From ec8e04ce4e18e016da7639c040887fd3e3315dd7 Mon Sep 17 00:00:00 2001 From: youtous Date: Fri, 1 Dec 2023 15:13:12 +0100 Subject: [PATCH] fix ansible-linting after rebase onto main --- .../patching/plugins/modules/scan_packages.py | 50 +++--- .../patching/plugins/modules/scan_services.py | 169 +++++++++++------- .../plugins/modules/win_scan_packages.py | 47 ++--- .../plugins/modules/win_scan_services.py | 45 ++--- .../roles/build_report_network/vars/main.yml | 6 +- .../build_report_windows/defaults/main.yml | 2 +- .../roles/build_report_windows/vars/main.yml | 2 +- .../defaults/main.yml | 6 +- .../build_report_windows_patch/vars/main.yml | 2 +- .../roles/patch_linux/defaults/main.yml | 4 +- .../roles/patch_windows/defaults/main.yml | 4 +- .../roles/report_linux/defaults/main.yml | 2 +- .../patching/roles/report_linux/vars/main.yml | 2 +- .../report_linux_patching/defaults/main.yml | 6 +- .../roles/report_linux_patching/vars/main.yml | 2 +- .../roles/report_server/vars/Linux.yml | 4 +- .../roles/report_server/vars/Win32NT.yml | 4 +- .../roles/report_windows/defaults/main.yml | 2 +- .../roles/report_windows/vars/main.yml | 2 +- .../report_windows_patching/defaults/main.yml | 6 +- .../report_windows_patching/vars/main.yml | 2 +- .../roles/register_host/defaults/main.yml | 8 +- .../roles/register_host/vars/RedHat7.yml | 2 +- .../roles/register_host/vars/RedHat8.yml | 2 +- .../roles/scap_client/defaults/main.yaml | 24 +-- openshift/gitlab.yml | 26 +-- openshift/setup.yml | 1 - windows/backup.yml | 4 +- windows/create_ad_domain.yml | 19 +- 29 files changed, 257 insertions(+), 198 deletions(-) diff --git a/collections/ansible_collections/demo/patching/plugins/modules/scan_packages.py b/collections/ansible_collections/demo/patching/plugins/modules/scan_packages.py index 039e5b23f..6e06be0c1 100644 --- a/collections/ansible_collections/demo/patching/plugins/modules/scan_packages.py +++ b/collections/ansible_collections/demo/patching/plugins/modules/scan_packages.py @@ -1,16 +1,16 @@ #!/usr/bin/env python -from ansible.module_utils.basic import * # noqa +from ansible.module_utils.basic import * # noqa -DOCUMENTATION = ''' +DOCUMENTATION = """ --- module: scan_packages short_description: Return installed packages information as fact data description: - Return information about installed packages as fact data -''' +""" -EXAMPLES = ''' +EXAMPLES = """ # Example fact output: # host | success >> { # "ansible_facts": { @@ -34,21 +34,23 @@ # "name": "gcc-4.8-base" # } # ] -''' +""" def rpm_package_list(): import rpm + trans_set = rpm.TransactionSet() installed_packages = [] for package in trans_set.dbMatch(): package_details = { - 'name':package[rpm.RPMTAG_NAME], - 'version':package[rpm.RPMTAG_VERSION], - 'release':package[rpm.RPMTAG_RELEASE], - 'epoch':package[rpm.RPMTAG_EPOCH], - 'arch':package[rpm.RPMTAG_ARCH], - 'source':'rpm' } + "name": package[rpm.RPMTAG_NAME], + "version": package[rpm.RPMTAG_VERSION], + "release": package[rpm.RPMTAG_RELEASE], + "epoch": package[rpm.RPMTAG_EPOCH], + "arch": package[rpm.RPMTAG_ARCH], + "source": "rpm", + } if installed_packages == []: installed_packages = [package_details] else: @@ -58,16 +60,20 @@ def rpm_package_list(): def deb_package_list(): import apt + apt_cache = apt.Cache() installed_packages = [] - apt_installed_packages = [pk for pk in apt_cache.keys() if apt_cache[pk].is_installed] + apt_installed_packages = [ + pk for pk in apt_cache.keys() if apt_cache[pk].is_installed + ] for package in apt_installed_packages: ac_pkg = apt_cache[package].installed package_details = { - 'name':package, - 'version':ac_pkg.version, - 'arch':ac_pkg.architecture, - 'source':'apt'} + "name": package, + "version": ac_pkg.version, + "arch": ac_pkg.architecture, + "source": "apt", + } if installed_packages == []: installed_packages = [package_details] else: @@ -76,13 +82,11 @@ def deb_package_list(): def main(): - module = AnsibleModule( - argument_spec = dict(os_family=dict(required=True)) - ) - ans_os = module.params['os_family'] - if ans_os in ('RedHat', 'Suse', 'openSUSE Leap'): + module = AnsibleModule(argument_spec=dict(os_family=dict(required=True))) + ans_os = module.params["os_family"] + if ans_os in ("RedHat", "Suse", "openSUSE Leap"): packages = rpm_package_list() - elif ans_os == 'Debian': + elif ans_os == "Debian": packages = deb_package_list() else: packages = None @@ -94,4 +98,4 @@ def main(): module.exit_json(**results) -main() \ No newline at end of file +main() diff --git a/collections/ansible_collections/demo/patching/plugins/modules/scan_services.py b/collections/ansible_collections/demo/patching/plugins/modules/scan_services.py index c4de33c2c..3a1a7e470 100644 --- a/collections/ansible_collections/demo/patching/plugins/modules/scan_services.py +++ b/collections/ansible_collections/demo/patching/plugins/modules/scan_services.py @@ -1,46 +1,47 @@ #!/usr/bin/env python import re -from ansible.module_utils.basic import * # noqa +from ansible.module_utils.basic import * # noqa -DOCUMENTATION = ''' +DOCUMENTATION = """ --- module: scan_services short_description: Return service state information as fact data description: - Return service state information as fact data for various service management utilities -''' +""" -EXAMPLES = ''' +EXAMPLES = """ +--- - monit: scan_services + # Example fact output: # host | success >> { -# "ansible_facts": { -# "services": { -# "network": { -# "source": "sysv", -# "state": "running", -# "name": "network" -# }, -# "arp-ethers.service": { -# "source": "systemd", -# "state": "stopped", -# "name": "arp-ethers.service" -# } -# } +# "ansible_facts": { +# "services": { +# "network": { +# "source": "sysv", +# "state": "running", +# "name": "network" +# }, +# "arp-ethers.service": { +# "source": "systemd", +# "state": "stopped", +# "name": "arp-ethers.service" +# } +# } # } -''' +# } +""" class BaseService(object): - def __init__(self, module): self.module = module self.incomplete_warning = False class ServiceScanService(BaseService): - def gather_services(self): services = {} service_path = self.module.get_bin_path("service") @@ -51,94 +52,125 @@ def gather_services(self): # sysvinit if service_path is not None and chkconfig_path is None: - rc, stdout, stderr = self.module.run_command("%s --status-all 2>&1 | grep -E \"\\[ (\\+|\\-) \\]\"" % service_path, use_unsafe_shell=True) + rc, stdout, stderr = self.module.run_command( + '%s --status-all 2>&1 | grep -E "\\[ (\\+|\\-) \\]"' % service_path, + use_unsafe_shell=True, + ) for line in stdout.split("\n"): line_data = line.split() if len(line_data) < 4: - continue # Skipping because we expected more data + continue # Skipping because we expected more data service_name = " ".join(line_data[3:]) if line_data[1] == "+": service_state = "running" else: service_state = "stopped" - services[service_name] = {"name": service_name, "state": service_state, "source": "sysv"} + services[service_name] = { + "name": service_name, + "state": service_state, + "source": "sysv", + } # Upstart if initctl_path is not None and chkconfig_path is None: - p = re.compile('^\s?(?P.*)\s(?P\w+)\/(?P\w+)(\,\sprocess\s(?P[0-9]+))?\s*$') + p = re.compile( + "^\s?(?P.*)\s(?P\w+)\/(?P\w+)(\,\sprocess\s(?P[0-9]+))?\s*$" + ) rc, stdout, stderr = self.module.run_command("%s list" % initctl_path) - real_stdout = stdout.replace("\r","") + real_stdout = stdout.replace("\r", "") for line in real_stdout.split("\n"): m = p.match(line) if not m: continue - service_name = m.group('name') - service_goal = m.group('goal') - service_state = m.group('state') - if m.group('pid'): - pid = m.group('pid') + service_name = m.group("name") + service_goal = m.group("goal") + service_state = m.group("state") + if m.group("pid"): + pid = m.group("pid") else: pid = None # NOQA - payload = {"name": service_name, "state": service_state, "goal": service_goal, "source": "upstart"} + payload = { + "name": service_name, + "state": service_state, + "goal": service_goal, + "source": "upstart", + } services[service_name] = payload # RH sysvinit elif chkconfig_path is not None: - #print '%s --status-all | grep -E "is (running|stopped)"' % service_path + # print '%s --status-all | grep -E "is (running|stopped)"' % service_path p = re.compile( - '(?P.*?)\s+[0-9]:(?Pon|off)\s+[0-9]:(?Pon|off)\s+[0-9]:(?Pon|off)\s+' - '[0-9]:(?Pon|off)\s+[0-9]:(?Pon|off)\s+[0-9]:(?Pon|off)\s+[0-9]:(?Pon|off)') - rc, stdout, stderr = self.module.run_command('%s' % chkconfig_path, use_unsafe_shell=True) + "(?P.*?)\s+[0-9]:(?Pon|off)\s+[0-9]:(?Pon|off)\s+[0-9]:(?Pon|off)\s+" + "[0-9]:(?Pon|off)\s+[0-9]:(?Pon|off)\s+[0-9]:(?Pon|off)\s+[0-9]:(?Pon|off)" + ) + rc, stdout, stderr = self.module.run_command( + "%s" % chkconfig_path, use_unsafe_shell=True + ) # Check for special cases where stdout does not fit pattern match_any = False - for line in stdout.split('\n'): + for line in stdout.split("\n"): if p.match(line): match_any = True if not match_any: - p_simple = re.compile('(?P.*?)\s+(?Pon|off)') + p_simple = re.compile("(?P.*?)\s+(?Pon|off)") match_any = False - for line in stdout.split('\n'): + for line in stdout.split("\n"): if p_simple.match(line): match_any = True if match_any: # Try extra flags " -l --allservices" needed for SLES11 - rc, stdout, stderr = self.module.run_command('%s -l --allservices' % chkconfig_path, use_unsafe_shell=True) - elif '--list' in stderr: + rc, stdout, stderr = self.module.run_command( + "%s -l --allservices" % chkconfig_path, use_unsafe_shell=True + ) + elif "--list" in stderr: # Extra flag needed for RHEL5 - rc, stdout, stderr = self.module.run_command('%s --list' % chkconfig_path, use_unsafe_shell=True) - for line in stdout.split('\n'): + rc, stdout, stderr = self.module.run_command( + "%s --list" % chkconfig_path, use_unsafe_shell=True + ) + for line in stdout.split("\n"): m = p.match(line) if m: - service_name = m.group('service') - service_state = 'stopped' - if m.group('rl3') == 'on': - rc, stdout, stderr = self.module.run_command('%s %s status' % (service_path, service_name), use_unsafe_shell=True) + service_name = m.group("service") + service_state = "stopped" + if m.group("rl3") == "on": + rc, stdout, stderr = self.module.run_command( + "%s %s status" % (service_path, service_name), + use_unsafe_shell=True, + ) service_state = rc if rc in (0,): - service_state = 'running' - #elif rc in (1,3): + service_state = "running" + # elif rc in (1,3): else: - if 'root' in stderr or 'permission' in stderr.lower() or 'not in sudoers' in stderr.lower(): + if ( + "root" in stderr + or "permission" in stderr.lower() + or "not in sudoers" in stderr.lower() + ): self.incomplete_warning = True continue else: - service_state = 'stopped' - service_data = {"name": service_name, "state": service_state, "source": "sysv"} + service_state = "stopped" + service_data = { + "name": service_name, + "state": service_state, + "source": "sysv", + } services[service_name] = service_data return services class SystemctlScanService(BaseService): - def systemd_enabled(self): # Check if init is the systemd command, using comm as cmdline could be symlink try: - f = open('/proc/1/comm', 'r') + f = open("/proc/1/comm", "r") except IOError: # If comm doesn't exist, old kernel, no systemd return False for line in f: - if 'systemd' in line: + if "systemd" in line: return True return False @@ -146,10 +178,16 @@ def gather_services(self): services = {} if not self.systemd_enabled(): return None - systemctl_path = self.module.get_bin_path("systemctl", opt_dirs=["/usr/bin", "/usr/local/bin"]) + systemctl_path = self.module.get_bin_path( + "systemctl", opt_dirs=["/usr/bin", "/usr/local/bin"] + ) if systemctl_path is None: return None - rc, stdout, stderr = self.module.run_command("%s list-unit-files --type=service | tail -n +2 | head -n -2" % systemctl_path, use_unsafe_shell=True) + rc, stdout, stderr = self.module.run_command( + "%s list-unit-files --type=service | tail -n +2 | head -n -2" + % systemctl_path, + use_unsafe_shell=True, + ) for line in stdout.split("\n"): line_data = line.split() if len(line_data) != 2: @@ -158,12 +196,16 @@ def gather_services(self): state_val = "running" else: state_val = "stopped" - services[line_data[0]] = {"name": line_data[0], "state": state_val, "source": "systemd"} + services[line_data[0]] = { + "name": line_data[0], + "state": state_val, + "source": "systemd", + } return services def main(): - module = AnsibleModule(argument_spec = dict()) + module = AnsibleModule(argument_spec=dict()) service_modules = (ServiceScanService, SystemctlScanService) all_services = {} incomplete_warning = False @@ -175,12 +217,17 @@ def main(): if svcmod.incomplete_warning: incomplete_warning = True if len(all_services) == 0: - results = dict(skipped=True, msg="Failed to find any services. Sometimes this is due to insufficient privileges.") + results = dict( + skipped=True, + msg="Failed to find any services. Sometimes this is due to insufficient privileges.", + ) else: results = dict(ansible_facts=dict(services=all_services)) if incomplete_warning: - results['msg'] = "WARNING: Could not find status for all services. Sometimes this is due to insufficient privileges." + results[ + "msg" + ] = "WARNING: Could not find status for all services. Sometimes this is due to insufficient privileges." module.exit_json(**results) -main() \ No newline at end of file +main() diff --git a/collections/ansible_collections/demo/patching/plugins/modules/win_scan_packages.py b/collections/ansible_collections/demo/patching/plugins/modules/win_scan_packages.py index 328181887..e83e0f842 100644 --- a/collections/ansible_collections/demo/patching/plugins/modules/win_scan_packages.py +++ b/collections/ansible_collections/demo/patching/plugins/modules/win_scan_packages.py @@ -1,31 +1,34 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- +!/usr/bin/env python + -*- coding: utf-8 -*- -DOCUMENTATION = ''' +DOCUMENTATION = """ --- module: win_scan_packages short_description: Return Package state information as fact data description: - Return Package state information as fact data for various Packages -''' +""" -EXAMPLES = ''' +EXAMPLES = """ - monit: win_scan_packages -# Example fact output: -# host | success >> { -# "ansible_facts": { -# "packages": [ - { - "name": "Mozilla Firefox 76.0.1 (x64 en-US)", - "version": "76.0.1", - "publisher": "Mozilla", - "arch": "Win64" - }, - { - "name": "Mozilla Maintenance Service", - "version": "76.0.1", - "publisher": "Mozilla", - "arch": "Win64" - }, + +# Example fact output: +# host | success >> { +# "ansible_facts": { +# "packages": [ +# { +# "name": "Mozilla Firefox 76.0.1 (x64 en-US)", +# "version": "76.0.1", +# "publisher": "Mozilla", +# "arch": "Win64" +# }, +# { +# "name": "Mozilla Maintenance Service", +# "version": "76.0.1", +# "publisher": "Mozilla", +# "arch": "Win64" +# } +# ] # } -''' \ No newline at end of file +# } +""" diff --git a/collections/ansible_collections/demo/patching/plugins/modules/win_scan_services.py b/collections/ansible_collections/demo/patching/plugins/modules/win_scan_services.py index caae37d58..a25ac9f2f 100644 --- a/collections/ansible_collections/demo/patching/plugins/modules/win_scan_services.py +++ b/collections/ansible_collections/demo/patching/plugins/modules/win_scan_services.py @@ -1,34 +1,37 @@ #!/usr/bin/env python # -*- coding: utf-8 -*- -DOCUMENTATION = ''' +DOCUMENTATION = """ --- module: win_scan_services short_description: Return service state information as fact data description: - Return service state information as fact data for various service management utilities -''' +""" -EXAMPLES = ''' +EXAMPLES = """ - monit: win_scan_services + # Example fact output: # host | success >> { -# "ansible_facts": { -# "services": [ - { - "name": "AllJoyn Router Service", - "win_svc_name": "AJRouter", - "state": "stopped" - }, - { - "name": "Application Layer Gateway Service", - "win_svc_name": "ALG", - "state": "stopped" - }, - { - "name": "Application Host Helper Service", - "win_svc_name": "AppHostSvc", - "state": "running" - }, +# "ansible_facts": { +# "services": [ +# { +# "name": "AllJoyn Router Service", +# "win_svc_name": "AJRouter", +# "state": "stopped" +# }, +# { +# "name": "Application Layer Gateway Service", +# "win_svc_name": "ALG", +# "state": "stopped" +# }, +# { +# "name": "Application Host Helper Service", +# "win_svc_name": "AppHostSvc", +# "state": "running" +# } +# ] # } -''' \ No newline at end of file +# } +""" diff --git a/collections/ansible_collections/demo/patching/roles/build_report_network/vars/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_network/vars/main.yml index a14fdcfdd..b249dfc86 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_network/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_network/vars/main.yml @@ -1,12 +1,12 @@ --- -file_path: "{{ web_path | default('/var/www/html/reports') }}" -vendor: +file_path: "{{ web_path | default('/var/www/html/reports') }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +vendor: # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way ios: &my_value 'Cisco' nxos: *my_value iosxr: *my_value junos: "Juniper" eos: "Arista" -transport: +transport: # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way cliconf: "Network_CLI" netconf: "NETCONF" nxapi: "NX-API" diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows/defaults/main.yml index 667052d47..6cb18f4da 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/defaults/main.yml @@ -1,2 +1,2 @@ --- -detailedreport: true +detailedreport: true # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows/vars/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows/vars/main.yml index 491f36ab1..d4bb63a35 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/vars/main.yml @@ -1,2 +1,2 @@ --- -file_path: /var/www/html +file_path: /var/www/html # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/defaults/main.yml index 8aa09a6b9..19e0bedb7 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/defaults/main.yml @@ -1,4 +1,4 @@ --- -email_from: tower@shadowman.dev -to_emails: alex@shadowman.dev,tower@shadowman.dev -to_emails_list: "{{ to_emails.split(',') }}" +email_from: tower@shadowman.dev # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +to_emails: alex@shadowman.dev,tower@shadowman.dev # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +to_emails_list: "{{ to_emails.split(',') }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/vars/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/vars/main.yml index 491f36ab1..d4bb63a35 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/vars/main.yml @@ -1,2 +1,2 @@ --- -file_path: /var/www/html +file_path: /var/www/html # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/patch_linux/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/patch_linux/defaults/main.yml index aa8558fcb..8dcd72357 100644 --- a/collections/ansible_collections/demo/patching/roles/patch_linux/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/patch_linux/defaults/main.yml @@ -1,7 +1,7 @@ --- -exclude_packages: +exclude_packages: # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way - authselect - authselect-compat - authselect-libs - fprintd-pam -allow_reboot: true +allow_reboot: true # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/patch_windows/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/patch_windows/defaults/main.yml index d2af09e2d..064352476 100644 --- a/collections/ansible_collections/demo/patching/roles/patch_windows/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/patch_windows/defaults/main.yml @@ -1,5 +1,5 @@ --- -win_update_categories: +win_update_categories: # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way - Application - Connectors - CriticalUpdates @@ -11,4 +11,4 @@ win_update_categories: - Tools - UpdateRollups - Updates -allow_reboot: true +allow_reboot: true # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/report_linux/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux/defaults/main.yml index 667052d47..6cb18f4da 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux/defaults/main.yml @@ -1,2 +1,2 @@ --- -detailedreport: true +detailedreport: true # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/report_linux/vars/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux/vars/main.yml index 6fe0b79a1..dbfdd22b8 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux/vars/main.yml @@ -1,2 +1,2 @@ --- -file_path: /var/www/html/reports +file_path: /var/www/html/reports # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/report_linux_patching/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux_patching/defaults/main.yml index 8aa09a6b9..19e0bedb7 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux_patching/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux_patching/defaults/main.yml @@ -1,4 +1,4 @@ --- -email_from: tower@shadowman.dev -to_emails: alex@shadowman.dev,tower@shadowman.dev -to_emails_list: "{{ to_emails.split(',') }}" +email_from: tower@shadowman.dev # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +to_emails: alex@shadowman.dev,tower@shadowman.dev # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +to_emails_list: "{{ to_emails.split(',') }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/report_linux_patching/vars/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux_patching/vars/main.yml index 6fe0b79a1..dbfdd22b8 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux_patching/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux_patching/vars/main.yml @@ -1,2 +1,2 @@ --- -file_path: /var/www/html/reports +file_path: /var/www/html/reports # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/report_server/vars/Linux.yml b/collections/ansible_collections/demo/patching/roles/report_server/vars/Linux.yml index b4d35737d..fa9d6813f 100644 --- a/collections/ansible_collections/demo/patching/roles/report_server/vars/Linux.yml +++ b/collections/ansible_collections/demo/patching/roles/report_server/vars/Linux.yml @@ -1,3 +1,3 @@ --- -doc_root: /var/www/html -reports_dir: reports +doc_root: /var/www/html # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +reports_dir: reports # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/report_server/vars/Win32NT.yml b/collections/ansible_collections/demo/patching/roles/report_server/vars/Win32NT.yml index ac4e6757d..59bb2e2fe 100644 --- a/collections/ansible_collections/demo/patching/roles/report_server/vars/Win32NT.yml +++ b/collections/ansible_collections/demo/patching/roles/report_server/vars/Win32NT.yml @@ -1,3 +1,3 @@ --- -doc_root: C:\Inetpub\wwwroot -reports_dir: reports +doc_root: C:\Inetpub\wwwroot # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +reports_dir: reports # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/report_windows/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/report_windows/defaults/main.yml index 667052d47..8b5e8186a 100644 --- a/collections/ansible_collections/demo/patching/roles/report_windows/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_windows/defaults/main.yml @@ -1,2 +1,2 @@ --- -detailedreport: true +detailedreport: true # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/report_windows/vars/main.yml b/collections/ansible_collections/demo/patching/roles/report_windows/vars/main.yml index 4c3fa1455..fbc23701a 100644 --- a/collections/ansible_collections/demo/patching/roles/report_windows/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_windows/vars/main.yml @@ -1,2 +1,2 @@ --- -file_path: C:\Inetpub\wwwroot\reports +file_path: C:\Inetpub\wwwroot\reports # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/report_windows_patching/defaults/main.yml b/collections/ansible_collections/demo/patching/roles/report_windows_patching/defaults/main.yml index 8aa09a6b9..19e0bedb7 100644 --- a/collections/ansible_collections/demo/patching/roles/report_windows_patching/defaults/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_windows_patching/defaults/main.yml @@ -1,4 +1,4 @@ --- -email_from: tower@shadowman.dev -to_emails: alex@shadowman.dev,tower@shadowman.dev -to_emails_list: "{{ to_emails.split(',') }}" +email_from: tower@shadowman.dev # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +to_emails: alex@shadowman.dev,tower@shadowman.dev # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +to_emails_list: "{{ to_emails.split(',') }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/patching/roles/report_windows_patching/vars/main.yml b/collections/ansible_collections/demo/patching/roles/report_windows_patching/vars/main.yml index 4c3fa1455..6ec950ade 100644 --- a/collections/ansible_collections/demo/patching/roles/report_windows_patching/vars/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_windows_patching/vars/main.yml @@ -1,2 +1,2 @@ --- -file_path: C:\Inetpub\wwwroot\reports +file_path: C:\Inetpub\wwwroot\reports # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/satellite/roles/register_host/defaults/main.yml b/collections/ansible_collections/demo/satellite/roles/register_host/defaults/main.yml index d2bf1af80..b42aa2f43 100644 --- a/collections/ansible_collections/demo/satellite/roles/register_host/defaults/main.yml +++ b/collections/ansible_collections/demo/satellite/roles/register_host/defaults/main.yml @@ -1,5 +1,5 @@ --- -instance_name: "{{ inventory_hostname | regex_replace('_', '-') }}" -activation_key: "{{ 'RHEL' + ansible_distribution_major_version + '_' + env }}" -rex_user: root # "{{ ansible_user }}" -force_register: true +instance_name: "{{ inventory_hostname | regex_replace('_', '-') }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +activation_key: "{{ 'RHEL' + ansible_distribution_major_version + '_' + env }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +rex_user: root # "{{ ansible_user }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +force_register: true # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat7.yml b/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat7.yml index 07c3a0e9c..4f1e0d233 100644 --- a/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat7.yml +++ b/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat7.yml @@ -1,4 +1,4 @@ --- -rhsm_enabled_repos: +rhsm_enabled_repos: # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way - rhel-7-server-rpms # - rhel-7-server-satellite-maintenance-6.11-rpms diff --git a/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat8.yml b/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat8.yml index eb20ab341..9d48927fd 100644 --- a/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat8.yml +++ b/collections/ansible_collections/demo/satellite/roles/register_host/vars/RedHat8.yml @@ -1,5 +1,5 @@ --- -rhsm_enabled_repos: +rhsm_enabled_repos: # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way - rhel-8-for-x86_64-baseos-rpms - rhel-8-for-x86_64-appstream-rpms - satellite-client-6-for-rhel-8-x86_64-rpms diff --git a/collections/ansible_collections/demo/satellite/roles/scap_client/defaults/main.yaml b/collections/ansible_collections/demo/satellite/roles/scap_client/defaults/main.yaml index 343df82d6..029a600dd 100644 --- a/collections/ansible_collections/demo/satellite/roles/scap_client/defaults/main.yaml +++ b/collections/ansible_collections/demo/satellite/roles/scap_client/defaults/main.yaml @@ -1,13 +1,13 @@ --- -foreman_server_url: "{{ lookup('env', 'SATELLITE_SERVER') }}" -foreman_username: "{{ lookup('env', 'SATELLITE_USERNAME') }}" -foreman_password: "{{ lookup('env', 'SATELLITE_PASSWORD') }}" -foreman_validate_certs: "{{ lookup('env', 'FOREMAN_VALIDATE_CERTS') | default(true) }}" -capsule_server: "{{ foreman_server_url }}" -capsule_port: '9090' -policy_name: 'all' -policy_scan: "{{ policy_name }}" -crontab_hour: 2 -crontab_minute: 0 -crontab_weekdays: 0 -foreman_operations_scap_client_secure_logging: true +foreman_server_url: "{{ lookup('env', 'SATELLITE_SERVER') }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +foreman_username: "{{ lookup('env', 'SATELLITE_USERNAME') }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +foreman_password: "{{ lookup('env', 'SATELLITE_PASSWORD') }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +foreman_validate_certs: "{{ lookup('env', 'FOREMAN_VALIDATE_CERTS') | default(true) }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +capsule_server: "{{ foreman_server_url }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +capsule_port: '9090' # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +policy_name: 'all' # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +policy_scan: "{{ policy_name }}" # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +crontab_hour: 2 # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +crontab_minute: 0 # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +crontab_weekdays: 0 # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way +foreman_operations_scap_client_secure_logging: true # noqa var-naming[no-role-prefix] - TODO : we should rework roles to use variable prefix, until scope is defined, silence is the way diff --git a/openshift/gitlab.yml b/openshift/gitlab.yml index f60965720..b00665ca3 100644 --- a/openshift/gitlab.yml +++ b/openshift/gitlab.yml @@ -4,14 +4,14 @@ gather_facts: false tasks: - - name: create cert-manager-operator namespace + - name: Create cert-manager-operator namespace redhat.openshift.k8s: name: cert-manager-operator api_version: v1 kind: Namespace state: present - - name: create OperatorGroup object for cert-manager-operator + - name: Create OperatorGroup object for cert-manager-operator redhat.openshift.k8s: state: present definition: @@ -22,9 +22,9 @@ namespace: cert-manager-operator spec: targetNamespaces: - - cert-manager-operator + - cert-manager-operator - - name: create cert-manager-operator subscription + - name: Create cert-manager-operator subscription redhat.openshift.k8s: state: present definition: @@ -42,14 +42,14 @@ source: redhat-operators sourceNamespace: openshift-marketplace - - name: create gitlab-system namespace + - name: Create gitlab-system namespace redhat.openshift.k8s: name: gitlab-system api_version: v1 kind: Namespace state: present - - name: create OperatorGroup object for gitlab-operator-kubernetes + - name: Create OperatorGroup object for gitlab-operator-kubernetes redhat.openshift.k8s: state: present definition: @@ -60,9 +60,9 @@ namespace: gitlab-system spec: targetNamespaces: - - gitlab-system + - gitlab-system - - name: create gitlab subscription + - name: Create gitlab subscription redhat.openshift.k8s: state: present definition: @@ -80,8 +80,8 @@ source: community-operators sourceNamespace: openshift-marketplace - - name: wait for gitlab operator to install - k8s_info: + - name: Wait for gitlab operator to install + kubernetes.core.k8s_info: api_version: apiextensions.k8s.io/v1 kind: CustomResourceDefinition name: gitlabs.apps.gitlab.com @@ -91,7 +91,7 @@ delay: 30 - name: Wait until gitlab-operator is up - k8s_info: + kubernetes.core.k8s_info: api_version: v1 kind: Deployment name: gitlab-controller-manager @@ -117,7 +117,7 @@ namespace: gitlab-system spec: chart: - version: "6.11.0" + version: "6.11.0" values: nginx-ingress: enabled: false @@ -125,7 +125,7 @@ install: false global: hosts: - domain: "{{ cluster_domain }}" # apps.cluster-9xrlv.9xrlv.sandbox644.opentlc.com + domain: "{{ cluster_domain }}" # apps.cluster-9xrlv.9xrlv.sandbox644.opentlc.com ingress: class: none configureCertmanager: true diff --git a/openshift/setup.yml b/openshift/setup.yml index 939e3bac3..d5db457a6 100644 --- a/openshift/setup.yml +++ b/openshift/setup.yml @@ -34,4 +34,3 @@ controller_templates: notification_templates_error: Telemetry credentials: - "OpenShift Credential" - diff --git a/windows/backup.yml b/windows/backup.yml index 661630a59..ee0547436 100644 --- a/windows/backup.yml +++ b/windows/backup.yml @@ -1,6 +1,6 @@ --- -- hosts: windows - name: Rollback playbook +- name: Rollback playbook + hosts: windows tasks: - name: "Rollback this step" ansible.builtin.debug: diff --git a/windows/create_ad_domain.yml b/windows/create_ad_domain.yml index ca9013f59..5c8599bb7 100644 --- a/windows/create_ad_domain.yml +++ b/windows/create_ad_domain.yml @@ -13,23 +13,23 @@ ansible.windows.win_domain: dns_domain_name: ansible.local safe_mode_password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}" - notify: + notify: - Reboot host - Wait for AD services - Reboot again - Wait for AD services again - name: Flush handlers - meta: flush_handlers + ansible.builtin.meta: flush_handlers - name: Create some groups community.windows.win_domain_group: name: "{{ item.name }}" scope: global loop: - - { name: "GroupA" } - - { name: "GroupB" } - - { name: "GroupC" } + - name: "GroupA" + - name: "GroupB" + - name: "GroupC" retries: 5 delay: 10 @@ -40,9 +40,12 @@ password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}" update_password: on_create loop: - - { name: "UserA", groups: "GroupA" } - - { name: "UserB", groups: "GroupB" } - - { name: "UserC", groups: "GroupC" } + - name: "UserA" + groups: "GroupA" + - name: "UserB" + groups: "GroupB" + - name: "UserC" + groups: "GroupC" retries: 5 delay: 10