update: all modules to their FQCN name, resolved all ansible-lint and yamllint warnings and errors

.ansible-lint

@@ -1,4 +1,8 @@
+---
 skip_list:
   - 'yaml'
   - 'risky-shell-pipe'
   - 'role-name'
+
+enable_list:
+  - fqcn-builtins

.github/workflows/ci.yml

@@ -60,7 +60,7 @@ jobs:
           python-version: '3.x'
 
       - name: Install test dependencies.
-        run: pip3 install ansible molecule molecule-plugins[docker] docker
+        run: pip3 install -r requirements.txt
 
       - name: Run Molecule tests.
         run: molecule test

.yamllint

@@ -1,10 +1,24 @@
 ---
 extends: default
 
+yaml-files:
+  - '*.yaml'
+  - '*.yml'
+  - .yamllint
+  - .ansible-lint
+
 rules:
   line-length:
-    max: 200
+    max: 240
     level: warning
+  comments:
+    min-spaces-from-content: 1
+  comments-indentation: false
+  braces:
+    max-spaces-inside: 1
+  octal-values:
+    forbid-implicit-octal: true
+    forbid-explicit-octal: true
 
 ignore: |
   .github/workflows/stale.yml

README.md

@@ -30,14 +30,29 @@ Debian/Ubuntu: `docker-{{ docker_edition }}=<VERSION>` (Note: you have to add th
 You can control whether the package is installed, uninstalled, or at the latest version by setting `docker_packages_state` to `present`, `absent`, or `latest`, respectively. Note that the Docker daemon will be automatically restarted if the Docker package is updated. This is a side effect of flushing all handlers (running any of the handlers that have been notified by this and any other role up to this point in the play).
 
 ```yaml
-docker_obsolete_packages:
+docker_obsolete_packages_debian:
   - docker
   - docker.io
   - docker-engine
   - docker-doc
+  - docker-compose
+  - docker-compose-v2
   - podman-docker
   - containerd
   - runc
+
+# Used only for Fedora/CentOS/Rocky
+docker_obsolete_packages_redhat:
+  - docker
+  - docker-client
+  - docker-client-latest
+  - docker-common
+  - docker-latest
+  - docker-latest-logrotate
+  - docker-logrotate
+  - docker-selinux
+  - docker-engine-selinux
+  - docker-engine
 ```
 
 A list of packages to be uninstalled prior to running this role. See [Docker's installation instructions](https://docs.docker.com/engine/install/debian/#uninstall-old-versions) for an up-to-date list of old packages that should be removed.
@@ -61,7 +76,7 @@ Docker Compose Plugin installation options. These differ from the below in that
 
 ```yaml
 docker_install_compose: false
-docker_compose_version: "2.29.2"
+docker_compose_version: "v2.32.1"
 docker_compose_arch: "{{ ansible_architecture }}"
 docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-linux-{{ docker_compose_arch }}"
 docker_compose_path: /usr/local/bin/docker-compose

defaults/main.yml

@@ -25,15 +25,32 @@ docker_packages:
   - "containerd.io"
   - docker-buildx-plugin
 docker_packages_state: present
-docker_obsolete_packages:
+
+# Used only for Debian/Ubuntu
+docker_obsolete_packages_debian:
   - docker
   - docker.io
   - docker-engine
   - docker-doc
+  - docker-compose
+  - docker-compose-v2
   - podman-docker
   - containerd
   - runc
 
+# Used only for Fedora/CentOS/Rocky
+docker_obsolete_packages_redhat:
+  - docker
+  - docker-client
+  - docker-client-latest
+  - docker-common
+  - docker-latest
+  - docker-latest-logrotate
+  - docker-logrotate
+  - docker-selinux
+  - docker-engine-selinux
+  - docker-engine
+
 # Service options.
 docker_service_manage: true
 docker_service_state: started
@@ -47,7 +64,7 @@ docker_compose_package_state: present
 
 # Docker Compose options.
 docker_install_compose: false
-docker_compose_version: "v2.29.2"
+docker_compose_version: "v2.32.1"
 docker_compose_arch: "{{ ansible_architecture }}"
 docker_compose_url: "https://github.com/docker/compose/releases/download/{{ docker_compose_version }}/docker-compose-linux-{{ docker_compose_arch }}"
 docker_compose_path: /usr/local/bin/docker-compose
@@ -71,10 +88,10 @@ docker_apt_gpg_key_checksum: "sha256:1500c1f56fa9e26b9b8f42452a553675796ade0807c
 docker_apt_filename: "docker"
 
 # Used only for RedHat/CentOS/Fedora.
-docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora','centos') }}/docker-{{ docker_edition }}.repo"
+docker_yum_repo_url: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora', 'centos') }}/docker-{{ docker_edition }}.repo"
 docker_yum_repo_enable_nightly: '0'
 docker_yum_repo_enable_test: '0'
-docker_yum_gpg_key: "{{ docker_repo_url }}/centos/gpg"
+docker_yum_gpg_key: "{{ docker_repo_url }}/{{ (ansible_distribution == 'Fedora') | ternary('fedora', 'centos') }}/gpg"
 
 # A list of users who will be added to the docker group.
 docker_users: []

handlers/main.yml

@@ -1,6 +1,6 @@
 ---
-- name: restart docker
+- name: Restart docker
-  service:
+  ansible.builtin.service:
     name: docker
     state: "{{ docker_restart_handler_state }}"
   ignore_errors: "{{ ansible_check_mode }}"

meta/main.yml

@@ -7,7 +7,7 @@ galaxy_info:
   description: Docker for Linux.
   company: "Midwestern Mac, LLC"
   license: "license (BSD, MIT)"
-  min_ansible_version: 2.10
+  min_ansible_version: "2.10"
   platforms:
     - name: Fedora
       versions:

molecule/default/converge.yml

@@ -5,11 +5,13 @@
 
   pre_tasks:
     - name: Update apt cache.
-      apt: update_cache=yes cache_valid_time=600
+      ansible.builtin.apt:
+        update_cache: true
+        cache_valid_time: 600
       when: ansible_os_family == 'Debian'
 
-    - name: Wait for systemd to complete initialization.  # noqa 303
+    - name: Wait for systemd to complete initialization.   # noqa command-instead-of-module
-      command: systemctl is-system-running
+      ansible.builtin.command: systemctl is-system-running
       register: systemctl_status
       until: >
         'running' in systemctl_status.stdout or

molecule/default/molecule.yml

@@ -4,6 +4,7 @@ dependency:
   name: galaxy
   options:
     ignore-errors: true
+    requirements-file: requirements.yml
 driver:
   name: docker
 platforms:

tasks/docker-compose.yml

@@ -1,32 +0,0 @@
----
-- name: Check current docker-compose version.
-  command: "{{ docker_compose_path }} --version"
-  register: docker_compose_vsn
-  check_mode: false
-  changed_when: false
-  failed_when: false
-
-- set_fact:
-    docker_compose_current_version: "{{ docker_compose_vsn.stdout | regex_search('(\\d+(\\.\\d+)+)') }}"
-  when: >
-    docker_compose_vsn.stdout is defined
-    and (docker_compose_vsn.stdout | length > 0)
-
-- name: Delete existing docker-compose version if it's different.
-  file:
-    path: "{{ docker_compose_path }}"
-    state: absent
-  when: >
-    docker_compose_current_version is defined
-    and (docker_compose_version | regex_replace('v', '')) not in docker_compose_current_version
-
-- name: Install Docker Compose (if configured).
-  get_url:
-    url: "{{ docker_compose_url }}"
-    dest: "{{ docker_compose_path }}"
-    mode: 0755
-  environment: "{{ proxy_env | default({}) }}"
-  when: >
-    (docker_compose_current_version is not defined)
-    or (docker_compose_current_version | length == 0)
-    or (docker_compose_current_version is version((docker_compose_version | regex_replace('v', '')), '<'))

tasks/docker-users.yml

@@ -1,10 +1,10 @@
 ---
 - name: Ensure docker users are added to the docker group.
-  user:
+  ansible.builtin.user:
     name: "{{ item }}"
     groups: docker
     append: true
   with_items: "{{ docker_users }}"
 
 - name: Reset ssh connection to apply user changes.
-  meta: reset_connection
+  ansible.builtin.meta: reset_connection

tasks/main.yml

@@ -1,76 +1,76 @@
 ---
-- name: Load OS-specific vars.
+- name: Load os family specific vars.
-  include_vars: "{{ lookup('first_found', params) }}"
+  ansible.builtin.include_vars: "{{ lookup('first_found', params) }}"
   vars:
     params:
       files:
-        - '{{ansible_distribution}}.yml'
+        - '{{ ansible_distribution }}.yml'
-        - '{{ansible_os_family}}.yml'
+        - '{{ ansible_os_family }}.yml'
         - main.yml
       paths:
         - 'vars'
 
-- include_tasks: setup-RedHat.yml
+- ansible.builtin.include_tasks: setup-RedHat.yml # noqa: name[missing]
   when: ansible_os_family == 'RedHat'
 
-- include_tasks: setup-Debian.yml
+- ansible.builtin.include_tasks: setup-Debian.yml # noqa: name[missing]
   when: ansible_os_family == 'Debian'
 
 - name: Install Docker packages.
-  package:
+  ansible.builtin.package:
     name: "{{ docker_packages }}"
     state: "{{ docker_packages_state }}"
   environment: "{{ proxy_env | default({}) }}"
-  notify: restart docker
+  notify: Restart docker
   ignore_errors: "{{ ansible_check_mode }}"
   when: "ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian']"
 
 - name: Install Docker packages (with downgrade option).
-  package:
+  ansible.builtin.package:
     name: "{{ docker_packages }}"
     state: "{{ docker_packages_state }}"
     allow_downgrade: true
   environment: "{{ proxy_env | default({}) }}"
-  notify: restart docker
+  notify: Restart docker
   ignore_errors: "{{ ansible_check_mode }}"
   when: "ansible_version.full is version_compare('2.12', '>=') and ansible_os_family in ['RedHat', 'Debian']"
 
 - name: Install docker-compose plugin.
-  package:
+  ansible.builtin.package:
     name: "{{ docker_compose_package }}"
     state: "{{ docker_compose_package_state }}"
   environment: "{{ proxy_env | default({}) }}"
-  notify: restart docker
+  notify: Restart docker
   ignore_errors: "{{ ansible_check_mode }}"
-  when: "docker_install_compose_plugin | bool == true and (ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian'])"
+  when: "docker_install_compose_plugin | bool and (ansible_version.full is version_compare('2.12', '<') or ansible_os_family not in ['RedHat', 'Debian'])"
 
 - name: Install docker-compose-plugin (with downgrade option).
-  package:
+  ansible.builtin.package:
     name: "{{ docker_compose_package }}"
     state: "{{ docker_compose_package_state }}"
     allow_downgrade: true
   environment: "{{ proxy_env | default({}) }}"
-  notify: restart docker
+  notify: Restart docker
   ignore_errors: "{{ ansible_check_mode }}"
-  when: "docker_install_compose_plugin | bool == true and ansible_version.full is version_compare('2.12', '>=') and ansible_os_family in ['RedHat', 'Debian']"
+  when: "docker_install_compose_plugin | bool and ansible_version.full is version_compare('2.12', '>=') and ansible_os_family in ['RedHat', 'Debian']"
 
 - name: Ensure /etc/docker/ directory exists.
-  file:
+  ansible.builtin.file:
     path: /etc/docker
     state: directory
-    mode: 0755
+    mode: "0755"
   when: docker_daemon_options.keys() | length > 0
 
 - name: Configure Docker daemon options.
-  copy:
+  ansible.builtin.copy:
     content: "{{ docker_daemon_options | to_nice_json }}"
     dest: /etc/docker/daemon.json
-    mode: 0644
+    mode: "0644"
   when: docker_daemon_options.keys() | length > 0
-  notify: restart docker
+  notify: Restart docker
 
 - name: Ensure Docker is started and enabled at boot.
-  service:
+  ansible.builtin.service:
     name: docker
     state: "{{ docker_service_state }}"
     enabled: "{{ docker_service_enabled }}"
@@ -78,25 +78,25 @@
   when: docker_service_manage | bool
 
 - name: Ensure handlers are notified now to avoid firewall conflicts.
-  meta: flush_handlers
+  ansible.builtin.meta: flush_handlers
 
-- include_tasks: docker-compose.yml
+- ansible.builtin.include_tasks: setup-docker-compose.yml # noqa: name[missing]
   when: docker_install_compose | bool
 
 - name: Get docker group info using getent.
-  getent:
+  ansible.builtin.getent:
     database: group
     key: docker
     split: ':'
   when: docker_users | length > 0
 
 - name: Check if there are any users to add to the docker group.
-  set_fact:
+  ansible.builtin.set_fact:
     at_least_one_user_to_modify: true
   when:
     - docker_users | length > 0
     - item not in ansible_facts.getent_group["docker"][2]
   with_items: "{{ docker_users }}"
 
-- include_tasks: docker-users.yml
+- ansible.builtin.include_tasks: docker-users.yml # noqa: name[missing]
   when: at_least_one_user_to_modify is defined

tasks/setup-Debian.yml

@@ -10,7 +10,7 @@
     state: absent
 
 - name: Ensure the repo referencing the previous trusted.gpg.d key is not present
-  apt_repository:
+  ansible.builtin.apt_repository:
     repo: "deb [arch={{ docker_apt_arch }} signed-by=/etc/apt/trusted.gpg.d/docker.asc] {{ docker_repo_url }}/{{ docker_apt_ansible_distribution | lower }} {{ ansible_distribution_release }} {{ docker_apt_release_channel }}"
     state: absent
     filename: "{{ docker_apt_filename }}"
@@ -20,12 +20,12 @@
 
 - # See https://docs.docker.com/engine/install/debian/#uninstall-old-versions
   name: Ensure old versions of Docker are not installed.
-  package:
+  ansible.builtin.package:
-    name: "{{ docker_obsolete_packages }}"
+    name: "{{ docker_obsolete_packages_debian }}"
     state: absent
 
 - name: Ensure dependencies are installed.
-  apt:
+  ansible.builtin.apt:
     name:
       - apt-transport-https
       - ca-certificates
@@ -34,7 +34,7 @@
   when: docker_add_repo | bool
 
 - name: Ensure directory exists for /etc/apt/keyrings
-  file:
+  ansible.builtin.file:
     path: /etc/apt/keyrings
     state: directory
     mode: "0755"
@@ -51,19 +51,23 @@
   environment: "{{ proxy_env | default({}) }}"
   when: docker_add_repo | bool
 
-- name: Ensure curl is present (on older systems without SNI).
+- name: Fallback for older systems without SNI.
-  package: name=curl state=present
-  environment: "{{ proxy_env | default({}) }}"
   when: add_repository_key is failed and docker_add_repo | bool
+  block:
+    - name: Ensure curl is present (on older systems without SNI).
+      ansible.builtin.package:
+        name: curl
+        state: present
+      environment: "{{ proxy_env | default({}) }}"
 
-- name: Add Docker apt key (alternative for older systems without SNI).
+    - name: Add Docker apt key (alternative for older systems without SNI).  # noqa command-instead-of-module
-  shell: >
+      ansible.builtin.command: >
-    curl -sSL {{ docker_apt_gpg_key }} | apt-key add -
+        curl -sSL {{ docker_apt_gpg_key }} | apt-key add -
-  environment: "{{ proxy_env | default({}) }}"
+      environment: "{{ proxy_env | default({}) }}"
-  when: add_repository_key is failed and docker_add_repo | bool
+      changed_when: false
 
 - name: Add Docker repository.
-  apt_repository:
+  ansible.builtin.apt_repository:
     repo: "{{ docker_apt_repository }}"
     state: present
     filename: "{{ docker_apt_filename }}"

tasks/setup-RedHat.yml

@@ -1,67 +1,66 @@
 ---
+# See https://docs.docker.com/engine/install/fedora/#uninstall-old-versions
+# or  https://docs.docker.com/engine/install/centos/#uninstall-old-versions
 - name: Ensure old versions of Docker are not installed.
-  package:
+  ansible.builtin.package:
-    name:
+    name: "{{ docker_obsolete_packages_redhat }}"
-      - docker
-      - docker-common
-      - docker-engine
     state: absent
 
 - name: Add Docker GPG key.
-  rpm_key:
+  ansible.builtin.rpm_key:
     key: "{{ docker_yum_gpg_key }}"
     state: present
   environment: "{{ proxy_env | default({}) }}"
   when: docker_add_repo | bool
 
 - name: Add Docker repository.
-  get_url:
+  ansible.builtin.get_url:
     url: "{{ docker_yum_repo_url }}"
     dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
     owner: root
     group: root
-    mode: 0644
+    mode: "0644"
   environment: "{{ proxy_env | default({}) }}"
   when: docker_add_repo | bool
 
 - name: Configure Docker Nightly repo.
-  ini_file:
+  community.general.ini_file:
     dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
     section: 'docker-{{ docker_edition }}-nightly'
     option: enabled
     value: '{{ docker_yum_repo_enable_nightly }}'
-    mode: 0644
+    mode: "0644"
     no_extra_spaces: true
   environment: "{{ proxy_env | default({}) }}"
   when: docker_add_repo | bool
 
 - name: Configure Docker Test repo.
-  ini_file:
+  community.general.ini_file:
     dest: '/etc/yum.repos.d/docker-{{ docker_edition }}.repo'
     section: 'docker-{{ docker_edition }}-test'
     option: enabled
     value: '{{ docker_yum_repo_enable_test }}'
-    mode: 0644
+    mode: "0644"
     no_extra_spaces: true
   environment: "{{ proxy_env | default({}) }}"
   when: docker_add_repo | bool
 
 - name: Configure containerd on RHEL 8.
+  when: ansible_distribution_major_version | int == 8
   block:
     - name: Ensure runc is not installed.
-      package:
+      ansible.builtin.package:
         name: runc
         state: absent
 
     - name: Ensure container-selinux is installed.
-      package:
+      ansible.builtin.package:
         name: container-selinux
         state: present
       environment: "{{ proxy_env | default({}) }}"
 
     - name: Ensure containerd.io is installed.
-      package:
+      ansible.builtin.package:
         name: containerd.io
         state: present
       environment: "{{ proxy_env | default({}) }}"
-  when: ansible_distribution_major_version | int == 8