Merge pull request #24 from bluikko/main

Add Ansible Lint action and fix lint errors
This commit is contained in:
Louis Abel 2020-12-12 04:13:15 -07:00 committed by GitHub
commit 733a46258b
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 46 additions and 12 deletions

31
.github/workflows/ansible-lint.yml vendored Normal file
View file

@ -0,0 +1,31 @@
---
# https://github.com/ansible/ansible-lint-action
name: Ansible Lint
on:
push:
paths:
- '**.yml'
- '**.yaml'
jobs:
ansible-lint:
runs-on: ubuntu-latest
timeout-minutes: 7
steps:
- name: Git checkout
uses: actions/checkout@v2
- name: Add installed collections in Ansible configuration
run: |
echo '[defaults]' > ansible.cfg
echo 'collections_paths = ./collections' >> ansible.cfg
- name: Install requirements
run: ansible-galaxy collection install -r ansible/playbooks/requirements.yml -p collections
- name: Ansible Lint
uses: ansible/ansible-lint-action@master
with:
args: "--exclude .github"

View file

@ -20,7 +20,7 @@
fail_msg: "We are missing group information or ipa admin password"
- name: "Creating Mandatory Groups"
ipagroup:
freeipa.ansible_freeipa.ipagroup:
ipaadmin_password: "{{ ipaadmin_password }}"
name: "{{ ipaGroup }}"
description: "{{ ipaDescription }}"

View file

@ -23,7 +23,7 @@
fail_msg: "We are missing user information or ipa admin password"
- name: "Creating User Account"
ipauser:
freeipa.ansible_freeipa.ipauser:
ipaadmin_password: "{{ ipaadmin_password }}"
name: "{{ ipaName }}"
first: "{{ ipaFirst }}"

View file

@ -1,7 +1,7 @@
---
# Creates the first set of groups for the IdM Infrastructure
- name: "Creating Mandatory Groups"
ipagroup:
freeipa.ansible_freeipa.ipagroup:
ipaadmin_password: "{{ ipaadmin_password }}"
name: "{{ item.group }}"
description: "{{ item.description }}"

View file

@ -2,7 +2,7 @@
# Currently only one SUDO role should be created, and that is for the
# rocky linux admins
- name: "Creating SUDO Role for Rocky Admins"
ipasudorule:
freeipa.ansible_freeipa.ipasudorule:
ipaadmin_password: "{{ ipaadmin_password }}"
name: All_RockyAdmins
description: Rocky Linux infrastructure and operations sudo access

View file

@ -3,7 +3,7 @@
# should create both regular and admin accounts for separation of
# privilege.
- name: "Creating Initial Accounts"
ipauser:
freeipa.ansible_freeipa.ipauser:
ipaadmin_password: "{{ ipaadmin_password }}"
name: "{{ item.name }}"
first: "{{ item.first }}"

View file

@ -20,8 +20,9 @@
tasks:
- name: Check for CPU Virtualization
shell: "lscpu | grep -i virtualization"
shell: "set -o pipefail; lscpu | grep -i virtualization"
register: result
changed_when: false
failed_when: "result.rc != 0"
# Install KVM packages
@ -43,8 +44,9 @@
enabled: true
- name: Verify KVM module is loaded
shell: "lsmod | grep -i kvm"
shell: "set -o pipefail; lsmod | grep -i kvm"
register: result
changed_when: false
failed_when: "result.rc != 0"
post_tasks:

View file

@ -16,7 +16,7 @@
fail_msg: "We are missing ipa admin password"
- name: "Create Reverse Domains"
ipadnszone:
freeipa.ansible_freeipa.ipadnszone:
ipaadmin_password: '{{ ipaadmin_password }}'
name: '{{ item }}'
with_items: '{{ rdns }}'

View file

@ -1,3 +1,4 @@
---
- src: freeipa.ansible_freeipa
- src: community.general
collections:
- freeipa.ansible_freeipa
- community.general

View file

@ -19,7 +19,7 @@
- "not no_ansible.stat.exists"
msg: "/etc/no-ansible exists - skipping run on this node"
- name: Check if we can see LDAP srv records
# - name: Check if we can see LDAP srv records
roles:

View file

@ -57,6 +57,6 @@
group: root
- name: "Turn on reverse zone syncing"
ipadnsconfig:
freeipa.ansible_freeipa.ipadnsconfig:
ipaadmin_password: '{{ ipaadmin_password }}'
allow_sync_ptr: true