more linting

.github/workflows/ansible-lint.yml

@@ -2,6 +2,13 @@
 name: Ansible Lint
 on: [push, pull_request]
 
+env:
+  ANSIBLE_GALAXY_SERVER_LIST: ah,galaxy
+  ANSIBLE_GALAXY_SERVER_AH_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_AH_URL }}
+  ANSIBLE_GALAXY_SERVER_AH_AUTH_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_AH_AUTH_URL }}
+  ANSIBLE_GALAXY_SERVER_AH_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_AH_TOKEN }}
+  ANSIBLE_GALAXY_SERVER_GALAXY_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_GALAXY_URL }}
+
 jobs:
   build:
     runs-on: ubuntu-latest
@@ -14,9 +21,3 @@ jobs:
 
       - name: Run ansible-lint
         uses: ansible/ansible-lint-action@v6
-        env:
-          ANSIBLE_GALAXY_SERVER_LIST: ah,galaxy
-          ANSIBLE_GALAXY_SERVER_AH_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_AH_URL }}
-          ANSIBLE_GALAXY_SERVER_AH_AUTH_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_AH_AUTH_URL }}
-          ANSIBLE_GALAXY_SERVER_AH_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_AH_TOKEN }}
-          ANSIBLE_GALAXY_SERVER_GALAXY_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_GALAXY_URL }}

collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml

@@ -2,12 +2,13 @@
   ansible.builtin.file:
     path: "{{ file_path }}"
     state: directory
-    mode: '0755'
+    mode: "0755"
 
 - name: Create HTML report
   ansible.builtin.template:
     src: report.j2
     dest: "{{ file_path }}/network.html"
+    mode: "0644"
   check_mode: false
 
 - name: Copy CSS over
@@ -15,6 +16,7 @@
     src: "css"
     dest: "{{ file_path }}"
     directory_mode: true
+    mode: "0775"
   check_mode: false
 
 - name: Copy logos over
@@ -22,6 +24,7 @@
     src: "{{ item }}"
     dest: "{{ file_path }}"
     directory_mode: true
+    mode: "0644"
   loop:
     - "webpage_logo.png"
     - "redhat-ansible-logo.svg"

collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml

@@ -2,18 +2,21 @@
   ansible.builtin.template:
     src: report.j2
     dest: "{{ file_path }}/windows.html"
+    mode: "0644"
 
 - name: Copy CSS over
   ansible.builtin.copy:
     src: "css"
     dest: "{{ file_path }}"
     directory_mode: true
+    mode: "0755"
 
 - name: Copy logos over
   ansible.builtin.copy:
     src: "{{ item }}"
     dest: "{{ file_path }}"
     directory_mode: true
+    mode: "0644"
   loop:
     - "webpage_logo.png"
     - "redhat-ansible-logo.svg"

collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml

@@ -2,6 +2,7 @@
   ansible.builtin.template:
     src: report.j2
     dest: "{{ file_path }}/windowspatch.html"
+    mode: "0644"
   check_mode: false
 
 - name: Copy CSS over
@@ -9,6 +10,7 @@
     src: "css"
     dest: "{{ file_path }}"
     directory_mode: true
+    mode: "0775"
   check_mode: false
 
 - name: Copy logo over
@@ -16,23 +18,9 @@
     src: "webpage_logo.png"
     dest: "{{ file_path }}"
     directory_mode: true
+    mode: "0644"
   check_mode: false
 
 - name: Display link to Patch report
   ansible.builtin.debug:
     msg: "Please go to http://{{ ansible_host }}/windowspatch.html"
-
-- name: Send Report via E-mail
-  community.general.mail:
-    host: "{{ EMAIL_HOST }}"
-    username: "{{ EMAIL_USERNAME }}"
-    password: "{{ EMAIL_PASSWORD }}"
-    port: "{{ EMAIL_PORT }}"
-    subject: "Windows Patching Report"
-    body: "{{ lookup('template', 'report.j2') }}"
-    from: "{{ EMAIL_FROM }}"
-    to: "{{ EMAIL_TO }}"
-    subtype: html
-  delegate_to: localhost
-  become: false
-  check_mode: false

collections/ansible_collections/demo/patching/roles/patch_linux/tasks/main.yml

@@ -34,4 +34,4 @@
   ansible.builtin.reboot:
   when:
     - result.rc == 1
-    - allow_reboot == true
+    - allow_reboot

collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml

@@ -2,6 +2,7 @@
   ansible.builtin.template:
     src: report.j2
     dest: "{{ file_path }}/linux.html"
+    mode: "0644"
   check_mode: false
 
 - name: Copy CSS over
@@ -9,6 +10,7 @@
     src: "css"
     dest: "{{ file_path }}"
     directory_mode: true
+    mode: "0775"
   check_mode: false
 
 - name: Copy logos over
@@ -16,6 +18,7 @@
     src: "{{ item }}"
     dest: "{{ file_path }}"
     directory_mode: true
+    mode: "0644"
   loop:
     - "webpage_logo.png"
     - "redhat-ansible-logo.svg"

collections/ansible_collections/demo/patching/roles/report_linux_patching/tasks/main.yml

@@ -2,6 +2,7 @@
   ansible.builtin.template:
     src: report.j2
     dest: "{{ file_path }}/linuxpatch.html"
+    mode: "0644"
   check_mode: false
 
 - name: Copy CSS over
@@ -9,6 +10,7 @@
     src: "css"
     dest: "{{ file_path }}"
     directory_mode: true
+    mode: "0775"
   check_mode: false
 
 - name: Copy logo over
@@ -16,6 +18,7 @@
     src: "webpage_logo.png"
     dest: "{{ file_path }}"
     directory_mode: true
+    mode: "0644"
   check_mode: false
 
 - name: Display link to Linux patch report

collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml

@@ -12,12 +12,14 @@
   ansible.builtin.file:
     path: "{{ doc_root }}/{{ reports_dir }}"
     state: directory
+    mode: "0775"
   check_mode: false
 
 - name: Copy .htaccess
   ansible.builtin.copy:
     dest: "{{ doc_root }}/{{ reports_dir }}/.htaccess"
     content: Options +Indexes
+    mode: "0644"
   check_mode: false
 
 - name: Install httpd service

collections/ansible_collections/demo/patching/roles/report_server/tasks/linux_landing_page.yml

@@ -13,6 +13,7 @@
   ansible.builtin.template:
     src: linux_report.j2
     dest: "{{ doc_root }}/index.html"
+    mode: "0644"
   check_mode: false
 
 - name: Copy CSS
@@ -20,6 +21,7 @@
     src: "css"
     dest: "{{ doc_root }}"
     directory_mode: true
+    mode: "0775"
   check_mode: false
 
 - name: Copy logos
@@ -27,6 +29,7 @@
     src: "{{ item }}"
     dest: "{{ doc_root }}"
     directory_mode: true
+    mode: "0775"
   loop:
     - "webpage_logo.png"
     - "redhat-ansible-logo.svg"

linux/deploy_application.yml

@@ -19,13 +19,15 @@
         name: "{{ application }}"
         allow_downgrade: true
       register: result
+      notify: Printing to terminal application information
 
+    - name: Printing to terminal application information # noqa: no-handler
+      ansible.builtin.debug:
+        msg: "The application: {{ application }} was already installed"
+      when: not result.changed | bool
+
+  handlers:
     - name: Printing to terminal application information
       ansible.builtin.debug:
         msg: "The application: {{ application }} has been installed"
       when: result.changed | bool
-
-    - name: Printing to terminal application information
-      ansible.builtin.debug:
-        msg: "The application: {{ application }} was already installed"
-      when: not result.changed | bool

linux/podman.yml

@@ -16,11 +16,14 @@
       ansible.builtin.file:
         path: "{{ volume_path }}"
         state: directory
+        mode: "0775"
 
     - name: Create index.html
       ansible.builtin.copy:
         dest: "{{ volume_path }}/index.html"
         content: "{{ message }}"
+        mode: "0664"
+
 
     - name: Run httpd container
       containers.podman.podman_container:
@@ -30,11 +33,11 @@
         volume:
           - "./{{ volume_path }}/:/usr/local/apache2/htdocs:z"
         ports:
-          - "8080:80"
+          - "8081:80"
 
     - name: Check Web Page
       ansible.builtin.uri:
-        url: http://127.0.0.1:8080
+        url: http://127.0.0.1:8081
         return_content: true
       register: web_output
       changed_when: false

satellite/server_openscap.yml

@@ -9,9 +9,10 @@
 
   tasks:
     - name: Randomized startup delay...
-      ansible.builtin.pause: seconds="{{ 5 | random }}"
+      ansible.builtin.pause:
+        seconds: "{{ 5 | random }}"
 
-    - name: Run SCAP Scan
+    - name: Run SCAP Scan # noqa: no-changed-when - purpose is to run everytime
       ansible.builtin.command: "/usr/bin/foreman_scap_client {{ item.id }}"
       loop: "{{ policy }}"
       when: policy_scan == 'all' or item.name in policy_scan