added pre-commit configuration for ansible-lint (#93)

Co-authored-by: willtome <wtome@redhat.com>

.ansible-lint

@@ -1,4 +1,12 @@
 ---
+profile: production
+offline: false
+
+skip_list:
+  - "galaxy[no-changelog]"
+
 exclude_paths:
+  # would be better to move the roles here to the top-level roles directory
   - collections/ansible_collections/demo/compliance/roles/
+  - roles/redhatofficial.*
   - .github/

.devfile.yaml

@@ -1,3 +1,4 @@
+---
 schemaVersion: 2.2.0
 metadata:
   name: product-demos

.github/workflows/ansible-lint.yml

@@ -5,21 +5,13 @@ on:
  - pull_request_target
 
 env:
-  ANSIBLE_GALAXY_SERVER_LIST: ah,galaxy
-  ANSIBLE_GALAXY_SERVER_AH_URL: https://console.redhat.com/api/automation-hub/
-  ANSIBLE_GALAXY_SERVER_AH_AUTH_URL: https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
   ANSIBLE_GALAXY_SERVER_AH_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_AH_TOKEN }}
-  ANSIBLE_GALAXY_SERVER_GALAXY_URL: https://galaxy.ansible.com/
 
 jobs:
   build:
+    name: Ansible Lint
     runs-on: ubuntu-latest
-
     steps:
-      # Important: This sets up your GITHUB_WORKSPACE environment variable
+      # this action implicitly calls actions/checkout
-      - uses: actions/checkout@v3
-        with:
-          fetch-depth: 0 # needed for progressive mode to work
-
       - name: Run ansible-lint
-        uses: ansible/ansible-lint-action@v6.11.0
+        uses: ansible/ansible-lint@v6.18.0

.pre-commit-config.yaml

@@ -0,0 +1,16 @@
+---
+repos:
+  - repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v4.4.0
+    hooks:
+      - id: end-of-file-fixer
+      - id: trailing-whitespace
+  - repo: https://github.com/ansible/ansible-lint.git
+    # get latest release tag from https://github.com/ansible/ansible-lint/releases/
+    rev: v6.18.0
+    hooks:
+      - id: ansible-lint
+        additional_dependencies:
+          - jmespath
+
+...

.yamllint

@@ -0,0 +1,19 @@
+---
+extends: default
+
+rules:
+  line-length: disable
+  trailing-spaces: enable
+  colons:
+    max-spaces-before: 0
+    max-spaces-after: -1
+  indentation:
+    level: error
+    indent-sequences: true  # consistent with ansible-lint
+  truthy:
+    level: error
+    allowed-values:
+      - 'true'
+      - 'false'
+
+...

ansible.cfg

@@ -6,7 +6,8 @@ roles_path=./roles
 server_list = ah,galaxy
 
 [galaxy_server.ah]
-url=https://console.redhat.com/api/automation-hub/
+#url=https://cloud.redhat.com/api/automation-hub/
+url=https://console.redhat.com/api/automation-hub/content/published/
 auth_url=https://sso.redhat.com/auth/realms/redhat-external/protocol/openid-connect/token
 
 [galaxy_server.galaxy]

cloud/setup.yml

@@ -31,12 +31,12 @@ controller_credentials:
       username: REPLACEME
       password: REPLACEME
 
-  # - name: Azure
+#  - name: Azure
-  #   credential_type: Microsoft Azure Resource Manager
+#    credential_type: Microsoft Azure Resource Manager
-  #   organization: Default
+#    organization: Default
-  #   update_secrets: false
+#    update_secrets: false
-  #   inputs:
+#    inputs:
-  #     subscription: REPLACEME
+#      subscription: REPLACEME
 
 controller_inventory_sources:
   - name: AWS Inventory
@@ -62,22 +62,22 @@ controller_inventory_sources:
         - key: tags.owner
           prefix: owner
 
-  # - name: Azure Inventory
+#  - name: Azure Inventory
-  #   organization: Default
+#    organization: Default
-  #   source: azure_rm
+#    source: azure_rm
-  #  inventory: Demo Inventory
+#   inventory: Demo Inventory
-  #   credential: Azure
+#    credential: Azure
-  #   execution_environment: Ansible Engine 2.9 execution environment
+#    execution_environment: Ansible Engine 2.9 execution environment
-  #   overwrite: true
+#    overwrite: true
-  #   source_vars:
+#    source_vars:
-  #     hostnames:
+#      hostnames:
-  #       - tags.Name
+#        - tags.Name
-  #       - default
+#        - default
-  #     keyed_groups:
+#      keyed_groups:
-  #       - key: os_profile.system
+#        - key: os_profile.system
-  #         prefix: os
+#          prefix: os
-  #     conditional_groups:
+#      conditional_groups:
-  #       cloud_azure: true
+#        cloud_azure: true
 
 controller_groups:
   - name: cloud_aws

collections/ansible_collections/demo/cloud/roles/aws/vars/snapshot_vm.yml

@@ -1,3 +1,4 @@
+---
 # Set stat_snapshots with model:
 # [
 #   {

collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Create web directory if it does not exist
   ansible.builtin.file:
     path: "{{ file_path }}"

collections/ansible_collections/demo/patching/roles/build_report_network/vars/main.yml

@@ -1,3 +1,4 @@
+---
 file_path: "{{ web_path | default('/var/www/html/reports') }}"
 vendor:
   ios: &my_value 'Cisco'

collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Create HTML report
   ansible.builtin.template:
     src: report.j2

collections/ansible_collections/demo/patching/roles/build_report_windows/vars/main.yml

@@ -1 +1,2 @@
+---
 file_path: /var/www/html

collections/ansible_collections/demo/patching/roles/build_report_windows_patch/defaults/main.yml

@@ -1,3 +1,4 @@
+---
 email_from: tower@shadowman.dev
 to_emails: alex@shadowman.dev,tower@shadowman.dev
 to_emails_list: "{{ to_emails.split(',') }}"

collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Create HTML report
   ansible.builtin.template:
     src: report.j2

collections/ansible_collections/demo/patching/roles/build_report_windows_patch/vars/main.yml

@@ -1 +1,2 @@
+---
 file_path: /var/www/html

collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Create HTML report
   ansible.builtin.template:
     src: report.j2

collections/ansible_collections/demo/patching/roles/report_linux/vars/main.yml

@@ -1 +1,2 @@
+---
 file_path: /var/www/html/reports

collections/ansible_collections/demo/patching/roles/report_linux_patching/defaults/main.yml

@@ -1,3 +1,4 @@
+---
 email_from: tower@shadowman.dev
 to_emails: alex@shadowman.dev,tower@shadowman.dev
 to_emails_list: "{{ to_emails.split(',') }}"

collections/ansible_collections/demo/patching/roles/report_linux_patching/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Create HTML report
   ansible.builtin.template:
     src: report.j2

collections/ansible_collections/demo/patching/roles/report_linux_patching/vars/main.yml

@@ -1 +1,2 @@
+---
 file_path: /var/www/html/reports

collections/ansible_collections/demo/patching/roles/report_windows_patching/tasks/main.yml

@@ -1,3 +1,4 @@
+---
 - name: Create HTML report
   ansible.windows.win_template:
     src: report.j2

collections/ansible_collections/demo/satellite/roles/scap_client/defaults/main.yaml

@@ -1,3 +1,4 @@
+---
 foreman_server_url: "{{ lookup('env', 'SATELLITE_SERVER') }}"
 foreman_username: "{{ lookup('env', 'SATELLITE_USERNAME') }}"
 foreman_password: "{{ lookup('env', 'SATELLITE_PASSWORD') }}"

collections/requirements.yml

@@ -5,6 +5,8 @@ collections:
   - name: redhat_cop.controller_configuration
     version: 2.3.1
   # linux
+  - name: ansible.posix
+    version: 1.5.4
   - name: redhat.insights
     version: 1.0.7
   - name: redhat.rhel_system_roles

linux/deploy_application.yml

@@ -30,4 +30,3 @@
     - name: Printing to terminal application information
       ansible.builtin.debug:
         msg: "The application: {{ application }} has been installed"
-      when: result.changed | bool

linux/ec2_register.yml

@@ -18,7 +18,7 @@
       ansible.builtin.hostname:
         name: "{{ inventory_hostname | regex_replace('_', '-') }}"
 
-# Install subscription-manager if it's not there
+    # Install subscription-manager if it's not there
     - name: Install subscription-manager
       ansible.builtin.yum:
         name: subscription-manager
@@ -65,7 +65,7 @@
     - name: Configure Red Hat insights
       ansible.builtin.import_role:
         name: redhat.insights.insights_client
-      vars:
+      vars:  # noqa var-naming[no-role-prefix]
         insights_display_name: "{{ inventory_hostname }}"
         insights_tags:
           env: "{{ env }}"

network/report.yml

@@ -26,10 +26,10 @@
         gather_network_resources: all
       when: ansible_network_os == 'cisco.iosxr.iosxr'
 
-    # The dig lookup requires the python 'dnspython' library
+#   # The dig lookup requires the python 'dnspython' library
-    # - name: Resolve IP address
+#   - name: Resolve IP address
-    #   ansible.builtin.set_fact:
+#     ansible.builtin.set_fact:
-    #     ansible_host: "{{ lookup('community.general.dig', inventory_hostname)}}"
+#       ansible_host: "{{ lookup('community.general.dig', inventory_hostname)}}"
 
 - name: Create network reports
   hosts: "{{ report_server }}"

openshift/devspaces.yml

@@ -4,14 +4,14 @@
   gather_facts: false
 
   tasks:
-    - name: create namespace
+    - name: Create namespace
       redhat.openshift.k8s:
         name: eclipse-che
         api_version: v1
         kind: Namespace
         state: present
 
-    - name: create dev spaces subscription
+    - name: Create dev spaces subscription
       redhat.openshift.k8s:
         state: present
         definition:
@@ -29,8 +29,8 @@
             source: redhat-operators
             sourceNamespace: openshift-marketplace
 
-    - name: wait for dev spaces operator to install
+    - name: Wait for dev spaces operator to install
-      k8s_info:
+      kubernetes.core.k8s_info:
         api_version: apiextensions.k8s.io/v1
         kind: CustomResourceDefinition
         name: checlusters.org.eclipse.che
@@ -40,17 +40,17 @@
       delay: 30
 
     - name: Wait until devspaces-operator is up
-      k8s_info:
+      kubernetes.core.k8s_info:
         api_version: v1
         kind: Deployment
         name: devspaces-operator
         namespace: openshift-operators
       register: pod_list
-      until: pod_list|json_query('resources[*].status.readyReplicas')|unique == [1]
+      until: pod_list | json_query('resources[*].status.readyReplicas') | unique == [1]
       retries: 10
       delay: 30
 
-    - name: deploy dev spaces
+    - name: Deploy dev spaces
       redhat.openshift.k8s:
         state: present
         definition:

satellite/setup.yml

@@ -1,3 +1,4 @@
+---
 user_message:
 
 controller_components:

satellite/setup_satellite.yml

@@ -20,7 +20,7 @@
     - name: Publish CV
       ansible.builtin.include_role:
         name: redhat.satellite.content_view_publish
-      vars:
+      vars:  # noqa var-naming[no-role-prefix]
         satellite_content_views:
           - RHEL7
           - RHEL8

setup_demo.yml

@@ -8,7 +8,7 @@
       ansible.builtin.include_role:
         name: "redhat_cop.controller_configuration.{{ item }}"
       loop: "{{ controller_components }}"
-      vars:
+      vars:  # noqa var-naming[no-role-prefix]
         controller_components:
           - notification_templates
           - job_templates

windows/create_ad_domain.yml

@@ -34,9 +34,9 @@
         name: "{{ item.name }}"
         scope: global
       loop:
-        - { name: "GroupA" }
+        - {name: "GroupA"}
-        - { name: "GroupB" }
+        - {name: "GroupB"}
-        - { name: "GroupC" }
+        - {name: "GroupC"}
       retries: 5
       delay: 10
 
@@ -47,8 +47,8 @@
         password: "{{ lookup('community.general.random_string', min_lower=1, min_upper=1, min_special=1, min_numeric=1) }}"
         update_password: on_create
       loop:
-        - { name: "UserA", groups: "GroupA" }
+        - {name: "UserA", groups: "GroupA"}
-        - { name: "UserB", groups: "GroupB" }
+        - {name: "UserB", groups: "GroupB"}
-        - { name: "UserC", groups: "GroupC" }
+        - {name: "UserC", groups: "GroupC"}
       retries: 5
       delay: 10