majic-ansible-roles Changeset

Changeset - 2d15529786b7

Parent rev.

Child rev.

[Not reviewed]

0 10 0

Branko Majic (branko) - 16 days ago 2024-09-03 14:06:29
branko@majic.rs

MAR-218: Fix linting errors related to commands doing unconditional changes:

- Tasks run during the prepare stage of test runs do not matter.
- Some of the role tasks are already effectively running only when
change _will_ happen (when it is detected via variable registered by
a previous task).

10 files changed with 41 insertions and 12 deletions:

roles/backup_client/handlers/main.yml

roles/common/molecule/default/prepare.yml

roles/common/tasks/main.yml

roles/ldap_server/tasks/main.yml

roles/mail_forwarder/molecule/default/prepare.yml

roles/mail_server/molecule/default/prepare.yml

roles/php_website/molecule/default/prepare.yml

roles/web_server/molecule/default/prepare.yml

roles/wsgi_website/molecule/default/prepare.yml

roles/xmpp_server/molecule/default/prepare.yml

0 comments (0 inline, 0 general)

roles/backup_client/handlers/main.yml

➞

Show inline comments

@@ @@ -24,6 +24,10 @@ @@
   #   after interrupted runs.
   command: "gpg --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/private_keys.asc"
 - name: Import public keys
 - name: Import public keys  # noqa no-changed-when
   # [no-changed-when] Commands should not change things if nothing needs doing
   #   This task is invoked only if user is very specific about requiring to
   #   run the handlers manually as a way to bring the system to consistency
   #   after interrupted runs.
   command: "gpg --no-tty --homedir /etc/duply/main/gnupg --import /etc/duply/main/public_keys.asc"
   when: backup_additional_encryption_keys | length > 0

roles/common/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -112,7 +112,9 @@ @@
         - ip6table_security
         - ip6table_raw
     - name: Create some custom legacy iptables chains for testing their removal (max chain name length is 29)
     - name: Create some custom legacy iptables chains for testing their removal (max chain name length is 29)  # noqa no-changed-when
       # [no-changed-when] Commands should not change things if nothing needs doing
       #   Does not matter in test prepare stage.
       command: "iptables-legacy -t '{{ item }}' -N '{{ (ansible_date_time.iso8601_micro | to_uuid)[:28] }}'"
       with_items:
         - filter
@@ @@ -121,7 +123,9 @@ @@
         - security
         - raw
     - name: Create some custom legacy ip6tables chains for testing their removal (max chain name length is 29)
     - name: Create some custom legacy ip6tables chains for testing their removal (max chain name length is 29)  # noqa no-changed-when
       # [no-changed-when] Commands should not change things if nothing needs doing
       #   Does not matter in test prepare stage.
       command: "ip6tables-legacy -t '{{ item }}' -N '{{ (ansible_date_time.iso8601_micro | to_uuid)[:28] }}'"
       with_items:
         - filter

roles/common/tasks/main.yml

➞

Show inline comments

@@ @@ -57,6 +57,7 @@ @@
   #   should end-up with correct permissions straight away.
   command: "/usr/sbin/pam-auth-update --package"
   when: pam_umask.changed
   changed_when: true  # Always results in change due to task logic.
 - name: Set login UMASK
   lineinfile:
@@ @@ -211,6 +212,7 @@ @@
   #   validate server/client certificates.
   command: "/usr/sbin/update-ca-certificates --fresh"
   when: deploy_ca_certificates_result.changed
   changed_when: true  # Always results in change due to task logic.
 - name: Set-up file diversions for custom files that overrride package-provided ones
   command: "dpkg-divert --divert '{{ item }}.original' --rename '{{ item }}'"

roles/ldap_server/tasks/main.yml

➞

Show inline comments

@@ @@ -72,6 +72,7 @@ @@
 - name: Deploy LDAP misc schema
   command: "ldapadd -H ldapi:/// -Q -Y EXTERNAL -f /etc/ldap/schema/misc.ldif"
   when: not ldap_misc_schema_present.stdout
   changed_when: true  # Always results in change due to task logic.
 # Technically, the only thing this does is pick the size of DH
 # parameters to use, with GnuTLS (against which slapd is linked

roles/mail_forwarder/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -95,7 +95,9 @@ @@
   handlers:
     - name: Update CA certificate cache
     - name: Update CA certificate cache  # noqa no-changed-when
       # [no-changed-when] Commands should not change things if nothing needs doing
       #   Does not matter in test prepare stage.
       command: /usr/sbin/update-ca-certificates --fresh
 - name: Prepare, helpers
@@ @@ -161,7 +163,9 @@ @@
   handlers:
     - name: Update CA certificate cache
     - name: Update CA certificate cache  # noqa no-changed-when
       # [no-changed-when] Commands should not change things if nothing needs doing
       #   Does not matter in test prepare stage.
       command: /usr/sbin/update-ca-certificates --fresh
     - name: Restart Postfix

roles/mail_server/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -120,12 +120,16 @@ @@
         group: vagrant
         mode: 0755
     - name: Configure default location for storing ClamAV database files
     - name: Configure default location for storing ClamAV database files  # noqa no-changed-when
       # [no-changed-when] Commands should not change things if nothing needs doing
       #   Does not matter in test prepare step.
       become: true
       become_user: vagrant
       command: "/var/lib/cvdupdate/bin/cvd config set --dbdir /vagrant/clamav-database/"
     - name: Download/update the ClamAV database files
     - name: Download/update the ClamAV database files  # noqa no-changed-when
       # [no-changed-when] Commands should not change things if nothing needs doing
       #   Does not matter in test prepare stage.
       become: true
       become_user: vagrant
       command: "/var/lib/cvdupdate/bin/cvd update"
@@ @@ -330,8 +334,10 @@ @@
   handlers:
     - name: Update CA certificate cache
+    - name: Update CA certificate cache  # noqa no-changed-when
       command: /usr/sbin/update-ca-certificates --fresh
       # [no-changed-when] Commands should not change things if nothing needs doing
       #   Does not matter in test prepare stage.
     - name: Restart Postfix
       service:

roles/php_website/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -116,5 +116,7 @@ @@
         name: postfix
         state: restarted
     - name: Generate aliases database
+    - name: Generate aliases database  # noqa no-changed-when
       command: "/usr/bin/newaliases"
       # [no-changed-when] Commands should not change things if nothing needs doing
       #   Does not matter in test prepare stage.

roles/web_server/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -130,5 +130,7 @@ @@
   handlers:
     - name: Update CA certificate cache
+    - name: Update CA certificate cache  # noqa no-changed-when
       command: /usr/sbin/update-ca-certificates --fresh
       # [no-changed-when] Commands should not change things if nothing needs doing
       #   Does not matter in test prepare stage.

roles/wsgi_website/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -132,5 +132,7 @@ @@
         name: postfix
         state: restarted
     - name: Generate aliases database
+    - name: Generate aliases database  # noqa no-changed-when
       command: "/usr/bin/newaliases"
       # [no-changed-when] Commands should not change things if nothing needs doing
       #   Does not matter in test prepare stage.

roles/xmpp_server/molecule/default/prepare.yml

➞

Show inline comments

@@ @@ -184,8 +184,10 @@ @@
   handlers:
     - name: Update CA certificate cache
+    - name: Update CA certificate cache  # noqa no-changed-when
       command: /usr/sbin/update-ca-certificates --fresh
       # [no-changed-when] Commands should not change things if nothing needs doing
       #   Does not matter in test prepare stage.
 - name: Prepare, helpers
   hosts: ldap-server

0 comments (0 inline, 0 general)