Merge pull request #823 from cisagov/improvement/prefer_truefalse_to_…

…yesno_in_ansible

Prefer `true`/`false` to `yes`/`no` in Ansible configurations

ansible/playbook.yml

@@ -1,8 +1,8 @@
 ---
 - name: Setup the inventory and wait for a bastion to become available
   hosts: localhost
-  gather_facts: yes
-  check_mode: no
+  gather_facts: true
+  check_mode: false
   tasks:
     - name: Add public ip addresses to an dynamic inventory
       ansible.builtin.add_host:
@@ -26,14 +26,14 @@
 
 - name: Configure groups now that cloud-init has run
   hosts: all
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - groups
 
 - name: Configure MongoDB
   hosts: mongo
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - mongo
@@ -42,7 +42,7 @@
 
 - name: Configure Docker hosts for BOD 18-01 scanning and reporting
   hosts: bod_docker
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - orchestrator
@@ -52,7 +52,7 @@
 
 - name: Configure cyhy-commander hosts
   hosts: cyhy_commander
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - cyhy_commander
@@ -63,7 +63,7 @@
 
 - name: Configure nmap scanning hosts
   hosts: nmap
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - role: swap
@@ -72,21 +72,21 @@
 
 - name: Configure cyhy-runner hosts
   hosts: cyhy_runner
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - cyhy_logrotate
 
 - name: Configure Nessus hosts
   hosts: nessus
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - nessus
 
 - name: Configure cyhy-reports hosts
   hosts: cyhy_reporter
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - cyhy_reporter
@@ -95,28 +95,28 @@
 
 - name: Configure cyhy bastion hosts
   hosts: cyhy_bastion
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - cyhy_ops
 
 - name: Install and configure cyhy-dashboard
   hosts: cyhy_dashboard
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - cyhy_dashboard
 
 - name: Configure cyhy-archive hosts
   hosts: cyhy_archive
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - cyhy_archive
 
 - name: Configure management bastion hosts
   hosts: mgmt_bastion
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - mgmt_ops

ansible/roles/code_gov_update/README.md

@@ -21,7 +21,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: bod_docker
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - code_gov_update

ansible/roles/code_gov_update/tasks/main.yml

@@ -34,7 +34,7 @@
   block:
     - name: Add /usr/local/bin to cron's path
       ansible.builtin.cron:
-        env: yes
+        env: true
         name: PATH
         user: cyhy
         value: /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin

ansible/roles/cyhy_commander/README.md

@@ -20,7 +20,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: commanders
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - cyhy_commander

ansible/roles/cyhy_commander/tasks/main.yml

@@ -33,7 +33,7 @@
 - name: Enable and start cyhy-commander
   ansible.builtin.service:
     name: cyhy-commander
-    enabled: yes
+    enabled: true
     state: restarted
 
 #
@@ -110,7 +110,7 @@
 - name: Load data to places collection as the cyhy user
   ansible.builtin.command: # noqa no-changed-when
     cmd: /tmp/cyhy-places/scripts/load_places.sh
-  become: yes
+  become: true
   become_user: cyhy
 
 #

ansible/roles/cyhy_dashboard/README.md

@@ -20,7 +20,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: dashboards
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - cyhy_dashboard

ansible/roles/cyhy_dashboard/tasks/main.yml

@@ -19,7 +19,7 @@
   ansible.builtin.shell:
     cmd: head --bytes 24 /dev/urandom > /var/cyhy/web/secret_key
     creates: /var/cyhy/web/secret_key
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   become_user: cyhy
 
@@ -38,7 +38,7 @@
   community.general.make:
     chdir: /var/cyhy/ncats-webui
     target: dev-build
-  become: yes
+  become: true
 
 - name: Copy webd service file
   ansible.builtin.copy:

ansible/roles/cyhy_feeds/README.md

@@ -20,7 +20,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: cyhy_feeds
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - cyhy_feeds

ansible/roles/cyhy_feeds/tasks/main.yml

@@ -61,7 +61,7 @@
   ansible.builtin.shell:
     cmd: set -o pipefail && echo {{ item | quote }} | gpg2 --trustdb-name /var/cyhy/.gnupg/trustdb.gpg --import --batch
     executable: /bin/bash
-  become: yes
+  become: true
   become_user: cyhy
   changed_when: "'imported: 1' in cyhy_feeds_import_gpg_key.stderr"
   loop:
@@ -80,7 +80,7 @@
   ansible.builtin.shell:
     cmd: set -o pipefail && echo {{ cyhy_feeds_gpg_trust | trim | quote }} | gpg2 --import-ownertrust --batch
     executable: /bin/bash
-  become: yes
+  become: true
   become_user: cyhy
   changed_when: "'inserting ownertrust' in cyhy_feeds_import_gpg_ownertrust.stderr"
   register: cyhy_feeds_import_gpg_ownertrust

ansible/roles/cyhy_mailer/README.md

@@ -21,7 +21,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: bod_docker
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - cyhy_mailer

ansible/roles/cyhy_mailer/tasks/main.yml

@@ -61,7 +61,7 @@
 #   block:
 #     - name: Add /usr/local/bin to cron's path
 #       ansible.builtin.cron:
-#         env: yes
+#         env: true
 #         name: PATH
 #         user: cyhy
 #         value: /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin

ansible/roles/cyhy_ops/README.md

@@ -20,7 +20,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: db
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - cyhy_ops

ansible/roles/cyhy_ops/tasks/main.yml

@@ -20,7 +20,7 @@
 #
 - name: Create .ssh/authorized_keys file for cyhy_ops
   ansible.builtin.lineinfile:
-    create: yes
+    create: true
     group: cyhy_ops
     line: "{{ lookup('aws_ssm', '/ssh/public_keys/' + item) }}"
     mode: 0600

ansible/roles/cyhy_reporter/README.md

@@ -20,7 +20,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: reporters
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - cyhy_reporter

ansible/roles/cyhy_reporter/tasks/main.yml

@@ -18,7 +18,7 @@
   block:
     - name: Add /usr/local/bin to cron's path
       ansible.builtin.cron:
-        env: yes
+        env: true
         name: PATH
         user: cyhy
         value: /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin
@@ -54,7 +54,7 @@
 #
 - name: Add development users to the cyhy group
   ansible.builtin.user:
-    append: yes
+    append: true
     groups:
       - cyhy
     name: "{{ item }}"

ansible/roles/groups/README.md

@@ -21,7 +21,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: all
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - groups

ansible/roles/groups/tasks/main.yml

@@ -3,19 +3,19 @@
 - name: Grab the existing users
   ansible.builtin.getent:
     database: passwd
-    fail_key: no
+    fail_key: false
 - name: Grab the existing groups
   ansible.builtin.getent:
     database: group
-    fail_key: no
+    fail_key: false
 
 
 #
 # Add the cyhy user to the docker group, if they both exist
 #
 - name: Add the cyhy user to the docker group
   ansible.builtin.user:
-    append: yes
+    append: true
     groups: docker
     name: cyhy
   when: (getent_passwd.cyhy is defined) and (getent_group.docker is defined)
@@ -26,15 +26,15 @@
 #
 - name: Add dev users to the cyhy group
   ansible.builtin.user:
-    append: yes
+    append: true
     groups: cyhy
     name: "{{ item }}"
   loop: "{{ groups_dev_users }}"
   when: getent_group.cyhy is defined
 
 - name: Add dev users to the docker group
   ansible.builtin.user:
-    append: yes
+    append: true
     groups: docker
     name: "{{ item }}"
   loop: "{{ groups_dev_users }}"

ansible/roles/mgmt_ops/README.md

@@ -20,7 +20,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: db
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - mgmt_ops

ansible/roles/mgmt_ops/tasks/main.yml

@@ -20,7 +20,7 @@
 #
 - name: Create .ssh/authorized_keys file for mgmt_ops
   ansible.builtin.lineinfile:
-    create: yes
+    create: true
     group: mgmt_ops
     line: "{{ lookup('aws_ssm', '/ssh/public_keys/' + item) }}"
     mode: 0600

ansible/roles/mongo/README.md

@@ -20,7 +20,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: mongo
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - mongo

ansible/roles/mongo/handlers/main.yml

@@ -1,5 +1,5 @@
 ---
 - name: Enable mongo
   ansible.builtin.service:
-    enabled: yes
+    enabled: true
     name: mongod

ansible/roles/nessus/README.md

@@ -20,7 +20,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: nessus
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - nessus

ansible/roles/orchestrator/README.md

@@ -21,7 +21,7 @@ Here's how to use it in a playbook:
 
 ```yaml
 - hosts: bod_docker
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
      - orchestrator

ansible/roles/orchestrator/tasks/main.yml

@@ -53,7 +53,7 @@
   block:
     - name: Add /usr/local/bin to cron's path
       ansible.builtin.cron:
-        env: yes
+        env: true
         name: PATH
         user: cyhy
         value: /usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin

ansible/roles/swap/README.md

@@ -20,7 +20,7 @@ None
 ```yaml
 - hosts: nmap
   name: Configure nmap scanning hosts
-  become: yes
+  become: true
   become_method: ansible.builtin.sudo
   roles:
     - { role: swap, swapfile_size: 2GiB}