From b19e1b7a979d5057eb8ab09e15a1274f3f2ebeea Mon Sep 17 00:00:00 2001 From: Rafael Guterres Jeffman Date: Sat, 22 Jun 2024 14:30:08 -0300 Subject: [PATCH] yamllint: Fix YAML files according to new ansible-core rules. As per new requirements, spaces must include a space after '#' and octal values must be either a string (when possible) or use 0o0000. As this is required for YAML spec version 1.2, and we still may have some setups where the YAML library does not fully support the new octal integer '0o' prefix, all octal values were set as strings. --- molecule/resources/playbooks/prepare.yml | 5 +- playbooks/dnszone/dnszone-all-params.yml | 2 +- .../vault-is-present-with-password-file.yml | 2 +- .../vault-is-present-with-public-key-file.yml | 2 +- roles/ipaclient/tasks/install.yml | 2 +- roles/ipaclient/tasks/uninstall.yml | 8 +-- roles/ipaclient/vars/Fedora-25.yml | 2 +- roles/ipaclient/vars/Fedora-26.yml | 2 +- roles/ipaclient/vars/RedHat-7.3.yml | 2 +- roles/ipaclient/vars/RedHat-7.yml | 2 +- roles/ipaclient/vars/default.yml | 2 +- roles/ipareplica/defaults/main.yml | 8 +-- roles/ipaserver/defaults/main.yml | 8 +-- roles/ipaserver/tasks/uninstall.yml | 8 +-- roles/ipasmartcard_client/tasks/main.yml | 2 +- roles/ipasmartcard_server/tasks/main.yml | 2 +- tests/azure/templates/galaxy_tests.yml | 12 ++-- tests/azure/templates/group_tests.yml | 12 ++-- tests/ca-less/install_replica_without_ca.yml | 2 +- tests/ca-less/install_server_without_ca.yml | 2 +- tests/cert/test_cert_host.yml | 2 +- tests/cert/test_cert_user.yml | 2 +- ...r-with-external-ca-with-automatic-copy.yml | 2 +- ...rver-with-external-ca-with-manual-copy.yml | 2 +- tests/group/test_group.yml | 10 ++-- tests/host/test_host.yml | 56 +++++++++---------- tests/user/test_user.yml | 10 ++-- tests/user/test_users.yml | 20 +++---- tests/vault/env_setup.yml | 2 +- 29 files changed, 97 insertions(+), 96 deletions(-) diff --git a/molecule/resources/playbooks/prepare.yml b/molecule/resources/playbooks/prepare.yml index deaa092b3..48c02527b 100644 --- a/molecule/resources/playbooks/prepare.yml +++ b/molecule/resources/playbooks/prepare.yml @@ -2,7 +2,8 @@ - name: Converge hosts: all tasks: - - include_tasks: prepare-common.yml + - name: Include common tasks to prepare environment + ansible.builtin.include_tasks: prepare-common.yml # In some distros DS won't start up after reboot # This is due to a problem in 389-ds. See tickets: @@ -16,7 +17,7 @@ owner: dirsrv group: dirsrv path: "{{ item }}" - mode: 0770 + mode: "0770" loop: - /var/lock/dirsrv/ - /var/lock/dirsrv/slapd-TEST-LOCAL/ diff --git a/playbooks/dnszone/dnszone-all-params.yml b/playbooks/dnszone/dnszone-all-params.yml index 5cba47f8b..e8a8ffc85 100644 --- a/playbooks/dnszone/dnszone-all-params.yml +++ b/playbooks/dnszone/dnszone-all-params.yml @@ -21,7 +21,7 @@ - ip_address: 8.8.8.8 - ip_address: 8.8.4.4 port: 52 - #serial: 1234 + # serial: 1234 refresh: 3600 retry: 900 expire: 1209600 diff --git a/playbooks/vault/vault-is-present-with-password-file.yml b/playbooks/vault/vault-is-present-with-password-file.yml index aa1700ce0..a3dea2bc6 100644 --- a/playbooks/vault/vault-is-present-with-password-file.yml +++ b/playbooks/vault/vault-is-present-with-password-file.yml @@ -11,7 +11,7 @@ dest: "{{ ansible_facts['env'].HOME }}/password.txt" owner: "{{ ansible_user }}" group: "{{ ansible_user }}" - mode: 0600 + mode: "0600" - name: Ensure symmetric vault exists with password from file. ipavault: ipaadmin_password: SomeADMINpassword diff --git a/playbooks/vault/vault-is-present-with-public-key-file.yml b/playbooks/vault/vault-is-present-with-public-key-file.yml index fbd6d7d98..53dbcd8a5 100644 --- a/playbooks/vault/vault-is-present-with-public-key-file.yml +++ b/playbooks/vault/vault-is-present-with-public-key-file.yml @@ -16,7 +16,7 @@ dest: "{{ ansible_facts['env'].HOME }}/public.pem" owner: "{{ ansible_user }}" group: "{{ ansible_user }}" - mode: 0600 + mode: "0600" - name: Ensure asymmetric vault exists with public key from file. ipavault: ipaadmin_password: SomeADMINpassword diff --git a/roles/ipaclient/tasks/install.yml b/roles/ipaclient/tasks/install.yml index b5eb71658..08d0b2e02 100644 --- a/roles/ipaclient/tasks/install.yml +++ b/roles/ipaclient/tasks/install.yml @@ -152,7 +152,7 @@ ansible.builtin.copy: src: "{{ ipaadmin_keytab }}" dest: "{{ keytab_temp.path }}" - mode: 0600 + mode: "0600" delegate_to: "{{ result_ipaclient_test.servers[0] }}" when: ipaadmin_keytab is defined diff --git a/roles/ipaclient/tasks/uninstall.yml b/roles/ipaclient/tasks/uninstall.yml index 2b2996a99..8efba6bc8 100644 --- a/roles/ipaclient/tasks/uninstall.yml +++ b/roles/ipaclient/tasks/uninstall.yml @@ -16,7 +16,7 @@ state: absent when: ipaclient_cleanup_dns_resolver | bool -#- name: Remove IPA client package -# ansible.builtin.package: -# name: "{{ ipaclient_packages }}" -# state: absent +# - name: Remove IPA client package +# ansible.builtin.package: +# name: "{{ ipaclient_packages }}" +# state: absent diff --git a/roles/ipaclient/vars/Fedora-25.yml b/roles/ipaclient/vars/Fedora-25.yml index 9999b3317..c01176c60 100644 --- a/roles/ipaclient/vars/Fedora-25.yml +++ b/roles/ipaclient/vars/Fedora-25.yml @@ -2,4 +2,4 @@ # vars/Fedora-25.yml --- ipaclient_packages: [ "ipa-client", "libselinux-python" ] -#ansible_python_interpreter: '/usr/bin/python2' +# ansible_python_interpreter: '/usr/bin/python2' diff --git a/roles/ipaclient/vars/Fedora-26.yml b/roles/ipaclient/vars/Fedora-26.yml index 12722c8a8..29fa605ae 100644 --- a/roles/ipaclient/vars/Fedora-26.yml +++ b/roles/ipaclient/vars/Fedora-26.yml @@ -2,4 +2,4 @@ # vars/Fedora-26.yml --- ipaclient_packages: [ "ipa-client", "libselinux-python" ] -#ansible_python_interpreter: '/usr/bin/python2' +# ansible_python_interpreter: '/usr/bin/python2' diff --git a/roles/ipaclient/vars/RedHat-7.3.yml b/roles/ipaclient/vars/RedHat-7.3.yml index 51d2b10d1..1acd1958e 100644 --- a/roles/ipaclient/vars/RedHat-7.3.yml +++ b/roles/ipaclient/vars/RedHat-7.3.yml @@ -2,4 +2,4 @@ # vars/RedHat-7.3.yml --- ipaclient_packages: [ "ipa-client", "ipa-admintools", "libselinux-python" ] -#ansible_python_interpreter: '/usr/bin/python2' +# ansible_python_interpreter: '/usr/bin/python2' diff --git a/roles/ipaclient/vars/RedHat-7.yml b/roles/ipaclient/vars/RedHat-7.yml index c2ea3ca58..5bd65e49c 100644 --- a/roles/ipaclient/vars/RedHat-7.yml +++ b/roles/ipaclient/vars/RedHat-7.yml @@ -2,4 +2,4 @@ # vars/RedHat-7 --- ipaclient_packages: [ "ipa-client", "libselinux-python" ] -#ansible_python_interpreter: '/usr/bin/python2' +# ansible_python_interpreter: '/usr/bin/python2' diff --git a/roles/ipaclient/vars/default.yml b/roles/ipaclient/vars/default.yml index a28d81a13..b36709918 100644 --- a/roles/ipaclient/vars/default.yml +++ b/roles/ipaclient/vars/default.yml @@ -2,4 +2,4 @@ # vars/default.yml --- ipaclient_packages: [ "ipa-client", "python3-libselinux" ] -#ansible_python_interpreter: '/usr/bin/python3' +# ansible_python_interpreter: '/usr/bin/python3' diff --git a/roles/ipareplica/defaults/main.yml b/roles/ipareplica/defaults/main.yml index 01afc4427..011647a24 100644 --- a/roles/ipareplica/defaults/main.yml +++ b/roles/ipareplica/defaults/main.yml @@ -17,10 +17,10 @@ ipareplica_no_ui_redirect: no ipaclient_mkhomedir: no ipaclient_force_join: no ipaclient_no_ntp: no -#ipaclient_ssh_trust_dns: no -#ipaclient_no_ssh: no -#ipaclient_no_sshd: no -#ipaclient_no_dns_sshfp: no +# ipaclient_ssh_trust_dns: no +# ipaclient_no_ssh: no +# ipaclient_no_sshd: no +# ipaclient_no_dns_sshfp: no ipaclient_ssh_trust_dns: no ### certificate system ### ipareplica_skip_schema_check: no diff --git a/roles/ipaserver/defaults/main.yml b/roles/ipaserver/defaults/main.yml index b8d92f608..f99a16ece 100644 --- a/roles/ipaserver/defaults/main.yml +++ b/roles/ipaserver/defaults/main.yml @@ -16,10 +16,10 @@ ipaserver_random_serial_numbers: false ### client ### ipaclient_mkhomedir: no ipaclient_no_ntp: no -#ipaclient_ssh_trust_dns: no -#ipaclient_no_ssh: no -#ipaclient_no_sshd: no -#ipaclient_no_dns_sshfp: no +# ipaclient_ssh_trust_dns: no +# ipaclient_no_ssh: no +# ipaclient_no_sshd: no +# ipaclient_no_dns_sshfp: no ### certificate system ### ipaserver_external_ca: no ### dns ### diff --git a/roles/ipaserver/tasks/uninstall.yml b/roles/ipaserver/tasks/uninstall.yml index 35ab63567..556b69c7c 100644 --- a/roles/ipaserver/tasks/uninstall.yml +++ b/roles/ipaserver/tasks/uninstall.yml @@ -55,7 +55,7 @@ failed_when: uninstall.rc != 0 and uninstall.rc != 1 changed_when: uninstall.rc == 0 -#- name: Remove IPA server packages -# ansible.builtin.package: -# name: "{{ ipaserver_packages }}" -# state: absent +# - name: Remove IPA server packages +# ansible.builtin.package: +# name: "{{ ipaserver_packages }}" +# state: absent diff --git a/roles/ipasmartcard_client/tasks/main.yml b/roles/ipasmartcard_client/tasks/main.yml index 8c87a80fe..232706b2c 100644 --- a/roles/ipasmartcard_client/tasks/main.yml +++ b/roles/ipasmartcard_client/tasks/main.yml @@ -109,7 +109,7 @@ ansible.builtin.file: path: /etc/sssd/pki state: directory - mode: 0711 + mode: "0711" - name: Ensure /etc/sssd/pki/sssd_auth_ca_db.pem is absent ansible.builtin.file: diff --git a/roles/ipasmartcard_server/tasks/main.yml b/roles/ipasmartcard_server/tasks/main.yml index c650511eb..d95db6851 100644 --- a/roles/ipasmartcard_server/tasks/main.yml +++ b/roles/ipasmartcard_server/tasks/main.yml @@ -201,7 +201,7 @@ ansible.builtin.file: path: /etc/sssd/pki state: directory - mode: 0711 + mode: "0711" - name: Ensure /etc/sssd/pki/sssd_auth_ca_db.pem is absent ansible.builtin.file: diff --git a/tests/azure/templates/galaxy_tests.yml b/tests/azure/templates/galaxy_tests.yml index 465097de2..6294f3681 100644 --- a/tests/azure/templates/galaxy_tests.yml +++ b/tests/azure/templates/galaxy_tests.yml @@ -38,9 +38,9 @@ jobs: python_version: '< 3.12' # Temporarily disable due to issues with ansible docker plugin. -#- template: galaxy_pytest_script.yml -# parameters: -# build_number: ${{ parameters.build_number }} -# scenario: ${{ parameters.scenario }} -# ansible_version: ${{ parameters.ansible_version }} -# python_version: '< 3.12' +# - template: galaxy_pytest_script.yml +# parameters: +# build_number: ${{ parameters.build_number }} +# scenario: ${{ parameters.scenario }} +# ansible_version: ${{ parameters.ansible_version }} +# python_version: '< 3.12' diff --git a/tests/azure/templates/group_tests.yml b/tests/azure/templates/group_tests.yml index 38f183dd9..a33e7134d 100644 --- a/tests/azure/templates/group_tests.yml +++ b/tests/azure/templates/group_tests.yml @@ -38,9 +38,9 @@ jobs: python_version: '< 3.12' # Temporarily disabled due to ansible docker plugin issue. -#- template: pytest_tests.yml -# parameters: -# build_number: ${{ parameters.build_number }} -# scenario: ${{ parameters.scenario }} -# ansible_version: ${{ parameters.ansible_version }} -# python_version: '< 3.12' +# - template: pytest_tests.yml +# parameters: +# build_number: ${{ parameters.build_number }} +# scenario: ${{ parameters.scenario }} +# ansible_version: ${{ parameters.ansible_version }} +# python_version: '< 3.12' diff --git a/tests/ca-less/install_replica_without_ca.yml b/tests/ca-less/install_replica_without_ca.yml index 4e6952bb7..8120b5338 100644 --- a/tests/ca-less/install_replica_without_ca.yml +++ b/tests/ca-less/install_replica_without_ca.yml @@ -48,7 +48,7 @@ ansible.builtin.file: path: "/root/ca-less-test" state: directory - mode: 0775 + mode: "0775" - name: Copy CA certificate ansible.builtin.copy: diff --git a/tests/ca-less/install_server_without_ca.yml b/tests/ca-less/install_server_without_ca.yml index c5206e1aa..aa8eab1f6 100644 --- a/tests/ca-less/install_server_without_ca.yml +++ b/tests/ca-less/install_server_without_ca.yml @@ -48,7 +48,7 @@ ansible.builtin.file: path: "/root/ca-less-test" state: directory - mode: 0775 + mode: "0775" - name: Copy CA certificate ansible.builtin.copy: diff --git a/tests/cert/test_cert_host.yml b/tests/cert/test_cert_host.yml index c57c6e13e..14a804bf5 100644 --- a/tests/cert/test_cert_host.yml +++ b/tests/cert/test_cert_host.yml @@ -47,7 +47,7 @@ ansible.builtin.copy: dest: "/root/host.csr" content: "{{ host_req.stdout }}" - mode: 0644 + mode: "0644" # TESTS diff --git a/tests/cert/test_cert_user.yml b/tests/cert/test_cert_user.yml index 41c97bb3f..ed49fade1 100644 --- a/tests/cert/test_cert_user.yml +++ b/tests/cert/test_cert_user.yml @@ -45,7 +45,7 @@ ansible.builtin.copy: dest: "/root/user.csr" content: "{{ user_req.stdout }}" - mode: 0644 + mode: "0644" # TESTS diff --git a/tests/external-signed-ca-with-automatic-copy/install-server-with-external-ca-with-automatic-copy.yml b/tests/external-signed-ca-with-automatic-copy/install-server-with-external-ca-with-automatic-copy.yml index 08427b249..2d73a4477 100644 --- a/tests/external-signed-ca-with-automatic-copy/install-server-with-external-ca-with-automatic-copy.yml +++ b/tests/external-signed-ca-with-automatic-copy/install-server-with-external-ca-with-automatic-copy.yml @@ -28,7 +28,7 @@ become: true vars: ipaserver_external_cert_files_from_controller: "{{ groups.ipaserver[0] + '-chain.crt' }}" - #ipaserver_external_ca_file: "{{ groups.ipaserver[0] + '-cacert.asc' }}" + # ipaserver_external_ca_file: "{{ groups.ipaserver[0] + '-cacert.asc' }}" roles: - role: ipaserver diff --git a/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml b/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml index 39b9ac74e..015e35800 100644 --- a/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml +++ b/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml @@ -34,7 +34,7 @@ become: true vars: ipaserver_external_cert_files: "/root/chain.crt" - #ipaserver_external_ca_file: "cacert.asc" + # ipaserver_external_ca_file: "cacert.asc" pre_tasks: - name: Copy "{{ groups.ipaserver[0] + '-chain.crt' }}" to /root/chain.crt on node diff --git a/tests/group/test_group.yml b/tests/group/test_group.yml index 8cb76946d..72fe1d746 100644 --- a/tests/group/test_group.yml +++ b/tests/group/test_group.yml @@ -298,11 +298,11 @@ register: result failed_when: result.changed or result.failed - #- ipagroup: - # name: group1 - # user: - # - user7 - # action: member + # - ipagroup: + # name: group1 + # user: + # - user7 + # action: member - name: Ensure user user7 is absent in group group1 ipagroup: diff --git a/tests/host/test_host.yml b/tests/host/test_host.yml index 12a421a40..a97972b77 100644 --- a/tests/host/test_host.yml +++ b/tests/host/test_host.yml @@ -191,35 +191,35 @@ # disabled can only be checked with enabled hosts, all hosts above are # not enabled. - #- name: Hosts host1..host6 disabled - # ipahost: - # ipaadmin_password: SomeADMINpassword - # ipaapi_context: "{{ ipa_context | default(omit) }}" - # name: - # - "{{ host1_fqdn }}" - # - "{{ host2_fqdn }}" - # - "{{ host3_fqdn }}" - # - "{{ host4_fqdn }}" - # - "{{ host5_fqdn }}" - # - "{{ host6_fqdn }}" - # state: disabled - # register: result - # failed_when: not result.changed or result.failed + # - name: Hosts host1..host6 disabled + # ipahost: + # ipaadmin_password: SomeADMINpassword + # ipaapi_context: "{{ ipa_context | default(omit) }}" + # name: + # - "{{ host1_fqdn }}" + # - "{{ host2_fqdn }}" + # - "{{ host3_fqdn }}" + # - "{{ host4_fqdn }}" + # - "{{ host5_fqdn }}" + # - "{{ host6_fqdn }}" + # state: disabled + # register: result + # failed_when: not result.changed or result.failed # - #- name: Hosts host1..host6 disabled again - # ipahost: - # ipaadmin_password: SomeADMINpassword - # ipaapi_context: "{{ ipa_context | default(omit) }}" - # name: - # - "{{ host1_fqdn }}" - # - "{{ host2_fqdn }}" - # - "{{ host3_fqdn }}" - # - "{{ host4_fqdn }}" - # - "{{ host5_fqdn }}" - # - "{{ host6_fqdn }}" - # state: disabled - # register: result - # failed_when: result.changed or result.failed + # - name: Hosts host1..host6 disabled again + # ipahost: + # ipaadmin_password: SomeADMINpassword + # ipaapi_context: "{{ ipa_context | default(omit) }}" + # name: + # - "{{ host1_fqdn }}" + # - "{{ host2_fqdn }}" + # - "{{ host3_fqdn }}" + # - "{{ host4_fqdn }}" + # - "{{ host5_fqdn }}" + # - "{{ host6_fqdn }}" + # state: disabled + # register: result + # failed_when: result.changed or result.failed - name: Hosts host1..host6 absent ipahost: diff --git a/tests/user/test_user.yml b/tests/user/test_user.yml index 48e930dc6..daad3e743 100644 --- a/tests/user/test_user.yml +++ b/tests/user/test_user.yml @@ -56,7 +56,7 @@ first: pinky last: Acme initials: pa - #password: foo2 + # password: foo2 principal: pa random: yes street: PinkyStreet @@ -73,8 +73,8 @@ # sshpubkey userauthtype: password,radius,otp userclass: PinkyUserClass - #radius: "http://some.link/" - #radiususer: PinkyRadiusUser + # radius: "http://some.link/" + # radiususer: PinkyRadiusUser departmentnumber: "1234" employeenumber: "0815" employeetype: "PinkyExmployeeType" @@ -82,8 +82,8 @@ # certificate noprivate: yes nomembers: false - #issuer: PinkyIssuer - #subject: PinkySubject + # issuer: PinkyIssuer + # subject: PinkySubject register: result failed_when: not result.changed or result.failed diff --git a/tests/user/test_users.yml b/tests/user/test_users.yml index 651e06d07..e583c4249 100644 --- a/tests/user/test_users.yml +++ b/tests/user/test_users.yml @@ -190,7 +190,7 @@ first: pinky last: Acme initials: pa - #password: foo2 + # password: foo2 principal: pa random: yes street: PinkyStreet @@ -207,8 +207,8 @@ # sshpubkey userauthtype: password,radius,otp userclass: PinkyUserClass - #radius: "http://some.link/" - #radiususer: PinkyRadiusUser + # radius: "http://some.link/" + # radiususer: PinkyRadiusUser departmentnumber: "1234" employeenumber: "0815" employeetype: "PinkyExmployeeType" @@ -216,8 +216,8 @@ # certificate noprivate: yes nomembers: false - #issuer: PinkyIssuer - #subject: PinkySubject + # issuer: PinkyIssuer + # subject: PinkySubject register: result failed_when: not result.changed or result.failed @@ -234,7 +234,7 @@ first: pinky last: Acme initials: pa - #password: foo2 + # password: foo2 principal: pa random: yes street: PinkyStreet @@ -251,8 +251,8 @@ # sshpubkey userauthtype: password,radius,otp userclass: PinkyUserClass - #radius: "http://some.link/" - #radiususer: PinkyRadiusUser + # radius: "http://some.link/" + # radiususer: PinkyRadiusUser departmentnumber: "1234" employeenumber: "0815" employeetype: "PinkyExmployeeType" @@ -260,8 +260,8 @@ # certificate noprivate: yes nomembers: false - #issuer: PinkyIssuer - #subject: PinkySubject + # issuer: PinkyIssuer + # subject: PinkySubject register: result failed_when: result.changed or result.failed diff --git a/tests/vault/env_setup.yml b/tests/vault/env_setup.yml index a12245499..bab0f5e00 100644 --- a/tests/vault/env_setup.yml +++ b/tests/vault/env_setup.yml @@ -20,7 +20,7 @@ ansible.builtin.copy: src: "{{ playbook_dir }}/{{ item }}" dest: "{{ ansible_facts['env'].HOME }}/{{ item }}" - mode: 0644 + mode: "0644" with_items: - A_private.pem - A_public.pem