Fixed Ansible-Lint

2023-09-25 15:06:52 +02:00 · 2023-09-25 15:06:52 +02:00 · c7469d55e5
parent 19c83649ca
commit c7469d55e5
19 changed files with 99 additions and 30 deletions
--- a/.config/ansible-lint.yml
+++ b/.config/ansible-lint.yml
@ -0,0 +1,27 @@
+---
+profile: production
+
+offline: false
+
+loop_var_prefix: ^(__|{role}_)
+task_name_prefix: "{stem} | "
+
+var_naming_pattern: ^[a-z_][a-z0-9_]*$
+
+enable_list:
+  - args
+  - empty-string-compare # opt-in
+  - no-log-password # opt-in
+  - no-same-owner # opt-in
+  - yaml
+
+skip_list:
+  - yaml[line-length]
+  - var-naming[no-role-prefix]
+  - loop-var-prefix[missing]
+
+# write_list:
+#   - none
+#   - yaml[empty-lines]
+#   - yaml[new-line-at-end-of-file]
+#   - yaml[comments]
--- a/.githooks/README.md
+++ b/.githooks/README.md
@ -0,0 +1,4 @@
+To install these hooks:
+```
+git  config  core.hooksPath  .githooks
+```
--- a/.githooks/pre-commit
+++ b/.githooks/pre-commit
@ -0,0 +1,38 @@
+#!/usr/bin/env zsh
+set  +o xtrace  -o errexit  -o nounset  -o pipefail
+
+#
+# Manual check in terminal:
+#
+#    ansible-lint  ./*.yml
+#
+
+export ANSIBLE_ROLES_PATH="$PWD/roles"
+FILES_PATTERN='\.yml$'
+EXIT_CODE=0
+
+# Output to stderr
+exec 1>&2
+
+CHANGED_FILES=()
+for FILE in $(git diff --cached --name-only --diff-filter=ACM | grep --extended-regexp "${FILES_PATTERN}" | grep -Ev '^\.circleci'); do
+  CHANGED_FILES+=("${FILE}")
+done
+
+if [ 0 -eq "${#CHANGED_FILES[@]}" ]; then
+  echo "No changed files matching '${FILES_PATTERN}'"
+else
+  # echo "Running ansible-lint --write..."
+  # Have to add the playbooks in the root to make ansible-lint detect every problem
+  # ansible-lint -qq --write --nocolor "${CHANGED_FILES[@]}" >/dev/null && true
+  # ansible-lint -qq --skip-list 'yaml[line-length],jinja[spacing]' --write --nocolor ./*.yml
+  # git add "${CHANGED_FILES[@]}"
+  echo -e "Running ansible-lint...\n"
+  # set  -o xtrace
+  ansible-lint  --format full  ./*.yml "${CHANGED_FILES[@]}"
+  { set  +o xtrace; } 2>/dev/null
+  EXIT_CODE="$?"
+fi
+
+echo "Exit code ${EXIT_CODE}"
+exit "${EXIT_CODE}"
--- a/dci_reinstall_talos.yml
+++ b/dci_reinstall_talos.yml
@ -6,4 +6,4 @@
    - talos_hardware_nodes
  roles:
    - role: dci_finish
-    - role: dci_reinstall_talos
+    - role: dci_reinstall_talos
--- a/roles/common/handlers/talos.yml
+++ b/roles/common/handlers/talos.yml
@ -3,7 +3,7 @@
 - name: Talos wait for health
  when: "'talos_first_nodes' in group_names"
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  ansible.builtin.command:
    cmd: >-
      talosctl  health
@ -14,4 +14,4 @@
  delay: 10
  changed_when: false
  environment:
-    TALOSCONFIG: "{{ talosconfig }}"
+    TALOSCONFIG: "{{ talosconfig }}"
--- a/roles/dci_finish/handlers/main.yml
+++ b/roles/dci_finish/handlers/main.yml
@ -3,4 +3,4 @@
 - name: Set fact dci_finish_called
  ansible.builtin.set_fact:
    dci_finish_called: true
-    cacheable: no
+    cacheable: false
--- a/roles/dci_finish/tasks/main.yml
+++ b/roles/dci_finish/tasks/main.yml
@ -3,7 +3,7 @@
 - name: Call DCI Manager API to finish operation
  when: dci_server_info.operation.status == 'running'
  delegate_to: "{{ dci_manager_access_host }}"
-  become: no
+  become: false
  ansible.builtin.uri:
    url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/dci/v3/server/{{ dci_server_info.id }}/operation_finish"
    method: POST
--- a/roles/dci_login/tasks/main.yml
+++ b/roles/dci_login/tasks/main.yml
@ -7,7 +7,7 @@

 - name: Login on DCI Manager API
  delegate_to: "{{ dci_manager_access_host }}"
-  become: no
+  become: false
  ansible.builtin.uri:
    url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/api/auth/v4/public/token"
    method: POST
@ -36,7 +36,7 @@

 - name: Two factor authenticate DCI Manager API
  delegate_to: "{{ dci_manager_access_host }}"
-  become: no
+  become: false
  ansible.builtin.uri:
    url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/api/auth/v4/public/token/confirm"
    method: POST
@ -53,7 +53,7 @@

 - name: Get all servers from DCI Manager
  delegate_to: "{{ dci_manager_access_host }}"
-  become: no
+  become: false
  ansible.builtin.uri:
    url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/dci/v3/server"
    method: GET
--- a/roles/dci_reinstall_talos/tasks/main.yml
+++ b/roles/dci_reinstall_talos/tasks/main.yml
@ -8,7 +8,7 @@

 - name: Call DCI Manager API to reinstall Talos Linux
  delegate_to: "{{ dci_manager_access_host }}"
-  become: no
+  become: false
  ansible.builtin.uri:
    url: "{{ dci_manager_protocol }}://{{ dci_manager_host }}:{{ dci_manager_port }}/dci/v3/server/{{ dci_server_info.id }}/operation_os"
    method: POST
@ -26,7 +26,7 @@

 - name: Wait for Talos port 50000
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  ansible.builtin.wait_for:
    delay: 10
    host: "{{ ansible_remote }}"
--- a/roles/machine_status/tasks/main.yml
+++ b/roles/machine_status/tasks/main.yml
@ -9,7 +9,7 @@

 - name: Talosctl get members
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  when: "'talos_first_nodes' in group_names"
  ansible.builtin.command:
    cmd: talosctl  get members
@ -21,4 +21,4 @@
 - name: Show members
  when: "first_node | default(false)"
  ansible.builtin.debug:
-    var: _talosctl_get_members.stdout_lines
+    var: _talosctl_get_members.stdout_lines
--- a/roles/talos_config_apply/tasks/main.yml
+++ b/roles/talos_config_apply/tasks/main.yml
@ -13,7 +13,7 @@
 # 'mode=try' does not work when the machine is in Maintenance mode.
 - name: Apply Talos node config
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  ansible.builtin.command:
    cmd: >-
      talosctl  apply-config
@ -28,7 +28,7 @@

 - name: Wait for Talos port 50000
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  ansible.builtin.wait_for:
    host: "{{ ansible_remote }}"
    port: 50000
--- a/roles/talos_config_create/tasks/create_control_configs.yml
+++ b/roles/talos_config_create/tasks/create_control_configs.yml
@ -2,7 +2,7 @@

 - name: Create Talos control node config
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  ansible.builtin.command:
    cmd: >-
      talosctl  gen  config  '{{ cluster_name }}'  'https://{{ talos_control_lb_hostname }}:6443'
--- a/roles/talos_reboot/tasks/main.yml
+++ b/roles/talos_reboot/tasks/main.yml
@ -5,7 +5,7 @@

 - name: Reboot Talos
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  throttle: 1
  ansible.builtin.command:
    cmd: >-
@ -20,7 +20,7 @@

 - name: Wait for Talos port 50000
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  throttle: 1
  ansible.builtin.wait_for:
    host: "{{ ansible_remote }}"
--- a/roles/talos_reset/tasks/main.yml
+++ b/roles/talos_reset/tasks/main.yml
@ -7,7 +7,7 @@
  # You can't execute this on nodes in Maintenance mode, they are already 'reset'.
  when: "talos_machine_status.spec.stage != 'maintenance'"
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  ansible.builtin.command:
    cmd: >-
      talosctl  reset
@ -22,7 +22,7 @@

 - name: Wait for Talos port 50000
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  ansible.builtin.wait_for:
    host: "{{ ansible_remote }}"
    port: 50000
--- a/roles/talos_upgrade/tasks/main.yml
+++ b/roles/talos_upgrade/tasks/main.yml
@ -2,7 +2,7 @@

 - name: Upgrade Talos
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  throttle: 1
  ansible.builtin.command:
    cmd: >-
@ -17,7 +17,7 @@

 - name: Wait for Talos port 50000
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  ansible.builtin.wait_for:
    host: "{{ ansible_remote }}"
    port: 50000
--- a/roles/talos_wait_port/tasks/main.yml
+++ b/roles/talos_wait_port/tasks/main.yml
@ -2,7 +2,7 @@

 - name: Wait for Talos port 50000
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  ansible.builtin.wait_for:
    host: "{{ ansible_remote }}"
    port: 50000
--- a/services.yml
+++ b/services.yml
@ -2,7 +2,7 @@
 # Playbook Services Install

 - name: Install services on K8S
-  become: no
+  become: false
  gather_facts: false
  hosts:
    - talos_first_nodes
--- a/shared/tasks/talos_machine_status.yml
+++ b/shared/tasks/talos_machine_status.yml
@ -5,7 +5,7 @@

 - name: Get machine status
  delegate_to: "{{ talosctl_host }}"
-  become: no
+  become: false
  ansible.builtin.command:
    cmd: >-
      talosctl  get  machinestatus
@ -14,7 +14,7 @@
        --output json
  register: _machine_status_cmd
  failed_when: _machine_status_cmd.rc not in [0, 1]
-  changed_when: no
+  changed_when: false
  environment:
    TALOSCONFIG: "{{ talosconfig }}"

@ -30,7 +30,7 @@
        --output json
        --insecure
  register: _machine_status_cmd_insec
-  changed_when: no
+  changed_when: false
  environment:
    TALOSCONFIG: "{{ talosconfig }}"

--- a/talos.yml
+++ b/talos.yml
@ -2,7 +2,7 @@
 # Playbook Talos Install

 - name: Wait for Talos port
-  become: no
+  become: false
  gather_facts: false
  hosts:
    - talos
@ -13,7 +13,7 @@
        - talos_config_apply

 - name: Talos hardware nodes
-  become: no
+  become: false
  gather_facts: false
  hosts:
    - talos_hardware_nodes
@ -23,7 +23,7 @@
        - dci_finish

 - name: Talos config
-  become: no
+  become: false
  gather_facts: false
  hosts:
    - talos
@ -36,7 +36,7 @@
        - talos_config_apply

 - name: Talos bootstrap
-  become: no
+  become: false
  gather_facts: false
  hosts:
    - talos_first_nodes