"
 
-    - name: "Hetzner Cloud: Delete Object Storage (S3 bucket) '{{ hetzner_object_storage_name }}'"
+    - name: "Hetzner Cloud: Delete Object Storage (S3 bucket) '{{ hetzner_object_storage_name | default('') }}'"
       amazon.aws.s3_bucket:
         endpoint_url: "{{ hetzner_object_storage_endpoint }}"
         ceph: true