diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index a828384..bb3428d 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,46 +1,5 @@
 ---
 jobs:
-  build:
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v3
-    - name: install python ${{ matrix.python-version }}
-      uses: actions/setup-python@v4
-      with:
-        python-version: ${{ matrix.python-version }}
-    - name: install task
-      uses: arduino/setup-task@v1
-      with:
-        repo-token: ${{ github.token }}
-    - name: task ver
-      run: task --version
-    - name: download task mono
-      uses: actions/checkout@v3
-      with:
-        path: taskmono
-        ref: develop
-        repository: andrewrothstein/tasks
-    - name: 'task #ftw'
-      run: task -t taskmono/ansible-test-role.yml "targetuser=${{ github.actor }}"
-        "targetpwd=${{ github.token }}" "alltags=${{ matrix.os }}"
-    strategy:
-      fail-fast: false
-      matrix:
-        os:
-        - alpine_3.17
-        - alpine_3.18
-        - alpine_edge
-        - archlinux_latest
-        - debian_bookworm
-        - debian_bullseye
-        - fedora_37
-        - fedora_38
-        - rockylinux_8
-        - rockylinux_9
-        - ubuntu_focal
-        - ubuntu_jammy
-        python-version:
-        - '3.11'
-name: dcb
-'on':
-- push
+  bake-ansible-images-v1:
+    uses: andrewrothstein/.github/.github/workflows/bake-ansible-images-v1.yml@develop
+'on': push
diff --git a/dcb-os.yml b/dcb-os.yml
deleted file mode 100644
index ba8e4b7..0000000
--- a/dcb-os.yml
+++ /dev/null
@@ -1,13 +0,0 @@
----
-- alpine_3.17
-- alpine_3.18
-- alpine_edge
-- archlinux_latest
-- debian_bookworm
-- debian_bullseye
-- fedora_37
-- fedora_38
-- rockylinux_8
-- rockylinux_9
-- ubuntu_focal
-- ubuntu_jammy
diff --git a/meta/main.yml b/meta/main.yml
index 2b19d04..d8fa472 100644
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -3,8 +3,7 @@ galaxy_info:
   author: Andrew Rothstein
   description: sets up sudoers for passwordless sudo
   company: BlackRock
-  license:
-    - MIT
+  license: MIT
   min_ansible_version: 1.2
   platforms:
     - name: Alpine
@@ -23,8 +22,8 @@ galaxy_info:
         - 9
     - name: Fedora
       versions:
-        - 37
         - 38
+        - 39
     - name: Ubuntu
       versions:
         - focal
diff --git a/platform-matrix-v1.json b/platform-matrix-v1.json
new file mode 100644
index 0000000..db72e9c
--- /dev/null
+++ b/platform-matrix-v1.json
@@ -0,0 +1,50 @@
+[
+  {
+    "OS": "alpine",
+    "OS_VER": "3.18"
+  },
+  {
+    "OS": "alpine",
+    "OS_VER": "3.19"
+  },
+  {
+    "OS": "alpine",
+    "OS_VER": "edge"
+  },
+  {
+    "OS": "archlinux",
+    "OS_VER": "latest"
+  },
+  {
+    "OS": "debian",
+    "OS_VER": "bookworm"
+  },
+  {
+    "OS": "debian",
+    "OS_VER": "bullseye"
+  },
+  {
+    "OS": "fedora",
+    "OS_VER": "38"
+  },
+  {
+    "OS": "fedora",
+    "OS_VER": "39"
+  },
+  {
+    "OS": "rockylinux",
+    "OS_VER": "8"
+  },
+  {
+    "OS": "rockylinux",
+    "OS_VER": "9"
+  },
+  {
+    "OS": "ubuntu",
+    "OS_VER": "focal"
+  },
+  {
+    "OS": "ubuntu",
+    "OS_VER": "jammy"
+  }
+]
diff --git a/tasks/main.yml b/tasks/main.yml
index 67152ee..2a86335 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
-- name: resolve platform specific vars
-  include_vars: '{{ item }}'
+- name: Resolve platform specific vars
+  ansible.builtin.include_vars: '{{ item }}'
   with_first_found:
     - files:
         - '{{ ansible_distribution }}-{{ ansible_distribution_release }}.yml'
@@ -10,53 +10,53 @@
       paths:
         - '{{ role_path }}/vars'
 
-- name: install sudo pkgs...
+- name: Install sudo pkgs...
   become: true
   become_user: root
-  package:
+  ansible.builtin.package:
     name: '{{ sudoers_pkgs }}'
     state: present
 
-- name: ensure sudoers dropin directory {{ sudoers_dropin_dir }} exists
+- name: Ensure sudoers dropin directory {{ sudoers_dropin_dir }} exists
   become: true
   become_user: root
-  file:
+  ansible.builtin.file:
     path: '{{ sudoers_dropin_dir }}'
     state: directory
-    mode: 0750
+    mode: '750'
 
-- name: enable passwordless sudo for assorted groups
+- name: Enable passwordless sudo for assorted groups
   become: true
   become_user: root
-  template:
+  ansible.builtin.template:
     src: '{{ item }}.j2'
     dest: '{{ sudoers_dropin_dir }}/{{ item }}'
-    mode: 0440
+    mode: '440'
   with_items:
     - nopasswd
     - proxyenv
 
-- name: 'ensure sudoers dropin directory is #includedir-ed'
+- name: Ensure sudoers dropin directory is (hash)includedir-ed
   become: true
   become_user: root
-  lineinfile:
+  ansible.builtin.lineinfile:
     dest: '{{ sudoers_cfg_file }}'
     regexp: '^[#@]includedir\s+{{ sudoers_dropin_dir }}'
     line: '#includedir {{ sudoers_dropin_dir }}'
 
 - when: sudoreplay_enabled
   block:
-    - name: ensure sudoreplay directory {{ sudoreplay_dir }} exists
+    - name: Ensure sudoreplay directory {{ sudoreplay_dir }} exists
       become: true
       become_user: root
-      file:
+      ansible.builtin.file:
         path: '{{ sudoreplay_dir }}'
         state: directory
-        mode: 0750
-    - name: dropin sudoreplay
+        mode: '750'
+    - name: Dropin sudoreplay
       become: true
       become_user: root
-      template:
+      ansible.builtin.template:
         src: sudoreplay.j2
         dest: '{{ sudoers_dropin_dir }}/sudoreplay'
-        mode: 0440
+        mode: '440'