From b19e1b7a979d5057eb8ab09e15a1274f3f2ebeea Mon Sep 17 00:00:00 2001 From: Rafael Guterres Jeffman Date: Sat, 22 Jun 2024 14:30:08 -0300 Subject: [PATCH] yamllint: Fix YAML files according to new ansible-core rules. As per new requirements, spaces must include a space after '#' and octal values must be either a string (when possible) or use 0o0000. As this is required for YAML spec version 1.2, and we still may have some setups where the YAML library does not fully support the new octal integer '0o' prefix, all octal values were set as strings. --- molecule/resources/playbooks/prepare.yml | 5 +- playbooks/dnszone/dnszone-all-params.yml | 2 +- .../vault-is-present-with-password-file.yml | 2 +- .../vault-is-present-with-public-key-file.yml | 2 +- roles/ipaclient/tasks/install.yml | 2 +- roles/ipaclient/tasks/uninstall.yml | 8 +-- roles/ipaclient/vars/Fedora-25.yml | 2 +- roles/ipaclient/vars/Fedora-26.yml | 2 +- roles/ipaclient/vars/RedHat-7.3.yml | 2 +- roles/ipaclient/vars/RedHat-7.yml | 2 +- roles/ipaclient/vars/default.yml | 2 +- roles/ipareplica/defaults/main.yml | 8 +-- roles/ipaserver/defaults/main.yml | 8 +-- roles/ipaserver/tasks/uninstall.yml | 8 +-- roles/ipasmartcard_client/tasks/main.yml | 2 +- roles/ipasmartcard_server/tasks/main.yml | 2 +- tests/azure/templates/galaxy_tests.yml | 12 ++-- tests/azure/templates/group_tests.yml | 12 ++-- tests/ca-less/install_replica_without_ca.yml | 2 +- tests/ca-less/install_server_without_ca.yml | 2 +- tests/cert/test_cert_host.yml | 2 +- tests/cert/test_cert_user.yml | 2 +- ...r-with-external-ca-with-automatic-copy.yml | 2 +- ...rver-with-external-ca-with-manual-copy.yml | 2 +- tests/group/test_group.yml | 10 ++-- tests/host/test_host.yml | 56 +++++++++---------- tests/user/test_user.yml | 10 ++-- tests/user/test_users.yml | 20 +++---- tests/vault/env_setup.yml | 2 +- 29 files changed, 97 insertions(+), 96 deletions(-) diff --git a/molecule/resources/playbooks/prepare.yml b/molecule/resources/playbooks/prepare.yml index deaa092b33..48c02527bf 100644 --- a/molecule/resources/playbooks/prepare.yml +++ b/molecule/resources/playbooks/prepare.yml @@ -2,7 +2,8 @@ - name: Converge hosts: all tasks: - - include_tasks: prepare-common.yml + - name: Include common tasks to prepare environment + ansible.builtin.include_tasks: prepare-common.yml # In some distros DS won't start up after reboot # This is due to a problem in 389-ds. See tickets: @@ -16,7 +17,7 @@ owner: dirsrv group: dirsrv path: "{{ item }}" - mode: 0770 + mode: "0770" loop: - /var/lock/dirsrv/ - /var/lock/dirsrv/slapd-TEST-LOCAL/ diff --git a/playbooks/dnszone/dnszone-all-params.yml b/playbooks/dnszone/dnszone-all-params.yml index 5cba47f8b6..e8a8ffc85a 100644 --- a/playbooks/dnszone/dnszone-all-params.yml +++ b/playbooks/dnszone/dnszone-all-params.yml @@ -21,7 +21,7 @@ - ip_address: 8.8.8.8 - ip_address: 8.8.4.4 port: 52 - #serial: 1234 + # serial: 1234 refresh: 3600 retry: 900 expire: 1209600 diff --git a/playbooks/vault/vault-is-present-with-password-file.yml b/playbooks/vault/vault-is-present-with-password-file.yml index aa1700ce04..a3dea2bc61 100644 --- a/playbooks/vault/vault-is-present-with-password-file.yml +++ b/playbooks/vault/vault-is-present-with-password-file.yml @@ -11,7 +11,7 @@ dest: "{{ ansible_facts['env'].HOME }}/password.txt" owner: "{{ ansible_user }}" group: "{{ ansible_user }}" - mode: 0600 + mode: "0600" - name: Ensure symmetric vault exists with password from file. ipavault: ipaadmin_password: SomeADMINpassword diff --git a/playbooks/vault/vault-is-present-with-public-key-file.yml b/playbooks/vault/vault-is-present-with-public-key-file.yml index fbd6d7d98f..53dbcd8a5b 100644 --- a/playbooks/vault/vault-is-present-with-public-key-file.yml +++ b/playbooks/vault/vault-is-present-with-public-key-file.yml @@ -16,7 +16,7 @@ dest: "{{ ansible_facts['env'].HOME }}/public.pem" owner: "{{ ansible_user }}" group: "{{ ansible_user }}" - mode: 0600 + mode: "0600" - name: Ensure asymmetric vault exists with public key from file. ipavault: ipaadmin_password: SomeADMINpassword diff --git a/roles/ipaclient/tasks/install.yml b/roles/ipaclient/tasks/install.yml index b5eb71658a..08d0b2e023 100644 --- a/roles/ipaclient/tasks/install.yml +++ b/roles/ipaclient/tasks/install.yml @@ -152,7 +152,7 @@ ansible.builtin.copy: src: "{{ ipaadmin_keytab }}" dest: "{{ keytab_temp.path }}" - mode: 0600 + mode: "0600" delegate_to: "{{ result_ipaclient_test.servers[0] }}" when: ipaadmin_keytab is defined diff --git a/roles/ipaclient/tasks/uninstall.yml b/roles/ipaclient/tasks/uninstall.yml index 2b2996a99b..8efba6bc82 100644 --- a/roles/ipaclient/tasks/uninstall.yml +++ b/roles/ipaclient/tasks/uninstall.yml @@ -16,7 +16,7 @@ state: absent when: ipaclient_cleanup_dns_resolver | bool -#- name: Remove IPA client package -# ansible.builtin.package: -# name: "{{ ipaclient_packages }}" -# state: absent +# - name: Remove IPA client package +# ansible.builtin.package: +# name: "{{ ipaclient_packages }}" +# state: absent diff --git a/roles/ipaclient/vars/Fedora-25.yml b/roles/ipaclient/vars/Fedora-25.yml index 9999b3317a..c01176c603 100644 --- a/roles/ipaclient/vars/Fedora-25.yml +++ b/roles/ipaclient/vars/Fedora-25.yml @@ -2,4 +2,4 @@ # vars/Fedora-25.yml --- ipaclient_packages: [ "ipa-client", "libselinux-python" ] -#ansible_python_interpreter: '/usr/bin/python2' +# ansible_python_interpreter: '/usr/bin/python2' diff --git a/roles/ipaclient/vars/Fedora-26.yml b/roles/ipaclient/vars/Fedora-26.yml index 12722c8a82..29fa605aee 100644 --- a/roles/ipaclient/vars/Fedora-26.yml +++ b/roles/ipaclient/vars/Fedora-26.yml @@ -2,4 +2,4 @@ # vars/Fedora-26.yml --- ipaclient_packages: [ "ipa-client", "libselinux-python" ] -#ansible_python_interpreter: '/usr/bin/python2' +# ansible_python_interpreter: '/usr/bin/python2' diff --git a/roles/ipaclient/vars/RedHat-7.3.yml b/roles/ipaclient/vars/RedHat-7.3.yml index 51d2b10d1f..1acd1958e1 100644 --- a/roles/ipaclient/vars/RedHat-7.3.yml +++ b/roles/ipaclient/vars/RedHat-7.3.yml @@ -2,4 +2,4 @@ # vars/RedHat-7.3.yml --- ipaclient_packages: [ "ipa-client", "ipa-admintools", "libselinux-python" ] -#ansible_python_interpreter: '/usr/bin/python2' +# ansible_python_interpreter: '/usr/bin/python2' diff --git a/roles/ipaclient/vars/RedHat-7.yml b/roles/ipaclient/vars/RedHat-7.yml index c2ea3ca580..5bd65e49c0 100644 --- a/roles/ipaclient/vars/RedHat-7.yml +++ b/roles/ipaclient/vars/RedHat-7.yml @@ -2,4 +2,4 @@ # vars/RedHat-7 --- ipaclient_packages: [ "ipa-client", "libselinux-python" ] -#ansible_python_interpreter: '/usr/bin/python2' +# ansible_python_interpreter: '/usr/bin/python2' diff --git a/roles/ipaclient/vars/default.yml b/roles/ipaclient/vars/default.yml index a28d81a133..b367099187 100644 --- a/roles/ipaclient/vars/default.yml +++ b/roles/ipaclient/vars/default.yml @@ -2,4 +2,4 @@ # vars/default.yml --- ipaclient_packages: [ "ipa-client", "python3-libselinux" ] -#ansible_python_interpreter: '/usr/bin/python3' +# ansible_python_interpreter: '/usr/bin/python3' diff --git a/roles/ipareplica/defaults/main.yml b/roles/ipareplica/defaults/main.yml index 01afc4427d..011647a241 100644 --- a/roles/ipareplica/defaults/main.yml +++ b/roles/ipareplica/defaults/main.yml @@ -17,10 +17,10 @@ ipareplica_no_ui_redirect: no ipaclient_mkhomedir: no ipaclient_force_join: no ipaclient_no_ntp: no -#ipaclient_ssh_trust_dns: no -#ipaclient_no_ssh: no -#ipaclient_no_sshd: no -#ipaclient_no_dns_sshfp: no +# ipaclient_ssh_trust_dns: no +# ipaclient_no_ssh: no +# ipaclient_no_sshd: no +# ipaclient_no_dns_sshfp: no ipaclient_ssh_trust_dns: no ### certificate system ### ipareplica_skip_schema_check: no diff --git a/roles/ipaserver/defaults/main.yml b/roles/ipaserver/defaults/main.yml index b8d92f608e..f99a16ecea 100644 --- a/roles/ipaserver/defaults/main.yml +++ b/roles/ipaserver/defaults/main.yml @@ -16,10 +16,10 @@ ipaserver_random_serial_numbers: false ### client ### ipaclient_mkhomedir: no ipaclient_no_ntp: no -#ipaclient_ssh_trust_dns: no -#ipaclient_no_ssh: no -#ipaclient_no_sshd: no -#ipaclient_no_dns_sshfp: no +# ipaclient_ssh_trust_dns: no +# ipaclient_no_ssh: no +# ipaclient_no_sshd: no +# ipaclient_no_dns_sshfp: no ### certificate system ### ipaserver_external_ca: no ### dns ### diff --git a/roles/ipaserver/tasks/uninstall.yml b/roles/ipaserver/tasks/uninstall.yml index 35ab63567a..556b69c7cf 100644 --- a/roles/ipaserver/tasks/uninstall.yml +++ b/roles/ipaserver/tasks/uninstall.yml @@ -55,7 +55,7 @@ failed_when: uninstall.rc != 0 and uninstall.rc != 1 changed_when: uninstall.rc == 0 -#- name: Remove IPA server packages -# ansible.builtin.package: -# name: "{{ ipaserver_packages }}" -# state: absent +# - name: Remove IPA server packages +# ansible.builtin.package: +# name: "{{ ipaserver_packages }}" +# state: absent diff --git a/roles/ipasmartcard_client/tasks/main.yml b/roles/ipasmartcard_client/tasks/main.yml index 8c87a80fec..232706b2cd 100644 --- a/roles/ipasmartcard_client/tasks/main.yml +++ b/roles/ipasmartcard_client/tasks/main.yml @@ -109,7 +109,7 @@ ansible.builtin.file: path: /etc/sssd/pki state: directory - mode: 0711 + mode: "0711" - name: Ensure /etc/sssd/pki/sssd_auth_ca_db.pem is absent ansible.builtin.file: diff --git a/roles/ipasmartcard_server/tasks/main.yml b/roles/ipasmartcard_server/tasks/main.yml index c650511eb8..d95db68514 100644 --- a/roles/ipasmartcard_server/tasks/main.yml +++ b/roles/ipasmartcard_server/tasks/main.yml @@ -201,7 +201,7 @@ ansible.builtin.file: path: /etc/sssd/pki state: directory - mode: 0711 + mode: "0711" - name: Ensure /etc/sssd/pki/sssd_auth_ca_db.pem is absent ansible.builtin.file: diff --git a/tests/azure/templates/galaxy_tests.yml b/tests/azure/templates/galaxy_tests.yml index 465097de2e..6294f3681d 100644 --- a/tests/azure/templates/galaxy_tests.yml +++ b/tests/azure/templates/galaxy_tests.yml @@ -38,9 +38,9 @@ jobs: python_version: '< 3.12' # Temporarily disable due to issues with ansible docker plugin. -#- template: galaxy_pytest_script.yml -# parameters: -# build_number: ${{ parameters.build_number }} -# scenario: ${{ parameters.scenario }} -# ansible_version: ${{ parameters.ansible_version }} -# python_version: '< 3.12' +# - template: galaxy_pytest_script.yml +# parameters: +# build_number: ${{ parameters.build_number }} +# scenario: ${{ parameters.scenario }} +# ansible_version: ${{ parameters.ansible_version }} +# python_version: '< 3.12' diff --git a/tests/azure/templates/group_tests.yml b/tests/azure/templates/group_tests.yml index 38f183dd97..a33e7134df 100644 --- a/tests/azure/templates/group_tests.yml +++ b/tests/azure/templates/group_tests.yml @@ -38,9 +38,9 @@ jobs: python_version: '< 3.12' # Temporarily disabled due to ansible docker plugin issue. -#- template: pytest_tests.yml -# parameters: -# build_number: ${{ parameters.build_number }} -# scenario: ${{ parameters.scenario }} -# ansible_version: ${{ parameters.ansible_version }} -# python_version: '< 3.12' +# - template: pytest_tests.yml +# parameters: +# build_number: ${{ parameters.build_number }} +# scenario: ${{ parameters.scenario }} +# ansible_version: ${{ parameters.ansible_version }} +# python_version: '< 3.12' diff --git a/tests/ca-less/install_replica_without_ca.yml b/tests/ca-less/install_replica_without_ca.yml index 4e6952bb71..8120b53383 100644 --- a/tests/ca-less/install_replica_without_ca.yml +++ b/tests/ca-less/install_replica_without_ca.yml @@ -48,7 +48,7 @@ ansible.builtin.file: path: "/root/ca-less-test" state: directory - mode: 0775 + mode: "0775" - name: Copy CA certificate ansible.builtin.copy: diff --git a/tests/ca-less/install_server_without_ca.yml b/tests/ca-less/install_server_without_ca.yml index c5206e1aac..aa8eab1f6d 100644 --- a/tests/ca-less/install_server_without_ca.yml +++ b/tests/ca-less/install_server_without_ca.yml @@ -48,7 +48,7 @@ ansible.builtin.file: path: "/root/ca-less-test" state: directory - mode: 0775 + mode: "0775" - name: Copy CA certificate ansible.builtin.copy: diff --git a/tests/cert/test_cert_host.yml b/tests/cert/test_cert_host.yml index c57c6e13e1..14a804bf5a 100644 --- a/tests/cert/test_cert_host.yml +++ b/tests/cert/test_cert_host.yml @@ -47,7 +47,7 @@ ansible.builtin.copy: dest: "/root/host.csr" content: "{{ host_req.stdout }}" - mode: 0644 + mode: "0644" # TESTS diff --git a/tests/cert/test_cert_user.yml b/tests/cert/test_cert_user.yml index 41c97bb3f2..ed49fade1d 100644 --- a/tests/cert/test_cert_user.yml +++ b/tests/cert/test_cert_user.yml @@ -45,7 +45,7 @@ ansible.builtin.copy: dest: "/root/user.csr" content: "{{ user_req.stdout }}" - mode: 0644 + mode: "0644" # TESTS diff --git a/tests/external-signed-ca-with-automatic-copy/install-server-with-external-ca-with-automatic-copy.yml b/tests/external-signed-ca-with-automatic-copy/install-server-with-external-ca-with-automatic-copy.yml index 08427b2499..2d73a44774 100644 --- a/tests/external-signed-ca-with-automatic-copy/install-server-with-external-ca-with-automatic-copy.yml +++ b/tests/external-signed-ca-with-automatic-copy/install-server-with-external-ca-with-automatic-copy.yml @@ -28,7 +28,7 @@ become: true vars: ipaserver_external_cert_files_from_controller: "{{ groups.ipaserver[0] + '-chain.crt' }}" - #ipaserver_external_ca_file: "{{ groups.ipaserver[0] + '-cacert.asc' }}" + # ipaserver_external_ca_file: "{{ groups.ipaserver[0] + '-cacert.asc' }}" roles: - role: ipaserver diff --git a/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml b/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml index 39b9ac74ec..015e358006 100644 --- a/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml +++ b/tests/external-signed-ca-with-manual-copy/install-server-with-external-ca-with-manual-copy.yml @@ -34,7 +34,7 @@ become: true vars: ipaserver_external_cert_files: "/root/chain.crt" - #ipaserver_external_ca_file: "cacert.asc" + # ipaserver_external_ca_file: "cacert.asc" pre_tasks: - name: Copy "{{ groups.ipaserver[0] + '-chain.crt' }}" to /root/chain.crt on node diff --git a/tests/group/test_group.yml b/tests/group/test_group.yml index 8cb76946d2..72fe1d746f 100644 --- a/tests/group/test_group.yml +++ b/tests/group/test_group.yml @@ -298,11 +298,11 @@ register: result failed_when: result.changed or result.failed - #- ipagroup: - # name: group1 - # user: - # - user7 - # action: member + # - ipagroup: + # name: group1 + # user: + # - user7 + # action: member - name: Ensure user user7 is absent in group group1 ipagroup: diff --git a/tests/host/test_host.yml b/tests/host/test_host.yml index 12a421a400..a97972b77e 100644 --- a/tests/host/test_host.yml +++ b/tests/host/test_host.yml @@ -191,35 +191,35 @@ # disabled can only be checked with enabled hosts, all hosts above are # not enabled. - #- name: Hosts host1..host6 disabled - # ipahost: - # ipaadmin_password: SomeADMINpassword - # ipaapi_context: "{{ ipa_context | default(omit) }}" - # name: - # - "{{ host1_fqdn }}" - # - "{{ host2_fqdn }}" - # - "{{ host3_fqdn }}" - # - "{{ host4_fqdn }}" - # - "{{ host5_fqdn }}" - # - "{{ host6_fqdn }}" - # state: disabled - # register: result - # failed_when: not result.changed or result.failed + # - name: Hosts host1..host6 disabled + # ipahost: + # ipaadmin_password: SomeADMINpassword + # ipaapi_context: "{{ ipa_context | default(omit) }}" + # name: + # - "{{ host1_fqdn }}" + # - "{{ host2_fqdn }}" + # - "{{ host3_fqdn }}" + # - "{{ host4_fqdn }}" + # - "{{ host5_fqdn }}" + # - "{{ host6_fqdn }}" + # state: disabled + # register: result + # failed_when: not result.changed or result.failed # - #- name: Hosts host1..host6 disabled again - # ipahost: - # ipaadmin_password: SomeADMINpassword - # ipaapi_context: "{{ ipa_context | default(omit) }}" - # name: - # - "{{ host1_fqdn }}" - # - "{{ host2_fqdn }}" - # - "{{ host3_fqdn }}" - # - "{{ host4_fqdn }}" - # - "{{ host5_fqdn }}" - # - "{{ host6_fqdn }}" - # state: disabled - # register: result - # failed_when: result.changed or result.failed + # - name: Hosts host1..host6 disabled again + # ipahost: + # ipaadmin_password: SomeADMINpassword + # ipaapi_context: "{{ ipa_context | default(omit) }}" + # name: + # - "{{ host1_fqdn }}" + # - "{{ host2_fqdn }}" + # - "{{ host3_fqdn }}" + # - "{{ host4_fqdn }}" + # - "{{ host5_fqdn }}" + # - "{{ host6_fqdn }}" + # state: disabled + # register: result + # failed_when: result.changed or result.failed - name: Hosts host1..host6 absent ipahost: diff --git a/tests/user/test_user.yml b/tests/user/test_user.yml index 48e930dc6f..daad3e743d 100644 --- a/tests/user/test_user.yml +++ b/tests/user/test_user.yml @@ -56,7 +56,7 @@ first: pinky last: Acme initials: pa - #password: foo2 + # password: foo2 principal: pa random: yes street: PinkyStreet @@ -73,8 +73,8 @@ # sshpubkey userauthtype: password,radius,otp userclass: PinkyUserClass - #radius: "http://some.link/" - #radiususer: PinkyRadiusUser + # radius: "http://some.link/" + # radiususer: PinkyRadiusUser departmentnumber: "1234" employeenumber: "0815" employeetype: "PinkyExmployeeType" @@ -82,8 +82,8 @@ # certificate noprivate: yes nomembers: false - #issuer: PinkyIssuer - #subject: PinkySubject + # issuer: PinkyIssuer + # subject: PinkySubject register: result failed_when: not result.changed or result.failed diff --git a/tests/user/test_users.yml b/tests/user/test_users.yml index 651e06d07b..e583c42497 100644 --- a/tests/user/test_users.yml +++ b/tests/user/test_users.yml @@ -190,7 +190,7 @@ first: pinky last: Acme initials: pa - #password: foo2 + # password: foo2 principal: pa random: yes street: PinkyStreet @@ -207,8 +207,8 @@ # sshpubkey userauthtype: password,radius,otp userclass: PinkyUserClass - #radius: "http://some.link/" - #radiususer: PinkyRadiusUser + # radius: "http://some.link/" + # radiususer: PinkyRadiusUser departmentnumber: "1234" employeenumber: "0815" employeetype: "PinkyExmployeeType" @@ -216,8 +216,8 @@ # certificate noprivate: yes nomembers: false - #issuer: PinkyIssuer - #subject: PinkySubject + # issuer: PinkyIssuer + # subject: PinkySubject register: result failed_when: not result.changed or result.failed @@ -234,7 +234,7 @@ first: pinky last: Acme initials: pa - #password: foo2 + # password: foo2 principal: pa random: yes street: PinkyStreet @@ -251,8 +251,8 @@ # sshpubkey userauthtype: password,radius,otp userclass: PinkyUserClass - #radius: "http://some.link/" - #radiususer: PinkyRadiusUser + # radius: "http://some.link/" + # radiususer: PinkyRadiusUser departmentnumber: "1234" employeenumber: "0815" employeetype: "PinkyExmployeeType" @@ -260,8 +260,8 @@ # certificate noprivate: yes nomembers: false - #issuer: PinkyIssuer - #subject: PinkySubject + # issuer: PinkyIssuer + # subject: PinkySubject register: result failed_when: result.changed or result.failed diff --git a/tests/vault/env_setup.yml b/tests/vault/env_setup.yml index a122454998..bab0f5e002 100644 --- a/tests/vault/env_setup.yml +++ b/tests/vault/env_setup.yml @@ -20,7 +20,7 @@ ansible.builtin.copy: src: "{{ playbook_dir }}/{{ item }}" dest: "{{ ansible_facts['env'].HOME }}/{{ item }}" - mode: 0644 + mode: "0644" with_items: - A_private.pem - A_public.pem