From faaec0d8bc63257376407038c71bfbbcf058dd06 Mon Sep 17 00:00:00 2001 From: L3D Date: Mon, 30 Oct 2023 00:21:01 +0100 Subject: [PATCH] improve linting, actions and update --- .github/workflows/ansible-linting-check.yml | 12 ++--- .github/workflows/galaxy.yml | 20 ++++---- .github/workflows/j2lint-check.yml | 22 ++++++++ .github/workflows/yamllint-check.yml | 22 ++++++++ .github/workflows/yamllint.yaml | 23 --------- README.md | 6 +++ requirements.yml | 6 +++ tasks/configure_custom_config.yml | 13 +++-- tasks/configure_plugins.yml | 6 ++- tasks/install-debian.yml | 56 ++++++++++++++------- tasks/main.yml | 25 +++++---- tasks/versioncheck.yml | 7 ++- vars/main.yml | 2 +- 13 files changed, 143 insertions(+), 77 deletions(-) create mode 100644 .github/workflows/j2lint-check.yml create mode 100644 .github/workflows/yamllint-check.yml delete mode 100644 .github/workflows/yamllint.yaml create mode 100644 requirements.yml diff --git a/.github/workflows/ansible-linting-check.yml b/.github/workflows/ansible-linting-check.yml index 0b1268c..e304fa0 100644 --- a/.github/workflows/ansible-linting-check.yml +++ b/.github/workflows/ansible-linting-check.yml @@ -10,14 +10,14 @@ jobs: runs-on: ubuntu-latest steps: - - name: 'checkout git repo' + - name: Checkout git repo uses: actions/checkout@v4 with: - lfs: true - submodules: false + submodules: true fetch-depth: 0 - - name: 'Lint Ansible Playbook' - uses: ansible/ansible-lint-action@v6 + - name: Run ansible-lint + uses: ansible-actions/ansible-lint-action@v1.0.2 with: - path: "." + target: "./" + collections_yml: 'requirements.yml' diff --git a/.github/workflows/galaxy.yml b/.github/workflows/galaxy.yml index 4426496..b44f94e 100644 --- a/.github/workflows/galaxy.yml +++ b/.github/workflows/galaxy.yml @@ -1,22 +1,24 @@ --- -name: Galaxy release +name: Galaxy-NG Roles Import # yamllint disable-line rule:truthy on: - push: - branches: ['main'] release: types: ['created'] jobs: build: + name: Galaxy Role Importer runs-on: ubuntu-latest - steps: - - name: 'checkout git repo' - uses: actions/checkout@v4 - - name: 'release on galaxy' - uses: robertdebock/galaxy-action@1.2.1 + steps: + - name: 'Checkout git repo' + uses: actions/checkout@v4 + with: + submodules: true + fetch-depth: 0 + + - name: 'Release on galaxy' + uses: ansible-actions/ansible-galaxy-action@v1.1.1 with: galaxy_api_key: ${{ secrets.galaxy_api_key }} - git_branch: 'main' diff --git a/.github/workflows/j2lint-check.yml b/.github/workflows/j2lint-check.yml new file mode 100644 index 0000000..00c7861 --- /dev/null +++ b/.github/workflows/j2lint-check.yml @@ -0,0 +1,22 @@ +--- +name: Jinja2 Linting check + +# yamllint disable-line rule:truthy +on: [push, pull_request] + +jobs: + build: + name: Jinja2 Linting + runs-on: ubuntu-latest + + steps: + - name: Checkout git repo + uses: actions/checkout@v4 + with: + submodules: true + fetch-depth: 0 + + - name: Run j2lint + uses: ansible-actions/j2lint-action@v0.0.1 + with: + target: "./" diff --git a/.github/workflows/yamllint-check.yml b/.github/workflows/yamllint-check.yml new file mode 100644 index 0000000..5e62f57 --- /dev/null +++ b/.github/workflows/yamllint-check.yml @@ -0,0 +1,22 @@ +--- +name: Yamllint check + +# yamllint disable-line rule:truthy +on: [push, pull_request] + +jobs: + build: + name: Yamllint + runs-on: ubuntu-latest + + steps: + - name: Checkout git repo + uses: actions/checkout@v4 + with: + submodules: true + fetch-depth: 0 + + - name: Run yamllint + uses: ansible-actions/yamllint-action@v0.0.1 + with: + target: "./" diff --git a/.github/workflows/yamllint.yaml b/.github/workflows/yamllint.yaml deleted file mode 100644 index 99bb4c4..0000000 --- a/.github/workflows/yamllint.yaml +++ /dev/null @@ -1,23 +0,0 @@ ---- -name: 'Yamllint GitHub Actions' - -# yamllint disable-line rule:truthy -on: - push: - branches: '*' - pull_request: - branches: '*' - -jobs: - yamllint: - name: 'Yamllint' - runs-on: ubuntu-latest - steps: - - name: 'checkout git repo' - uses: actions/checkout@v4 - - - name: 'Yamllint' - uses: karancode/yamllint-github-action@v2.1.1 - with: - yamllint_file_or_dir: '.' - yamllint_config_filepath: './.yamllint' diff --git a/README.md b/README.md index b24854b..ff218d4 100644 --- a/README.md +++ b/README.md @@ -95,6 +95,12 @@ weechat__custom_version: main + Some parts of the Weechat configuration is inspired by [github.com/irth/ansible-role-weechat](https://github.com/irth/ansible-role-weechat.git) but written in a complete different way. Some other is completly different. + Autostart and systemd is inspired by [ubuntu wiki](https://wiki.ubuntuusers.de/Howto/systemd_Service_Unit_Beispiel/) and [ansible docs](https://docs.ansible.com/ansible/latest/modules/systemd_module.html). +## Requirements +The ``community.general`` and ``community.crypto`` collections are required for some parts of this ansible role. +You can install it with this command: +```bash +ansible-galaxy collection install -r requirements.yml --upgrade +``` Contribute ------------ If you missing a feature, found a bug or have questions about this role please feel free to open a git issue. Or - even better - create a pull request. diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..4fcd9ad --- /dev/null +++ b/requirements.yml @@ -0,0 +1,6 @@ +--- +collections: + - name: 'community.general' + version: ">=7.5.0,<=8.0.0" + - name: 'community.crypto' + version: ">=2.15.1,<=3.0.0" diff --git a/tasks/configure_custom_config.yml b/tasks/configure_custom_config.yml index 52c9e84..9257671 100644 --- a/tasks/configure_custom_config.yml +++ b/tasks/configure_custom_config.yml @@ -1,9 +1,9 @@ --- -- name: Create ssh key pair (if needed) +- name: Create ssh key pair (if needed) # noqa: H1901 become: true community.crypto.openssh_keypair: path: "{{ weechat__home_directory }}/.ssh/id_ed25519" - type: ed25519 + type: 'ed25519' owner: "{{ weechat__user }}" register: ssh_key_pair when: weechat__custom_gen_ssh_key_pair | bool @@ -32,7 +32,7 @@ - weechat__custom_gen_ssh_key_pair | bool - ssh_key_pair.changed -- name: Add git repo to save.directory globally for root +- name: Add git repo to save.directory globally for root # noqa: H1901 become: true community.general.git_config: name: safe.directory @@ -40,7 +40,7 @@ value: "{{ weechat__home_directory }}/.weechat" register: save_directory -- name: "Add git repo to save.directory globally for {{ weechat__user }}" +- name: "Add git repo to save.directory globally for {{ weechat__user }}" # noqa: H1901 become: true community.general.git_config: file: "{{ weechat__home_directory }}/.gitconfig" @@ -55,6 +55,7 @@ path: "{{ weechat__home_directory }}/.gitconfig" recurse: false owner: "{{ weechat__user }}" + mode: 'u=rwX,g=rX,o=' changed_when: save_user_directory.changed | bool - name: "Change git repo owner to root" @@ -63,6 +64,8 @@ path: "{{ weechat__home_directory }}/.weechat" recurse: true owner: "root" + group: 'root' + mode: 'u=rwX,g=rX,o=' changed_when: ssh_key_pair.changed | bool or save_directory.changed | bool when: not weechat__custom_private_repo | bool @@ -98,5 +101,7 @@ path: "{{ weechat__home_directory }}/.weechat" recurse: true owner: "{{ weechat__user }}" + group: 'root' + mode: 'u=rwX,g=rX,o=' changed_when: ssh_key_pair.changed | bool or save_directory.changed | bool when: not weechat__custom_private_repo | bool diff --git a/tasks/configure_plugins.yml b/tasks/configure_plugins.yml index 847ce44..330f9bb 100644 --- a/tasks/configure_plugins.yml +++ b/tasks/configure_plugins.yml @@ -21,11 +21,13 @@ url: 'https://weechat.org/files/scripts/{{ item }}' dest: "{{ weechat__home_directory }}/.weechat/{{ weechat_plugin_languages[item.split('.', 1)[-1]] }}/{{ item }}" mode: '0644' - with_items: '{{ weechat__plugins }}' + loop: '{{ weechat__plugins }}' - name: Symlinking plugins to autoload ansible.builtin.file: src: "{{ weechat__home_directory }}/.weechat/{{ weechat_plugin_languages[item.split('.', 1)[-1]] }}/{{ item }}" dest: "{{ weechat__home_directory }}/.weechat/{{ weechat_plugin_languages[item.split('.', 1)[-1]] }}/autoload/{{ item }}" state: link - with_items: '{{ weechat__plugins }}' + mode: 0644 + owner: root + loop: '{{ weechat__plugins }}' diff --git a/tasks/install-debian.yml b/tasks/install-debian.yml index 908a6d0..9815a53 100644 --- a/tasks/install-debian.yml +++ b/tasks/install-debian.yml @@ -10,41 +10,61 @@ - name: Install apt-transport-https become: true ansible.builtin.apt: - name: - - apt-transport-https - - gpg - state: present + name: "{{ item }}" + state: 'present' + loop: + - 'apt-transport-https' + - 'gpg' - name: Add weechat repository gpg-key become: true ansible.builtin.apt_key: keyserver: 'keys.openpgp.org' id: "{{ weechat__gpg_id }}" - state: present + state: 'present' + +- name: Create /usr/share/keyrings directory + become: true + ansible.builtin.file: + path: '/usr/share/keyrings' + state: 'directory' + owner: 'root' + group: 'root' + mode: '0755' + +- name: Import WeeChat GPG key + become: true + ansible.builtin.get_url: + url: "https://keys.openpgp.org/vks/v1/by-fingerprint/{{ weechat__gpg_id }}" + dest: '/usr/share/keyrings/weechat-archive-keyring.gpg' + owner: 'root' + group: 'root' + mode: '0644' - name: Add weechat repo become: true ansible.builtin.apt_repository: - repo: "deb {{ weechat__debian_weechat_repo }}" - state: present + repo: "deb [signed-by=/usr/share/keyrings/weechat-archive-keyring.gpg] {{ weechat__debian_weechat_repo }}" + state: 'present' update_cache: true - name: Add weechat repo-src become: true ansible.builtin.apt_repository: - repo: "deb-src {{ weechat__debian_weechat_repo }}" - state: present + repo: "deb-src [signed-by=/usr/share/keyrings/weechat-archive-keyring.gpg] {{ weechat__debian_weechat_repo }}" + state: 'present' update_cache: true - name: Install recomended weechat packages become: true ansible.builtin.apt: - name: - - weechat-curses - - weechat-plugins - - weechat-python - - weechat-perl - - weechat-lua - - weechat-ruby - - weechat-doc - state: present + name: "{{ item }}" + state: 'present' + loop: + - 'weechat-curses' + - 'weechat-plugins' + - 'weechat-python' + - 'weechat-perl' + - 'weechat-lua' + - 'weechat-ruby' + - 'weechat-doc' diff --git a/tasks/main.yml b/tasks/main.yml index 5d661a0..904bec3 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,20 +1,25 @@ --- - name: Perform optinal versionscheck - ansible.builtin.include_tasks: versioncheck.yml - when: submodules_versioncheck|bool + ansible.builtin.include_tasks: + file: 'versioncheck.yml' + when: submodules_versioncheck | bool -- name: Install weechat - ansible.builtin.include_tasks: "install-{{ ansible_os_family | lower }}.yml" +- name: 'Install weechat' + ansible.builtin.include_tasks: + file: "install-{{ ansible_os_family | lower }}.yml" when: weechat__install | bool -- name: Deploy weechat__configuration - ansible.builtin.include_tasks: configure_custom_config.yml +- name: 'Deploy weechat__configuration' + ansible.builtin.include_tasks: + file: configure_custom_config.yml when: weechat__use_custom_config | bool -- name: Install requirements for weechat__plugins - ansible.builtin.include_tasks: configure_plugins.yml +- name: 'Install requirements for weechat__plugins' + ansible.builtin.include_tasks: + file: configure_plugins.yml when: weechat__install_plugins | bool -- name: Setup weechat__autostart - ansible.builtin.include_tasks: setup_autostart.yml +- name: 'Setup weechat__autostart' + ansible.builtin.include_tasks: + file: setup_autostart.yml when: weechat__autostart | bool diff --git a/tasks/versioncheck.yml b/tasks/versioncheck.yml index dd22a1a..7dd80c5 100644 --- a/tasks/versioncheck.yml +++ b/tasks/versioncheck.yml @@ -7,7 +7,7 @@ ansible.builtin.file: path: '/etc/.ansible-version' state: directory - mode: 0755 + mode: '0755' when: submodules_versioncheck | bool - name: Check playbook version @@ -16,15 +16,14 @@ src: "/etc/.ansible-version/{{ playbook_version_path }}" register: playbook_version when: submodules_versioncheck | bool - ignore_errors: true failed_when: false -- name: Print remote role version +- name: Print remote role version # noqa: H500 ansible.builtin.debug: msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}" when: submodules_versioncheck | bool -- name: Print locale role version +- name: Print locale role version # noqa: H500 ansible.builtin.debug: msg: "Local role version: '{{ playbook_version_number | string }}'." when: submodules_versioncheck | bool diff --git a/vars/main.yml b/vars/main.yml index 2286d66..dc3952c 100644 --- a/vars/main.yml +++ b/vars/main.yml @@ -9,7 +9,7 @@ weechat_plugin_languages: lua: 'lua' # version management -playbook_version_number: 4223 # should be over ninethousand +playbook_version_number: 4224 # should be over ninethousand playbook_version_path: 'role-weechat_roles-ansible_github.com.version' weechat__debian_weechat_repo: "https://weechat.org/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} main"