feat(role): add ansible-lint, fix ansible-lint issues

2024-01-14 19:21:16 +02:00
parent e776a43962
commit f3b6072eb6
6 changed files with 18 additions and 11 deletions
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -0,0 +1,3 @@
+skip_list:
+  - yaml
+  - role-name
--- a/.gitea/workflows/checks-test.yml
+++ b/.gitea/workflows/checks-test.yml
@@ -26,9 +26,11 @@ jobs:
        with:
          python-version: '3.x'
      - name: Intall test dependencies
-        run: pip3 install yamllint
-      - name: Lint code
+        run: pip3 install yamllint ansible-lint
+      - name: Lint code with yamllint
        run: 'yamllint .'
+      - name: Lint code with yamllint
+        run: 'ansible-lint --profile production --show-relpath .'
  molecule:
    name: molecule
    runs-on: ubuntu-latest
--- a/meta/main.yml
+++ b/meta/main.yml
@@ -3,7 +3,7 @@ galaxy_info:
  author: palkx
  description: provision users and groups
  license: license (BSD, MIT)
-  min_ansible_version: 2.1
+  min_ansible_version: '2.10'
  platforms:
    - name: Fedora
      versions:
--- a/tasks/group.yml
+++ b/tasks/group.yml
@@ -1,6 +1,6 @@
 ---
 - name: "Create group `{{ group }}`"
  become: true
-  group:
+  ansible.builtin.group:
    name: "{{ group }}"
    gid: "{{ users_groups[group].get('gid', None) }}"
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,10 +1,12 @@
 ---
- include_tasks: group.yml
+- name: Create groups
+  ansible.builtin.include_tasks: group.yml
  with_items: "{{ users_groups.keys() }}"
  loop_control:
    loop_var: group

- include_tasks: user.yml
+- name: Create users
+  ansible.builtin.include_tasks: user.yml
  when: ansible_default_ipv4.address in users[username]['passwords'] or users[username]['passwords'].get('default')
  with_items: "{{ users.keys() }}"
  loop_control:
--- a/tasks/user.yml
+++ b/tasks/user.yml
@@ -1,5 +1,5 @@
 ---
- name: "create user `{{ username }}`"
+- name: "Create user `{{ username }}`"
  ansible.builtin.user:
    name: "{{ username }}"
    append: true
@@ -7,22 +7,22 @@
    shell: "{{ users[username].get('shell', '/bin/bash') }}"
    uid: "{{ users[username].get('uid', None) }}"

- name: "set specific password for user `{{ username }}`"
+- name: "Set specific password for user `{{ username }}`"
  ansible.builtin.user:
    name: "{{ username }}"
    password: "{{ users[username]['passwords'].get(ansible_default_ipv4.address) }}"
  when: "ansible_default_ipv4.address in users[username]['passwords'] and
        users[username]['passwords'].get(ansible_default_ipv4.address) != 'default'"

- name: "set default password for user `{{ username }}`"
+- name: "Set default password for user `{{ username }}`"
  ansible.builtin.user:
    name: "{{ username }}"
    password: "{{ users[username]['passwords'].get('default') }}"
  when: "ansible_default_ipv4.address not in users[username]['passwords'] or
        users[username]['passwords'].get(ansible_default_ipv4.address) == 'default'"

- name: "setup ssh key for user `{{ username }}`"
-  ansible.builtin.authorized_key:
+- name: "Setup ssh key for user `{{ username }}`"
+  ansible.posix.authorized_key:
    user: "{{ username }}"
    state: "{{ users[username]['authorized_keys'][item].get('state', 'present') }}"
    key: "{{ users[username]['authorized_keys'][item].get('key') }}"