Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cleanup with Ansible Lint #16

Open
freephile opened this issue Feb 23, 2024 · 0 comments
Open

cleanup with Ansible Lint #16

freephile opened this issue Feb 23, 2024 · 0 comments
Labels
ansible RedHat Ansible bug Something isn't working code health best practices
Milestone
Quality Best Prac...

Comments

@freephile
Copy link
Owner

On the current Meza (REL1_39 branch, derived from GRC-DEV as of Feb '24) there are 181 failures, 30 warnings on 69 files when using ansible-lint on site.yml

ANSIBLE_ROLES_PATH=/opt/meza/src/roles ansible-lint ./playbooks/site.yml

WARNING Listing 211 violation(s) that are fatal
no-changed-when: Commands should not change things if nothing needs doing
playbooks/site.yml:12 Task/Handler: Get Meza install path

unnamed-task: All tasks should be named
playbooks/site.yml:15 Task/Handler: set_fact m_home={{ ip.stdout }}/conf-meza/users m_config_vault={{ ip.stdout }}/conf-meza/vault m_conf_dir={{ ip.stdout }}/conf-meza

command-instead-of-shell: Use shell only when shell functionality is required
playbooks/site.yml:19 Task/Handler: Ensure no password on meza-ansible user on controller

no-changed-when: Commands should not change things if nothing needs doing
playbooks/site.yml:19 Task/Handler: Ensure no password on meza-ansible user on controller

risky-file-permissions: File permissions unset or incorrect
roles/apache-php/tasks/main.yml:33 Task/Handler: write the apache config file for Cent/RHEL7

risky-file-permissions: File permissions unset or incorrect
roles/apache-php/tasks/main.yml:41 Task/Handler: Write apache config for Rocky/RHEL8 using php-fpm

risky-file-permissions: File permissions unset or incorrect
roles/apache-php/tasks/main.yml:49 Task/Handler: Ensure Apache environment variables set properly

risky-file-permissions: File permissions unset or incorrect
roles/apache-php/tasks/main.yml:114 Task/Handler: Setup php-rpm for Rocky/RHEL8

risky-file-permissions: File permissions unset or incorrect
roles/apache-php/tasks/main.yml:121 Task/Handler: Proper php.conf for Rocky/RHEL8 httpd

package-latest: Package installs should not use latest
roles/apache-php/tasks/mssql_driver_for_php.yml:30 Task/Handler: install MS ODBC driver package

yaml: wrong indentation: expected 4 but found 2 (indentation)
roles/apache-php/tasks/mssql_driver_for_php.yml:38

package-latest: Package installs should not use latest
roles/apache-php/tasks/mssql_driver_for_php.yml:41 Task/Handler: install ODBC driver devel package

command-instead-of-shell: Use shell only when shell functionality is required
roles/apache-php/tasks/mssql_driver_for_php.yml:84 Task/Handler: Ensure PEAR channel up-to-date

no-changed-when: Commands should not change things if nothing needs doing
roles/apache-php/tasks/mssql_driver_for_php.yml:84 Task/Handler: Ensure PEAR channel up-to-date

command-instead-of-shell: Use shell only when shell functionality is required
roles/apache-php/tasks/mssql_driver_for_php.yml:101 Task/Handler: Install sqlsrv PECL packages

ignore-errors: Use failed_when and specify error conditions instead of using ignore_errors
roles/apache-php/tasks/mssql_driver_for_php.yml:101 Task/Handler: Install sqlsrv PECL packages

no-changed-when: Commands should not change things if nothing needs doing
roles/apache-php/tasks/mssql_driver_for_php.yml:101 Task/Handler: Install sqlsrv PECL packages

command-instead-of-shell: Use shell only when shell functionality is required
roles/apache-php/tasks/mssql_driver_for_php.yml:107 Task/Handler: Install pdo_sqlsrv PECL packages

ignore-errors: Use failed_when and specify error conditions instead of using ignore_errors
roles/apache-php/tasks/mssql_driver_for_php.yml:107 Task/Handler: Install pdo_sqlsrv PECL packages

no-changed-when: Commands should not change things if nothing needs doing
roles/apache-php/tasks/mssql_driver_for_php.yml:107 Task/Handler: Install pdo_sqlsrv PECL packages

unnamed-task: All tasks should be named
roles/apache-php/tasks/mssql_driver_for_php.yml:114 Task/Handler: template src=30-pdo_sqlsrv.ini.j2 dest=/etc/php.d/30-pdo_sqlsrv.ini owner=root group=root mode=420

unnamed-task: All tasks should be named
roles/apache-php/tasks/mssql_driver_for_php.yml:124 Task/Handler: template src=20-sqlsrv.ini.j2 dest=/etc/php.d/20-sqlsrv.ini owner=root group=root mode=420

no-handler: Tasks that run when changed should likely be handlers
roles/apache-php/tasks/php-debian.yml:38 Task/Handler: Update apt caches after repo is added (Debian).

package-latest: Package installs should not use latest
roles/apache-php/tasks/php-debian.yml:68 Task/Handler: Ensure PHP packages are installed.

unnamed-task: All tasks should be named
roles/apache-php/tasks/php-redhat.yml:27 Task/Handler: debug var=correct_php

var-naming: Task uses 'set_fact' to define variables that violates variable naming standards
roles/apache-php/tasks/php-redhat.yml:30 Task/Handler: Set fact desired_PHP_version_installed

unnamed-task: All tasks should be named
roles/apache-php/tasks/php-redhat7.yml:27 Task/Handler: debug var=correct_php

var-naming: Task uses 'set_fact' to define variables that violates variable naming standards
roles/apache-php/tasks/php-redhat7.yml:30 Task/Handler: Set fact desired_PHP_version_installed

command-instead-of-shell: Use shell only when shell functionality is required
roles/apache-php/tasks/php-redhat8.yml:16 Task/Handler: Switch to php 8.1

no-changed-when: Commands should not change things if nothing needs doing
roles/apache-php/tasks/php-redhat8.yml:16 Task/Handler: Switch to php 8.1

command-instead-of-shell: Use shell only when shell functionality is required
roles/apache-php/tasks/php-redhat8.yml:50 Task/Handler: Ensure PEAR channel up-to-date

no-changed-when: Commands should not change things if nothing needs doing
roles/apache-php/tasks/php-redhat8.yml:50 Task/Handler: Ensure PEAR channel up-to-date

ignore-errors: Use failed_when and specify error conditions instead of using ignore_errors
roles/apache-php/tasks/php-redhat8.yml:54 Task/Handler: Install memcached PECL packages

no-changed-when: Commands should not change things if nothing needs doing
roles/apache-php/tasks/php-redhat8.yml:54 Task/Handler: Install memcached PECL packages

unnamed-task: All tasks should be named
roles/apache-php/tasks/php-redhat8.yml:63 Task/Handler: template src=40-memcached.ini.j2 dest=/etc/php.d/40-memcached.ini owner=root group=root mode=420

risky-file-permissions: File permissions unset or incorrect
roles/apache-php/tasks/php.yml:33 Task/Handler: Write php.ini file

risky-file-permissions: File permissions unset or incorrect
roles/apache-php/tasks/php.yml:41 Task/Handler: Write php.d ini files

risky-file-permissions: File permissions unset or incorrect
roles/apache-php/tasks/php.yml:52 Task/Handler: Write freetds.conf file

risky-file-permissions: File permissions unset or incorrect
roles/apache-php/tasks/profiling.yml:4 Task/Handler: add mongo repo file

risky-file-permissions: File permissions unset or incorrect
roles/apache-php/tasks/profiling.yml:17 Task/Handler: Ensure MongoDB conf file in place

risky-file-permissions: File permissions unset or incorrect
roles/apache-php/tasks/profiling.yml:65 Task/Handler: Ensure XHGui using correct Mongo DB instance (on first app server)

var-spacing: Variables should have spaces before and after: {{m_private_networking_zone|default('public')}}
roles/apache-php/tasks/profiling.yml:81 Task/Handler: Open port 27017 for MongoDB on all but first app server

var-spacing: Variables should have spaces before and after: {{m_private_networking_zone|default('public')}}
roles/apache-php/tasks/profiling.yml:90 Task/Handler: Open port 8089 to load balancer

unnamed-task: All tasks should be named
roles/autodeployer/tasks/do-deploy.yml:4 Task/Handler: set_fact autodeployer_slack_icon_url={{ autodeployer.slack_icon_url | default('https://github.com/enterprisemediawiki/meza/raw/master/src/roles/configure-wiki/files/logo.png') }}

yaml: line too long (176 > 160 characters) (line-length)
roles/autodeployer/tasks/do-deploy.yml:6

no-changed-when: Commands should not change things if nothing needs doing
roles/autodeployer/tasks/do-deploy.yml:25 Task/Handler: Deploy

yaml: truthy value should be one of [false, true] (truthy)
roles/autodeployer/tasks/do-deploy.yml:29

unnamed-task: All tasks should be named
roles/autodeployer/tasks/main.yml:11 Task/Handler: set_fact _force_deploy_notify_prefix=Backup _force_deploy_options=--overwrite {{ force_deploy.extra_options|default('') }}

unnamed-task: All tasks should be named
roles/autodeployer/tasks/main.yml:20 Task/Handler: set_fact _force_deploy_notify_prefix=Deploy _force_deploy_options={{ force_deploy.extra_options|default('') }}

yaml: too many blank lines (1 > 0) (empty-lines)
roles/backup-config/tasks/main.yml:56

yaml: too many blank lines (1 > 0) (empty-lines)
roles/base-extras/tasks/main.yml:17

no-changed-when: Commands should not change things if nothing needs doing
roles/base/tasks/main.yml:21 Task/Handler: Copy meza-ansible authorized_keys to alt-meza-ansible

command-instead-of-shell: Use shell only when shell functionality is required
roles/base/tasks/main.yml:43 Task/Handler: Ensure no password on alt-meza-ansible user

no-changed-when: Commands should not change things if nothing needs doing
roles/base/tasks/main.yml:43 Task/Handler: Ensure no password on alt-meza-ansible user

package-latest: Package installs should not use latest
roles/base/tasks/main.yml:64 Task/Handler: ensure deltarpm is installed and latest

package-latest: Package installs should not use latest
roles/base/tasks/main.yml:92 Task/Handler: Upgrade all packages

command-instead-of-shell: Use shell only when shell functionality is required
roles/base/tasks/main.yml:151 Task/Handler: Ensure optional repos enabled (RedHat Only)

package-latest: Package installs should not use latest
roles/base/tasks/main.yml:246 Task/Handler: Ensure selinux-policy installed (RedHat/CentOS only)

unnamed-task: All tasks should be named
roles/base/tasks/main.yml:280 Task/Handler: ufw rule=allow name=OpenSSH

risky-file-permissions: File permissions unset or incorrect
roles/base/tasks/main.yml:363 Task/Handler: Copy the ntp.conf template file

command-instead-of-shell: Use shell only when shell functionality is required
roles/base/tasks/main.yml:443 Task/Handler: Ensure crontab empty for meza-ansible when overwriting wikis

literal-compare: Don't compare to literal True/False
roles/base/tasks/main.yml:443 Task/Handler: Ensure crontab empty for meza-ansible when overwriting wikis

command-instead-of-shell: Use shell only when shell functionality is required
roles/base/tasks/main.yml:479 Task/Handler: Update CA trust if certs changed

no-handler: Tasks that run when changed should likely be handlers
roles/base/tasks/main.yml:479 Task/Handler: Update CA trust if certs changed

yaml: too many blank lines (2 > 0) (empty-lines)
roles/cron/defaults/main.yml:31

unnamed-task: All tasks should be named
roles/cron/tasks/main.yml:32 Task/Handler: lineinfile dest=/etc/sudoers state=present regexp=^Defaults\s+requiretty line=#Defaults requiretty validate=visudo -cf %s

unnamed-task: All tasks should be named
roles/cron/tasks/main.yml:40 Task/Handler: lineinfile dest=/etc/sudoers state=present regexp=^Defaults\s+!visiblepw line=#Defaults !visiblepw validate=visudo -cf %s

command-instead-of-shell: Use shell only when shell functionality is required
roles/cron/tasks/main.yml:48 Task/Handler: Ensure crontab up-to-date from file

no-changed-when: Commands should not change things if nothing needs doing
roles/cron/tasks/main.yml:48 Task/Handler: Ensure crontab up-to-date from file

yaml: truthy value should be one of [false, true] (truthy)
roles/database/defaults/main.yml:14

yaml: truthy value should be one of [false, true] (truthy)
roles/database/defaults/main.yml:15

yaml: truthy value should be one of [false, true] (truthy)
roles/database/defaults/main.yml:17

yaml: truthy value should be one of [false, true] (truthy)
roles/database/defaults/main.yml:20

yaml: truthy value should be one of [false, true] (truthy)
roles/database/defaults/main.yml:40

yaml: truthy value should be one of [false, true] (truthy)
roles/database/defaults/main.yml:48

command-instead-of-shell: Use shell only when shell functionality is required
roles/database/tasks/configure.yml:32 Task/Handler: Create slow query log file (if configured).

yaml: too many spaces after colon (colons)
roles/database/tasks/configure.yml:42

command-instead-of-shell: Use shell only when shell functionality is required
roles/database/tasks/configure.yml:54 Task/Handler: Create error log file (if configured).

empty-string-compare: Don't compare to empty string
roles/database/tasks/configure.yml:54 Task/Handler: Create error log file (if configured).

empty-string-compare: Don't compare to empty string
roles/database/tasks/configure.yml:58 Task/Handler: Set ownership on error log file (if configured).

command-instead-of-shell: Use shell only when shell functionality is required
roles/database/tasks/configure.yml:76 Task/Handler: Create datadir if it does not exist

literal-compare: Don't compare to literal True/False
roles/database/tasks/configure.yml:76 Task/Handler: Create datadir if it does not exist

yaml: line too long (194 > 160 characters) (line-length)
roles/database/tasks/main.yml:14

empty-string-compare: Don't compare to empty string
roles/database/tasks/replication.yml:5 Task/Handler: Check if valid slave

unnamed-task: All tasks should be named
roles/database/tasks/replication.yml:12 Task/Handler: set_fact role_is_valid_slave=False

yaml: truthy value should be one of [false, true] (truthy)
roles/database/tasks/replication.yml:13

empty-string-compare: Don't compare to empty string
roles/database/tasks/replication.yml:16 Task/Handler: Check if valid master

unnamed-task: All tasks should be named
roles/database/tasks/replication.yml:23 Task/Handler: set_fact role_is_valid_master=False

yaml: truthy value should be one of [false, true] (truthy)
roles/database/tasks/replication.yml:24

unnamed-task: All tasks should be named
roles/database/tasks/replication.yml:28 Task/Handler: set_fact role_is_valid_master=False

yaml: truthy value should be one of [false, true] (truthy)
roles/database/tasks/replication.yml:49

unnamed-task: All tasks should be named
roles/database/tasks/replication.yml:52 Task/Handler: debug var=slave

yaml: too many spaces inside braces (braces)
roles/database/tasks/replication.yml:52

unnamed-task: All tasks should be named
roles/database/tasks/replication.yml:67 Task/Handler: debug var=slave_needs_configuration

yaml: too many spaces inside braces (braces)
roles/database/tasks/replication.yml:67

unnamed-task: All tasks should be named
roles/database/tasks/replication.yml:80 Task/Handler: debug var=master

yaml: too many spaces inside braces (braces)
roles/database/tasks/replication.yml:80

yaml: too many blank lines (3 > 2) (empty-lines)
roles/database/tasks/replication.yml:83

yaml: line too long (164 > 160 characters) (line-length)
roles/database/tasks/replication.yml:90

risky-shell-pipe: Shells that use pipes should set the pipefail option
roles/database/tasks/replication.yml:97 Task/Handler: export dump file on master

risky-file-permissions: File permissions unset or incorrect
roles/database/tasks/replication.yml:121 Task/Handler: put dump file

unnamed-task: All tasks should be named
roles/database/tasks/replication.yml:144 Task/Handler: mysql_replication mode=stopslave

yaml: truthy value should be one of [false, true] (truthy)
roles/database/tasks/replication.yml:157

yaml: wrong indentation: expected 4 but found 5 (indentation)
roles/database/tasks/secure-installation.yml:86

literal-compare: Don't compare to literal True/False
roles/database/tasks/setup-Debian.yml:6 Task/Handler: Update apt cache if MySQL is not yet installed.

literal-compare: Don't compare to literal True/False
roles/database/tasks/setup-Debian.yml:21 Task/Handler: Ensure MySQL is stopped after initial install.

literal-compare: Don't compare to literal True/False
roles/database/tasks/setup-Debian.yml:25 Task/Handler: Delete innodb log files created by apt package after initial install.

var-spacing: Variables should have spaces before and after: {{ mysql_datadir }}/{{item}}
roles/database/tasks/setup-Debian.yml:25 Task/Handler: Delete innodb log files created by apt package after initial install.

yaml: wrong indentation: expected 4 but found 10 (indentation)
roles/database/tasks/setup-Debian.yml:28

yaml: trailing spaces (trailing-spaces)
roles/database/tasks/setup-RedHat.yml:18

yaml: too many spaces after colon (colons)
roles/elasticsearch/defaults/main.yml:11

no-changed-when: Commands should not change things if nothing needs doing
roles/elasticsearch/tasks/es_reindex.yml:9 Task/Handler: Run Elasticsearch reindex script

yaml: too many blank lines (1 > 0) (empty-lines)
roles/elasticsearch/tasks/es_reindex.yml:11

command-instead-of-shell: Use shell only when shell functionality is required
roles/elasticsearch/tasks/es_upgrade.yml:21 Task/Handler: Ensure elasticsearch plugins removed

no-changed-when: Commands should not change things if nothing needs doing
roles/elasticsearch/tasks/es_upgrade.yml:21 Task/Handler: Ensure elasticsearch plugins removed

yaml: truthy value should be one of [false, true] (truthy)
roles/elasticsearch/tasks/es_upgrade.yml:23

package-latest: Package installs should not use latest
roles/elasticsearch/tasks/es_upgrade.yml:83 Task/Handler: Ensure Elasticsearch is latest version

yaml: too many blank lines (1 > 0) (empty-lines)
roles/elasticsearch/tasks/es_upgrade.yml:138

yaml: trailing spaces (trailing-spaces)
roles/elasticsearch/tasks/main.yml:28

yaml: truthy value should be one of [false, true] (truthy)
roles/elasticsearch/tasks/main.yml:60

yaml: truthy value should be one of [false, true] (truthy)
roles/elasticsearch/tasks/main.yml:170

yaml: truthy value should be one of [false, true] (truthy)
roles/elasticsearch/tasks/main.yml:177

unnamed-task: All tasks should be named
roles/firewall_port/tasks/main.yml:4 Task/Handler: set_fact firewalld_state=enabled ufw_rule=allow

unnamed-task: All tasks should be named
roles/firewall_port/tasks/main.yml:9 Task/Handler: set_fact firewalld_state=disabled ufw_rule=deny

var-spacing: Variables should have spaces before and after: {{firewall_zone|default('public')}}
roles/firewall_port/tasks/main.yml:14 Task/Handler: Ensure firewalld port {{ firewall_port }} {{ firewall_action }} for list of servers (RedHat/CentOS only)

var-spacing: Variables should have spaces before and after: {{firewall_zone|default('public')}}
roles/firewall_port/tasks/main.yml:32 Task/Handler: Ensure firewalld port {{ firewall_port }} {{ firewall_action }} from all sources (RedHat/CentOS only)

var-spacing: Variables should have spaces before and after: {{firewall_zone|default('public')}}
roles/firewall_service/tasks/main.yml:3 Task/Handler: Ensure firewalld service {{ firewall_service }} allowed for list of servers (RedHat/CentOS only)

yaml: too many blank lines (1 > 0) (empty-lines)
roles/firewall_service/tasks/main.yml:39

yaml: truthy value should be one of [false, true] (truthy)
roles/gluster/defaults/main.yml:4

no-handler: Tasks that run when changed should likely be handlers
roles/gluster/tasks/setup-Debian.yml:10 Task/Handler: Ensure GlusterFS will reinstall if the PPA was just added.

risky-file-permissions: File permissions unset or incorrect
roles/gluster/tasks/setup-RedHat.yml:3 Task/Handler: Ensure gluster repo in place for RHEL7

yaml: too many blank lines (1 > 0) (empty-lines)
roles/haproxy/handlers/main.yml:14

yaml: truthy value should be one of [false, true] (truthy)
roles/haproxy/tasks/main.yml:12

yaml: truthy value should be one of [false, true] (truthy)
roles/haproxy/tasks/main.yml:24

yaml: truthy value should be one of [false, true] (truthy)
roles/haproxy/tasks/main.yml:38

yaml: truthy value should be one of [false, true] (truthy)
roles/haproxy/tasks/main.yml:50

package-latest: Package installs should not use latest
roles/haproxy/tasks/main.yml:63 Task/Handler: Install haproxy packages

risky-file-permissions: File permissions unset or incorrect
roles/haproxy/tasks/main.yml:71 Task/Handler: Ensure haproxy certs directory exists

yaml: truthy value should be one of [false, true] (truthy)
roles/haproxy/tasks/main.yml:87

yaml: truthy value should be one of [false, true] (truthy)
roles/haproxy/tasks/main.yml:97

literal-compare: Don't compare to literal True/False
roles/haproxy/tasks/main.yml:100 Task/Handler: If not exists, create self-signed SSL cert on CONTROLLER

var-spacing: Variables should have spaces before and after: wiki_app_fqdn}}"
roles/haproxy/tasks/main.yml:100 Task/Handler: If not exists, create self-signed SSL cert on CONTROLLER

yaml: truthy value should be one of [false, true] (truthy)
roles/haproxy/tasks/main.yml:108

no-changed-when: Commands should not change things if nothing needs doing
roles/haproxy/tasks/main.yml:110 Task/Handler: Ensure SSL cert and key are encrypted

yaml: truthy value should be one of [false, true] (truthy)
roles/haproxy/tasks/main.yml:115

yaml: truthy value should be one of [false, true] (truthy)
roles/haproxy/tasks/main.yml:117

no-changed-when: Commands should not change things if nothing needs doing
roles/haproxy/tasks/main.yml:122 Task/Handler: Read SSL key into variable

yaml: truthy value should be one of [false, true] (truthy)
roles/haproxy/tasks/main.yml:129

no-changed-when: Commands should not change things if nothing needs doing
roles/haproxy/tasks/main.yml:131 Task/Handler: Read SSL cert into variable

yaml: truthy value should be one of [false, true] (truthy)
roles/haproxy/tasks/main.yml:138

risky-file-permissions: File permissions unset or incorrect
roles/haproxy/tasks/main.yml:150 Task/Handler: Ensure SSL cert on load balancers

risky-file-permissions: File permissions unset or incorrect
roles/haproxy/tasks/main.yml:157 Task/Handler: Ensure SSL key on load balancers

risky-file-permissions: File permissions unset or incorrect
roles/haproxy/tasks/main.yml:164 Task/Handler: Ensure cert and key assembled into into pem file

risky-file-permissions: File permissions unset or incorrect
roles/haproxy/tasks/main.yml:191 Task/Handler: write the haproxy config file

risky-file-permissions: File permissions unset or incorrect
roles/haproxy/tasks/main.yml:207 Task/Handler: Ensure error files directory in place

risky-file-permissions: File permissions unset or incorrect
roles/haproxy/tasks/main.yml:214 Task/Handler: Ensure error pages in place

yaml: too many blank lines (3 > 2) (empty-lines)
roles/haproxy/tasks/main.yml:229

command-instead-of-shell: Use shell only when shell functionality is required
roles/haproxy/tasks/main.yml:247 Task/Handler: Ensure SELinux context for firewalld haproxy service files

yaml: missing starting space in comment (comments)
roles/haproxy/tasks/main.yml:258

yaml: missing starting space in comment (comments)
roles/haproxy/tasks/main.yml:276

var-spacing: Variables should have spaces before and after: {{m_private_networking_zone|default('public')}}
roles/haproxy/tasks/main.yml:281 Task/Handler: Ensure port {{ fully_open_ports | join(', ') }} open to the world for haproxy

var-spacing: Variables should have spaces before and after: {{m_private_networking_zone|default('public')}}
roles/haproxy/tasks/main.yml:301 Task/Handler: Ensure firewall port 1936 OPEN when haproxy stats ENABLED

var-spacing: Variables should have spaces before and after: {{m_private_networking_zone|default('public')}}
roles/haproxy/tasks/main.yml:314 Task/Handler: Ensure firewall port 1936 CLOSED when haproxy stats DISABLED

var-spacing: Variables should have spaces before and after: {{m_private_networking_zone|default('public')}}
roles/haproxy/tasks/main.yml:327 Task/Handler: Ensure firewall port 8088 OPEN when PHP profiling ENABLED

var-spacing: Variables should have spaces before and after: {{m_private_networking_zone|default('public')}}
roles/haproxy/tasks/main.yml:340 Task/Handler: Ensure firewall port 8088 CLOSED when PHP profiling DISABLED

risky-file-permissions: File permissions unset or incorrect
roles/haproxy/tasks/main.yml:380 Task/Handler: Ensure /etc/rsyslog.d/haproxy.conf configured

yaml: wrong indentation: expected 4 but found 2 (indentation)
roles/htdocs/tasks/main.yml:41

risky-file-permissions: File permissions unset or incorrect
roles/imagemagick/tasks/main.yml:16 Task/Handler: Copy xpdf bin64 files to /usr/local/bin

no-changed-when: Commands should not change things if nothing needs doing
roles/lua/tasks/main.yml:14 Task/Handler: compile and install luasandbox

var-naming: File defines variable 'wgPasswordSender' that violates variable naming standards
roles/mediawiki/defaults/main.yml:1

yaml: truthy value should be one of [false, true] (truthy)
roles/mediawiki/tasks/main.yml:40

yaml: truthy value should be one of [false, true] (truthy)
roles/mediawiki/tasks/main.yml:54

yaml: truthy value should be one of [false, true] (truthy)
roles/mediawiki/tasks/main.yml:85

literal-compare: Don't compare to literal True/False
roles/mediawiki/tasks/main.yml:256 Task/Handler: Ensure Git submodule requirements met for core meza extensions

literal-compare: Don't compare to literal True/False
roles/mediawiki/tasks/main.yml:269 Task/Handler: Ensure Git submodule requirements met for local meza extensions

literal-compare: Don't compare to literal True/False
roles/mediawiki/tasks/main.yml:283 Task/Handler: Ensure Git submodule requirements met for core meza skins

literal-compare: Don't compare to literal True/False
roles/mediawiki/tasks/main.yml:295 Task/Handler: Ensure Git submodule requirements met for local meza skins

unnamed-task: All tasks should be named
roles/mediawiki/tasks/main.yml:460 Task/Handler: debug var=list_of_wikis

yaml: too many spaces inside braces (braces)
roles/mediawiki/tasks/main.yml:460

unnamed-task: All tasks should be named
roles/mediawiki/tasks/main.yml:481 Task/Handler: debug var=wikis_to_rebuild_data

yaml: too many spaces inside braces (braces)
roles/mediawiki/tasks/main.yml:481

command-instead-of-shell: Use shell only when shell functionality is required
roles/mediawiki/tasks/main.yml:533 Task/Handler: Verify metastore index upgraded

command-instead-of-shell: Use shell only when shell functionality is required
roles/mediawiki/tasks/main.yml:540 Task/Handler: (Re-)build search index for: {{ wikis_to_rebuild_data | join(', ') }}

unnamed-task: All tasks should be named
roles/mediawiki/tasks/main.yml:558 Task/Handler: include_role name=update.php

package-latest: Package installs should not use latest
roles/mediawiki/tasks/main.yml:592 Task/Handler: Ensure Python3 present on RedHat7 variant

package-latest: Package installs should not use latest
roles/mediawiki/tasks/main.yml:604 Task/Handler: Ensure Python3 present on Rocky/RHEL8

yaml: missing starting space in comment (comments)
roles/mediawiki/tasks/main.yml:616

package-latest: Package installs should not use latest
roles/memcached/tasks/main.yml:6 Task/Handler: Ensure memcached and netcat packages latest

risky-file-permissions: File permissions unset or incorrect
roles/memcached/tasks/main.yml:15 Task/Handler: Write the memcached config file

yaml: wrong indentation: expected 4 but found 2 (indentation)
roles/memcached/tasks/main.yml:20

no-changed-when: Commands should not change things if nothing needs doing
roles/meza-log/tasks/main.yml:3 Task/Handler: Check if server log database exists

risky-shell-pipe: Shells that use pipes should set the pipefail option
roles/meza-log/tasks/main.yml:3 Task/Handler: Check if server log database exists

yaml: truthy value should be one of [false, true] (truthy)
roles/meza-log/tasks/main.yml:6

yaml: truthy value should be one of [false, true] (truthy)
roles/meza-log/tasks/main.yml:11

yaml: truthy value should be one of [false, true] (truthy)
roles/meza-log/tasks/main.yml:16

no-changed-when: Commands should not change things if nothing needs doing
roles/meza-log/tasks/main.yml:41 Task/Handler: Check if disk_space table exists

risky-shell-pipe: Shells that use pipes should set the pipefail option
roles/meza-log/tasks/main.yml:41 Task/Handler: Check if disk_space table exists

yaml: truthy value should be one of [false, true] (truthy)
roles/meza-log/tasks/main.yml:44

yaml: truthy value should be one of [false, true] (truthy)
roles/meza-log/tasks/main.yml:49

yaml: truthy value should be one of [false, true] (truthy)
roles/meza-log/tasks/main.yml:54

literal-compare: Don't compare to literal True/False
roles/netdata/tasks/main.yml:10 Task/Handler: debug msg=netdata not installed

unnamed-task: All tasks should be named
roles/netdata/tasks/main.yml:10 Task/Handler: debug msg=netdata not installed

literal-compare: Don't compare to literal True/False
roles/netdata/tasks/main.yml:13 Task/Handler: debug msg=netdata installed

unnamed-task: All tasks should be named
roles/netdata/tasks/main.yml:13 Task/Handler: debug msg=netdata installed

literal-compare: Don't compare to literal True/False
roles/netdata/tasks/main.yml:17 Task/Handler: Install Intel/AMD 64bit static build of Netdata

no-changed-when: Commands should not change things if nothing needs doing
roles/set-vars/tasks/main.yml:6 Task/Handler: Get Meza install path

unnamed-task: All tasks should be named
roles/set-vars/tasks/main.yml:10 Task/Handler: set_fact m_install={{ register_install_path.stdout }}

yaml: missing starting space in comment (comments)
roles/set-vars/tasks/main.yml:32

yaml: truthy value should be one of [false, true] (truthy)
roles/set-vars/tasks/main.yml:50

unnamed-task: All tasks should be named
roles/set-vars/tasks/main.yml:60 Task/Handler: set_fact list_of_wikis={{ wikis_dirs.files | map(attribute='path') | map('basename') | list }}

yaml: truthy value should be one of [false, true] (truthy)
roles/set-vars/tasks/main.yml:67

You can skip specific rules or tags by adding them to your configuration file:

.ansible-lint

warn_list: # or 'skip_list' to silence them completely

  • command-instead-of-shell # Use shell only when shell functionality is required
  • empty-string-compare # Don't compare to empty string
  • experimental # all rules tagged as experimental
  • literal-compare # Don't compare to literal True/False
  • no-changed-when # Commands should not change things if nothing needs doing
  • no-handler # Tasks that run when changed should likely be handlers
  • package-latest # Package installs should not use latest
  • risky-shell-pipe # Shells that use pipes should set the pipefail option
  • unnamed-task # All tasks should be named
  • var-spacing # Variables should have spaces before and after: {{ var_name }}
  • yaml # Violations reported by yamllint

Finished with 181 failure(s), 30 warning(s) on 69 files.
@freephile freephile added bug Something isn't working ansible RedHat Ansible code health best practices labels Feb 23, 2024
@freephile freephile assigned freephile and unassigned freephile Mar 1, 2024
@freephile freephile added this to the Quality Best Practices milestone Apr 4, 2024
@freephile freephile mentioned this issue Feb 8, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
ansible RedHat Ansible bug Something isn't working code health best practices
Projects
None yet
Milestone
Quality Best Practices
Development

No branches or pull requests
1 participant
@freephile