From 03fc393c055af88afc622538d8036e90ee02b732 Mon Sep 17 00:00:00 2001 From: Lucas <116588+hairmare@users.noreply.github.com> Date: Thu, 19 Dec 2024 12:32:42 +0100 Subject: [PATCH] chore: ansible-lint cleanup (#61) --- .ansible-lint-ignore | 20 +++++++++++++ .ansible-lint.yml | 8 +++++ .github/workflows/release.yaml | 2 +- .github/workflows/semantic-release.yaml | 2 +- .github/workflows/test.yaml | 2 +- galaxy.yml | 3 ++ meta/runtime.yml | 3 +- roles/base/defaults/main.yml | 7 +++-- roles/base/meta/main.yml | 3 +- roles/base/tasks/main.yml | 6 ++-- roles/core/defaults/main.yml | 11 +++---- roles/core/meta/main.yml | 3 +- roles/download_file/defaults/main.yml | 1 + roles/download_file/meta/main.yml | 3 +- roles/download_file/tasks/main.yml | 1 + roles/download_file/tests/test.yml | 3 +- roles/files/defaults/main.yml | 1 + roles/files/meta/main.yml | 3 +- roles/files/tasks/main.yml | 12 ++++---- roles/git_clone/defaults/main.yml | 3 +- roles/git_clone/meta/main.yml | 3 +- roles/git_clone/tasks/main.yml | 18 ++++++------ roles/local_user/defaults/main.yml | 9 +++--- roles/local_user/meta/main.yml | 3 +- roles/local_user/tasks/main.yml | 39 +++++++++++-------------- 25 files changed, 105 insertions(+), 64 deletions(-) create mode 100644 .ansible-lint-ignore create mode 100644 .ansible-lint.yml diff --git a/.ansible-lint-ignore b/.ansible-lint-ignore new file mode 100644 index 0000000..7779f51 --- /dev/null +++ b/.ansible-lint-ignore @@ -0,0 +1,20 @@ +# This file contains ignores rule violations for ansible-lint + +# These are very low level, so we keep their wrong names for now +roles/base/defaults/main.yml var-naming[no-role-prefix] +roles/core/defaults/main.yml var-naming[no-role-prefix] +roles/files/defaults/main.yml var-naming[no-role-prefix] + +# This can probably be renamed without as much effort +roles/git_clone/defaults/main.yml var-naming[no-role-prefix] + +# We should make this configurable and default to 644 +roles/git_clone/tasks/main.yml risky-file-permissions + +# These should be fixed at some point +roles/local_user/tasks/main.yml ignore-errors +roles/local_user/tasks/main.yml no-changed-when + +# We should start writing changelogs at some point +galaxy.yml galaxy[no-changelog] + diff --git a/.ansible-lint.yml b/.ansible-lint.yml new file mode 100644 index 0000000..7ec5152 --- /dev/null +++ b/.ansible-lint.yml @@ -0,0 +1,8 @@ +--- +exclude_paths: + - .github/ + - venv/ +write_list: + - all +warn_list: + - meta-runtime[unsupported-version] diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 2dc1e72..62804b6 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -7,6 +7,6 @@ on: jobs: call-workflow: - uses: radiorabe/actions/.github/workflows/release-ansible-collection.yaml@v0.22.0 + uses: radiorabe/actions/.github/workflows/release-ansible-collection.yaml@v0.26.0 secrets: GALAXY_API_KEY: ${{ secrets.GALAXY_API_KEY }} diff --git a/.github/workflows/semantic-release.yaml b/.github/workflows/semantic-release.yaml index 45e5fe0..dd50eac 100644 --- a/.github/workflows/semantic-release.yaml +++ b/.github/workflows/semantic-release.yaml @@ -7,6 +7,6 @@ on: jobs: call-workflow: - uses: radiorabe/actions/.github/workflows/semantic-release.yaml@v0.22.0 + uses: radiorabe/actions/.github/workflows/semantic-release.yaml@v0.26.0 secrets: RABE_ITREAKTION_GITHUB_TOKEN: ${{ secrets.RABE_ITREAKTION_GITHUB_TOKEN }} diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 5be3f01..03ad819 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -7,4 +7,4 @@ on: jobs: call-workflow: - uses: radiorabe/actions/.github/workflows/test-ansible-collection.yaml@v0.22.0 + uses: radiorabe/actions/.github/workflows/test-ansible-collection.yaml@v0.26.0 diff --git a/galaxy.yml b/galaxy.yml index c58e962..92be236 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -1,3 +1,4 @@ +--- namespace: radiorabe name: common version: 0.0.0 @@ -10,6 +11,8 @@ tags: - radiorabe - foreman - common + - infrastructure + - tools dependencies: {} repository: https://github.com/radiorabe/ansible-collection-common documentation: https://github.com/radiorabe/ansible-collection-common/blob/main/README.md diff --git a/meta/runtime.yml b/meta/runtime.yml index 15e28cd..898b247 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -1 +1,2 @@ -requires_ansible: ">=2.11,<2.17" +--- +requires_ansible: ">=2.14,<2.17" diff --git a/roles/base/defaults/main.yml b/roles/base/defaults/main.yml index 4276c3a..8d95e51 100644 --- a/roles/base/defaults/main.yml +++ b/roles/base/defaults/main.yml @@ -1,7 +1,8 @@ +--- # defaults for radiorabe.common.base -radiorabe_base_mail_noreply: 'noreply@{{ radiorabe_core_hostname }}' +radiorabe_base_mail_noreply: "noreply@{{ radiorabe_core_hostname }}" -radiorabe_base_foreman_host: 'foreman.service.{{ radiorabe_core_int_hostname }}' +radiorabe_base_foreman_host: "foreman.service.{{ radiorabe_core_int_hostname }}" -radiorabe_base_foreman_url: 'https://{{ radiorabe_base_foreman_host }}' +radiorabe_base_foreman_url: "https://{{ radiorabe_base_foreman_host }}" diff --git a/roles/base/meta/main.yml b/roles/base/meta/main.yml index 2c3b096..bab0c2e 100644 --- a/roles/base/meta/main.yml +++ b/roles/base/meta/main.yml @@ -1,9 +1,10 @@ +--- galaxy_info: author: RaBe IT-Reaktion description: Defines minimal facts that are not OS specific for use in other roles. issue_tracker_url: https://github.com/radiorabe/ansible-collection-common/issues license: AGPL-3.0-only - min_ansible_version: '2.9' + min_ansible_version: "2.14" platforms: - name: EL versions: diff --git a/roles/base/tasks/main.yml b/roles/base/tasks/main.yml index ab8cb28..e29be8a 100644 --- a/roles/base/tasks/main.yml +++ b/roles/base/tasks/main.yml @@ -3,6 +3,6 @@ - name: RaBe Base | set base facts ansible.builtin.set_fact: - radiorabe_base_mail_noreply: '{{ radiorabe_base_mail_noreply }}' - radiorabe_base_foreman_host: '{{ radiorabe_base_foreman_host }}' - radiorabe_base_foreman_url: '{{ radiorabe_base_foreman_url }}' + radiorabe_base_mail_noreply: "{{ radiorabe_base_mail_noreply }}" + radiorabe_base_foreman_host: "{{ radiorabe_base_foreman_host }}" + radiorabe_base_foreman_url: "{{ radiorabe_base_foreman_url }}" diff --git a/roles/core/defaults/main.yml b/roles/core/defaults/main.yml index e3b3e44..78f4618 100644 --- a/roles/core/defaults/main.yml +++ b/roles/core/defaults/main.yml @@ -1,11 +1,12 @@ +--- # defaults for radiorabe.common.core -radiorabe_core_hostname: 'rabe.ch' +radiorabe_core_hostname: "rabe.ch" -radiorabe_core_int_hostname: 'int.{{ radiorabe_core_hostname }}' +radiorabe_core_int_hostname: "int.{{ radiorabe_core_hostname }}" -radiorabe_core_realm: '{{ radiorabe_core_int_hostname | upper }}' +radiorabe_core_realm: "{{ radiorabe_core_int_hostname | upper }}" -radiorabe_core_admin_name: 'RaBe IT-Reaktion' +radiorabe_core_admin_name: "RaBe IT-Reaktion" -radiorabe_core_admin_mail: 'it@{{ radiorabe_core_hostname }}' +radiorabe_core_admin_mail: "it@{{ radiorabe_core_hostname }}" diff --git a/roles/core/meta/main.yml b/roles/core/meta/main.yml index d9fdfc3..fca51a1 100644 --- a/roles/core/meta/main.yml +++ b/roles/core/meta/main.yml @@ -1,9 +1,10 @@ +--- galaxy_info: author: RaBe IT-Reaktion description: Defines a baseline set of variables for use in other roles. issue_tracker_url: https://github.com/radiorabe/ansible-collection-common/issues license: AGPL-3.0-only - min_ansible_version: '2.9' + min_ansible_version: "2.14" platforms: - name: EL versions: diff --git a/roles/download_file/defaults/main.yml b/roles/download_file/defaults/main.yml index ff81257..fc0e100 100644 --- a/roles/download_file/defaults/main.yml +++ b/roles/download_file/defaults/main.yml @@ -2,4 +2,5 @@ # defaults file for download_file download_file_url: https://rabe.ch/wp-content/uploads/2016/07/favicon.ico download_file_destination: /tmp/ +download_file_mode: "0644" download_file_locally: false diff --git a/roles/download_file/meta/main.yml b/roles/download_file/meta/main.yml index 045ccf9..841314e 100644 --- a/roles/download_file/meta/main.yml +++ b/roles/download_file/meta/main.yml @@ -1,9 +1,10 @@ +--- galaxy_info: author: RaBe IT-Reaktion description: Download file issue_tracker_url: https://github.com/radiorabe/ansible-collection-common/issues license: AGPL-3.0-only - min_ansible_version: '2.9' + min_ansible_version: "2.14" platforms: - name: EL versions: diff --git a/roles/download_file/tasks/main.yml b/roles/download_file/tasks/main.yml index 78305c3..d25738e 100644 --- a/roles/download_file/tasks/main.yml +++ b/roles/download_file/tasks/main.yml @@ -4,4 +4,5 @@ ansible.builtin.get_url: url: "{{ download_file_url }}" dest: "{{ download_file_destination }}" + mode: "{{ download_file_mode }}" delegate_to: "{{ '127.0.0.1' if download_file_locally else omit }}" diff --git a/roles/download_file/tests/test.yml b/roles/download_file/tests/test.yml index 2212b3e..3530c11 100644 --- a/roles/download_file/tests/test.yml +++ b/roles/download_file/tests/test.yml @@ -1,5 +1,6 @@ --- -- hosts: localhost +- name: Test download_file role + hosts: localhost remote_user: root roles: - download_file diff --git a/roles/files/defaults/main.yml b/roles/files/defaults/main.yml index ae0fc69..a308afa 100644 --- a/roles/files/defaults/main.yml +++ b/roles/files/defaults/main.yml @@ -1,3 +1,4 @@ +--- # defaults for radiorabe.common.file radiorabe_files: [] diff --git a/roles/files/meta/main.yml b/roles/files/meta/main.yml index 83ed2f3..2a8512a 100644 --- a/roles/files/meta/main.yml +++ b/roles/files/meta/main.yml @@ -1,9 +1,10 @@ +--- galaxy_info: author: RaBe IT-Reaktion description: Allow managing a bunch of static files. issue_tracker_url: https://github.com/radiorabe/ansible-collection-common/issues license: AGPL-3.0-only - min_ansible_version: '2.9' + min_ansible_version: "2.14" platforms: - name: EL versions: diff --git a/roles/files/tasks/main.yml b/roles/files/tasks/main.yml index 0a7ad59..dbc23cf 100644 --- a/roles/files/tasks/main.yml +++ b/roles/files/tasks/main.yml @@ -1,10 +1,10 @@ --- # tasks file for radiorabe.common.files -- name: 'RaBe Base : File : Manage files' - ansible.builtin.file: '{{ item }}' - with_items: '{{ radiorabe_files }}' +- name: "RaBe Base : File : Manage files" + ansible.builtin.file: "{{ item }}" # noqa: args + with_items: "{{ radiorabe_files }}" -- name: 'RaBe Base : File : Copy files' - ansible.builtin.copy: '{{ item }}' - with_items: '{{ radiorabe_copies }}' +- name: "RaBe Base : File : Copy files" + ansible.builtin.copy: "{{ item }}" # noqa: risky-file-permissions + with_items: "{{ radiorabe_copies }}" diff --git a/roles/git_clone/defaults/main.yml b/roles/git_clone/defaults/main.yml index 16a6c2a..c203a96 100644 --- a/roles/git_clone/defaults/main.yml +++ b/roles/git_clone/defaults/main.yml @@ -1,5 +1,6 @@ +--- # defaults for radiorabe.common.git radiorabe_git_clone: [] radiorabe_git_local_clone: false -radiorabe_git_clone_remote_dest: '' +radiorabe_git_clone_remote_dest: "" diff --git a/roles/git_clone/meta/main.yml b/roles/git_clone/meta/main.yml index 04644fe..927d974 100644 --- a/roles/git_clone/meta/main.yml +++ b/roles/git_clone/meta/main.yml @@ -1,9 +1,10 @@ +--- galaxy_info: author: RaBe IT-Reaktion description: Clone git repository. issue_tracker_url: https://github.com/radiorabe/ansible-collection-common/issues license: AGPL-3.0-only - min_ansible_version: '2.9' + min_ansible_version: "2.14" platforms: - name: EL versions: diff --git a/roles/git_clone/tasks/main.yml b/roles/git_clone/tasks/main.yml index f4faa07..6d5e7aa 100644 --- a/roles/git_clone/tasks/main.yml +++ b/roles/git_clone/tasks/main.yml @@ -1,14 +1,14 @@ --- # tasks file for radiorabe.common.git -- name: "RaBe Common : git_clone : Clone git repository {{ 'locally' if radiorabe_git_local_clone else 'on remote host'}}" - ansible.builtin.git: '{{ item }}' - with_items: '{{ radiorabe_git_clone }}' +- name: "RaBe Common : git_clone : Clone git repository {{ 'locally' if radiorabe_git_local_clone else 'on remote host' }}" + ansible.builtin.git: "{{ item }}" # noqa: latest args + with_items: "{{ radiorabe_git_clone }}" delegate_to: "{{ '127.0.0.1' if radiorabe_git_local_clone else omit }}" -- name: 'RaBe Common : git_clone : Copy files to remote' - ansible.builtin.copy: - src: '{{ item.dest }}/' - dest: '{{ radiorabe_git_clone_remote_dest }}/' - with_items: '{{ radiorabe_git_clone }}' - when: radiorabe_git_local_clone == true +- name: "RaBe Common : git_clone : Copy files to remote" + ansible.builtin.copy: + src: "{{ item.dest }}/" + dest: "{{ radiorabe_git_clone_remote_dest }}/" + with_items: "{{ radiorabe_git_clone }}" + when: radiorabe_git_local_clone diff --git a/roles/local_user/defaults/main.yml b/roles/local_user/defaults/main.yml index 78d4219..73648ea 100644 --- a/roles/local_user/defaults/main.yml +++ b/roles/local_user/defaults/main.yml @@ -1,8 +1,9 @@ +--- # defaults for radiorabe.common.local_user -local_user_additional_groups: '' +local_user_additional_groups: "" local_user_create_home: false -local_user_groupname: '' -local_user_home_directory: '' -local_user_shell: '' +local_user_groupname: "" +local_user_home_directory: "" +local_user_shell: "" local_user_system: false diff --git a/roles/local_user/meta/main.yml b/roles/local_user/meta/main.yml index 18d9fcf..d32f79d 100644 --- a/roles/local_user/meta/main.yml +++ b/roles/local_user/meta/main.yml @@ -1,9 +1,10 @@ +--- galaxy_info: author: RaBe IT-Reaktion description: Allow managing of local users. issue_tracker_url: https://github.com/radiorabe/ansible-collection-common/issues license: AGPL-3.0-only - min_ansible_version: '2.9' + min_ansible_version: "2.14" platforms: - name: EL versions: diff --git a/roles/local_user/tasks/main.yml b/roles/local_user/tasks/main.yml index 3d19f90..a922d41 100644 --- a/roles/local_user/tasks/main.yml +++ b/roles/local_user/tasks/main.yml @@ -1,51 +1,46 @@ --- # tasks file for radiorabe.common.local_user -- name: 'Get {{ local_user_username }} user info' +- name: "Get user info for {{ local_user_username }}" ansible.builtin.getent: database: passwd - key: '{{ local_user_username }}' + key: "{{ local_user_username }}" ignore_errors: true -- name: 'Get {{ local_user_groupname }} group' +- name: "Get group info for {{ local_user_groupname }}" ansible.builtin.getent: database: group - key: '{{ local_user_groupname }}' + key: "{{ local_user_groupname }}" ignore_errors: true -- name: 'Add group when does not exist' +- name: "Add group when does not exist" become: true - command: groupadd {{ local_user_groupname }} - when: - ansible_facts.getent_group is undefined and - local_user_groupname != '' + ansible.builtin.command: groupadd {{ local_user_groupname }} + when: ansible_facts.getent_group is undefined and local_user_groupname != '' -- name: 'Add user and group when does not exist' +- name: "Add user and group when does not exist" become: true ansible.builtin.command: - argv: "{{ cmd_argv | - zip(cmd_argv_switch) | - selectattr('1') | - map(attribute='0') | list }}" + argv: "{{ cmd_argv | zip(cmd_argv_switch) | selectattr('1') | map(attribute='0') | list }}" vars: cmd_argv: - - 'useradd' - - '--create-home' + - "useradd" + - "--create-home" - '--groups="{{ local_user_additional_groups }}"' - '--gid="{{ local_user_groupname }}"' - '--home-dir="{{ local_user_home_directory }}"' - '--shell="{{ local_user_shell }}"' - - '--system' - - '--add-subids-for-system' - - '{{ local_user_username }}' + - "--system" + - "--add-subids-for-system" + - "{{ local_user_username }}" cmd_argv_switch: - true - - '{{ local_user_create_home }}' + - "{{ local_user_create_home }}" - '{{ local_user_additional_groups != "" }}' - '{{ local_user_groupname != "" }}' - '{{ local_user_home_directory != "" }}' - '{{ local_user_shell != "" }}' - - '{{ local_user_system }}' - - '{{ local_user_system }}' + - "{{ local_user_system }}" + - "{{ local_user_system }}" - true when: ansible_facts.getent_passwd is undefined