1
0
Fork 0
mirror of https://github.com/roles-ansible/ansible_role_packages.git synced 2024-08-16 10:19:51 +02:00

Merge pull request #18 from roles-ansible/l

Linting and Action improvements
This commit is contained in:
L3D 2023-06-14 02:38:05 +02:00 committed by GitHub
commit b0c817c681
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
24 changed files with 84 additions and 233 deletions

9
.github/dependabot.yml vendored Normal file
View file

@ -0,0 +1,9 @@
---
# See https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates
version: 2
updates:
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"

View file

@ -1,18 +0,0 @@
---
name: Ansible check archlinux:latest
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'checkout git repo'
uses: actions/checkout@v3
- name: 'ansible check with archlinux:latest'
uses: roles-ansible/check-ansible-archlinux-latest-action@master
with:
targets: "./"

View file

@ -1,18 +0,0 @@
---
name: Ansible check debian:bullseye
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'checkout git repo'
uses: actions/checkout@v3
- name: 'ansible check with debian:bullseye'
uses: roles-ansible/check-ansible-debian-bullseye-action@main
with:
targets: "./"

View file

@ -1,18 +0,0 @@
---
name: Ansible check debian:buster
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'checkout git repo'
uses: actions/checkout@v3
- name: 'ansible check with debian:buster'
uses: roles-ansible/check-ansible-debian-buster-action@master
with:
targets: "./"

View file

@ -1,18 +0,0 @@
---
name: Ansible check debian:latest
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'checkout git repo'
uses: actions/checkout@v3
- name: 'ansible check with debian:latest'
uses: roles-ansible/check-ansible-debian-latest-action@master
with:
targets: "./"

View file

@ -1,18 +0,0 @@
---
name: Ansible check debian:sid
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'checkout git repo'
uses: actions/checkout@v3
- name: 'ansible check with debian:sid'
uses: roles-ansible/check-ansible-debian-sid-action@master
with:
targets: "./"

View file

@ -1,23 +0,0 @@
---
name: Ansible check debian:stable
# yamllint disable-line rule:truthy
on:
push:
branches: '*'
pull_request:
branches: '*'
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'checkout git repo'
uses: actions/checkout@v3
- name: 'ansible check with debian:stable'
uses: roles-ansible/check-ansible-debian-stable-action@master
with:
targets: "./"

View file

@ -1,18 +0,0 @@
---
name: Ansible check debian:stretch
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'checkout git repo'
uses: actions/checkout@v3
- name: 'ansible check with debian:stretch'
uses: roles-ansible/check-ansible-debian-stretch-action@master
with:
targets: "./"

View file

@ -10,6 +10,7 @@ on:
jobs:
build:
runs-on: ubuntu-latest
steps:

View file

@ -1,18 +0,0 @@
---
name: Ansible check ubuntu:bionic
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'checkout git repo'
uses: actions/checkout@v3
- name: 'ansible check with ubuntu:bionic'
uses: roles-ansible/check-ansible-ubuntu-bionic-action@master
with:
targets: "./"

View file

@ -1,18 +0,0 @@
---
name: Ansible check ubuntu:latest
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'checkout git repo'
uses: actions/checkout@v3
- name: ansible check with ubuntu:latest
uses: roles-ansible/check-ansible-ubuntu-latest-action@master
with:
targets: "./"

View file

@ -1,18 +0,0 @@
---
name: Ansible check ubuntu:trusty
# yamllint disable-line rule:truthy
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: 'checkout git repo'
uses: actions/checkout@v3
- name: ansible check with ubuntu:trusty
uses: roles-ansible/check-ansible-ubuntu-trusty-action@master
with:
targets: "./"

View file

@ -16,7 +16,7 @@ jobs:
uses: actions/checkout@v3
- name: 'release on galaxy'
uses: robertdebock/galaxy-action@1.2.0
uses: robertdebock/galaxy-action@1.2.1
with:
galaxy_api_key: ${{ secrets.galaxy_api_key }}
git_branch: 'main'

View file

@ -17,7 +17,7 @@ jobs:
uses: actions/checkout@v3
- name: 'Yamllint'
uses: karancode/yamllint-github-action@v2.0.0
uses: karancode/yamllint-github-action@v2.1.1
with:
yamllint_file_or_dir: '.'
yamllint_config_filepath: './.yamllint'

View file

@ -1,5 +1,5 @@
---
- name: apt update
- name: Run apt update
become: true
ansible.builtin.apt:
update_cache: true

View file

@ -1,25 +1,26 @@
---
galaxy_info:
author: do1jlr
author: l3d
description: Ansible role to install some base packages and make some base configuration on all common linux systems
role_name: base
license: MIT
min_ansible_version: 2.11
github_branch: master
min_ansible_version: "2.11"
platforms:
- name: Archlinux
versions: all
- name: ArchLinux
versions: ['all']
- name: Debian
versions: all
versions: ['all']
- name: Ubuntu
versions: all
versions: ['all']
- name: Fedora
versions: all
versions: ['all']
- name: EL
versions: all
versions: ['all']
galaxy_tags:
- base
- packages
- default
- apt
- sources
- linux
dependencies: []

View file

@ -1,5 +1,5 @@
---
- name: vim is our editor
- name: Vim is our editor
become: true
community.general.alternatives:
name: editor
@ -11,7 +11,7 @@
- ansible_distribution != 'Archlinux'
failed_when: false
- name: vim is our editor
- name: Vim is our editor
become: true
community.general.alternatives:
name: editor

View file

@ -7,7 +7,7 @@
when:
- ansible_pkg_mgr == "apt"
- name: install keychain to support ssh agent
- name: Install keychain to support ssh agent
become: true
ansible.builtin.package:
name: keychain
@ -15,7 +15,7 @@
when:
- ansible_os_family != 'RedHat'
- name: install keychain on centos
- name: Install keychain on centos
become: true
ansible.builtin.yum:
name:

View file

@ -1,13 +1,13 @@
---
- name: optional print os infos
- name: Optional print os infos
ansible.builtin.include_tasks: os_info.yml
when: print_os_vars | bool
- name: optional versionscheck
- name: Optional versionscheck
ansible.builtin.include_tasks: versioncheck.yml
when: submodules_versioncheck | bool
- name: optional add apt sources
- name: Optional add apt sources
ansible.builtin.include_tasks: sources.yml
when:
- base__add_ethz | bool
@ -15,7 +15,7 @@
- ansible_distribution == 'Debian' and ansible_distribution_version | float >= 8
- ansible_pkg_mgr == "apt"
- name: install packages
- name: Install packages
ansible.builtin.include_tasks: packages.yml
- name: Upgrade all packages to latest
@ -26,15 +26,15 @@
when:
- base__upgrade_packages_to_latest_version|bool
- name: optional configure editor
- name: Optional configure editor
ansible.builtin.include_tasks: editor.yml
when: base__install_vim | bool
- name: optional install keychain
- name: Optional install keychain
ansible.builtin.include_tasks: keychain.yml
when: base__install_keychain | bool
- name: install optional packages
- name: Install optional packages
become: true
ansible.builtin.package:
name: "{{ base__extra_packages }}"

View file

@ -1,5 +1,5 @@
---
- name: update repo-cache for debian/ubuntu
- name: Update repo-cache for debian/ubuntu
become: true
ansible.builtin.apt:
update_cache: true
@ -7,20 +7,20 @@
when:
- ansible_pkg_mgr == "apt"
- name: update repo-cache for debian/ubuntu
- name: Update repo-cache for debian/ubuntu
become: true
ansible.builtin.dnf:
update_cache: true
when:
- ansible_os_family == 'RedHat' and ansible_distribution_version | float >= 8
- name: install base packages for all operating systems
- name: Install base packages for all operating systems
become: true
ansible.builtin.package:
name: "{{ base__packages }}"
state: "{{ base__package_state }}"
- name: install python3 for all non-legacy systems
- name: Install python3 for all non-legacy systems
become: true
ansible.builtin.package:
name: "{{ base__python3_packages }}"
@ -30,14 +30,14 @@
ansible_os_family == 'RedHat' and ansible_distribution_version | float >= 7 or
ansible_distribution == 'Debian' and ansible_distribution_version | float >= 7
- name: install python for systems where python3 packages are renamed to python
- name: Install python for systems where python3 packages are renamed to python
become: true
ansible.builtin.package:
name: "{{ base__python_packages }}"
state: "{{ base__package_state }}"
when: ansible_os_family == 'Archlinux'
- name: install packages for all non-legacy systems
- name: Install packages for all non-legacy systems
become: true
ansible.builtin.package:
name: "{{ base__modern_packages }}"
@ -48,7 +48,7 @@
ansible_distribution == 'Debian' and ansible_distribution_version | float >= 8 or
ansible_os_family == 'Archlinux'
- name: install packages for all non-legacy Debian/Ububntu systems
- name: Install packages for all non-legacy Debian/Ububntu systems
become: true
ansible.builtin.package:
name: "{{ base__debian_packages }}"
@ -57,7 +57,7 @@
ansible_distribution == 'Ubuntu' and ansible_distribution_version | float >= 16.0 or
ansible_distribution == 'Debian' and ansible_distribution_version | float >= 8
- name: install packages for all reasonable non-legacy systems
- name: Install packages for all reasonable non-legacy systems
become: true
ansible.builtin.package:
name: "{{ base__linux_packages }}"
@ -68,7 +68,7 @@
ansible_distribution == 'Debian' and ansible_distribution_version | float >= 9 or
ansible_os_family == 'Archlinux'
- name: install mailx on debian
- name: Install mailx on debian
become: true
ansible.builtin.package:
name:

View file

@ -1,5 +1,5 @@
---
- name: update repo-cache for Debian/Ubuntu
- name: Update repo-cache for Debian/Ubuntu
become: true
ansible.builtin.apt:
update_cache: true
@ -16,7 +16,7 @@
- apt-transport-https
state: present
- name: add eth zurich apt for Debian > 10
- name: Add eth zurich apt for Debian Bullaeye (11) and later
become: true
ansible.builtin.template:
src: "templates/apt.sources.list.j2"
@ -24,10 +24,10 @@
mode: 0644
group: root
owner: root
notify: apt update
notify: Run apt update
when: ansible_distribution_major_version > '10'
- name: add eth zurich apt for Debian < 11
- name: Add eth zurich apt for Debian Buster (10) and earlyer
become: true
ansible.builtin.template:
src: "templates/apt.sources.list_legacy.j2"
@ -35,8 +35,8 @@
mode: 0644
group: root
owner: root
notify: apt update
notify: Run apt update
when: ansible_distribution_major_version < '11'
- name: force all notified handlers to run at this point, not waiting for normal sync points
- name: Force all notified handlers to run at this point, not waiting for normal sync points
ansible.builtin.meta: flush_handlers

View file

@ -8,37 +8,38 @@
path: '/etc/.ansible-version'
state: directory
mode: 0755
when: submodules_versioncheck|bool
when: submodules_versioncheck | bool
- name: check playbook version
- name: Check playbook version
become: true
ansible.builtin.slurp:
src: "/etc/.ansible-version/{{ playbook_version_path }}"
register: playbook_version
when: submodules_versioncheck|bool
when: submodules_versioncheck | bool
ignore_errors: true
failed_when: false
- name: Print remote role version
ansible.builtin.debug:
msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}"
when: submodules_versioncheck|bool
when: submodules_versioncheck | bool
- name: Print locale role version
ansible.builtin.debug:
msg: "Local role version: '{{ playbook_version_number|string }}'."
when: submodules_versioncheck|bool
msg: "Local role version: '{{ playbook_version_number | string }}'."
when: submodules_versioncheck | bool
- name: Check if your version is outdated
ansible.builtin.fail:
msg: "Your ansible module has the version '{{ playbook_version_number }}' and is outdated. You need to update it!"
when:
- playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck|bool
- playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck | bool
- name: write new version to remote disk
- name: Write new version to remote disk
become: true
ansible.builtin.copy:
content: "{{ playbook_version_number }}"
dest: "/etc/.ansible-version/{{ playbook_version_path }}"
mode: '0644'
when: submodules_versioncheck|bool
when: submodules_versioncheck | bool
tags: skip_ansible_lint_template-instead-of-copy

View file

@ -9,6 +9,9 @@ deb https://debian.ethz.ch/debian {{ ansible_distribution_release }} main
{%- endif -%}
{%- if base__pkg_non_free_firmware | bool -%}
{{- ' non-free' -}}
{%- if ansible_distribution_major_version >= '12' -%}
{{- ' non-free-firmware' -}}
{%- endif -%}
{%- endif -%}
{{- '\n' -}}
deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }} main
@ -17,6 +20,9 @@ deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }} main
{%- endif -%}
{%- if base__pkg_non_free_firmware | bool -%}
{{- ' non-free' -}}
{%- if ansible_distribution_major_version >= '12' -%}
{{- ' non-free-firmware' -}}
{%- endif -%}
{%- endif -%}
{{- '\n\n' -}}
@ -28,6 +34,9 @@ deb https://security.debian.ethz.ch/ {{ ansible_distribution_release }}-security
{%- endif -%}
{%- if base__pkg_non_free_firmware | bool -%}
{{- ' non-free' -}}
{%- if ansible_distribution_major_version >= '12' -%}
{{- ' non-free-firmware' -}}
{%- endif -%}
{%- endif -%}
{{- '\n' -}}
deb-src https://security.debian.ethz.ch/ {{ ansible_distribution_release }}-security main
@ -36,6 +45,9 @@ deb-src https://security.debian.ethz.ch/ {{ ansible_distribution_release }}-secu
{%- endif -%}
{%- if base__pkg_non_free_firmware | bool -%}
{{- ' non-free' -}}
{%- if ansible_distribution_major_version >= '12' -%}
{{- ' non-free-firmware' -}}
{%- endif -%}
{%- endif -%}
{{- '\n\n' -}}
{%- endif -%}
@ -48,6 +60,9 @@ deb https://debian.ethz.ch/debian {{ ansible_distribution_release }}-updates mai
{%- endif -%}
{%- if base__pkg_non_free_firmware | bool -%}
{{- ' non-free' -}}
{%- if ansible_distribution_major_version >= '12' -%}
{{- ' non-free-firmware' -}}
{%- endif -%}
{%- endif -%}
{{- '\n' -}}
deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }}-updates main
@ -56,6 +71,9 @@ deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }}-updates
{%- endif -%}
{%- if base__pkg_non_free_firmware | bool -%}
{{- ' non-free' -}}
{%- if ansible_distribution_major_version >= '12' -%}
{{- ' non-free-firmware' -}}
{%- endif -%}
{%- endif -%}
{{- '\n\n' -}}
{%- endif -%}
@ -68,6 +86,9 @@ deb https://debian.ethz.ch/debian {{ ansible_distribution_release }}-backports m
{%- endif -%}
{%- if base__pkg_non_free_firmware | bool -%}
{{- ' non-free' -}}
{%- if ansible_distribution_major_version >= '12' -%}
{{- ' non-free-firmware' -}}
{%- endif -%}
{%- endif -%}
{{- '\n' -}}
deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }}-backports main
@ -76,6 +97,9 @@ deb-src https://debian.ethz.ch/debian {{ ansible_distribution_release }}-backpor
{%- endif -%}
{%- if base__pkg_non_free_firmware | bool -%}
{{- ' non-free' -}}
{%- if ansible_distribution_major_version >= '12' -%}
{{- ' non-free-firmware' -}}
{%- endif -%}
{%- endif -%}
{{- '\n\n' -}}
{%- endif -%}

View file

@ -62,5 +62,5 @@ base__linux_packages:
- bzip2
- jq
playbook_version_number: 9018
playbook_version_number: 9019
playbook_version_path: 'base-packages_roles-ansible_github.version'