Merge pull request #3180 from edx/arbab/notifier-rewrite

use YAML syntax for rewriting the ansible tasks

playbooks/roles/notifier/handlers/main.yml

 ---
-
 - name: restart notifier-scheduler
-  supervisorctl: >
-    name=notifier-scheduler
-    state=restarted
-    config={{ supervisor_cfg }}
-    supervisorctl_path={{ supervisor_ctl }}
+  supervisorctl:
+    name: "notifier-scheduler"
+    state: restarted
+    config: "{{ supervisor_cfg }}"
+    supervisorctl_path: "{{ supervisor_ctl }}"
   when: not disable_edx_services
 
 - name: restart notifier-celery-workers
-  supervisorctl: >
-    name=notifier-celery-workers
-    state=restarted
-    config={{ supervisor_cfg }}
-    supervisorctl_path={{ supervisor_ctl }}
+  supervisorctl:
+    name: "notifier-celery-workers"
+    state: restarted
+    config: "{{ supervisor_cfg }}"
+    supervisorctl_path: "{{ supervisor_ctl }}"
   when: not disable_edx_services

playbooks/roles/notifier/tasks/deploy.yml

 ---
-
-- name: checkout code
+- name: Checkout code
   git_2_0_1:
-    dest={{ NOTIFIER_CODE_DIR }} repo={{ NOTIFIER_SOURCE_REPO }}
-    version={{ NOTIFIER_VERSION }}
-    accept_hostkey=yes
+    dest: "{{ NOTIFIER_CODE_DIR }}"
+    repo: "{{ NOTIFIER_SOURCE_REPO }}"
+    version: "{{ NOTIFIER_VERSION }}"
+    accept_hostkey: yes
   become: true
   become_user: "{{ notifier_user }}"
   notify:
@@ -12,48 +12,56 @@
     - restart notifier-celery-workers
 
 # Optional auth for git
-- name: create ssh script for git (not authenticated)
-  template: >
-    src=git_ssh_noauth.sh.j2 dest={{ notifier_git_ssh }}
-    owner={{ notifier_user }} mode=750
+- name: Create ssh script for git (not authenticated)
+  template:
+    src: "git_ssh_noauth.sh.j2"
+    dest: "{{ notifier_git_ssh }}"
+    owner: "{{ notifier_user }}"
+    mode: "0750"
   when: NOTIFIER_GIT_IDENTITY == ""
 
-- name: create ssh script for git (authenticated)
-  template: >
-    src=git_ssh_auth.sh.j2 dest={{ notifier_git_ssh }}
-    owner={{ notifier_user }} mode=750
+- name: Create ssh script for git (authenticated)
+  template:
+    src: "git_ssh_auth.sh.j2"
+    dest: "{{ notifier_git_ssh }}"
+    owner: "{{ notifier_user }}"
+    mode: "0750"
   when: NOTIFIER_GIT_IDENTITY != ""
 
-- name: install read-only ssh key
-  copy: >
-    content="{{ NOTIFIER_GIT_IDENTITY }}" dest={{ notifier_git_identity }}
-    force=yes owner={{ notifier_user }} mode=0600
+- name: Install read-only ssh key
+  copy:
+    content: "{{ NOTIFIER_GIT_IDENTITY }}"
+    dest: "{{ notifier_git_identity }}"
+    force: yes
+    owner: "{{ notifier_user }}"
+    mode: "0600"
   when: NOTIFIER_GIT_IDENTITY != ""
 
-- name: checkout theme
-  git_2_0_1: >
-    dest={{ NOTIFIER_CODE_DIR }}/{{ NOTIFIER_THEME_NAME }}
-    repo={{ NOTIFIER_THEME_REPO }}
-    version={{ NOTIFIER_THEME_VERSION }}
-    accept_hostkey=yes
+- name: Checkout theme
+  git_2_0_1:
+    dest: "{{ NOTIFIER_CODE_DIR }}/{{ NOTIFIER_THEME_NAME }}"
+    repo: "{{ NOTIFIER_THEME_REPO }}"
+    version: "{{ NOTIFIER_THEME_VERSION }}"
+    accept_hostkey: yes
   when: NOTIFIER_THEME_NAME != ''
   become_user: "{{ notifier_user }}"
   environment:
     GIT_SSH: "{{ notifier_git_ssh }}"
 
-- name: write notifier local settings
-  template: >
-    src=settings_local.py.j2
-    dest={{ NOTIFIER_CODE_DIR }}/notifier/settings_local.py
-    mode=0555
+- name: Write notifier local settings
+  template:
+    src: "settings_local.py.j2"
+    dest: "{{ NOTIFIER_CODE_DIR }}/notifier/settings_local.py"
+    mode: "0555"
   when: NOTIFIER_THEME_NAME != ''
   notify:
     - restart notifier-celery-workers
 
-- name: install application requirements
+- name: Install application requirements
   pip:
-    requirements="{{ NOTIFIER_REQUIREMENTS_FILE }}"
-    virtualenv="{{ NOTIFIER_VENV_DIR }}" state=present
+    requirements: "{{ NOTIFIER_REQUIREMENTS_FILE }}"
+    virtualenv: "{{ NOTIFIER_VENV_DIR }}"
+    state: present
   become: true
   become_user: "{{ notifier_user }}"
   notify:
@@ -63,10 +71,13 @@
 # Syncdb for whatever reason always creates the file owned by www-data:www-data, and then
 # complains it can't write because it's running as notifier.  So this is to touch the file into
 # place with proper perms first.
-- name: fix permissions on notifer db file
-  file: >
-    path={{ NOTIFIER_DB_DIR }}/notifier.db state=touch owner={{ notifier_user }} group={{ NOTIFIER_WEB_USER }}
-    mode=0664
+- name: Fix permissions on notifer db file
+  file:
+    path: "{{ NOTIFIER_DB_DIR }}/notifier.db"
+    state: touch
+    owner: "{{ notifier_user }}"
+    group: "{{ NOTIFIER_WEB_USER }}"
+    mode: "0664"
   become: true
   notify:
     - restart notifier-scheduler
@@ -74,9 +85,10 @@
   tags:
   - deploy
 
-- name: syncdb
-  shell: >
-    cd {{ NOTIFIER_CODE_DIR }} && {{ NOTIFIER_VENV_DIR }}/bin/python manage.py syncdb
+- name: Syncdb
+  shell: "{{ NOTIFIER_VENV_DIR }}/bin/python manage.py syncdb"
+  args:
+    chdir: "{{ NOTIFIER_CODE_DIR }}"
   become: true
   become_user: "{{ notifier_user }}"
   environment: notifier_env_vars

playbooks/roles/notifier/tasks/main.yml

 ---
-
 #
 # notifier
 #
@@ -17,138 +16,145 @@
 #   - common
 #   - notifier
 #
-- name: install notifier specific system packages
-  apt: pkg={{','.join(notifier_debian_pkgs)}} state=present
-
-- name: check if incommon ca is installed
-  command: test -e /usr/share/ca-certificates/incommon/InCommonServerCA.crt
+- name: Install notifier specific system packages
+  apt:
+    name: "{{ item }}"
+    state: present
+  with_items: "{{ notifier_debian_pkgs }}"
+
+- name: Check if incommon ca is installed
+  command: "test -e /usr/share/ca-certificates/incommon/InCommonServerCA.crt"
   register: incommon_present
   ignore_errors: yes
 
-- name: create incommon ca directory
+- name: Create incommon ca directory
   file:
-    path="/usr/share/ca-certificates/incommon" mode=2775 state=directory
+    path: "/usr/share/ca-certificates/incommon"
+    state: directory
+    mode: "2775"
   when: incommon_present|failed
 
-- name: retrieve incommon server CA
-  shell: curl https://www.incommon.org/cert/repository/InCommonServerCA.txt -o /usr/share/ca-certificates/incommon/InCommonServerCA.crt
+- name: Retrieve incommon server CA
+  get_url:
+    url: "https://www.incommon.org/cert/repository/InCommonServerCA.txt"
+    dest: "/usr/share/ca-certificates/incommon/InCommonServerCA.crt"
   when: incommon_present|failed
 
-- name: add InCommon ca cert
+- name: Add InCommon ca cert
   lineinfile:
-    dest=/etc/ca-certificates.conf
-    regexp='incommon/InCommonServerCA.crt'
-    line='incommon/InCommonServerCA.crt'
-
-- name: update ca certs globally
-  shell: update-ca-certificates
-
-- name: create notifier user {{ notifier_user }}
-  user: >
-    name="{{ notifier_user }}" state=present shell=/bin/false
-    home="{{ notifier_app_dir }}" createhome=no
-
-- name: create notifier app dir
-  file: >
-    path="{{ notifier_app_dir }}" state=directory
-    owner="{{ notifier_user }}" group="{{ common_web_group }}"
-  notify: [restart notifier-scheduler, restart notifier-celery-workers]
-
-- name: setup the notifier env
+    dest: /etc/ca-certificates.conf
+    regexp: 'incommon/InCommonServerCA.crt'
+    line: 'incommon/InCommonServerCA.crt'
+
+- name: Update ca certs globally
+  shell: "update-ca-certificates"
+
+- name: Create notifier user {{ notifier_user }}
+  user:
+    name: "{{ notifier_user }}"
+    state: present
+    shell: /bin/false
+    home: "{{ notifier_app_dir }}"
+    createhome: no
+
+- name: Create notifier app dir
+  file:
+    path: "{{ notifier_app_dir }}"
+    state: directory
+    owner: "{{ notifier_user }}"
+    group: "{{ common_web_group }}"
+  notify:
+    - restart notifier-scheduler
+    - restart notifier-celery-workers
+
+- name: Setup the notifier env
   template:
-    src=notifier_env.j2 dest={{ notifier_app_dir }}/notifier_env
-    owner="{{ notifier_user }}" group="{{ notifier_user }}"
-    mode=655
-
-- name: drop a bash_profile
-  copy: >
-    src=../../common/files/bash_profile
-    dest={{ notifier_app_dir }}/.bash_profile
-    owner={{ notifier_user }}
-    group={{ notifier_user }}
-
-- name: ensure .bashrc exists
-  shell: touch {{ notifier_app_dir }}/.bashrc
+    src: "notifier_env.j2"
+    dest: "{{ notifier_app_dir }}/notifier_env"
+    owner: "{{ notifier_user }}"
+    group: "{{ notifier_user }}"
+    mode: "0655"
+
+- name: Drop a bash_profile
+  copy:
+    src: "../../common/files/bash_profile"
+    dest: "{{ notifier_app_dir }}/.bash_profile"
+    owner: "{{ notifier_user }}"
+    group: "{{ notifier_user }}"
+
+- name: Ensure .bashrc exists
+  file:
+    path: "{{ notifier_app_dir }}/.bashrc"
+    state: touch
   become: true
   become_user: "{{ notifier_user }}"
 
-- name: add source of notifier_env to .bashrc
+- name: Add source of notifier_env to .bashrc
   lineinfile:
-    dest={{ notifier_app_dir }}/.bashrc
-    regexp='. {{ notifier_app_dir }}/notifier_env'
-    line='. {{ notifier_app_dir }}/notifier_env'
+    dest: "{{ notifier_app_dir }}/.bashrc"
+    regexp: '. {{ notifier_app_dir }}/notifier_env'
+    line: '. {{ notifier_app_dir }}/notifier_env'
 
-- name: add source venv to .bashrc
+- name: Add source venv to .bashrc
   lineinfile:
-    dest={{ notifier_app_dir }}/.bashrc
-    regexp='. {{ NOTIFIER_VENV_DIR }}/bin/activate'
-    line='. {{ NOTIFIER_VENV_DIR }}/bin/activate'
-
-- name: create notifier DB directory
-  file:
-    path="{{ NOTIFIER_DB_DIR }}" mode=2775 state=directory owner={{ notifier_user }} group={{ NOTIFIER_WEB_USER }}
-
-- name: create notifier/bin directory
-  file:
-    path="{{ notifier_app_dir }}/bin" mode=2775 state=directory owner={{ notifier_user }} group={{ notifier_user }}
+    dest: "{{ notifier_app_dir }}/.bashrc"
+    regexp: '. {{ NOTIFIER_VENV_DIR }}/bin/activate'
+    line: '. {{ NOTIFIER_VENV_DIR }}/bin/activate'
 
-- name: create notifier/.ssh directory
+- name: Create desired directories
   file:
-    path="{{ notifier_app_dir }}/.ssh" mode=2700 state=directory owner={{ notifier_user }} group={{ notifier_user }}
-
-- name: create service log dir
-  file: >
-    path="{{ item }}"
-    state=directory
-    owner="syslog"
-    group="syslog"
+    path: "{{ item.path }}"
+    state: directory
+    owner: "{{ item.owner }}"
+    group: "{{ item.group }}"
+    mode: "{{ item.mode }}"
   with_items:
-    - "{{ COMMON_LOG_DIR }}/notifier"
-
-- name: write supervisord wrapper for celery workers
-  template: >
-    src=notifier-celery-workers-supervisor.sh.j2
-    dest="{{ notifier_app_dir }}/notifier-celery-workers-supervisor.sh"
-    mode=0775
-  become_user: "{{ notifier_user }}"
+    - { path: '{{ NOTIFIER_DB_DIR }}', owner: '{{ notifier_user }}', group: '{{ NOTIFIER_WEB_USER }}', mode: '2775' }
+    - { path: '{{ notifier_app_dir }}/bin', owner: '{{ notifier_user }}', group: '{{ notifier_user }}', mode: '2775' }
+    - { path: '{{ notifier_app_dir }}/.ssh', owner: '{{ notifier_user }}', group: '{{ notifier_user }}', mode: '2700' }
+    - { path: '{{ COMMON_LOG_DIR }}/notifier', owner: 'syslog', group: 'syslog', mode: '0664' }
 
-- name: write supervisord wrapper for scheduler
-  template: >
-    src=notifier-scheduler-supervisor.sh.j2
-    dest="{{ notifier_app_dir }}/notifier-scheduler-supervisor.sh"
-    mode=0775
+- name: Write supervisord wrapper for celery workers and scheduler
+  template:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+    mode: "0775"
   become_user: "{{ notifier_user }}"
+  with_items:
+    - { src: 'notifier-celery-workers-supervisor.sh.j2', dest: '{{ notifier_app_dir }}/notifier-celery-workers-supervisor.sh' }
+    - { src: 'notifier-scheduler-supervisor.sh.j2', dest: '{{ notifier_app_dir }}/notifier-scheduler-supervisor.sh' }
 
-- name: write supervisord config for celery workers
-  template: >
-    src=edx/app/supervisor/conf.d/notifier-celery-workers.conf.j2
-    dest="{{ supervisor_available_dir }}/notifier-celery-workers.conf"
-  become_user: "{{ supervisor_user }}"
-
-- name: write supervisord config for scheduler
-  template: >
-    src=edx/app/supervisor/conf.d/notifier-scheduler.conf.j2
-    dest="{{ supervisor_available_dir }}/notifier-scheduler.conf"
+- name: Write supervisord config for celery workers and scheduler
+  template:
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
   become_user: "{{ supervisor_user }}"
+  with_items:
+    - { src: 'edx/app/supervisor/conf.d/notifier-celery-workers.conf.j2', dest: '{{ supervisor_available_dir }}/notifier-celery-workers.conf' }
+    - { src: 'edx/app/supervisor/conf.d/notifier-scheduler.conf.j2', dest: '{{ supervisor_available_dir }}/notifier-scheduler.conf' }
 
-- name: enable supervisord config for celery workers
-  file: >
-    src="{{ supervisor_available_dir }}/notifier-celery-workers.conf"
-    dest="{{ supervisor_cfg_dir }}/notifier-celery-workers.conf"
-    state=link
-    force=yes
+- name: Enable supervisord config for celery workers
+  file:
+    src: "{{ supervisor_available_dir }}/notifier-celery-workers.conf"
+    dest: "{{ supervisor_cfg_dir }}/notifier-celery-workers.conf"
+    state: link
+    force: yes
   become_user: "{{ supervisor_user }}"
-  notify: restart notifier-celery-workers
+  notify:
+    - restart notifier-celery-workers
   when: not disable_edx_services
 
-- name: enable supervisord config for scheduler
-  file: >
-    src="{{ supervisor_available_dir }}/notifier-scheduler.conf"
-    dest="{{ supervisor_cfg_dir }}/notifier-scheduler.conf"
-    state=link
-    force=yes
+- name: Enable supervisord config for scheduler
+  file:
+    src: "{{ supervisor_available_dir }}/notifier-scheduler.conf"
+    dest: "{{ supervisor_cfg_dir }}/notifier-scheduler.conf"
+    state: link
+    force: yes
   become_user: "{{ supervisor_user }}"
-  notify: restart notifier-scheduler
+  notify:
+    - restart notifier-scheduler
   when: not disable_edx_services
 
-- include: deploy.yml tags=deploy
+- include: deploy.yml
+  tags:
+    - deploy