add requirements, improve lintin

2024-09-14 20:06:42 +02:00 · 2023-10-28 17:20:20 +02:00 · 2023-10-28 17:20:20 +02:00 · 9f56809bc5
commit 9f56809bc5
parent 4c54f6b249
7 changed files with 107 additions and 95 deletions
--- a/requirements.yml
+++ b/requirements.yml
@ -0,0 +1,4 @@
+---
+collections:
+  - name: 'community.general'
+    version: ">=7.5.0,<=8.0.0"
--- a/tasks/gopass-install/install-gopass-default.yml
+++ b/tasks/gopass-install/install-gopass-default.yml
@ -3,54 +3,49 @@
  become: true
  ansible.builtin.package:
    name: "{{ item }}"
-    state: present
-  with_items:
-    - git
-    - gnupg
-    - rng-tools
-    - xsel
-    - xclip
+    state: 'present'
+  loop: "{{ gopass__required_packages }}"

 - name: Install Gopass
  ansible.builtin.package:
    name: "{{ item }}"
-    state: present
+    state: 'present'
  become: true
-  with_items:
-    - gopass
+  loop:
+    - 'gopass'

 - name: Install gopass-jsonapi for browser integration
  ansible.builtin.package:
    name: "{{ item }}"
-    state: present
+    state: 'present'
  become: true
-  with_items:
-    - gopass-jsonapi
+  loop:
+    - 'gopass-jsonapi'
  when: gopass__install_jsonapi | bool

 - name: Install gopass-hibp for haveibeenpwnd.com integration
  ansible.builtin.package:
    name: "{{ item }}"
-    state: present
+    state: 'present'
  become: true
-  with_items:
-    - gopass-hibp
+  loop:
+    - 'gopass-hibp'
  when: gopass__install_haveibeenpwnd | bool

 - name: Install git-credential-gopass as git-credentials helper
  ansible.builtin.package:
    name: "{{ item }}"
-    state: present
+    state: 'present'
  become: true
-  with_items:
-    - git-credential-gopass
+  loop:
+    - 'git-credential-gopass'
  when: gopass__install_git_credential | bool

 - name: Install zbar-tools for QR CodeReading using OTP Secrets
  ansible.builtin.package:
    name: "{{ item }}"
-    state: present
+    state: 'present'
  become: true
-  with_items:
-    - zbar-tools
+  loop:
+    - 'zbar-tools'
  when: gopass__install_zbar_tools | bool
--- a/tasks/gopass-install/install-on-archlinux.yml
+++ b/tasks/gopass-install/install-on-archlinux.yml
@ -1,58 +1,52 @@
 ---
- name: Install requirements for gopass
+- name: Install requirements for gopass  # noqa: H1901
  become: true
  community.general.pacman:
    name: "{{ item }}"
-    state: present
+    state: 'present'
    update_cache: true
-  with_items:
-    - git
-    - gnupg
-    - rng-tools
-    - xsel
-    - xclip
-    - xorg-xclipboard
+  loop: "{{ gopass__required_archlinux_packages }}"

- name: Install Gopass
+- name: Install Gopass  # noqa: H1901
  community.general.pacman:
    name: "{{ item }}"
-    state: present
+    state: 'present'
  become: true
-  with_items:
-    - gopass
+  loop:
+    - 'gopass'

- name: Install gopass-jsonapi for browser integration
+- name: Install gopass-jsonapi for browser integration  # noqa: H1901
  community.general.pacman:
    name: "{{ item }}"
-    state: present
+    state: 'present'
  become: true
-  with_items:
-    - gopass-jsonapi
+  loop:
+    - 'gopass-jsonapi'
  when: gopass__install_jsonapi | bool

- name: Install gopass-hibp for haveibeenpwnd.com integration
+- name: Install gopass-hibp for haveibeenpwnd.com integration  # noqa: H1901
  community.general.pacman:
    name: "{{ item }}"
-    state: present
+    state: 'present'
  become: true
-  with_items:
-    - gopass-hibp
+  loop:
+    - 'gopass-hibp'
  when: gopass__install_haveibeenpwnd | bool

- name: Install git-credential-gopass as git-credentials helper
+- name: Install git-credential-gopass as git-credentials helper  # noqa: H1901
  community.general.pacman:
    name: "{{ item }}"
-    state: present
+    state: 'present'
  become: true
-  with_items:
-    - git-credential-gopass
+  loop:
+    - 'git-credential-gopass'
  when: gopass__install_git_credential | bool

- name: Install zbar-tools for QR CodeReading using OTP Secrets
+- name: Install zbar-tools for QR CodeReading using OTP Secrets  # noqa: H1901
  community.general.pacman:
    name: "{{ item }}"
-    state: present
+    state: 'present'
  become: true
-  with_items:
-    - zbar-tools
+  loop:
+    - 'zbar-tools'
  when: gopass__install_zbar_tools | bool
--- a/tasks/gopass-install/install-on-debian.yml
+++ b/tasks/gopass-install/install-on-debian.yml
@ -9,12 +9,7 @@
  ansible.builtin.apt:
    name: "{{ item }}"
    state: present
-  with_items:
-    - git
-    - gnupg2
-    - rng-tools
-    - xsel
-    - xclip
+  loop: "{{ gopass__required_debian_packages }}"

 - name: Adding Gopass Package Repository
  when: gopass__add_apt_repo | bool
@ -23,9 +18,9 @@
      ansible.builtin.get_url:
        url: https://packages.gopass.pw/repos/gopass/gopass-archive-keyring.gpg
        dest: "{{ gopass__keyring }}"
-        owner: root
-        group: root
-        mode: 0644
+        owner: 'root'
+        group: 'root'
+        mode: '0644'
      become: true

    - name: Add Gopass repository source
@ -33,9 +28,9 @@
      ansible.builtin.template:
        src: "templates/apt.gopass.sources.j2"
        dest: '/etc/apt/sources.list.d/gopass.sources'
-        mode: 0644
-        group: root
-        owner: root
+        mode: '0644'
+        group: 'root'
+        owner: 'root'
      notify: Trigger apt update

    - name: Trigger Handlers
@ -44,44 +39,44 @@
    - name: Install Gopass and Gopass archive keyring
      ansible.builtin.apt:
        name: "{{ item }}"
-        state: present
+        state: 'present'
      become: true
-      with_items:
-        - gopass-archive-keyring
-        - gopass
+      loop:
+        - 'gopass-archive-keyring'
+        - 'gopass'

    - name: Install gopass-jsonapi for browser integration
      ansible.builtin.apt:
        name: "{{ item }}"
-        state: present
+        state: 'present'
      become: true
-      with_items:
-        - gopass-jsonapi
+      loop:
+        - 'gopass-jsonapi'
      when: gopass__install_jsonapi | bool

    - name: Install gopass-hibp for haveibeenpwnd.com integration
      ansible.builtin.apt:
        name: "{{ item }}"
-        state: present
+        state: 'present'
      become: true
-      with_items:
-        - gopass-hibp
+      loop:
+        - 'gopass-hibp'
      when: gopass__install_haveibeenpwnd | bool

    - name: Install git-credential-gopass as git-credentials helper
      ansible.builtin.apt:
        name: "{{ item }}"
-        state: present
+        state: 'present'
      become: true
-      with_items:
-        - git-credential-gopass
+      loop:
+        - 'git-credential-gopass'
      when: gopass__install_git_credential | bool

    - name: Install zbar-tools for QR CodeReading using OTP Secrets
      ansible.builtin.apt:
        name: "{{ item }}"
-        state: present
+        state: 'present'
      become: true
-      with_items:
-        - zbar-tools
+      loop:
+        - 'zbar-tools'
      when: gopass__install_zbar_tools | bool
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,14 +1,9 @@
 ---
 - name: Run optional versionscheck
-  ansible.builtin.include_tasks: versioncheck.yml
+  ansible.builtin.include_tasks:
+    file: versioncheck.yml
  when: submodules_versioncheck | bool

 - name: Install GoPass Packages
-  ansible.builtin.include_tasks: "{{ lookup('ansible.builtin.first_found', gopass_install) }}"
-  vars:
-    gopass_install:
-      files:
-        - "install-on-{{ ansible_os_family | lower }}.yml"
-        - 'install-gopass-default.yml'
-      paths:
-        - 'tasks/gopass-install'
+  ansible.builtin.include_tasks:
+    file: "{{ lookup('ansible.builtin.first_found', gopass_install) }}"
--- a/tasks/versioncheck.yml
+++ b/tasks/versioncheck.yml
@ -16,15 +16,14 @@
    src: "/etc/.ansible-version/{{ playbook_version_path }}"
  register: playbook_version
  when: submodules_versioncheck | bool
-  ignore_errors: true
  failed_when: false

- name: Print remote role version
+- name: Print remote role version  # noqa: H500
  ansible.builtin.debug:
    msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}"
  when: submodules_versioncheck | bool

- name: Print locale role version
+- name: Print locale role version  # noqa: H500
  ansible.builtin.debug:
    msg: "Local role version: '{{ playbook_version_number | string }}'."
  when: submodules_versioncheck | bool
@ -33,7 +32,7 @@
  ansible.builtin.fail:
    msg: "Your ansible module has the version '{{ playbook_version_number }}' and is outdated. You need to update it!"
  when:
-    - playbook_version.content | default("Mgo=") | b64decode | int - 1 >= playbook_version_number | int and submodules_versioncheck | bool
+    - playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck | bool

 - name: Write new version to remote disk
  become: true
@ -42,3 +41,4 @@
    dest: "/etc/.ansible-version/{{ playbook_version_path }}"
    mode: '0644'
  when: submodules_versioncheck | bool
+  tags: skip_ansible_lint_template-instead-of-copy
--- a/vars/main.yml
+++ b/vars/main.yml
@ -1,5 +1,34 @@
 ---
-gopass__keyring: /usr/share/keyrings/gopass-archive-keyring.gpg
-# versionscheck
-playbook_version_number: 03   # should be a integer
+gopass__keyring: '/usr/share/keyrings/gopass-archive-keyring.gpg'
+gopass_install:
+  files:
+    - "install-on-{{ ansible_os_family | lower }}.yml"
+    - 'install-gopass-default.yml'
+  paths:
+    - 'tasks/gopass-install'
+
+gopass__required_packages:
+  - git
+  - gnupg
+  - rng-tools
+  - xsel
+  - xclip
+
+gopass__required_debian_packages:
+  - git
+  - gnupg2
+  - rng-tools
+  - xsel
+  - xclip
+
+gopass__required_archlinux_packages:
+  - git
+  - gnupg
+  - rng-tools
+  - xsel
+  - xclip
+  - xorg-xclipboard
+
+# simple versionscheck
+playbook_version_number: 04
 playbook_version_path: 'l3d.gopass.version'