Merge pull request #1007 from t-woerner/FQCN_ansible_builtin

Use FQCN for ansible.builtin
2026-03-26 21:33:05 +00:00 · 2023-01-03 16:24:19 -03:00
parent a8d44e2c52 b175c78c95
commit ba353a9b16
155 changed files with 502 additions and 502 deletions
--- a/playbooks/config/retrieve-config.yml
+++ b/playbooks/config/retrieve-config.yml
@@ -11,5 +11,5 @@
    register: serverconfig

  - name: Display current configuration.
-    debug:
+    ansible.builtin.debug:
      msg: "{{ serverconfig }}"
--- a/playbooks/dnszone/dnszone-reverse-from-ip.yml
+++ b/playbooks/dnszone/dnszone-reverse-from-ip.yml
@@ -11,5 +11,5 @@
    register: result

  - name: Zone name inferred from `name_from_ip`
-    debug:
+    ansible.builtin.debug:
      msg: "Zone created: {{ result.dnszone.name }}"
--- a/playbooks/host/ensure_host_with_randompassword.yml
+++ b/playbooks/host/ensure_host_with_randompassword.yml
@@ -14,5 +14,5 @@
    register: ipahost

  - name: Print generated random password
-    debug:
+    ansible.builtin.debug:
      var: ipahost.host.randompassword
--- a/playbooks/host/host-present-with-randompassword.yml
+++ b/playbooks/host/host-present-with-randompassword.yml
@@ -13,5 +13,5 @@
    register: ipahost

  - name: Print generated random password
-    debug:
+    ansible.builtin.debug:
      var: ipahost.host.randompassword
--- a/playbooks/host/hosts-present-with-randompasswords.yml
+++ b/playbooks/host/hosts-present-with-randompasswords.yml
@@ -17,9 +17,9 @@
    register: ipahost

  - name: Print generated random password for host01.example.com
-    debug:
+    ansible.builtin.debug:
      var: ipahost.host["host01.example.com"].randompassword

  - name: Print generated random password for host02.example.com
-    debug:
+    ansible.builtin.debug:
      var: ipahost.host["host02.example.com"].randompassword
--- a/playbooks/user/ensure_user_with_randompassword.yml
+++ b/playbooks/user/ensure_user_with_randompassword.yml
@@ -15,5 +15,5 @@
    register: ipauser

  - name: Print generated random password
-    debug:
+    ansible.builtin.debug:
      var: ipauser.user.randompassword
--- a/playbooks/user/ensure_users_with_randompasswords.yml
+++ b/playbooks/user/ensure_users_with_randompasswords.yml
@@ -20,9 +20,9 @@
    register: ipauser

  - name: Print generated random password for user1
-    debug:
+    ansible.builtin.debug:
      var: ipauser.user.user1.randompassword

  - name: Print generated random password for user2
-    debug:
+    ansible.builtin.debug:
      var: ipauser.user.user2.randompassword
--- a/playbooks/vault/retrive-data-asymmetric-vault.yml
+++ b/playbooks/vault/retrive-data-asymmetric-vault.yml
@@ -15,5 +15,5 @@
      register: result
      no_log: true
    - name: Display retrieved data.
-      debug:
+      ansible.builtin.debug:
        msg: "Data: {{ result.vault.data }}"
--- a/playbooks/vault/retrive-data-symmetric-vault.yml
+++ b/playbooks/vault/retrive-data-symmetric-vault.yml
@@ -15,5 +15,5 @@
      register: result
      no_log: true
    - name: Display retrieved data.
-      debug:
+      ansible.builtin.debug:
        msg: "Data: {{ result.vault.data }}"
--- a/playbooks/vault/vault-is-present-with-password-file.yml
+++ b/playbooks/vault/vault-is-present-with-password-file.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Copy file containing password to server.
-    copy:
+    ansible.builtin.copy:
      src: "{{ playbook_dir }}/password.txt"
      dest: "{{ ansible_facts['env'].HOME }}/password.txt"
      owner: "{{ ansible_user }}"
@@ -20,6 +20,6 @@
      vault_type: symmetric
      vault_password_file: "{{ ansible_facts['env'].HOME }}/password.txt"
  - name: Remove file containing password from server.
-    file:
+    ansible.builtin.file:
      path: "{{ ansible_facts['env'].HOME }}/password.txt"
      state: absent
--- a/playbooks/vault/vault-is-present-with-public-key-file.yml
+++ b/playbooks/vault/vault-is-present-with-public-key-file.yml
@@ -11,7 +11,7 @@

  tasks:
  - name: Copy public key file to server.
-    copy:
+    ansible.builtin.copy:
      src: "{{ playbook_dir }}/public.pem"
      dest: "{{ ansible_facts['env'].HOME }}/public.pem"
      owner: "{{ ansible_user }}"
@@ -25,6 +25,6 @@
      vault_type: asymmetric
      vault_public_key_file: "{{ ansible_facts['env'].HOME }}/public.pem"
  - name: Remove public key file from server.
-    file:
+    ansible.builtin.file:
      path: "{{ ansible_facts['env'].HOME }}/public.pem"
      state: absent
--- a/roles/ipabackup/tasks/backup.yml
+++ b/roles/ipabackup/tasks/backup.yml
@@ -2,7 +2,7 @@
 # tasks file for ipabackup

 - name: Create backup
-  shell: >
+  ansible.builtin.shell: >
    ipa-backup
    {{ "--gpg" if ipabackup_gpg | bool else "" }}
    {{ "--gpg-keyring="+ipabackup_gpg_keyring if ipabackup_gpg_keyring is defined else "" }}
@@ -15,7 +15,7 @@

 - block:
  - name: Get ipabackup_item from stderr or stdout output
-    set_fact:
+    ansible.builtin.set_fact:
      ipabackup_item: "{{ item | regex_search('\n.*/([^\n]+)','\\1') | first }}"
    when: item.find("Backed up to "+ipabackup_dir+"/") > 0
    with_items:
@@ -25,15 +25,15 @@
      label: ""

  - name: Fail on missing ipabackup_item
-    fail: msg="Failed to get ipabackup_item"
+    ansible.builtin.fail: msg="Failed to get ipabackup_item"
    when: ipabackup_item is not defined

  - name: Copy backup to controller
-    include_tasks: "{{ role_path }}/tasks/copy_backup_from_server.yml"
+    ansible.builtin.include_tasks: "{{ role_path }}/tasks/copy_backup_from_server.yml"
    when: state|default("present") == "present"

  - name: Remove backup on server
-    include_tasks: "{{ role_path }}/tasks/remove_backup_from_server.yml"
+    ansible.builtin.include_tasks: "{{ role_path }}/tasks/remove_backup_from_server.yml"
    when: not ipabackup_keep_on_server

  when: ipabackup_to_controller
--- a/roles/ipabackup/tasks/copy_backup_from_server.yml
+++ b/roles/ipabackup/tasks/copy_backup_from_server.yml
@@ -1,36 +1,36 @@
 ---
 - name: Fail on invalid ipabackup_item
-  fail: msg="ipabackup_item {{ ipabackup_item }} is not valid"
+  ansible.builtin.fail: msg="ipabackup_item {{ ipabackup_item }} is not valid"
  when: ipabackup_item is not defined or
        ipabackup_item | length < 1 or
        (ipabackup_item.find("ipa-full-") == -1 and
         ipabackup_item.find("ipa-data-") == -1)

 - name: Set controller destination directory
-  set_fact:
+  ansible.builtin.set_fact:
    ipabackup_controller_dir:
        "{{ ipabackup_controller_path | default(lookup('env','PWD')) }}/{{
         ipabackup_name_prefix | default(ansible_facts['fqdn']) }}_{{
         ipabackup_item }}/"

 - name: Stat backup on server
-  stat:
+  ansible.builtin.stat:
    path: "{{ ipabackup_dir }}/{{ ipabackup_item }}"
  register: result_backup_stat

 - name: Fail on missing backup directory
-  fail: msg="Unable to find backup {{ ipabackup_item }}"
+  ansible.builtin.fail: msg="Unable to find backup {{ ipabackup_item }}"
  when: result_backup_stat.stat.isdir is not defined

 - name: Get backup files to copy for "{{ ipabackup_item }}"
-  shell:
+  ansible.builtin.shell:
    find . -type f | cut -d"/" -f 2
  args:
    chdir: "{{ ipabackup_dir }}/{{ ipabackup_item }}"
  register: result_find_backup_files

 - name: Copy server backup files to controller
-  fetch:
+  ansible.builtin.fetch:
    flat: yes
    src: "{{ ipabackup_dir }}/{{ ipabackup_item }}/{{ item }}"
    dest: "{{ ipabackup_controller_dir }}"
@@ -38,7 +38,7 @@
  - "{{ result_find_backup_files.stdout_lines }}"

 - name: Fix file modes for backup on controller
-  file:
+  ansible.builtin.file:
    dest: "{{ ipabackup_controller_dir }}"
    mode: u=rwX,go=
    recurse: yes
--- a/roles/ipabackup/tasks/copy_backup_to_server.yml
+++ b/roles/ipabackup/tasks/copy_backup_to_server.yml
@@ -1,40 +1,40 @@
 ---
 - name: Fail on invalid ipabackup_name
-  fail: msg="ipabackup_name {{ ipabackup_name }} is not valid"
+  ansible.builtin.fail: msg="ipabackup_name {{ ipabackup_name }} is not valid"
  when: ipabackup_name is not defined or
        ipabackup_name | length < 1 or
        (ipabackup_name.find("ipa-full-") == -1 and
         ipabackup_name.find("ipa-data-") == -1)

 - name: Set controller source directory
-  set_fact:
+  ansible.builtin.set_fact:
    ipabackup_controller_dir:
      "{{ ipabackup_controller_path | default(lookup('env','PWD')) }}"

 - name: Set ipabackup_item
-  set_fact:
+  ansible.builtin.set_fact:
    ipabackup_item:
      "{{ ipabackup_name | regex_search('.*_(ipa-.+)','\\1') | first }}"
  when: "'_ipa-' in ipabackup_name"

 - name: Set ipabackup_item
-  set_fact:
+  ansible.builtin.set_fact:
    ipabackup_item: "{{ ipabackup_name }}"
  when: "'_ipa-' not in ipabackup_name"

 - name: Stat backup to copy
-  stat:
+  ansible.builtin.stat:
    path: "{{ ipabackup_controller_dir }}/{{ ipabackup_name }}"
  register: result_backup_stat
  delegate_to: localhost
  become: no

 - name: Fail on missing backup to copy
-  fail: msg="Unable to find backup {{ ipabackup_name }}"
+  ansible.builtin.fail: msg="Unable to find backup {{ ipabackup_name }}"
  when: result_backup_stat.stat.isdir is not defined

 - name: Copy backup files to server for "{{ ipabackup_item }}"
-  copy:
+  ansible.builtin.copy:
    src: "{{ ipabackup_controller_dir }}/{{ ipabackup_name }}/"
    dest: "{{ ipabackup_dir }}/{{ ipabackup_item }}"
    owner: root
--- a/roles/ipabackup/tasks/get_ipabackup_dir.yml
+++ b/roles/ipabackup/tasks/get_ipabackup_dir.yml
@@ -4,5 +4,5 @@
  register: result_ipabackup_get_backup_dir

 - name: Set IPA backup dir
-  set_fact:
+  ansible.builtin.set_fact:
    ipabackup_dir: "{{ result_ipabackup_get_backup_dir.backup_dir }}"
--- a/roles/ipabackup/tasks/main.yml
+++ b/roles/ipabackup/tasks/main.yml
@@ -2,7 +2,7 @@
 # tasks file for ipabackup

 - name: Check for empty vars
-  fail: msg="Variable {{ item }} is empty"
+  ansible.builtin.fail: msg="Variable {{ item }} is empty"
  when: "item in vars and not vars[item]"
  with_items: "{{ ipabackup_empty_var_checks }}"
  vars:
@@ -18,43 +18,43 @@
    - ipabackup_firewalld_zone

 - name: Set ipabackup_data if ipabackup_data is not set but ipabackup_online is
-  set_fact:
+  ansible.builtin.set_fact:
    ipabackup_data: yes
  when: ipabackup_online | bool and not ipabackup_data | bool

 - name: Fail if ipabackup_from_controller and ipabackup_to_controller are set
-  fail: msg="ipabackup_from_controller and ipabackup_to_controller are set"
+  ansible.builtin.fail: msg="ipabackup_from_controller and ipabackup_to_controller are set"
  when: ipabackup_from_controller | bool and ipabackup_to_controller | bool

 - name: Fail for given ipabackup_name if state is not copied, restored or absent
-  fail: msg="ipabackup_name is given and state is not copied, restored or absent"
+  ansible.builtin.fail: msg="ipabackup_name is given and state is not copied, restored or absent"
  when: state is not defined or
        (state != "copied" and state != "restored" and state != "absent") and
        ipabackup_name is defined

 - name: Get ipabackup_dir from IPA installation
-  include_tasks: "{{ role_path }}/tasks/get_ipabackup_dir.yml"
+  ansible.builtin.include_tasks: "{{ role_path }}/tasks/get_ipabackup_dir.yml"

 - name: Backup IPA server
-  include_tasks: "{{ role_path }}/tasks/backup.yml"
+  ansible.builtin.include_tasks: "{{ role_path }}/tasks/backup.yml"
  when: state|default("present") == "present"

 - name: Fail on missing ipabackup_name
-  fail: msg="ipabackup_name is not set"
+  ansible.builtin.fail: msg="ipabackup_name is not set"
  when: (ipabackup_name is not defined or not ipabackup_name) and
        state is defined and
        (state == "copied" or state == "restored" or state == "absent")

 - block:
  - name: Get list of all backups on IPA server
-    shell:
+    ansible.builtin.shell:
      find . -name "ipa-full-*" -o -name "ipa-data-*" | cut -d"/" -f 2
    args:
      chdir: "{{ ipabackup_dir }}/"
    register: result_backup_find_backup_files

  - name: Set ipabackup_names using backup list
-    set_fact:
+    ansible.builtin.set_fact:
      ipabackup_names: "{{ result_backup_find_backup_files.stdout_lines }}"

  when: state is defined and
@@ -64,28 +64,28 @@

 - block:
  - name: Fail on ipabackup_name all
-    fail: msg="ipabackup_name can not be all in this case"
+    ansible.builtin.fail: msg="ipabackup_name can not be all in this case"
    when: ipabackup_name is defined and ipabackup_name == "all"

  - name: Set ipabackup_names from ipabackup_name string
-    set_fact:
+    ansible.builtin.set_fact:
      ipabackup_names: ["{{ ipabackup_name }}"]
    when: ipabackup_name | type_debug != "list"

  - name: Set ipabackup_names from ipabackup_name list
-    set_fact:
+    ansible.builtin.set_fact:
      ipabackup_names: "{{ ipabackup_name }}"
    when: ipabackup_name | type_debug == "list"
  when: ipabackup_names is not defined and ipabackup_name is defined

 - name: Set empty ipabackup_names if ipabackup_name is not defined
-  set_fact:
+  ansible.builtin.set_fact:
    ipabackup_names: []
  when: ipabackup_names is not defined and ipabackup_name is not defined

 - block:
  - name: Copy backup from IPA server
-    include_tasks: "{{ role_path }}/tasks/copy_backup_from_server.yml"
+    ansible.builtin.include_tasks: "{{ role_path }}/tasks/copy_backup_from_server.yml"
    vars:
      ipabackup_item: "{{ main_item | basename }}"
    with_items:
@@ -95,7 +95,7 @@
    when: state is defined and state == "copied"

  - name: Remove backup from IPA server
-    include_tasks: "{{ role_path }}/tasks/remove_backup_from_server.yml"
+    ansible.builtin.include_tasks: "{{ role_path }}/tasks/remove_backup_from_server.yml"
    vars:
      ipabackup_item: "{{ main_item | basename }}"
    with_items:
@@ -111,7 +111,7 @@
 # restore.

 - name: Fail to copy or restore more than one backup on the server
-  fail: msg="Only one backup can be copied to the server or restored"
+  ansible.builtin.fail: msg="Only one backup can be copied to the server or restored"
  when: state is defined and (state == "copied" or state == "restored") and
        ipabackup_from_controller | bool and ipabackup_names | length != 1

@@ -119,10 +119,10 @@

 - block:
  - name: Copy backup to server
-    include_tasks: "{{ role_path }}/tasks/copy_backup_to_server.yml"
+    ansible.builtin.include_tasks: "{{ role_path }}/tasks/copy_backup_to_server.yml"

  - name: Restore IPA server after copy
-    include_tasks: "{{ role_path }}/tasks/restore.yml"
+    ansible.builtin.include_tasks: "{{ role_path }}/tasks/restore.yml"
    when: state|default("present") == "restored"

  vars:
@@ -131,7 +131,7 @@
        (state|default("present") == "copied" and not ipabackup_to_controller)

 - name: Restore IPA server
-  include_tasks: "{{ role_path }}/tasks/restore.yml"
+  ansible.builtin.include_tasks: "{{ role_path }}/tasks/restore.yml"
  vars:
    ipabackup_item: "{{ ipabackup_names[0] | basename }}"
  when: not ipabackup_from_controller and
--- a/roles/ipabackup/tasks/remove_backup_from_server.yml
+++ b/roles/ipabackup/tasks/remove_backup_from_server.yml
@@ -1,5 +1,5 @@
 ---
 - name: Remove backup "{{ ipabackup_item }}"
-  file:
+  ansible.builtin.file:
    path: "{{ ipabackup_dir }}/{{ ipabackup_item }}"
    state: absent
--- a/roles/ipabackup/tasks/restore.yml
+++ b/roles/ipabackup/tasks/restore.yml
@@ -4,7 +4,7 @@
 ### VARIABLES

 - name: Import variables specific to distribution
-  include_vars: "{{ item }}"
+  ansible.builtin.include_vars: "{{ item }}"
  with_first_found:
    - "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
    - "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
@@ -21,30 +21,30 @@
 ### GET SERVICES FROM BACKUP

 - name: Stat backup on server
-  stat:
+  ansible.builtin.stat:
    path: "{{ ipabackup_dir }}/{{ ipabackup_item }}"
  register: result_backup_stat

 - name: Fail on missing backup directory
-  fail: msg="Unable to find backup {{ ipabackup_item }}"
+  ansible.builtin.fail: msg="Unable to find backup {{ ipabackup_item }}"
  when: result_backup_stat.stat.isdir is not defined

 - name: Stat header file in backup "{{ ipabackup_item }}"
-  stat:
+  ansible.builtin.stat:
    path: "{{ ipabackup_dir }}/{{ ipabackup_item }}/header"
  register: result_backup_header_stat

 - name: Fail on missing header file in backup
-  fail: msg="Unable to find backup {{ ipabackup_item }} header file"
+  ansible.builtin.fail: msg="Unable to find backup {{ ipabackup_item }} header file"
  when: result_backup_header_stat.stat.isreg is not defined

 - name: Get services from backup
-  shell: >
+  ansible.builtin.shell: >
    grep "^services = " "{{ ipabackup_dir }}/{{ ipabackup_item }}/header" | cut -d"=" -f2 | tr -d '[:space:]'
  register: result_services_grep

 - name: Set ipabackup_services
-  set_fact:
+  ansible.builtin.set_fact:
    ipabackup_services: "{{ result_services_grep.stdout.split(',') }}"
    ipabackup_service_dns: DNS
    ipabackup_service_adtrust: ADTRUST
@@ -54,24 +54,24 @@

 - block:
  - name: Ensure that IPA server packages are installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipaserver_packages }}"
      state: present

  - name: Ensure that IPA server packages for dns are installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipaserver_packages_dns }}"
      state: present
    when: ipabackup_service_dns in ipabackup_services

  - name: Ensure that IPA server packages for adtrust are installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipaserver_packages_adtrust }}"
      state: present
    when: ipabackup_service_adtrust in ipabackup_services

  - name: Ensure that firewalld packages are installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipaserver_packages_firewalld }}"
      state: present
    when: ipabackup_setup_firewalld | bool
@@ -82,20 +82,20 @@

 - block:
  - name: Ensure that firewalld is running
-    systemd:
+    ansible.builtin.systemd:
      name: firewalld
      enabled: yes
      state: started

  - name: Firewalld - Verify runtime zone "{{ ipabackup_firewalld_zone }}"
-    shell: >
+    ansible.builtin.shell: >
      firewall-cmd
      --info-zone="{{ ipabackup_firewalld_zone }}"
      >/dev/null
    when: ipabackup_firewalld_zone is defined

  - name: Firewalld - Verify permanent zone "{{ ipabackup_firewalld_zone }}"
-    shell: >
+    ansible.builtin.shell: >
      firewall-cmd
      --permanent
      --info-zone="{{ ipabackup_firewalld_zone }}"
@@ -108,7 +108,7 @@

 - name: Restore backup
  no_log: True
-  shell: >
+  ansible.builtin.shell: >
    ipa-restore
    {{ ipabackup_item }}
    --unattended
@@ -123,7 +123,7 @@
  ignore_errors: yes

 - name: Report error for restore operation
-  debug:
+  ansible.builtin.debug:
    msg: "{{ result_iparestore.stderr }}"
  when: result_iparestore is failed
  failed_when: yes
@@ -131,7 +131,7 @@
 ### CONFIGURE FIREWALLD

 - name: Configure firewalld
-  command: >
+  ansible.builtin.command: >
    firewall-cmd
    --permanent
    {{ "--zone="+ipabackup_firewalld_zone if ipabackup_firewalld_zone is defined else "" }}
@@ -143,7 +143,7 @@
  when: ipabackup_setup_firewalld | bool

 - name: Configure firewalld runtime
-  command: >
+  ansible.builtin.command: >
    firewall-cmd
    {{ "--zone="+ipabackup_firewalld_zone if ipabackup_firewalld_zone is defined else "" }}
    --add-service=freeipa-ldap
--- a/roles/ipaclient/tasks/install.yml
+++ b/roles/ipaclient/tasks/install.yml
@@ -2,28 +2,28 @@
 # tasks file for ipaclient

 - name: Install - Ensure that IPA client packages are installed
-  package:
+  ansible.builtin.package:
    name: "{{ ipaclient_packages }}"
    state: present
  when: ipaclient_install_packages | bool

 - name: Install - Set ipaclient_servers
-  set_fact:
+  ansible.builtin.set_fact:
    ipaclient_servers: "{{ groups['ipaservers'] | list }}"
  when: groups.ipaservers is defined and ipaclient_servers is not defined

 - name: Install - Set ipaclient_servers from cluster inventory
-  set_fact:
+  ansible.builtin.set_fact:
    ipaclient_servers: "{{ groups['ipaserver'] | list }}"
  when: ipaclient_no_dns_lookup | bool and groups.ipaserver is defined and
        ipaclient_servers is not defined

 - name: Install - Check that either password or keytab is set
-  fail: msg="ipaadmin_password and ipaadmin_keytab cannot be used together"
+  ansible.builtin.fail: msg="ipaadmin_password and ipaadmin_keytab cannot be used together"
  when: ipaadmin_keytab is defined and ipaadmin_password is defined

 - name: Install - Set default principal if no keytab is given
-  set_fact:
+  ansible.builtin.set_fact:
    ipaadmin_principal: admin
  when: ipaadmin_principal is undefined and ipaclient_keytab is undefined

@@ -31,11 +31,11 @@
  block:

  - name: Install - Fail on missing ipaclient_domain and ipaserver_domain
-    fail: msg="ipaclient_domain or ipaserver_domain is required for ipaclient_configure_dns_resolver"
+    ansible.builtin.fail: msg="ipaclient_domain or ipaserver_domain is required for ipaclient_configure_dns_resolver"
    when: ipaserver_domain is not defined and ipaclient_domain is not defined

  - name: Install - Fail on missing ipaclient_servers
-    fail: msg="ipaclient_dns_servers is required for ipaclient_configure_dns_resolver"
+    ansible.builtin.fail: msg="ipaclient_dns_servers is required for ipaclient_configure_dns_resolver"
    when: ipaclient_dns_servers is not defined

  - name: Install - Configure DNS resolver
@@ -74,7 +74,7 @@

 - block:
  - name: Install - Cleanup leftover ccache
-    file:
+    ansible.builtin.file:
      path: "/etc/ipa/.dns_ccache"
      state: absent

@@ -91,12 +91,12 @@
      domain: "{{ result_ipaclient_test.domain }}"

  - name: Install - Make sure One-Time Password is enabled if it's already defined
-    set_fact:
+    ansible.builtin.set_fact:
      ipaclient_use_otp: "yes"
    when: ipaclient_otp is defined

  - name: Install - Disable One-Time Password for on_master
-    set_fact:
+    ansible.builtin.set_fact:
      ipaclient_use_otp: "no"
    when: ipaclient_use_otp | bool and ipaclient_on_master | bool

@@ -112,7 +112,7 @@

  - name: Install - Disable One-Time Password for client with working
          krb5.keytab
-    set_fact:
+    ansible.builtin.set_fact:
      ipaclient_use_otp: "no"
    when: ipaclient_use_otp | bool and
          result_ipaclient_test_keytab.krb5_keytab_ok and
@@ -159,14 +159,14 @@
      delegate_to: "{{ result_ipaclient_test.servers[0] }}"

    - name: Install - Report error for OTP generation
-      debug:
+      ansible.builtin.debug:
        msg: "{{ result_ipaclient_get_otp.msg }}"
      when: result_ipaclient_get_otp is failed
      failed_when: yes

    - name: Install - Store the previously obtained OTP
      no_log: yes
-      set_fact:
+      ansible.builtin.set_fact:
        ipaadmin_orig_password: "{{ ipaadmin_password | default(omit) }}"
        ipaadmin_password: "{{ result_ipaclient_get_otp.host.randompassword
                               if result_ipaclient_get_otp.host is defined }}"
@@ -183,7 +183,7 @@

  - name: Store predefined OTP in admin_password
    no_log: yes
-    set_fact:
+    ansible.builtin.set_fact:
      ipaadmin_orig_password: "{{ ipaadmin_password | default(omit) }}"
      ipaadmin_password: "{{ ipaclient_otp }}"
    when: ipaclient_otp is defined
@@ -198,11 +198,11 @@
    #        result_ipaclient_join.already_joined)))

    - name: Install - Check if principal and keytab are set
-      fail: msg="Admin principal and client keytab cannot be used together"
+      ansible.builtin.fail: msg="Admin principal and client keytab cannot be used together"
      when: ipaadmin_principal is defined and ipaclient_keytab is defined

    - name: Install - Check if one of password or keytabs are set
-      fail: msg="At least one of password or keytabs must be specified"
+      ansible.builtin.fail: msg="At least one of password or keytabs must be specified"
      when: not result_ipaclient_test_keytab.krb5_keytab_ok
            and ipaadmin_password is undefined
            and ipaadmin_keytab is undefined
@@ -210,7 +210,7 @@
    when: not ipaclient_on_master | bool

  - name: Install - Purge {{ result_ipaclient_test.realm }} from host keytab
-    command: >
+    ansible.builtin.command: >
      /usr/sbin/ipa-rmkeytab
      -k /etc/krb5.keytab
      -r "{{ result_ipaclient_test.realm }}"
@@ -254,17 +254,17 @@

  - block:
    - name: krb5 configuration not correct
-      fail:
+      ansible.builtin.fail:
        msg: >
          The krb5 configuration is not correct, please enable allow_repair
          to fix this.
      when: not result_ipaclient_test_keytab.krb5_conf_ok
    - name: IPA test failed
-      fail:
+      ansible.builtin.fail:
        msg: "The IPA test failed, please enable allow_repair to fix this."
      when: not result_ipaclient_test_keytab.ping_test_ok
    - name: ca.crt file is missing
-      fail:
+      ansible.builtin.fail:
        msg: >
          The ca.crt file is missing, please enable allow_repair to fix this.
      when: not result_ipaclient_test_keytab.ca_crt_exists
@@ -411,11 +411,11 @@
  always:
  - name: Install - Restore original admin password if overwritten by OTP
    no_log: yes
-    set_fact:
+    ansible.builtin.set_fact:
        ipaadmin_password: "{{ ipaadmin_orig_password }}"
    when: ipaclient_use_otp | bool and ipaadmin_orig_password is defined

  - name: Cleanup leftover ccache
-    file:
+    ansible.builtin.file:
      path: "/etc/ipa/.dns_ccache"
      state: absent
--- a/roles/ipaclient/tasks/main.yml
+++ b/roles/ipaclient/tasks/main.yml
@@ -2,7 +2,7 @@
 # tasks file for ipaclient

 - name: Import variables specific to distribution
-  include_vars: "{{ item }}"
+  ansible.builtin.include_vars: "{{ item }}"
  with_first_found:
    - "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
    - "{{ role_path }}/vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
@@ -17,9 +17,9 @@
    - "{{ role_path }}/vars/default.yml"

 - name: Install IPA client
-  include_tasks: install.yml
+  ansible.builtin.include_tasks: install.yml
  when: state|default('present') == 'present'

 - name: Uninstall IPA client
-  include_tasks: uninstall.yml
+  ansible.builtin.include_tasks: uninstall.yml
  when: state|default('present') == 'absent'
--- a/roles/ipaclient/tasks/uninstall.yml
+++ b/roles/ipaclient/tasks/uninstall.yml
@@ -2,7 +2,7 @@
 # tasks to uninstall IPA client

 - name: Uninstall - Uninstall IPA client
-  command: >
+  ansible.builtin.command: >
    /usr/sbin/ipa-client-install
    --uninstall
    -U
@@ -17,6 +17,6 @@
  when: ipaclient_cleanup_dns_resolver | bool

 #- name: Remove IPA client package
-#  package:
+#  ansible.builtin.package:
 #    name: "{{ ipaclient_packages }}"
 #    state: absent
--- a/roles/ipareplica/tasks/install.yml
+++ b/roles/ipareplica/tasks/install.yml
@@ -4,24 +4,24 @@
 - block:

  - name: Install - Ensure IPA replica packages are installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipareplica_packages }}"
      state: present

  - name: Install - Ensure IPA replica packages for dns are installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipareplica_packages_dns }}"
      state: present
    when: ipareplica_setup_dns | bool

  - name: Install - Ensure IPA replica packages for adtrust are installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipareplica_packages_adtrust }}"
      state: present
    when: ipareplica_setup_adtrust | bool

  - name: Install - Ensure that firewall packages installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipareplica_packages_firewalld }}"
      state: present
    when: ipareplica_setup_firewalld | bool
@@ -30,20 +30,20 @@

 - block:
  - name: Firewalld service - Ensure that firewalld is running
-    systemd:
+    ansible.builtin.systemd:
      name: firewalld
      enabled: yes
      state: started

  - name: Firewalld - Verify runtime zone "{{ ipareplica_firewalld_zone }}"
-    shell: >
+    ansible.builtin.shell: >
      firewall-cmd
      --info-zone="{{ ipareplica_firewalld_zone }}"
      >/dev/null
    when: ipareplica_firewalld_zone is defined

  - name: Firewalld - Verify permanent zone "{{ ipareplica_firewalld_zone }}"
-    shell: >
+    ansible.builtin.shell: >
      firewall-cmd
      --permanent
      --info-zone="{{ ipareplica_firewalld_zone }}"
@@ -53,12 +53,12 @@
  when: ipareplica_setup_firewalld | bool

 - name: Install - Set ipareplica_servers
-  set_fact:
+  ansible.builtin.set_fact:
    ipareplica_servers: "{{ groups['ipaservers'] | list }}"
  when: groups.ipaservers is defined and ipareplica_servers is not defined

 - name: Install - Set default principal if no keytab is given
-  set_fact:
+  ansible.builtin.set_fact:
    ipaadmin_principal: admin
  when: ipaadmin_principal is undefined and ipaclient_keytab is undefined

@@ -108,7 +108,7 @@
  #      result_ipareplica_test.server_already_configured is defined)

  - name: Install - Setup client
-    include_role:
+    ansible.builtin.include_role:
      name: ipaclient
    vars:
      state: present
@@ -120,7 +120,7 @@
    when: not result_ipareplica_test.client_enrolled

  - name: Install - Configure firewalld
-    command: >
+    ansible.builtin.command: >
      firewall-cmd
      --permanent
      --zone="{{ ipareplica_firewalld_zone if ipareplica_firewalld_zone is
@@ -134,7 +134,7 @@
    when: ipareplica_setup_firewalld | bool

  - name: Install - Configure firewalld runtime
-    command: >
+    ansible.builtin.command: >
      firewall-cmd
      --zone="{{ ipareplica_firewalld_zone if ipareplica_firewalld_zone is
         defined else '' }}"
@@ -222,7 +222,7 @@

  - name: Install - Set dirman password
    no_log: yes
-    set_fact:
+    ansible.builtin.set_fact:
      ipareplica_dirman_password:
        "{{ result_ipareplica_master_password.password }}"

@@ -776,14 +776,14 @@
    register: result_ipareplica_enable_ipa

  - name: Install - Cleanup root IPA cache
-    file:
+    ansible.builtin.file:
      path: "/root/.ipa_cache"
      state: absent
    when: result_ipareplica_enable_ipa.changed

  always:
  - name: Cleanup temporary files
-    file:
+    ansible.builtin.file:
      path: "{{ item }}"
      state: absent
    with_items:
--- a/roles/ipareplica/tasks/main.yml
+++ b/roles/ipareplica/tasks/main.yml
@@ -2,7 +2,7 @@
 # tasks file for ipareplica

 - name: Import variables specific to distribution
-  include_vars: "{{ item }}"
+  ansible.builtin.include_vars: "{{ item }}"
  with_first_found:
    - "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
    - "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
@@ -17,9 +17,9 @@
    - "vars/default.yml"

 - name: Install IPA replica
-  include_tasks: install.yml
+  ansible.builtin.include_tasks: install.yml
  when: state|default('present') == 'present'

 - name: Uninstall IPA replica
-  include_tasks: uninstall.yml
+  ansible.builtin.include_tasks: uninstall.yml
  when: state|default('present') == 'absent'
--- a/roles/ipareplica/tasks/uninstall.yml
+++ b/roles/ipareplica/tasks/uninstall.yml
@@ -2,7 +2,7 @@
 # tasks to uninstall IPA replica

 - name: Uninstall - Uninstall IPA replica
-  command: >
+  ansible.builtin.command: >
    /usr/sbin/ipa-server-install
    --uninstall
    -U
@@ -22,7 +22,7 @@
  delay: 1

 #- name: Uninstall - Remove all replication agreements and data about replica
-#  command: >
+#  ansible.builtin.command: >
 #    /usr/sbin/ipa-replica-manage
 #    del
 #    {{ ipareplica_hostname | default(ansible_facts['fqdn']) }}
@@ -32,6 +32,6 @@
 #  delegate_to: "{{ groups.ipaserver[0] | default(fail) }}"

 #- name: Remove IPA replica packages
-#  package:
+#  ansible.builtin.package:
 #    name: "{{ ipareplica_packages }}"
 #    state: absent
--- a/roles/ipaserver/tasks/copy_external_cert.yml
+++ b/roles/ipaserver/tasks/copy_external_cert.yml
@@ -1,14 +1,14 @@
 ---
 - name: Install - Initialize ipaserver_external_cert_files
-  set_fact:
+  ansible.builtin.set_fact:
     ipaserver_external_cert_files: []
  when: ipaserver_external_cert_files is undefined
 - name: Install - Copy "{{ item }}" "{{ inventory_hostname }}':/root/'{{ item | basename }}"
-  copy:
+  ansible.builtin.copy:
    src: "{{ item }}"
    dest: "/root/{{ item | basename }}"
    mode: preserve
    force: yes
 - name: Install - Extend ipaserver_external_cert_files with "/root/{{ item | basename }}"
-  set_fact:
+  ansible.builtin.set_fact:
    ipaserver_external_cert_files: "{{ ipaserver_external_cert_files + [ '/root/' + (item | basename) ] }}"
--- a/roles/ipaserver/tasks/install.yml
+++ b/roles/ipaserver/tasks/install.yml
@@ -3,24 +3,24 @@

 - block:
  - name: Install - Ensure that IPA server packages are installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipaserver_packages }}"
      state: present

  - name: Install - Ensure that IPA server packages for dns are installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipaserver_packages_dns }}"
      state: present
    when: ipaserver_setup_dns | bool

  - name: Install - Ensure that IPA server packages for adtrust are installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipaserver_packages_adtrust }}"
      state: present
    when: ipaserver_setup_adtrust | bool

  - name: Install - Ensure that firewall packages installed
-    package:
+    ansible.builtin.package:
      name: "{{ ipaserver_packages_firewalld }}"
      state: present
    when: ipaserver_setup_firewalld | bool
@@ -29,20 +29,20 @@

 - block:
  - name: Firewalld service - Ensure that firewalld is running
-    systemd:
+    ansible.builtin.systemd:
      name: firewalld
      enabled: yes
      state: started

  - name: Firewalld - Verify runtime zone "{{ ipaserver_firewalld_zone }}"
-    shell: >
+    ansible.builtin.shell: >
      firewall-cmd
      --info-zone="{{ ipaserver_firewalld_zone }}"
      >/dev/null
    when: ipaserver_firewalld_zone is defined

  - name: Firewalld - Verify permanent zone "{{ ipaserver_firewalld_zone }}"
-    shell: >
+    ansible.builtin.shell: >
      firewall-cmd
      --permanent
      --info-zone="{{ ipaserver_firewalld_zone }}"
@@ -51,7 +51,7 @@

  when: ipaserver_setup_firewalld | bool

- include_tasks: "{{ role_path }}/tasks/copy_external_cert.yml"
+- ansible.builtin.include_tasks: "{{ role_path }}/tasks/copy_external_cert.yml"
  with_items: "{{ ipaserver_external_cert_files_from_controller }}"
  when: ipaserver_external_cert_files_from_controller is defined and
        ipaserver_external_cert_files_from_controller|length > 0 and
@@ -144,7 +144,7 @@

    - name: Install - Use new master password
      no_log: yes
-      set_fact:
+      ansible.builtin.set_fact:
        ipaserver_master_password:
          "{{ result_ipaserver_master_password.password }}"

@@ -308,7 +308,7 @@
    register: result_ipaserver_setup_ca

  - name: Copy /root/ipa.csr to "{{ inventory_hostname }}-ipa.csr"
-    fetch:
+    ansible.builtin.fetch:
      src: /root/ipa.csr
      dest: "{{ inventory_hostname }}-ipa.csr"
      flat: yes
@@ -416,7 +416,7 @@
        _dirsrv_pkcs12_info: "{{ result_ipaserver_test._dirsrv_pkcs12_info if result_ipaserver_test._dirsrv_pkcs12_info != None else omit }}"

    - name: Install - Setup client
-      include_role:
+      ansible.builtin.include_role:
        name: ipaclient
      vars:
        state: present
@@ -438,13 +438,13 @@
      register: result_ipaserver_enable_ipa

    - name: Install - Cleanup root IPA cache
-      file:
+      ansible.builtin.file:
        path: "/root/.ipa_cache"
        state: absent
      when: result_ipaserver_enable_ipa.changed

    - name: Install - Configure firewalld
-      command: >
+      ansible.builtin.command: >
        firewall-cmd
        --permanent
        --zone="{{ ipaserver_firewalld_zone if ipaserver_firewalld_zone is
@@ -458,7 +458,7 @@
      when: ipaserver_setup_firewalld | bool

    - name: Install - Configure firewalld runtime
-      command: >
+      ansible.builtin.command: >
        firewall-cmd
        --zone="{{ ipaserver_firewalld_zone if ipaserver_firewalld_zone is
           defined else '' }}"
@@ -474,7 +474,7 @@

  always:
  - name: Cleanup temporary files
-    file:
+    ansible.builtin.file:
      path: "{{ item }}"
      state: absent
    with_items:
--- a/roles/ipaserver/tasks/main.yml
+++ b/roles/ipaserver/tasks/main.yml
@@ -2,7 +2,7 @@
 # tasks file for ipaserver

 - name: Import variables specific to distribution
-  include_vars: "{{ item }}"
+  ansible.builtin.include_vars: "{{ item }}"
  with_first_found:
    - "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_version'] }}.yml"
    - "vars/{{ ansible_facts['distribution'] }}-{{ ansible_facts['distribution_major_version'] }}.yml"
@@ -17,9 +17,9 @@
    - "vars/default.yml"

 - name: Install IPA server
-  include_tasks: install.yml
+  ansible.builtin.include_tasks: install.yml
  when: state|default('present') == 'present'

 - name: Uninstall IPA server
-  include_tasks: uninstall.yml
+  ansible.builtin.include_tasks: uninstall.yml
  when: state|default('present') == 'absent'
--- a/roles/ipaserver/tasks/uninstall.yml
+++ b/roles/ipaserver/tasks/uninstall.yml
@@ -2,7 +2,7 @@
 # tasks to uninstall IPA server

 - name: Uninstall - Uninstall IPA server
-  command: >
+  ansible.builtin.command: >
    /usr/sbin/ipa-server-install
    --uninstall
    -U
@@ -15,6 +15,6 @@
  changed_when: uninstall.rc == 0

 #- name: Remove IPA server packages
-#  package:
+#  ansible.builtin.package:
 #    name: "{{ ipaserver_packages }}"
 #    state: absent
--- a/tests/automember/test_automember_client_context.yml
+++ b/tests/automember/test_automember_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -28,13 +28,13 @@
 # in upstream CI.

 - name: Test automember using client context, in client host.
-  import_playbook: test_automember.yml
+  ansible.builtin.import_playbook: test_automember.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test automember using client context, in server host.
-  import_playbook: test_automember.yml
+  ansible.builtin.import_playbook: test_automember.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/automember/test_automember_orphans_removed.yml
+++ b/tests/automember/test_automember_orphans_removed.yml
@@ -8,7 +8,7 @@
  # SET FACTS

  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] |
                            join ('.') }}"
    when: ipaserver_domain is not defined
--- a/tests/automember/test_automember_rebuilt.yml
+++ b/tests/automember/test_automember_rebuilt.yml
@@ -8,7 +8,7 @@
  # SET FACTS

  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] |
                            join ('.') }}"
    when: ipaserver_domain is not defined
--- a/tests/automount/test_automountkey_client_context.yml
+++ b/tests/automount/test_automountkey_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -29,13 +29,13 @@
 # in upstream CI.

 - name: Test automountlocation using client context, in client host.
-  import_playbook: test_automountkey.yml
+  ansible.builtin.import_playbook: test_automountkey.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test automountlocation using client context, in server host.
-  import_playbook: test_automountkey.yml
+  ansible.builtin.import_playbook: test_automountkey.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/automount/test_automountlocation_client_context.yml
+++ b/tests/automount/test_automountlocation_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test automountlocation using client context, in client host.
-  import_playbook: test_automountlocation.yml
+  ansible.builtin.import_playbook: test_automountlocation.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test automountlocation using client context, in server host.
-  import_playbook: test_automountlocation.yml
+  ansible.builtin.import_playbook: test_automountlocation.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/automount/test_automountmap_client_context.yml
+++ b/tests/automount/test_automountmap_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -28,13 +28,13 @@
 # in upstream CI.

 - name: Test automountmap using client context, in client host.
-  import_playbook: test_automountmap.yml
+  ansible.builtin.import_playbook: test_automountmap.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test automountmap using client context, in server host.
-  import_playbook: test_automountmap.yml
+  ansible.builtin.import_playbook: test_automountmap.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/ca-less/clean_up_certificates.yml
+++ b/tests/ca-less/clean_up_certificates.yml
@@ -5,7 +5,7 @@

  tasks:
  - name: Run generate-certificates.sh
-    command: >
+    ansible.builtin.command: >
      /bin/bash
      generate-certificates.sh delete "{{ item }}"
    args:
--- a/tests/ca-less/install_replica_without_ca.yml
+++ b/tests/ca-less/install_replica_without_ca.yml
@@ -5,7 +5,7 @@

  tasks:
  - name: Run generate-certificates.sh
-    command: >
+    ansible.builtin.command: >
      /bin/bash
      generate-certificates.sh create
      "{{ groups.ipareplicas[0] }}"
@@ -40,18 +40,18 @@

  pre_tasks:
    - name: Remove "/root/ca-less-test"
-      file:
+      ansible.builtin.file:
        path: "/root/ca-less-test"
        state: absent

    - name: Generate "/root/ca-less-test"
-      file:
+      ansible.builtin.file:
        path: "/root/ca-less-test"
        state: directory
        mode: 0775

    - name: Copy CA certificate
-      copy:
+      ansible.builtin.copy:
        src: "{{ playbook_dir }}/certificates/root-ca/cert.pem"
        dest: "/root/ca-less-test/ca.crt"
        owner: root
@@ -59,7 +59,7 @@
        mode: "0644"

    - name: Copy p12 certificates
-      copy:
+      ansible.builtin.copy:
        src: "{{ playbook_dir }}/certificates/{{ item }}/{{ groups.ipareplicas[0] }}/cert.p12"
        dest: "/root/ca-less-test/{{ item }}.p12"
        owner: root
@@ -76,7 +76,7 @@

  post_tasks:
    - name: Fix KDC certificate permissions
-      file:
+      ansible.builtin.file:
        path: /var/kerberos/krb5kdc/kdc.crt
        owner: root
        group: root
--- a/tests/ca-less/install_server_without_ca.yml
+++ b/tests/ca-less/install_server_without_ca.yml
@@ -5,7 +5,7 @@

  tasks:
  - name: Run generate-certificates.sh
-    command: >
+    ansible.builtin.command: >
      /bin/bash
      generate-certificates.sh create
      "{{ groups.ipaserver[0] }}"
@@ -40,18 +40,18 @@

  pre_tasks:
    - name: Remove "/root/ca-less-test"
-      file:
+      ansible.builtin.file:
        path: "/root/ca-less-test"
        state: absent

    - name: Generate "/root/ca-less-test"
-      file:
+      ansible.builtin.file:
        path: "/root/ca-less-test"
        state: directory
        mode: 0775

    - name: Copy CA certificate
-      copy:
+      ansible.builtin.copy:
        src: "{{ playbook_dir }}/certificates/root-ca/cert.pem"
        dest: "/root/ca-less-test/ca.crt"
        owner: root
@@ -59,7 +59,7 @@
        mode: "0644"

    - name: Copy p12 certificates
-      copy:
+      ansible.builtin.copy:
        src: "{{ playbook_dir }}/certificates/{{ item }}/{{ groups.ipaserver[0] }}/cert.p12"
        dest: "/root/ca-less-test/{{ item }}.p12"
        owner: root
--- a/tests/config/test_config.yml
+++ b/tests/config/test_config.yml
@@ -5,7 +5,7 @@
  gather_facts: false

  tasks:
-  - include_tasks: ../env_freeipa_facts.yml
+  - ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  - block:
      # Retrieve current configuration.
@@ -16,7 +16,7 @@
        register: previousconfig

      - name: Display current configuration.
-        debug:
+        ansible.builtin.debug:
          var: previousconfig

      # setup environment.
@@ -481,7 +481,7 @@
        register: result

      - name: "CA-Renewal server warning."
-        debug:
+        ansible.builtin.debug:
          msg: "Due to a test failure, IPA CA-Renewal Server might not be correctly be set. Check your configuration."

    always:
--- a/tests/config/test_config_client_context.yml
+++ b/tests/config/test_config_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -26,13 +26,13 @@
 # in upstream CI.

 - name: Test config using client context, in client host.
-  import_playbook: test_config.yml
+  ansible.builtin.import_playbook: test_config.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test config using client context, in server host.
-  import_playbook: test_config.yml
+  ansible.builtin.import_playbook: test_config.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/config/test_config_sid.yml
+++ b/tests/config/test_config_sid.yml
@@ -7,7 +7,7 @@
  tasks:

  - name: Set FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # GET CURRENT CONFIG

--- a/tests/delegation/test_delegation_client_context.yml
+++ b/tests/delegation/test_delegation_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test delegation using client context, in client host.
-  import_playbook: test_delegation.yml
+  ansible.builtin.import_playbook: test_delegation.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test delegation using client context, in server host.
-  import_playbook: test_delegation.yml
+  ansible.builtin.import_playbook: test_delegation.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/dnsconfig/test_dnsconfig_client_context.yml
+++ b/tests/dnsconfig/test_dnsconfig_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test dnsconfig using client context, in client host.
-  import_playbook: test_dnsconfig.yml
+  ansible.builtin.import_playbook: test_dnsconfig.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test dnsconfig using client context, in server host.
-  import_playbook: test_dnsconfig.yml
+  ansible.builtin.import_playbook: test_dnsconfig.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/dnsforwardzone/test_dnsforwardzone_client_context.yml
+++ b/tests/dnsforwardzone/test_dnsforwardzone_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test dnsforwardzone using client context, in client host.
-  import_playbook: test_dnsforwardzone.yml
+  ansible.builtin.import_playbook: test_dnsforwardzone.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test dnsforwardzone using client context, in server host.
-  import_playbook: test_dnsforwardzone.yml
+  ansible.builtin.import_playbook: test_dnsforwardzone.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/dnsrecord/env_setup.yml
+++ b/tests/dnsrecord/env_setup.yml
@@ -1,10 +1,10 @@
 ---
  - name: Setup variables and facts.
-    include_tasks: env_vars.yml
+    ansible.builtin.include_tasks: env_vars.yml

  # Cleanup before setup.
  - name: Cleanup test environment.
-    include_tasks: env_cleanup.yml
+    ansible.builtin.include_tasks: env_cleanup.yml

  # Common setup tasks.
  - name: Ensure DNS testing zones are present.
--- a/tests/dnsrecord/env_vars.yml
+++ b/tests/dnsrecord/env_vars.yml
@@ -1,7 +1,7 @@
 ---
 # Set common vars and facts for test.
 - name: Set IPv4 address prefix.
-  set_fact:
+  ansible.builtin.set_fact:
    ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
                     join('.') }}"
    ipv4_reverse: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
@@ -9,7 +9,7 @@
                      join('.') }}"

 - name: Set zone prefixes.
-  set_fact:
+  ansible.builtin.set_fact:
    testzone: 'testzone.test'
    safezone: 'safezone.test'
    zone_ipv6_reverse: "ip6.arpa."
--- a/tests/dnsrecord/test_dnsrecord.yml
+++ b/tests/dnsrecord/test_dnsrecord.yml
@@ -7,10 +7,10 @@
  tasks:

  - name: Setup testing environment.
-    include_tasks: env_setup.yml
+    ansible.builtin.include_tasks: env_setup.yml

  - name: Generate self-signed certificates.
-    shell:
+    ansible.builtin.shell:
      cmd: |
        openssl req -x509 -newkey rsa:2048 -days 365 -nodes -keyout "private{{ item }}.key" -out "cert{{ item }}.pem" -subj '/CN=test'
        openssl x509 -outform der -in "cert{{ item }}.pem" -out "cert{{ item }}.der"
@@ -1547,7 +1547,7 @@

  # cleanup
  - name: Cleanup test environment.
-    include_tasks: env_cleanup.yml
+    ansible.builtin.include_tasks: env_cleanup.yml

  - name: Remove certificate files.  # noqa: deprecated-command-syntax
    ansible.builtin.shell: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
--- a/tests/dnsrecord/test_dnsrecord_client_context.yml
+++ b/tests/dnsrecord/test_dnsrecord_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test dnsrecord using client context, in client host.
-  import_playbook: test_dnsrecord.yml
+  ansible.builtin.import_playbook: test_dnsrecord.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test dnsrecord using client context, in server host.
-  import_playbook: test_dnsrecord.yml
+  ansible.builtin.import_playbook: test_dnsrecord.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/dnsrecord/test_dnsrecord_full_records.yml
+++ b/tests/dnsrecord/test_dnsrecord_full_records.yml
@@ -7,7 +7,7 @@
  tasks:

  - name: Setup test environment
-    include_tasks: env_setup.yml
+    ansible.builtin.include_tasks: env_setup.yml

  # tests

@@ -147,4 +147,4 @@

  # Cleanup
  - name: Cleanup test environment.
-    include_tasks: env_cleanup.yml
+    ansible.builtin.include_tasks: env_cleanup.yml
--- a/tests/dnsrecord/test_dnsrecord_modify_record.yml
+++ b/tests/dnsrecord/test_dnsrecord_modify_record.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Setup testing environment.
-    include_tasks: env_setup.yml
+    ansible.builtin.include_tasks: env_setup.yml

  - name: Add test host.
    ipahost:
@@ -177,4 +177,4 @@
      state: absent
  # cleanup
  - name: Cleanup test environment.
-    include_tasks: env_cleanup.yml
+    ansible.builtin.include_tasks: env_cleanup.yml
--- a/tests/dnszone/env_setup.yml
+++ b/tests/dnszone/env_setup.yml
@@ -1,3 +1,3 @@
 ---
 - name: Cleanup test environment.
-  include_tasks: env_cleanup.yml
+  ansible.builtin.include_tasks: env_cleanup.yml
--- a/tests/dnszone/env_teardown.yml
+++ b/tests/dnszone/env_teardown.yml
@@ -1,3 +1,3 @@
 ---
 - name: Cleanup test environment.
-  include_tasks: env_cleanup.yml
+  ansible.builtin.include_tasks: env_cleanup.yml
--- a/tests/dnszone/test_dnszone.yml
+++ b/tests/dnszone/test_dnszone.yml
@@ -8,7 +8,7 @@

  # Setup
  - name: Setup testing environment
-    include_tasks: env_setup.yml
+    ansible.builtin.include_tasks: env_setup.yml

  # Tests
  - name: Check if zone is present, when in shouldn't be.
@@ -267,4 +267,4 @@

  # Teardown
  - name: Teardown testing environment
-    include_tasks: env_teardown.yml
+    ansible.builtin.include_tasks: env_teardown.yml
--- a/tests/dnszone/test_dnszone_client_context.yml
+++ b/tests/dnszone/test_dnszone_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test dnszone using client context, in client host.
-  import_playbook: test_dnszone.yml
+  ansible.builtin.import_playbook: test_dnszone.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test dnszone using client context, in server host.
-  import_playbook: test_dnszone.yml
+  ansible.builtin.import_playbook: test_dnszone.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/dnszone/test_dnszone_mod.yml
+++ b/tests/dnszone/test_dnszone_mod.yml
@@ -8,7 +8,7 @@

  # Setup
  - name: Setup testing environment
-    include_tasks: env_setup.yml
+    ansible.builtin.include_tasks: env_setup.yml

  - name: Ensure zone is present.
    ipadnszone:
@@ -291,4 +291,4 @@

  # Teardown
  - name: Teardown testing environment
-    include_tasks: env_teardown.yml
+    ansible.builtin.include_tasks: env_teardown.yml
--- a/tests/dnszone/test_dnszone_name_from_ip.yml
+++ b/tests/dnszone/test_dnszone_name_from_ip.yml
@@ -8,7 +8,7 @@

  # Setup
  - name: Setup testing environment
-    include_tasks: env_setup.yml
+    ansible.builtin.include_tasks: env_setup.yml

  # Tests
  - name: Ensure zone exists for reverse IP.
@@ -55,7 +55,7 @@
    register: ipv6_zone
    failed_when: not ipv6_zone.changed or ipv6_zone.failed

-  # - debug:
+  # - ansible.builtin.debug:
  #     msg: "{{ipv6_zone}}"

  - name: Ensure ipv6 zone was created.
@@ -95,4 +95,4 @@

  # Teardown
  - name: Teardown testing environment
-    include_tasks: env_teardown.yml
+    ansible.builtin.include_tasks: env_teardown.yml
--- a/tests/env_freeipa_facts.yml
+++ b/tests/env_freeipa_facts.yml
@@ -8,12 +8,12 @@
 #
 ---
 - name: Retrieving FreeIPA version.
-  shell:
+  ansible.builtin.shell:
    cmd: 'ipa --version | sed -n "s/VERSION: \([^,]*\).*API_VERSION: \([^,]*\).*/\1\\n\2/p"'
  register: ipa_cmd_version

 - name: Verify if host is an IPA server or client.
-  shell:
+  ansible.builtin.shell:
    cmd: |
      echo SomeADMINpassword | kinit -c {{ krb5ccname }} admin
      RESULT=$(KRB5CCNAME={{ krb5ccname }} ipa server-show `hostname` && echo SERVER || echo CLIENT)
@@ -24,7 +24,7 @@
  register: output

 - name: Set FreeIPA facts.
-  set_fact:
+  ansible.builtin.set_fact:
    ipa_version: "{{ ipa_cmd_version.stdout_lines[0] }}"
    ipa_api_version: "{{ ipa_cmd_version.stdout_lines[1] }}"
    ipa_host_is_client: "{{ (output.stdout_lines[-1] == 'CLIENT') | bool }}"
@@ -32,12 +32,12 @@

 - block:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: "'fqdn' in ansible_facts"

  - name: Set Domain to 'ipa.test' if FQDN could not be retrieved.
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "ipa.test"
    when: "'fqdn' not in ansible_facts"
  when: ipaserver_domain is not defined
--- a/tests/external-signed-ca-with-automatic-copy/install-server-with-external-ca-with-automatic-copy.yml
+++ b/tests/external-signed-ca-with-automatic-copy/install-server-with-external-ca-with-automatic-copy.yml
@@ -15,7 +15,7 @@

  tasks:
  - name: Run external-ca.sh
-    command: >
+    ansible.builtin.command: >
      /bin/bash
      external-ca.sh
      "{{ groups.ipaserver[0] }}"
--- a/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml
+++ b/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml
@@ -11,7 +11,7 @@

  post_tasks:
  - name: Copy CSR /root/ipa.csr from node to "{{ groups.ipaserver[0] + '-ipa.csr' }}"
-    fetch:
+    ansible.builtin.fetch:
      src: /root/ipa.csr
      dest: "{{ groups.ipaserver[0] + '-ipa.csr' }}"
      flat: yes
@@ -21,7 +21,7 @@

  tasks:
  - name: Run external-ca.sh
-    command: >
+    ansible.builtin.command: >
      /bin/bash
      external-ca.sh
      "{{ groups.ipaserver[0] }}"
@@ -38,7 +38,7 @@

  pre_tasks:
  - name: Copy "{{ groups.ipaserver[0] + '-chain.crt' }}" to /root/chain.crt on node
-    copy:
+    ansible.builtin.copy:
      src: "{{ groups.ipaserver[0] + '-chain.crt' }}"
      dest: "/root/chain.crt"
      force: yes
--- a/tests/group/test_group.yml
+++ b/tests/group/test_group.yml
@@ -6,12 +6,12 @@

  tasks:
  # setup
-  - include_tasks: ../env_freeipa_facts.yml
+  - ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # GET FQDN_AT_DOMAIN

  - name: Get fqdn_at_domain
-    set_fact:
+    ansible.builtin.set_fact:
      fqdn_at_domain: "{{ ansible_facts['fqdn'] + '@' + ipaserver_realm }}"

  # CLEANUP TEST ITEMS
--- a/tests/group/test_group_client_context.yml
+++ b/tests/group/test_group_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test group using client context, in client host.
-  import_playbook: test_group.yml
+  ansible.builtin.import_playbook: test_group.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test group using client context, in server host.
-  import_playbook: test_group.yml
+  ansible.builtin.import_playbook: test_group.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/group/test_group_external_members.yml
+++ b/tests/group/test_group_external_members.yml
@@ -6,7 +6,7 @@

  tasks:

-  - include_tasks: ../env_freeipa_facts.yml
+  - ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  - block:

--- a/tests/group/test_group_idoverrideuser.yml
+++ b/tests/group/test_group_idoverrideuser.yml
@@ -9,11 +9,11 @@
      ad_domain: "{{ test_ad_domain | default('ad.ipa.test') }}"

  tasks:
-    - include_tasks: ../env_freeipa_facts.yml
+    - ansible.builtin.include_tasks: ../env_freeipa_facts.yml

    - block:
      - name: Create idoverrideuser.
-        shell: |
+        ansible.builtin.shell: |
          kinit -c idoverride_cache admin <<< SomeADMINpassword
          ipa idoverrideuser-add "Default Trust View" {{ ad_user }}
          kdestroy -A -q -c idoverride_cache
@@ -95,7 +95,7 @@

      always:
      - name: Remove idoverrideuser.
-        shell: |
+        ansible.builtin.shell: |
          kinit -c idoverride_cache admin <<< SomeADMINpassword
          ipa idoverrideuser-del "Default Trust View" {{ ad_user }}
          kdestroy -A -q -c idoverride_cache
--- a/tests/group/test_group_membermanager.yml
+++ b/tests/group/test_group_membermanager.yml
@@ -5,7 +5,7 @@
  gather_facts: false

  tasks:
-  - include_tasks: ../env_freeipa_facts.yml
+  - ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  - name: Tests requiring IPA version 4.8.4+
    block:
--- a/tests/hbacrule/test_hbacrule.yml
+++ b/tests/hbacrule/test_hbacrule.yml
@@ -5,7 +5,7 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

--- a/tests/hbacrule/test_hbacrule_client_context.yml
+++ b/tests/hbacrule/test_hbacrule_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test hbacrule using client context, in client host.
-  import_playbook: test_hbacrule.yml
+  ansible.builtin.import_playbook: test_hbacrule.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test hbacrule using client context, in server host.
-  import_playbook: test_hbacrule.yml
+  ansible.builtin.import_playbook: test_hbacrule.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/hbacrule/test_hbacrule_member_case_insensitive.yml
+++ b/tests/hbacrule/test_hbacrule_member_case_insensitive.yml
@@ -25,7 +25,7 @@
      - sVCgrOUp1

  tasks:
-  - include_tasks: ../env_freeipa_facts.yml
+  - ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  - block:
      # setup
--- a/tests/hbacrule/test_hbacrule_member_empty.yml
+++ b/tests/hbacrule/test_hbacrule_member_empty.yml
@@ -5,7 +5,7 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

--- a/tests/hbacsvc/test_hbacsvc_client_context.yml
+++ b/tests/hbacsvc/test_hbacsvc_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test hbacsvc using client context, in client host.
-  import_playbook: test_hbacsvc.yml
+  ansible.builtin.import_playbook: test_hbacsvc.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test hbacsvc using client context, in server host.
-  import_playbook: test_hbacsvc.yml
+  ansible.builtin.import_playbook: test_hbacsvc.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/hbacsvcgroup/test_hbacsvcgroup_client_context.yml
+++ b/tests/hbacsvcgroup/test_hbacsvcgroup_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test hbacsvcgroup using client context, in client host.
-  import_playbook: test_hbacsvcgroup.yml
+  ansible.builtin.import_playbook: test_hbacsvcgroup.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test hbacsvcgroup using client context, in server host.
-  import_playbook: test_hbacsvcgroup.yml
+  ansible.builtin.import_playbook: test_hbacsvcgroup.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/host/certificate/test_host_certificate.yml
+++ b/tests/host/certificate/test_host_certificate.yml
@@ -5,12 +5,12 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Generate self-signed certificates.
-    shell:
+    ansible.builtin.shell:
      cmd: |
        openssl req -x509 -newkey rsa:2048 -days 365 -nodes -keyout "private{{ item }}.key" -out "cert{{ item }}.pem" -subj '/CN=test'
        openssl x509 -outform der -in "cert{{ item }}.pem" -out "cert{{ item }}.der"
@@ -100,7 +100,7 @@
    failed_when: result.changed or result.failed

  - name: Remove certificate files.  # noqa: deprecated-command-syntax
-    shell:
+    ansible.builtin.shell:
      cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
    with_items: [1, 2, 3]
    become: no
--- a/tests/host/certificate/test_hosts_certificate.yml
+++ b/tests/host/certificate/test_hosts_certificate.yml
@@ -5,7 +5,7 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

@@ -26,7 +26,7 @@
    failed_when: not result.changed or result.failed

  - name: Generate self-signed certificates.
-    shell:
+    ansible.builtin.shell:
      cmd: |
        openssl req -x509 -newkey rsa:2048 -days 365 -nodes -keyout "private{{ item }}.key" -out "cert{{ item }}.pem" -subj '/CN=test'
        openssl x509 -outform der -in "cert{{ item }}.pem" -out "cert{{ item }}.der"
@@ -99,7 +99,7 @@
    failed_when: not result.changed or result.failed

  - name: Remove certificate files.  # noqa: deprecated-command-syntax
-    shell:
+    ansible.builtin.shell:
      cmd: rm -f "private{{ item }}.key" "cert{{ item }}.pem" "cert{{ item }}.der" "cert{{ item }}.b64"
    with_items: [1, 2, 3]
    become: no
--- a/tests/host/test_host.yml
+++ b/tests/host/test_host.yml
@@ -5,12 +5,12 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host6_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
      host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
      host3_fqdn: "{{ 'host3.' + ipaserver_domain }}"
@@ -33,7 +33,7 @@
      state: absent

  - name: Get IPv4 address prefix from server node
-    set_fact:
+    ansible.builtin.set_fact:
      ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
                       join('.') }}"

--- a/tests/host/test_host_allow_create_keytab.yml
+++ b/tests/host/test_host_allow_create_keytab.yml
@@ -5,17 +5,17 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Get Realm from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
    when: ipaserver_realm is not defined

  - name: Set host1_fqdn .. host3_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
      host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
      host3_fqdn: "{{ 'host3.' + ipaserver_domain }}"
--- a/tests/host/test_host_allow_retrieve_keytab.yml
+++ b/tests/host/test_host_allow_retrieve_keytab.yml
@@ -5,17 +5,17 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Get Realm from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
    when: ipaserver_realm is not defined

  - name: Set host1_fqdn .. host3_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
      host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
      host3_fqdn: "{{ 'host3.' + ipaserver_domain }}"
--- a/tests/host/test_host_bool_params.yml
+++ b/tests/host/test_host_bool_params.yml
@@ -5,12 +5,12 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host6_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"

  - name: Host absent
--- a/tests/host/test_host_client_context.yml
+++ b/tests/host/test_host_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test automember using client context, in client host.
-  import_playbook: test_host.yml
+  ansible.builtin.import_playbook: test_host.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test automember using client context, in server host.
-  import_playbook: test_host.yml
+  ansible.builtin.import_playbook: test_host.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/host/test_host_empty_string_params.yml
+++ b/tests/host/test_host_empty_string_params.yml
@@ -6,12 +6,12 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host6_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"

  # CLEANUP TEST ITEMS
--- a/tests/host/test_host_ipaddresses.yml
+++ b/tests/host/test_host_ipaddresses.yml
@@ -5,18 +5,18 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host6_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
      host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
      host3_fqdn: "{{ 'host3.' + ipaserver_domain }}"

  - name: Get IPv4 address prefix from server node
-    set_fact:
+    ansible.builtin.set_fact:
      ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
                       join('.') }}"

--- a/tests/host/test_host_managedby_host.yml
+++ b/tests/host/test_host_managedby_host.yml
@@ -5,12 +5,12 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host2_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
      host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"

--- a/tests/host/test_host_principal.yml
+++ b/tests/host/test_host_principal.yml
@@ -5,17 +5,17 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Get Realm from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
    when: ipaserver_realm is not defined

  - name: Set host1_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"

  - name: Host host1 absent
--- a/tests/host/test_host_random.yml
+++ b/tests/host/test_host_random.yml
@@ -5,12 +5,12 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn and host2_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
      host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"

@@ -34,12 +34,12 @@
    failed_when: not ipahost.changed or ipahost.failed

  - name: Assert ipahost.host.randompassword is defined.
-    assert:
+    ansible.builtin.assert:
      that:
      - ipahost.host.randompassword is defined

  - name: Print generated random password
-    debug:
+    ansible.builtin.debug:
      var: ipahost.host.randompassword

  - name: Host "{{ host1_fqdn }}" absent
@@ -64,7 +64,7 @@
    failed_when: not ipahost.changed or ipahost.failed

  - name: Assert randompassword is defined for host1 and host2.
-    assert:
+    ansible.builtin.assert:
      that:
      - ipahost.host["{{ host1_fqdn }}"].randompassword is
        defined
@@ -72,11 +72,11 @@
        defined

  - name: Print generated random password for "{{ host1_fqdn }}"
-    debug:
+    ansible.builtin.debug:
      var: ipahost.host["{{ host1_fqdn }}"].randompassword

  - name: Print generated random password for "{{ host2_fqdn }}"
-    debug:
+    ansible.builtin.debug:
      var: ipahost.host["{{ host2_fqdn }}"].randompassword

  - name: Enrolled host "{{ ansible_facts['fqdn'] }}" fails to set random password with update_password always
@@ -90,7 +90,7 @@
    failed_when: ipahost.changed or not ipahost.failed

  - name: Assert randompassword is not defined for 'ansible_fqdn'.
-    assert:
+    ansible.builtin.assert:
      that:
      - ipahost.host["{{ ansible_facts['fqdn'] }}"].randompassword is
        not defined
--- a/tests/host/test_host_reverse.yml
+++ b/tests/host/test_host_reverse.yml
@@ -5,12 +5,12 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"

  - name: Host absent
@@ -22,12 +22,12 @@
      state: absent

  - name: Get IPv4 address prefix from server node
-    set_fact:
+    ansible.builtin.set_fact:
      ipv4_prefix: "{{ ansible_facts['default_ipv4'].address.split('.')[:-1] |
                       join('.') }}"

  - name: Set zone prefixes.
-    set_fact:
+    ansible.builtin.set_fact:
      zone_ipv6_reverse: "ip6.arpa."
      zone_ipv6_reverse_workaround: "d.f.ip6.arpa."
      zone_prefix_reverse: "in-addr.arpa"
--- a/tests/host/test_host_sshpubkey.yml
+++ b/tests/host/test_host_sshpubkey.yml
@@ -5,12 +5,12 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"

  - name: Host host1 absent
--- a/tests/host/test_hosts.yml
+++ b/tests/host/test_hosts.yml
@@ -5,12 +5,12 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host6_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
      host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
      host3_fqdn: "{{ 'host3.' + ipaserver_domain }}"
--- a/tests/host/test_hosts_managedby_host.yml
+++ b/tests/host/test_hosts_managedby_host.yml
@@ -5,12 +5,12 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Set host1_fqdn .. host5_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
      host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"
      host3_fqdn: "{{ 'host3.' + ipaserver_domain }}"
--- a/tests/host/test_hosts_principal.yml
+++ b/tests/host/test_hosts_principal.yml
@@ -5,17 +5,17 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

  - name: Get Realm from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_realm: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') | upper }}"
    when: ipaserver_realm is not defined

  - name: Set host1_fqdn .. host2_fqdn
-    set_fact:
+    ansible.builtin.set_fact:
      host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
      host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"

--- a/tests/hostgroup/test_hostgroup.yml
+++ b/tests/hostgroup/test_hostgroup.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Get Domain from server name
-    set_fact:
+    ansible.builtin.set_fact:
      ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
    when: ipaserver_domain is not defined

--- a/tests/hostgroup/test_hostgroup_client_context.yml
+++ b/tests/hostgroup/test_hostgroup_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test hostgroup using client context, in client host.
-  import_playbook: test_hostgroup.yml
+  ansible.builtin.import_playbook: test_hostgroup.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test hostgroup using client context, in server host.
-  import_playbook: test_hostgroup.yml
+  ansible.builtin.import_playbook: test_hostgroup.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/hostgroup/test_hostgroup_membermanager.yml
+++ b/tests/hostgroup/test_hostgroup_membermanager.yml
@@ -5,7 +5,7 @@
  gather_facts: false

  tasks:
-  - include_tasks: ../env_freeipa_facts.yml
+  - ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  - name: Tests requiring IPA version 4.8.4+
    block:
--- a/tests/hostgroup/test_hostgroup_rename.yml
+++ b/tests/hostgroup/test_hostgroup_rename.yml
@@ -5,7 +5,7 @@
  gather_facts: false

  tasks:
-  - include_tasks: ../env_freeipa_facts.yml
+  - ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  - name: Tests requiring IPA version 4.8.7+
    block:
--- a/tests/idrange/tasks_set_trust.yml
+++ b/tests/idrange/tasks_set_trust.yml
@@ -23,7 +23,7 @@
  failed_when: result.failed

 - name: Retrieve Domain Security Identifier
-  shell:
+  ansible.builtin.shell:
    cmd: |
      kinit -c test_krb5_cache admin <<< SomeADMINpassword > /dev/null
      KRB5CCNAME=test_krb5_cache ipa trust-show {{ adserver.domain }} | sed -n "/Domain Security Identifier/s/ //gp" | cut -d":" -f2
@@ -32,5 +32,5 @@
  no_log: yes

 - name: Set ipa_domain_sid.
-  set_fact:
+  ansible.builtin.set_fact:
    ipa_domain_sid: "{{ getsid.stdout }}"
--- a/tests/idrange/test_idrange.yml
+++ b/tests/idrange/test_idrange.yml
@@ -14,7 +14,7 @@
  tasks:
  # CLEANUP TEST ITEMS
  - name: Remove test trust.
-    include_tasks: tasks_remove_trust.yml
+    ansible.builtin.include_tasks: tasks_remove_trust.yml
    when: trust_test_is_supported | default(false)

  - name: Ensure testing idranges are absent
@@ -121,7 +121,7 @@
  - block:
      # Create trust with range_type: ipa-ad-trust
      - name: Create trust with range_type 'ipa-ad-trust'
-        include_tasks: tasks_set_trust.yml
+        ansible.builtin.include_tasks: tasks_set_trust.yml
        vars:
          trust_base_id: 10000000
          trust_range_size: 200000
@@ -218,7 +218,7 @@

      # Remove trust and idrange
      - name: Remove test trust.
-        include_tasks: tasks_remove_trust.yml
+        ansible.builtin.include_tasks: tasks_remove_trust.yml

      - name: Ensure AD-trust idrange is absent
        ipaidrange:
@@ -229,7 +229,7 @@

      # Create trust with range_type: ipa-ad-trust-posix
      - name: Create trust with range_type 'ipa-ad-trust'
-        include_tasks: tasks_set_trust.yml
+        ansible.builtin.include_tasks: tasks_set_trust.yml
        vars:
          trust_base_id: 10000000
          trust_range_size: 200000
@@ -251,7 +251,7 @@

      # Remove trust and idrange
      - name: Remove test trust.
-        include_tasks: tasks_remove_trust.yml
+        ansible.builtin.include_tasks: tasks_remove_trust.yml

      - name: Ensure AD-trust idrange is absent
        ipaidrange:
@@ -262,7 +262,7 @@

      # Remove trust and idrange
      - name: Remove test trust.
-        include_tasks: tasks_remove_trust.yml
+        ansible.builtin.include_tasks: tasks_remove_trust.yml

      - name: Ensure AD-trust idrange is absent
        ipaidrange:
@@ -273,7 +273,7 @@

      # Create trust with range_type: ipa-ad-trust-posix
      - name: Create trust with range_type 'ipa-ad-trust-posix'
-        include_tasks: tasks_set_trust.yml
+        ansible.builtin.include_tasks: tasks_set_trust.yml
        vars:
          trust_base_id: 10000000
          trust_range_size: 2000000
@@ -319,7 +319,7 @@

      # Remove trust and idrange
      - name: Remove test trust.
-        include_tasks: tasks_remove_trust.yml
+        ansible.builtin.include_tasks: tasks_remove_trust.yml

      - name: Ensure AD-trust idrange is absent
        ipaidrange:
@@ -330,7 +330,7 @@

      # Create trust with range_type: ipa-ad-trust-posix
      - name: Create trust with range_type 'ipa-ad-trust-posix'
-        include_tasks: tasks_set_trust.yml
+        ansible.builtin.include_tasks: tasks_set_trust.yml
        vars:
          trust_base_id: 10000000
          trust_range_size: 2000000
@@ -352,7 +352,7 @@
    always:
      # CLEANUP TEST ITEMS
      - name: Remove test trust.
-        include_tasks: tasks_remove_trust.yml
+        ansible.builtin.include_tasks: tasks_remove_trust.yml

      - name: Ensure testing idranges are absent
        ipaidrange:
--- a/tests/idrange/test_idrange_client_context.yml
+++ b/tests/idrange/test_idrange_client_context.yml
@@ -8,7 +8,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -29,11 +29,11 @@
 # in upstream CI.

 - name: Test idrange using client context, in client host.
-  import_playbook: test_idrange.yml
+  ansible.builtin.import_playbook: test_idrange.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test idrange using client context, in server host.
-  import_playbook: test_idrange.yml
+  ansible.builtin.import_playbook: test_idrange.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
--- a/tests/location/test_location_client_context.yml
+++ b/tests/location/test_location_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,13 +27,13 @@
 # in upstream CI.

 - name: Test location using client context, in client host.
-  import_playbook: test_location.yml
+  ansible.builtin.import_playbook: test_location.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test location using client context, in server host.
-  import_playbook: test_location.yml
+  ansible.builtin.import_playbook: test_location.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/netgroup/test_netgroup.yml
+++ b/tests/netgroup/test_netgroup.yml
@@ -19,7 +19,7 @@

    # CREATE TEST ITEMS
    - name: Get Domain from server name
-      set_fact:
+      ansible.builtin.set_fact:
        ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
      when: ipaserver_domain is not defined

--- a/tests/netgroup/test_netgroup_client_context.yml
+++ b/tests/netgroup/test_netgroup_client_context.yml
@@ -6,7 +6,7 @@

  tasks:
  - name: Include FreeIPA facts.
-    include_tasks: ../env_freeipa_facts.yml
+    ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  # Test will only be executed if host is not a server.
  - name: Execute with server context in the client.
@@ -27,25 +27,25 @@
 # in upstream CI.

 - name: Test netgroup using client context, in client host.
-  import_playbook: test_netgroup.yml
+  ansible.builtin.import_playbook: test_netgroup.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test netgroup using client context, in server host.
-  import_playbook: test_netgroup.yml
+  ansible.builtin.import_playbook: test_netgroup.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client

 - name: Test netgroup with member using client context, in client host.
-  import_playbook: test_netgroup_member.yml
+  ansible.builtin.import_playbook: test_netgroup_member.yml
  when: groups['ipaclients']
  vars:
    ipa_test_host: ipaclients

 - name: Test netgroup with member using client context, in server host.
-  import_playbook: test_netgroup_member.yml
+  ansible.builtin.import_playbook: test_netgroup_member.yml
  when: groups['ipaclients'] is not defined or not groups['ipaclients']
  vars:
    ipa_context: client
--- a/tests/netgroup/test_netgroup_member.yml
+++ b/tests/netgroup/test_netgroup_member.yml
@@ -7,12 +7,12 @@
  tasks:
  - block:
    - name: Get Domain from server name
-      set_fact:
+      ansible.builtin.set_fact:
        ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
      when: ipaserver_domain is not defined

    - name: Set host1_fqdn .. host2_fqdn
-      set_fact:
+      ansible.builtin.set_fact:
        host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
        host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"

--- a/tests/netgroup/test_netgroup_member_absent.yml
+++ b/tests/netgroup/test_netgroup_member_absent.yml
@@ -7,12 +7,12 @@
  tasks:
  - block:
    - name: Get Domain from server name
-      set_fact:
+      ansible.builtin.set_fact:
        ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
      when: ipaserver_domain is not defined

    - name: Set host1_fqdn .. host2_fqdn
-      set_fact:
+      ansible.builtin.set_fact:
        host1_fqdn: "{{ 'host1.' + ipaserver_domain }}"
        host2_fqdn: "{{ 'host2.' + ipaserver_domain }}"

--- a/tests/netgroup/test_netgroup_member_case_insensitive.yml
+++ b/tests/netgroup/test_netgroup_member_case_insensitive.yml
@@ -16,7 +16,7 @@
  - block:
    # SETUP
    - name: Get Domain from server name
-      set_fact:
+      ansible.builtin.set_fact:
        ipaserver_domain: "{{ ansible_facts['fqdn'].split('.')[1:] | join ('.') }}"
      when: ipaserver_domain is not defined

@@ -62,7 +62,7 @@

    # TESTS
    - name: Start tests.
-      debug:
+      ansible.builtin.debug:
        msg: "Tests are starting."

    - name: Ensure netgroups exist
@@ -203,7 +203,7 @@
      failed_when: result.failed or result.changed

    - name: End tests.
-      debug:
+      ansible.builtin.debug:
        msg: "All tests executed."

    always:
--- a/tests/permission/test_permission.yml
+++ b/tests/permission/test_permission.yml
@@ -4,7 +4,7 @@
  become: true

  tasks:
-  - include_tasks: ../env_freeipa_facts.yml
+  - ansible.builtin.include_tasks: ../env_freeipa_facts.yml

  - name: Ensure testing groups are present.
    ipagroup:
--- a/Show More
+++ b/Show More