mirror of
https://github.com/rocky-linux/infrastructure
synced 2024-12-27 21:20:55 +00:00
Merge pull request #24 from bluikko/main
Add Ansible Lint action and fix lint errors
This commit is contained in:
commit
733a46258b
11 changed files with 46 additions and 12 deletions
31
.github/workflows/ansible-lint.yml
vendored
Normal file
31
.github/workflows/ansible-lint.yml
vendored
Normal file
|
@ -0,0 +1,31 @@
|
|||
---
|
||||
# https://github.com/ansible/ansible-lint-action
|
||||
name: Ansible Lint
|
||||
|
||||
on:
|
||||
push:
|
||||
paths:
|
||||
- '**.yml'
|
||||
- '**.yaml'
|
||||
|
||||
jobs:
|
||||
ansible-lint:
|
||||
runs-on: ubuntu-latest
|
||||
timeout-minutes: 7
|
||||
|
||||
steps:
|
||||
- name: Git checkout
|
||||
uses: actions/checkout@v2
|
||||
|
||||
- name: Add installed collections in Ansible configuration
|
||||
run: |
|
||||
echo '[defaults]' > ansible.cfg
|
||||
echo 'collections_paths = ./collections' >> ansible.cfg
|
||||
|
||||
- name: Install requirements
|
||||
run: ansible-galaxy collection install -r ansible/playbooks/requirements.yml -p collections
|
||||
|
||||
- name: Ansible Lint
|
||||
uses: ansible/ansible-lint-action@master
|
||||
with:
|
||||
args: "--exclude .github"
|
|
@ -20,7 +20,7 @@
|
|||
fail_msg: "We are missing group information or ipa admin password"
|
||||
|
||||
- name: "Creating Mandatory Groups"
|
||||
ipagroup:
|
||||
freeipa.ansible_freeipa.ipagroup:
|
||||
ipaadmin_password: "{{ ipaadmin_password }}"
|
||||
name: "{{ ipaGroup }}"
|
||||
description: "{{ ipaDescription }}"
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
fail_msg: "We are missing user information or ipa admin password"
|
||||
|
||||
- name: "Creating User Account"
|
||||
ipauser:
|
||||
freeipa.ansible_freeipa.ipauser:
|
||||
ipaadmin_password: "{{ ipaadmin_password }}"
|
||||
name: "{{ ipaName }}"
|
||||
first: "{{ ipaFirst }}"
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
---
|
||||
# Creates the first set of groups for the IdM Infrastructure
|
||||
- name: "Creating Mandatory Groups"
|
||||
ipagroup:
|
||||
freeipa.ansible_freeipa.ipagroup:
|
||||
ipaadmin_password: "{{ ipaadmin_password }}"
|
||||
name: "{{ item.group }}"
|
||||
description: "{{ item.description }}"
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
# Currently only one SUDO role should be created, and that is for the
|
||||
# rocky linux admins
|
||||
- name: "Creating SUDO Role for Rocky Admins"
|
||||
ipasudorule:
|
||||
freeipa.ansible_freeipa.ipasudorule:
|
||||
ipaadmin_password: "{{ ipaadmin_password }}"
|
||||
name: All_RockyAdmins
|
||||
description: Rocky Linux infrastructure and operations sudo access
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
# should create both regular and admin accounts for separation of
|
||||
# privilege.
|
||||
- name: "Creating Initial Accounts"
|
||||
ipauser:
|
||||
freeipa.ansible_freeipa.ipauser:
|
||||
ipaadmin_password: "{{ ipaadmin_password }}"
|
||||
name: "{{ item.name }}"
|
||||
first: "{{ item.first }}"
|
||||
|
|
|
@ -20,8 +20,9 @@
|
|||
|
||||
tasks:
|
||||
- name: Check for CPU Virtualization
|
||||
shell: "lscpu | grep -i virtualization"
|
||||
shell: "set -o pipefail; lscpu | grep -i virtualization"
|
||||
register: result
|
||||
changed_when: false
|
||||
failed_when: "result.rc != 0"
|
||||
|
||||
# Install KVM packages
|
||||
|
@ -43,8 +44,9 @@
|
|||
enabled: true
|
||||
|
||||
- name: Verify KVM module is loaded
|
||||
shell: "lsmod | grep -i kvm"
|
||||
shell: "set -o pipefail; lsmod | grep -i kvm"
|
||||
register: result
|
||||
changed_when: false
|
||||
failed_when: "result.rc != 0"
|
||||
|
||||
post_tasks:
|
||||
|
|
|
@ -16,7 +16,7 @@
|
|||
fail_msg: "We are missing ipa admin password"
|
||||
|
||||
- name: "Create Reverse Domains"
|
||||
ipadnszone:
|
||||
freeipa.ansible_freeipa.ipadnszone:
|
||||
ipaadmin_password: '{{ ipaadmin_password }}'
|
||||
name: '{{ item }}'
|
||||
with_items: '{{ rdns }}'
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
---
|
||||
- src: freeipa.ansible_freeipa
|
||||
- src: community.general
|
||||
collections:
|
||||
- freeipa.ansible_freeipa
|
||||
- community.general
|
||||
|
|
|
@ -19,7 +19,7 @@
|
|||
- "not no_ansible.stat.exists"
|
||||
msg: "/etc/no-ansible exists - skipping run on this node"
|
||||
|
||||
- name: Check if we can see LDAP srv records
|
||||
# - name: Check if we can see LDAP srv records
|
||||
|
||||
|
||||
roles:
|
||||
|
|
|
@ -57,6 +57,6 @@
|
|||
group: root
|
||||
|
||||
- name: "Turn on reverse zone syncing"
|
||||
ipadnsconfig:
|
||||
freeipa.ansible_freeipa.ipadnsconfig:
|
||||
ipaadmin_password: '{{ ipaadmin_password }}'
|
||||
allow_sync_ptr: true
|
||||
|
|
Loading…
Reference in a new issue