Merge pull request #185 from danielkubat/auth

Make ansible-lint happy
2024-11-10 16:01:23 +00:00 · 2020-12-12 14:32:18 -07:00 · 2020-12-12 14:32:18 -07:00 · 66d0d80807
commit 66d0d80807
parent 242c506bcd e7c8997f9f
3 changed files with 14 additions and 9 deletions
--- a/.github/workflows/yamllint.yml
+++ b/.github/workflows/yamllint.yml
@ -1,6 +1,6 @@
 ---
 # https://github.com/ibiqlik/action-yamllint
-name: YAMLlint
+name: YAML Lint

 on:
  push:
--- a/ansible/playbooks/init-rocky-ansible-host.yml
+++ b/ansible/playbooks/init-rocky-ansible-host.yml
@ -31,6 +31,7 @@
        {{ ( force_purge | bool ) | ternary('--force','') }}
        --role-file {{ installation_prefix }}roles/requirements.yml
        --roles-path {{ installation_prefix }}{{ roles_installation_dir }}
+      changed_when: false

    - name: Install needed collections
      command: >
@ -38,6 +39,7 @@
        {{ ( force_purge | bool ) | ternary('--force-with-deps','') }}
        -r {{ installation_prefix }}roles/requirements.yml
        -p {{ installation_prefix }}{{ collection_installation_dir }}
+      changed_when: false

    - name: cleanup old ssh known_hosts - remove
      file:
--- a/ansible/playbooks/tasks/authentication.yml
+++ b/ansible/playbooks/tasks/authentication.yml
@ -5,10 +5,10 @@
  copy:
    src: "etc/pam.d/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth-ac"
    dest: "{{ item }}"
-    mode: "0644"
    owner: root
    group: root
-  with_items:
+    mode: '0644'
+  loop:
    - /etc/pam.d/system-auth-ac
    - /etc/pam.d/password-auth-ac
  when:
@ -16,14 +16,11 @@
    - ansible_facts['distribution_major_version'] == '7'

 - name: Enterprise Linux 8 PAM Configuration
-  when:
-    - ansible_facts['os_family'] == 'RedHat'
-    - ansible_facts['distribution_major_version'] == '8'
  block:
    - name: Ensure Custom Profile is removed
      file:
-        state: absent
        path: /etc/authselect/custom/sssd-rocky
+        state: absent

    - name: Create custom authselect profile based on sssd
      command: >
@ -34,15 +31,16 @@
        --symlink=postlogin
        --symlink=smartcard-auth
        --symlink=fingerprint-auth
+      changed_when: false

    - name: Override system-auth and password-auth
      copy:
        src: "etc/authselect/custom/sssd-aoc/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth"
        dest: "{{ item }}"
-        mode: '0644'
        owner: root
        group: root
-      with_items:
+        mode: '0644'
+      loop:
        - /etc/authselect/custom/sssd-aoc/system-auth
        - /etc/authselect/custom/sssd-aoc/password-auth

@ -54,12 +52,17 @@
        with-mkhomedir
        with-sudo
        --force
+      changed_when: false

    - name: Apply new settings
      command: /usr/bin/authselect apply-changes
+      changed_when: false

    - name: Enable oddjobd
      service:
        name: oddjobd
        state: started
        enabled: yes
+  when:
+    - ansible_facts['os_family'] == 'RedHat'
+    - ansible_facts['distribution_major_version'] == '8'