From d734ece308f9ed808b2674911615c8c2c1e1eaa3 Mon Sep 17 00:00:00 2001
From: Alina Buzachis <abuzachis@redhat.com>
Date: Tue, 2 Sep 2025 13:44:39 +0200
Subject: [PATCH 1/2] Remove support for ansible-core < 2.17

Signed-off-by: Alina Buzachis <abuzachis@redhat.com>
---
 README.md                                  | 2 +-
 changelogs/fragments/ansible_core_bump.yml | 3 +++
 meta/runtime.yml                           | 2 +-
 3 files changed, 5 insertions(+), 2 deletions(-)
 create mode 100644 changelogs/fragments/ansible_core_bump.yml

diff --git a/README.md b/README.md
index d8e8609d..5eb7060b 100644
--- a/README.md
+++ b/README.md
@@ -15,7 +15,7 @@ To run rulebooks, [ansible-rulebook](https://ansible.readthedocs.io/projects/rul
 <!--start requires_ansible-->
 ### Ansible version compatibility
 
-This collection has been tested against following Ansible versions: **>=2.15.0**.
+This collection has been tested against following Ansible versions: **>=2.17.0**.
 
 ### Included content
 
diff --git a/changelogs/fragments/ansible_core_bump.yml b/changelogs/fragments/ansible_core_bump.yml
new file mode 100644
index 00000000..e8846e35
--- /dev/null
+++ b/changelogs/fragments/ansible_core_bump.yml
@@ -0,0 +1,3 @@
+---
+breaking_changes:
+  - Support for ansible-core < 2.17 has been dropped.
diff --git a/meta/runtime.yml b/meta/runtime.yml
index 898ad8ff..23796440 100644
--- a/meta/runtime.yml
+++ b/meta/runtime.yml
@@ -1,2 +1,2 @@
 ---
-requires_ansible: '>=2.15.0'
+requires_ansible: '>=2.17.0'

From 861420c31d90677089d6596d109b6c98adddf846 Mon Sep 17 00:00:00 2001
From: Alina Buzachis <abuzachis@redhat.com>
Date: Tue, 2 Sep 2025 14:00:14 +0200
Subject: [PATCH 2/2] Ansible lint fixes

Signed-off-by: Alina Buzachis <abuzachis@redhat.com>
---
 .github/workflows/integration.yml             |  2 +-
 .github/workflows/sanity.yml                  | 35 +++++++++++++++++++
 changelogs/fragments/ansible-lint.yml         |  3 ++
 roles/clone_on_prem_vm/tasks/main.yml         |  6 ++--
 roles/deploy_flask_app/tasks/setup_infra.yaml | 18 +++++-----
 .../ec2_networking_resources/tasks/delete.yml | 30 ++++++++--------
 .../tasks/ec2_instance_create_operations.yml  | 24 ++++++-------
 .../tasks/ec2_instance_delete_operations.yml  | 10 +++---
 8 files changed, 83 insertions(+), 45 deletions(-)
 create mode 100644 changelogs/fragments/ansible-lint.yml

diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml
index 26f03ab8..b40c405c 100644
--- a/.github/workflows/integration.yml
+++ b/.github/workflows/integration.yml
@@ -54,7 +54,7 @@ jobs:
     env:
       source: "./source"
       ansible_version: "milestone"
-      python_version: "3.11"
+      python_version: "3.12"
     strategy:
       fail-fast: false
       matrix:
diff --git a/.github/workflows/sanity.yml b/.github/workflows/sanity.yml
index 8fa8bdfc..75760b5d 100644
--- a/.github/workflows/sanity.yml
+++ b/.github/workflows/sanity.yml
@@ -14,3 +14,38 @@ on:
 jobs:
   sanity:
     uses: ansible-network/github_actions/.github/workflows/sanity.yml@main
+    with:
+      matrix_exclude: >-
+          [
+            {
+              "ansible-version": "devel",
+              "python-version": "3.11"
+            },
+            {
+              "ansible-version": "milestone",
+              "python-version": "3.11"
+            },
+            {
+              "ansible-version": "devel",
+              "python-version": "3.10"
+            },
+            {
+              "ansible-version": "milestone",
+              "python-version": "3.10"
+            },
+            {
+              "ansible-version": "stable-2.19",
+              "python-version": "3.10"
+            },
+            {
+              "ansible-version": "stable-2.18",
+              "python-version": "3.10"
+            },
+            {
+              "ansible-version": "stable-2.17",
+              "python-version": "3.13"
+            },
+            {
+              "ansible-version": "stable-2.16"
+            }
+          ]
diff --git a/changelogs/fragments/ansible-lint.yml b/changelogs/fragments/ansible-lint.yml
new file mode 100644
index 00000000..02466222
--- /dev/null
+++ b/changelogs/fragments/ansible-lint.yml
@@ -0,0 +1,3 @@
+---
+minor_changes:
+  - Rename several register variables to include a role-name prefix, ensuring compliance with the ansible-lint standard.
diff --git a/roles/clone_on_prem_vm/tasks/main.yml b/roles/clone_on_prem_vm/tasks/main.yml
index 88fed226..dc3ec521 100644
--- a/roles/clone_on_prem_vm/tasks/main.yml
+++ b/roles/clone_on_prem_vm/tasks/main.yml
@@ -7,17 +7,17 @@
 - name: Gather package facts
   ansible.builtin.package_facts:
     manager: auto
-  register: package_facts
+  register: clone_on_prem_vm__package_facts
 
 - name: Qemu is not installed
   ansible.builtin.debug:
     msg: "qemu is not installed"
-  when: "'qemu' not in package_facts.ansible_facts.packages"
+  when: "'qemu' not in clone_on_prem_vm__package_facts.ansible_facts.packages"
 
 - name: Qemu-img is not installed
   ansible.builtin.debug:
     msg: "qemu-img is not installed"
-  when: "'qemu-img' not in package_facts.ansible_facts.packages"
+  when: "'qemu-img' not in clone_on_prem_vm__package_facts.ansible_facts.packages"
 
 - name: Create temporary directory to create the clone in
   ansible.builtin.tempfile:
diff --git a/roles/deploy_flask_app/tasks/setup_infra.yaml b/roles/deploy_flask_app/tasks/setup_infra.yaml
index 0b52bded..5792ccaa 100644
--- a/roles/deploy_flask_app/tasks/setup_infra.yaml
+++ b/roles/deploy_flask_app/tasks/setup_infra.yaml
@@ -3,15 +3,15 @@
   amazon.aws.ec2_instance_info:
     instance_ids:
       - "{{ deploy_flask_app_bastion_instance_id }}"
-  register: bastion_info
+  register: deploy_flask_app__bastion_info
 
 - name: Set common variables to be used later
   ansible.builtin.set_fact:
-    deploy_flask_app__resource_prefix: "{{ bastion_info.instances.0.public_dns_name | split('.') | first }}"
-    deploy_flask_app__group_id: "{{ bastion_info.instances.0.security_groups[0].group_id }}"
-    deploy_flask_app__vm_image_id: "{{ bastion_info.instances.0.image_id }}"
-    deploy_flask_app__bastion_public_ip: "{{ bastion_info.instances.0.public_ip_address }}"
-    deploy_flask_app__public_subnet_id: "{{ bastion_info.instances.0.subnet_id }}"
+    deploy_flask_app__resource_prefix: "{{ deploy_flask_app__bastion_info.instances.0.public_dns_name | split('.') | first }}"
+    deploy_flask_app__group_id: "{{ deploy_flask_app__bastion_info.instances.0.security_groups[0].group_id }}"
+    deploy_flask_app__vm_image_id: "{{ deploy_flask_app__bastion_info.instances.0.image_id }}"
+    deploy_flask_app__bastion_public_ip: "{{ deploy_flask_app__bastion_info.instances.0.public_ip_address }}"
+    deploy_flask_app__public_subnet_id: "{{ deploy_flask_app__bastion_info.instances.0.subnet_id }}"
 
 - name: Set variable for key pair and bastion hostname
   ansible.builtin.set_fact:
@@ -29,14 +29,14 @@
 - name: Create key pair to connect to the workers
   amazon.aws.ec2_key:
     name: "{{ deploy_flask_app__workers_keypair_name }}"
-  register: keypair_result
+  register: deploy_flask_app__keypair_result
 
 - name: Save key pair content into file on bastion host
   ansible.builtin.copy:
-    content: "{{ keypair_result.key.private_key }}"
+    content: "{{ deploy_flask_app__keypair_result.key.private_key }}"
     dest: "{{ deploy_flask_app_workers_ssh_private_key }}"
     mode: 0600
-  when: keypair_result is changed
+  when: deploy_flask_app__keypair_result is changed
   delegate_to: "{{ deploy_flask_app__bastion_hostname }}"
 
 - name: Create workers instances
diff --git a/roles/ec2_networking_resources/tasks/delete.yml b/roles/ec2_networking_resources/tasks/delete.yml
index d2a26704..37daf932 100644
--- a/roles/ec2_networking_resources/tasks/delete.yml
+++ b/roles/ec2_networking_resources/tasks/delete.yml
@@ -3,59 +3,59 @@
   amazon.aws.ec2_vpc_net_info:
     filters:
       "tag:Name": "{{ ec2_networking_resources_vpc_name }}"
-  register: vpc_info
+  register: ec2_networking_resources__vpc_info
 
 - name: Set VPC ID
   ansible.builtin.set_fact:
-    vpc_id: "{{ vpc_info.vpcs[0].vpc_id }}"
+    ec2_networking_resources__vpc_id: "{{ ec2_networking_resources__vpc_info.vpcs[0].vpc_id }}"
 
 - name: Get VPC security groups
   amazon.aws.ec2_security_group_info:
     filters:
-      vpc-id: "{{ vpc_id }}"
-  register: vpc_security_groups
+      vpc-id: "{{ ec2_networking_resources__vpc_id }}"
+  register: ec2_networking_resources__vpc_security_groups
 
 - name: Delete VPC security groups
   amazon.aws.ec2_security_group:
     state: absent
     group_id: "{{ item.group_id }}"
-  loop: "{{ vpc_security_groups.security_groups }}"
+  loop: "{{ ec2_networking_resources__vpc_security_groups.security_groups }}"
   when: item.group_name != "default"
 
 - name: Get VPC subnets
   amazon.aws.ec2_vpc_subnet_info:
     filters:
-      vpc-id: "{{ vpc_id }}"
-  register: vpc_subnets
+      vpc-id: "{{ ec2_networking_resources__vpc_id }}"
+  register: ec2_networking_resources__vpc_subnets
 
 - name: Delete VPC subnets
   amazon.aws.ec2_vpc_subnet:
     state: absent
-    vpc_id: "{{ vpc_id }}"
+    vpc_id: "{{ ec2_networking_resources__vpc_id }}"
     cidr: "{{ item.cidr_block }}"
-  loop: "{{ vpc_subnets.subnets }}"
+  loop: "{{ ec2_networking_resources__vpc_subnets.subnets }}"
 
 - name: Delete VPC internet gateways
   amazon.aws.ec2_vpc_igw:
     state: absent
-    vpc_id: "{{ vpc_id }}"
+    vpc_id: "{{ ec2_networking_resources__vpc_id }}"
 
 - name: Get VPC route tables
   amazon.aws.ec2_vpc_route_table_info:
     filters:
-      vpc-id: "{{ vpc_id }}"
-  register: vpc_route_tables
+      vpc-id: "{{ ec2_networking_resources__vpc_id }}"
+  register: ec2_networking_resources__vpc_route_tables
 
 - name: Delete VPC route tables
   amazon.aws.ec2_vpc_route_table:
     state: absent
-    vpc_id: "{{ vpc_id }}"
+    vpc_id: "{{ ec2_networking_resources__vpc_id }}"
     lookup: id
     route_table_id: "{{ item.id }}"
-  loop: "{{ vpc_route_tables.route_tables }}"
+  loop: "{{ ec2_networking_resources__vpc_route_tables.route_tables }}"
   when: item.associations | length == 0 or true not in item.associations | map(attribute='main')
 
 - name: Delete VPC
   amazon.aws.ec2_vpc_net:
-    vpc_id: "{{ vpc_id }}"
+    vpc_id: "{{ ec2_networking_resources__vpc_id }}"
     state: absent
diff --git a/roles/manage_ec2_instance/tasks/ec2_instance_create_operations.yml b/roles/manage_ec2_instance/tasks/ec2_instance_create_operations.yml
index 7fef6a45..0b1d9681 100644
--- a/roles/manage_ec2_instance/tasks/ec2_instance_create_operations.yml
+++ b/roles/manage_ec2_instance/tasks/ec2_instance_create_operations.yml
@@ -6,12 +6,12 @@
         filters:
           tag:Name: "{{ manage_ec2_instance_instance_name }}"
           instance-state-name: ["pending", "running", "stopping", "stopped"]
-      register: ec2_info_result
+      register: manage_ec2_instance__ec2_info_result
 
     - name: Print warning and exit if instance exists
       ansible.builtin.fail:
         msg: "Instance with name {{ manage_ec2_instance_instance_name }} already exists in {{ aws_region }}. Please provide a different name to avoid updating the existing instance."
-      when: ec2_info_result.instances | length > 0
+      when: manage_ec2_instance__ec2_info_result.instances | length > 0
 
 - name: Create a key pair if required
   when: manage_ec2_instance_key_name is defined and manage_ec2_instance_key_name | length > 0
@@ -20,14 +20,14 @@
       amazon.aws.ec2_key_info:
         names:
           - "{{ manage_ec2_instance_key_name }}"
-      register: key_info_result
+      register: manage_ec2_instance__key_info_result
 
     - name: Create new key pair
       amazon.aws.ec2_key:
         name: "{{ manage_ec2_instance_key_name }}"
         state: present
-      when: key_info_result.keypairs | length == 0
-      register: ec2_instance_manage_key_pair_result
+      when: manage_ec2_instance__key_info_result.keypairs | length == 0
+      register: manage_ec2_instance__key_pair_result
       no_log: true
 
 - name: Create EC2 instance with provided configuration
@@ -41,22 +41,22 @@
     vpc_subnet_id: "{{ manage_ec2_instance_vpc_subnet_id | default(omit) }}"
     tags: "{{ manage_ec2_instance_tags | default(omit) }}"
     wait: "{{ manage_ec2_instance_wait_for_state }}"
-  register: ec2_instance
+  register: manage_ec2_instance__ec2_instance
 
 - name: Allocate and associate Elastic IP if enabled
   when: manage_ec2_instance_associate_eip is true
   amazon.aws.ec2_eip:
-    device_id: "{{ ec2_instance.instance_ids[0] }}"
+    device_id: "{{ manage_ec2_instance__ec2_instance.instance_ids[0] }}"
     state: present
-  register: instance_eip
+  register: manage_ec2_instance__instance_eip
 
 - name: Get EC2 instance info
   amazon.aws.ec2_instance_info:
-    instance_ids: "{{ ec2_instance.instance_ids[0] }}"
-  register: ec2_instance_manage_create_result
+    instance_ids: "{{ manage_ec2_instance__ec2_instance.instance_ids[0] }}"
+  register: manage_ec2_instance__reate_result
 
 - name: Output details of the created EC2 instance
   ansible.builtin.debug:
     msg:
-      - "EC2 instance {{ ec2_instance.instance_ids[0] }} created successfully"
-      - "Instance details: {{ ec2_instance_manage_create_result.instances[0] }}"
+      - "EC2 instance {{ manage_ec2_instance__ec2_instance.instance_ids[0] }} created successfully"
+      - "Instance details: {{ manage_ec2_instance__reate_result.instances[0] }}"
diff --git a/roles/manage_ec2_instance/tasks/ec2_instance_delete_operations.yml b/roles/manage_ec2_instance/tasks/ec2_instance_delete_operations.yml
index 4e8685b7..3b08de6e 100644
--- a/roles/manage_ec2_instance/tasks/ec2_instance_delete_operations.yml
+++ b/roles/manage_ec2_instance/tasks/ec2_instance_delete_operations.yml
@@ -4,23 +4,23 @@
     filters:
       tag:Name: "{{ manage_ec2_instance_instance_name }}"
       instance-state-name: ["pending", "running", "stopping", "stopped"]
-  register: ec2_info_result
+  register: manage_ec2_instance__ec2_info_result
 
 - name: Disassociate and release EIP if present
-  when: ec2_info_result.instances | length > 0
+  when: manage_ec2_instance__ec2_info_result.instances | length > 0
   # and ec2_info_result.instances[0].network_interfaces.association.public_ip is defined
   amazon.aws.ec2_eip:
-    device_id: "{{ ec2_info_result.instances[0].instance_id }}"
+    device_id: "{{ manage_ec2_instance__ec2_info_result.instances[0].instance_id }}"
     state: absent
     release_on_disassociation: true
 
 - name: Terminate EC2 Instance if present
-  when: ec2_info_result.instances | length > 0
+  when: manage_ec2_instance__ec2_info_result.instances | length > 0
   amazon.aws.ec2_instance:
     state: terminated
     wait: "{{ manage_ec2_instance_wait_for_state }}"
     instance_ids:
-      - "{{ ec2_info_result.instances[0].instance_id }}"
+      - "{{ manage_ec2_instance__ec2_info_result.instances[0].instance_id }}"
 
 - name: Delete keypair if provided
   when: manage_ec2_instance_key_name is defined and manage_ec2_instance_key_name | length > 0