From 69cfc9295f8db3976fe6a3d79301bd844fb14363 Mon Sep 17 00:00:00 2001 From: L3D Date: Wed, 14 Jun 2023 02:25:15 +0200 Subject: [PATCH] Start improving role by fixing obvious linting issues --- handlers/main.yml | 2 +- meta/main.yml | 19 ++++++++++--------- tasks/editor.yml | 4 ++-- tasks/keychain.yml | 4 ++-- tasks/main.yml | 14 +++++++------- tasks/packages.yml | 18 +++++++++--------- tasks/sources.yml | 12 ++++++------ tasks/versioncheck.yml | 19 ++++++++++--------- templates/apt.sources.list.j2 | 24 ++++++++++++++++++++++++ vars/main.yml | 2 +- 10 files changed, 72 insertions(+), 46 deletions(-) diff --git a/handlers/main.yml b/handlers/main.yml index 14a521a..02433a7 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,5 +1,5 @@ --- -- name: apt update +- name: Run apt update become: true ansible.builtin.apt: update_cache: true diff --git a/meta/main.yml b/meta/main.yml index 9cce72c..3c3b751 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,25 +1,26 @@ --- galaxy_info: - author: do1jlr + author: l3d description: Ansible role to install some base packages and make some base configuration on all common linux systems role_name: base license: MIT - min_ansible_version: 2.11 - github_branch: master + min_ansible_version: "2.11" platforms: - - name: Archlinux - versions: all + - name: ArchLinux + versions: ['all'] - name: Debian - versions: all + versions: ['all'] - name: Ubuntu - versions: all + versions: ['all'] - name: Fedora - versions: all + versions: ['all'] - name: EL - versions: all + versions: ['all'] galaxy_tags: - base - packages - default + - apt + - sources - linux dependencies: [] diff --git a/tasks/editor.yml b/tasks/editor.yml index b508487..6b5c9d7 100644 --- a/tasks/editor.yml +++ b/tasks/editor.yml @@ -1,5 +1,5 @@ --- -- name: vim is our editor +- name: Vim is our editor become: true community.general.alternatives: name: editor @@ -11,7 +11,7 @@ - ansible_distribution != 'Archlinux' failed_when: false -- name: vim is our editor +- name: Vim is our editor become: true community.general.alternatives: name: editor diff --git a/tasks/keychain.yml b/tasks/keychain.yml index 3baebf6..6bbcc4f 100644 --- a/tasks/keychain.yml +++ b/tasks/keychain.yml @@ -7,7 +7,7 @@ when: - ansible_pkg_mgr == "apt" -- name: install keychain to support ssh agent +- name: Install keychain to support ssh agent become: true ansible.builtin.package: name: keychain @@ -15,7 +15,7 @@ when: - ansible_os_family != 'RedHat' -- name: install keychain on centos +- name: Install keychain on centos become: true ansible.builtin.yum: name: diff --git a/tasks/main.yml b/tasks/main.yml index 588e342..ed9bf6c 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,13 +1,13 @@ --- -- name: optional print os infos +- name: Optional print os infos ansible.builtin.include_tasks: os_info.yml when: print_os_vars | bool -- name: optional versionscheck +- name: Optional versionscheck ansible.builtin.include_tasks: versioncheck.yml when: submodules_versioncheck | bool -- name: optional add apt sources +- name: Optional add apt sources ansible.builtin.include_tasks: sources.yml when: - base__add_ethz | bool @@ -15,7 +15,7 @@ - ansible_distribution == 'Debian' and ansible_distribution_version | float >= 8 - ansible_pkg_mgr == "apt" -- name: install packages +- name: Install packages ansible.builtin.include_tasks: packages.yml - name: Upgrade all packages to latest @@ -26,15 +26,15 @@ when: - base__upgrade_packages_to_latest_version|bool -- name: optional configure editor +- name: Optional configure editor ansible.builtin.include_tasks: editor.yml when: base__install_vim | bool -- name: optional install keychain +- name: Optional install keychain ansible.builtin.include_tasks: keychain.yml when: base__install_keychain | bool -- name: install optional packages +- name: Install optional packages become: true ansible.builtin.package: name: "{{ base__extra_packages }}" diff --git a/tasks/packages.yml b/tasks/packages.yml index 590cb7f..f985b1d 100644 --- a/tasks/packages.yml +++ b/tasks/packages.yml @@ -1,5 +1,5 @@ --- -- name: update repo-cache for debian/ubuntu +- name: Update repo-cache for debian/ubuntu become: true ansible.builtin.apt: update_cache: true @@ -7,20 +7,20 @@ when: - ansible_pkg_mgr == "apt" -- name: update repo-cache for debian/ubuntu +- name: Update repo-cache for debian/ubuntu become: true ansible.builtin.dnf: update_cache: true when: - ansible_os_family == 'RedHat' and ansible_distribution_version | float >= 8 -- name: install base packages for all operating systems +- name: Install base packages for all operating systems become: true ansible.builtin.package: name: "{{ base__packages }}" state: "{{ base__package_state }}" -- name: install python3 for all non-legacy systems +- name: Install python3 for all non-legacy systems become: true ansible.builtin.package: name: "{{ base__python3_packages }}" @@ -30,14 +30,14 @@ ansible_os_family == 'RedHat' and ansible_distribution_version | float >= 7 or ansible_distribution == 'Debian' and ansible_distribution_version | float >= 7 -- name: install python for systems where python3 packages are renamed to python +- name: Install python for systems where python3 packages are renamed to python become: true ansible.builtin.package: name: "{{ base__python_packages }}" state: "{{ base__package_state }}" when: ansible_os_family == 'Archlinux' -- name: install packages for all non-legacy systems +- name: Install packages for all non-legacy systems become: true ansible.builtin.package: name: "{{ base__modern_packages }}" @@ -48,7 +48,7 @@ ansible_distribution == 'Debian' and ansible_distribution_version | float >= 8 or ansible_os_family == 'Archlinux' -- name: install packages for all non-legacy Debian/Ububntu systems +- name: Install packages for all non-legacy Debian/Ububntu systems become: true ansible.builtin.package: name: "{{ base__debian_packages }}" @@ -57,7 +57,7 @@ ansible_distribution == 'Ubuntu' and ansible_distribution_version | float >= 16.0 or ansible_distribution == 'Debian' and ansible_distribution_version | float >= 8 -- name: install packages for all reasonable non-legacy systems +- name: Install packages for all reasonable non-legacy systems become: true ansible.builtin.package: name: "{{ base__linux_packages }}" @@ -68,7 +68,7 @@ ansible_distribution == 'Debian' and ansible_distribution_version | float >= 9 or ansible_os_family == 'Archlinux' -- name: install mailx on debian +- name: Install mailx on debian become: true ansible.builtin.package: name: diff --git a/tasks/sources.yml b/tasks/sources.yml index 65a05f5..cca7530 100644 --- a/tasks/sources.yml +++ b/tasks/sources.yml @@ -1,5 +1,5 @@ --- -- name: update repo-cache for Debian/Ubuntu +- name: Update repo-cache for Debian/Ubuntu become: true ansible.builtin.apt: update_cache: true @@ -16,7 +16,7 @@ - apt-transport-https state: present -- name: add eth zurich apt for Debian > 10 +- name: Add eth zurich apt for Debian Bullaeye (11) and later become: true ansible.builtin.template: src: "templates/apt.sources.list.j2" @@ -24,10 +24,10 @@ mode: 0644 group: root owner: root - notify: apt update + notify: Run apt update when: ansible_distribution_major_version > '10' -- name: add eth zurich apt for Debian < 11 +- name: Add eth zurich apt for Debian Buster (10) and earlyer become: true ansible.builtin.template: src: "templates/apt.sources.list_legacy.j2" @@ -35,8 +35,8 @@ mode: 0644 group: root owner: root - notify: apt update + notify: Run apt update when: ansible_distribution_major_version < '11' -- name: force all notified handlers to run at this point, not waiting for normal sync points +- name: Force all notified handlers to run at this point, not waiting for normal sync points ansible.builtin.meta: flush_handlers diff --git a/tasks/versioncheck.yml b/tasks/versioncheck.yml index 5128cc8..dd22a1a 100644 --- a/tasks/versioncheck.yml +++ b/tasks/versioncheck.yml @@ -8,37 +8,38 @@ path: '/etc/.ansible-version' state: directory mode: 0755 - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool -- name: check playbook version +- name: Check playbook version become: true ansible.builtin.slurp: src: "/etc/.ansible-version/{{ playbook_version_path }}" register: playbook_version - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool ignore_errors: true failed_when: false - name: Print remote role version ansible.builtin.debug: msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}" - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool - name: Print locale role version ansible.builtin.debug: - msg: "Local role version: '{{ playbook_version_number|string }}'." - when: submodules_versioncheck|bool + msg: "Local role version: '{{ playbook_version_number | string }}'." + when: submodules_versioncheck | bool - name: Check if your version is outdated ansible.builtin.fail: msg: "Your ansible module has the version '{{ playbook_version_number }}' and is outdated. You need to update it!" when: - - playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck|bool + - playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck | bool -- name: write new version to remote disk +- name: Write new version to remote disk become: true ansible.builtin.copy: content: "{{ playbook_version_number }}" dest: "/etc/.ansible-version/{{ playbook_version_path }}" mode: '0644' - when: submodules_versioncheck|bool + when: submodules_versioncheck | bool + tags: skip_ansible_lint_template-instead-of-copy diff --git a/templates/apt.sources.list.j2 b/templates/apt.sources.list.j2 index c877aff..ff6cbeb 100644 --- a/templates/apt.sources.list.j2 +++ b/templates/apt.sources.list.j2 @@ -9,6 +9,9 @@ deb https://debian.ethz.ch/debian {{ ansible_distribution_release }} main {%- endif -%} {%- if base__pkg_non_free_firmware | bool -%} {{- ' non-free' -}} + {%- if ansible_distribution_major_version >= '12' -%} + {{- ' non-free-firmware' -}} + {%- endif -%} {%- endif -%} {{- '\n' -}} deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }} main @@ -17,6 +20,9 @@ deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }} main {%- endif -%} {%- if base__pkg_non_free_firmware | bool -%} {{- ' non-free' -}} + {%- if ansible_distribution_major_version >= '12' -%} + {{- ' non-free-firmware' -}} + {%- endif -%} {%- endif -%} {{- '\n\n' -}} @@ -28,6 +34,9 @@ deb https://security.debian.ethz.ch/ {{ ansible_distribution_release }}-security {%- endif -%} {%- if base__pkg_non_free_firmware | bool -%} {{- ' non-free' -}} + {%- if ansible_distribution_major_version >= '12' -%} + {{- ' non-free-firmware' -}} + {%- endif -%} {%- endif -%} {{- '\n' -}} deb-src https://security.debian.ethz.ch/ {{ ansible_distribution_release }}-security main @@ -36,6 +45,9 @@ deb-src https://security.debian.ethz.ch/ {{ ansible_distribution_release }}-secu {%- endif -%} {%- if base__pkg_non_free_firmware | bool -%} {{- ' non-free' -}} + {%- if ansible_distribution_major_version >= '12' -%} + {{- ' non-free-firmware' -}} + {%- endif -%} {%- endif -%} {{- '\n\n' -}} {%- endif -%} @@ -48,6 +60,9 @@ deb https://debian.ethz.ch/debian {{ ansible_distribution_release }}-updates mai {%- endif -%} {%- if base__pkg_non_free_firmware | bool -%} {{- ' non-free' -}} + {%- if ansible_distribution_major_version >= '12' -%} + {{- ' non-free-firmware' -}} + {%- endif -%} {%- endif -%} {{- '\n' -}} deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }}-updates main @@ -56,6 +71,9 @@ deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }}-updates {%- endif -%} {%- if base__pkg_non_free_firmware | bool -%} {{- ' non-free' -}} + {%- if ansible_distribution_major_version >= '12' -%} + {{- ' non-free-firmware' -}} + {%- endif -%} {%- endif -%} {{- '\n\n' -}} {%- endif -%} @@ -68,6 +86,9 @@ deb https://debian.ethz.ch/debian {{ ansible_distribution_release }}-backports m {%- endif -%} {%- if base__pkg_non_free_firmware | bool -%} {{- ' non-free' -}} + {%- if ansible_distribution_major_version >= '12' -%} + {{- ' non-free-firmware' -}} + {%- endif -%} {%- endif -%} {{- '\n' -}} deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }}-backports main @@ -76,6 +97,9 @@ deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }}-backpor {%- endif -%} {%- if base__pkg_non_free_firmware | bool -%} {{- ' non-free' -}} + {%- if ansible_distribution_major_version >= '12' -%} + {{- ' non-free-firmware' -}} + {%- endif -%} {%- endif -%} {{- '\n\n' -}} {%- endif -%} diff --git a/vars/main.yml b/vars/main.yml index f33077f..0e16318 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -62,5 +62,5 @@ base__linux_packages: - bzip2 - jq -playbook_version_number: 9018 +playbook_version_number: 9019 playbook_version_path: 'base-packages_roles-ansible_github.version'