Add deb822 format for repository source file

[LaggingHero]

trafficstars

Recently, I upgraded a series of VMs from Ubuntu 22.04 to 24.04; Docker had been installed on all of them using this role.

After completing the upgrade, I noticed that the /etc/apt/sources.list.d/ directory contained the file docker.list.distUpgrade, which was created from the old docker.list (added by the role), along with docker.sources, a deb822-formatted file that was automatically generated.

When I tried rerunning the role, the docker.list file was recreated, and on the first apt update, many warnings appeared because there were two files referencing the same repository:

Since the deb822 format is already used with Ubuntu 24.04 and the one-line format will be deprecated in the future, would it be possible to introduce it within the role?

I have prepared this PR for this purpose. Let me know if any changes are needed.

[LaggingHero]

Hi! Just wanted to share some additional links regarding the migration to deb822-formatted sources:

• Ubuntu Discourse (spec): https://discourse.ubuntu.com/t/spec-apt-deb822-sources-by-default/29333
• 24.04 Release Notes: https://discourse.ubuntu.com/t/ubuntu-24-04-lts-noble-numbat-release-notes/39890#p-99950-deb822-sources-management
• apt(8) man page reference: https://discourse.ubuntu.com/t/ubuntu-24-04-lts-noble-numbat-release-notes/39890#p-99950-deb822-sources-management

Let me know if there's anything I can do to improve the PR further

[dadimah]

@CodiumAI-Agent /improve

[CodiumAI-Agent]

PR Code Suggestions ✨

Latest suggestions up to d3e340b

Category	Suggestion	Impact
Possible issue	Robustly filter loop items Use select() with an explicit test to avoid passing falsy non-iterables to the loop, which can error on some Ansible versions. Filter out empty strings safely before looping. tasks/setup-Debian.yml [15-23] - name: Ensure old apt source list files are not present in /etc/apt/sources.list.d vars: old_apt_source_list_files: - /etc/apt/sources.list.d/download_docker_com_linux_{{ docker_apt_ansible_distribution }}.list - - "{{ docker_use_deb822_format | ansible.builtin.ternary('/etc/apt/sources.list.d/docker.list', '') }}" + - "{{ docker_use_deb822_format | ansible.builtin.ternary('/etc/apt/sources.list.d/docker.list', omit) }}" ansible.builtin.file: path: "{{ item }}" state: absent - loop: "{{ old_apt_source_list_files | select }}" + loop: "{{ old_apt_source_list_files | reject('equalto', omit) | list }}" Suggestion importance[1-10]: 6 __ Why: Replacing empty string with omit and filtering with reject('equalto', omit) avoids passing falsy items to the loop; it's a solid robustness improvement aligned with the new logic.	Low
	Remove empty package entries Avoid passing empty strings to the package list, which can cause failures on some systems. Filter with an explicit check and keep evaluation deterministic. tasks/setup-Debian.yml [40-47] - name: Ensure dependencies are installed. vars: dependencies: - apt-transport-https - ca-certificates - - "{{ docker_use_deb822_format | ansible.builtin.ternary('python3-debian', '') }}" + - "{{ docker_use_deb822_format | ansible.builtin.ternary('python3-debian', omit) }}" apt: - name: "{{ dependencies | select }}" + name: "{{ dependencies | reject('equalto', omit) | list }}" state: present when: docker_add_repo | bool Suggestion importance[1-10]: 6 __ Why: Using omit and reject('equalto', omit) prevents empty package names from reaching apt, improving reliability without altering behavior; important but not critical.	Low
General	Condition apt cache refresh Gate the cache update so it only runs when repositories are managed. Unconditional apt cache updates can be slow and unnecessary when docker_add_repo is false. handlers/main.yml [9-11] - name: Update apt cache ansible.builtin.apt: update_cache: true + when: docker_add_repo | bool Suggestion importance[1-10]: 5 __ Why: Adding when: docker_add_repo | bool makes the cache update more targeted and avoids unnecessary work; it's accurate and low-risk but not critical.	Low

---

Previous suggestions

Suggestions up to commit d3e340b

Category	Suggestion	Impact
Possible issue	Correct Ubuntu version threshold The variable name suggests this flag applies from Ubuntu 24.04 onward, but the version check uses 23.04. Update the threshold to match the documented behavior for Ubuntu 24.04+. tasks/setup-Debian.yml [4] -is_ubuntu2304_or_greater: "{{ ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('23.04', '>=') }}" +is_ubuntu2304_or_greater: "{{ ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('24.04', '>=') }}" Suggestion importance[1-10]: 7 __ Why: The check for is_ubuntu2304_or_greater should match the README stating Ubuntu 24.04+ uses deb822, so updating the version avoids unintended behavior on 23.04.	Medium
General	Fix dependencies list filtering Ensure the dependencies list is properly filtered and passed as a list by using select('bool') and converting to a list, and namespace the module for consistency. tasks/setup-Debian.yml [45-46] -apt: - name: "{{ dependencies | select }}" +ansible.builtin.apt: + name: "{{ dependencies | select('bool') | list }}" Suggestion importance[1-10]: 6 __ Why: Prefacing with ansible.builtin.apt maintains module consistency and select('bool') | list properly filters out empty dependencies entries without altering intent.	Low
	Filter file list items The select filter needs an explicit test to drop empty strings; use select('bool') and convert to a list so the loop only iterates over valid paths. tasks/setup-Debian.yml [23] -loop: "{{ old_apt_source_list_files | select }}" +loop: "{{ old_apt_source_list_files | select('bool') | list }}" Suggestion importance[1-10]: 5 __ Why: Using select('bool') | list ensures empty strings are removed from old_apt_source_list_files, preventing pointless loop iterations with minimal risk.	Low

Suggestions up to commit d3e340b

Category	Suggestion	Impact
Possible issue	Preserve explicit false defaults The default filter treats false as missing, so setting docker_apt_deb822_format: false will be ignored. Use the default filter in undefined-only mode to respect an explicit false. tasks/setup-Debian.yml [7-8] ansible.builtin.set_fact: - docker_use_deb822_format: "{{ docker_apt_deb822_format | default(is_deb822_preferred) }}" + docker_use_deb822_format: "{{ docker_apt_deb822_format | default(is_deb822_preferred, true) }}" Suggestion importance[1-10]: 8 __ Why: Using default without the true strict argument will ignore explicit false, so adding it preserves intended behavior when disabling deb822 formatting.	Medium
	Fix meta flush_handlers syntax The meta task syntax is incorrect; it requires a mapping for flush_handlers. Change it to use the proper key-value form so handlers are flushed. tasks/setup-Debian.yml [102-103] - name: Ensure handlers are notified immediately to update the apt cache. - ansible.builtin.meta: flush_handlers + ansible.builtin.meta: + flush_handlers: true Suggestion importance[1-10]: 7 __ Why: The meta module requires a mapping for flush_handlers, so updating it to flush_handlers: true ensures handlers are properly flushed.	Medium
General	Filter out empty file paths Using select without a test may not filter out empty strings, causing blank paths to be processed. Reject empty items explicitly to avoid invalid file paths. tasks/setup-Debian.yml [23] -loop: "{{ old_apt_source_list_files | select }}" +loop: "{{ old_apt_source_list_files | reject('equalto','') }}" Suggestion importance[1-10]: 6 __ Why: Rejecting empty strings prevents Ansible from attempting to process blank paths, avoiding potential errors with missing files.	Low
	Remove blank dependencies The select filter without a test may leave blank entries in the package list. Reject empty strings so only valid package names are installed. tasks/setup-Debian.yml [45-47] -apt: - name: "{{ dependencies | select }}" +ansible.builtin.apt: + name: "{{ dependencies | reject('equalto','') }}" state: present Suggestion importance[1-10]: 6 __ Why: Using reject('equalto','') ensures only valid package names are installed and skips any empty entries in the dependencies list.	Low

[sebdanielsson]

@LaggingHero I'm pretty sure you can set this as the default since all currently supported versions of Debian and Ubuntu support deb822 repositories. It was introduced with apt 1.1, which is quite old.

[geerlingguy]

Sorry, just remembered this PR after I had merged https://github.com/geerlingguy/ansible-role-docker/pull/511 — that PR just updates the default to deb822, so hopefully that solves the issue!