update gitea linting

2022-09-29 23:09:19 +02:00 · 2022-09-29 23:09:19 +02:00 · ff02fd69de
parent aba6a5e166
commit ff02fd69de
12 changed files with 57 additions and 56 deletions
--- a/handlers/main.yml
+++ b/handlers/main.yml
@ -12,7 +12,7 @@
    daemon_reload: true
  when: ansible_service_mgr == "systemd"

- name: "systemctl restart fail2ban"
+- name: "Systemctl restart fail2ban"
  become: true
  ansible.builtin.systemd:
    name: fail2ban
--- a/tasks/backup.yml
+++ b/tasks/backup.yml
@ -3,6 +3,10 @@
  ansible.builtin.service_facts:

 - name: Backup block
+  when:
+    - ansible_facts.services["gitea.service"] is defined
+    - ansible_facts.services["gitea.service"].state == "running"
+    - gitea_active_version.stdout != gitea_version_target
  block:
    - name: Stopping gitea before upgrade
      become: true
@ -36,10 +40,6 @@
        state: stopped
      when: ansible_service_mgr == "systemd"

-    - name: print updateing error
+    - name: Print updateing error
      ansible.builtin.debug:
        msg: "failed to backup gitea"
-  when:
-    - ansible_facts.services["gitea.service"] is defined
-    - ansible_facts.services["gitea.service"].state == "running"
-    - gitea_active_version.stdout != gitea_version_target
--- a/tasks/customize_footer.yml
+++ b/tasks/customize_footer.yml
@ -1,5 +1,5 @@
 ---
- name: create directory for custom footer
+- name: Create directory for custom footer
  become: true
  ansible.builtin.file:
    path: "{{ item }}"
@ -11,7 +11,7 @@
    - "{{ gitea_custom }}/templates"
    - "{{ gitea_custom }}/templates/custom"

- name: transfer custom footer template
+- name: Transfer custom footer template
  become: true
  ansible.builtin.copy:
    src: "{{ lookup('first_found', transfer_custom_footer) }}"
--- a/tasks/customize_logo.yml
+++ b/tasks/customize_logo.yml
@ -1,5 +1,5 @@
 ---
- name: create directory for custom logos
+- name: Create directory for custom logos
  become: true
  ansible.builtin.file:
    path: "{{ item }}"
@ -11,7 +11,7 @@
    - "{{ gitea_custom }}/public"
    - "{{ gitea_custom }}/public/img"

- name: transfer custom logo.svg
+- name: Transfer custom logo.svg
  become: true
  ansible.builtin.copy:
    src: "{{ lookup('first_found', transfer_custom_logo_logosvg) }}"
@ -22,7 +22,7 @@
  tags: skip_ansible_lint
  ignore_errors: true

- name: transfer custom logo.png
+- name: Transfer custom logo.png
  become: true
  ansible.builtin.copy:
    src: "{{ lookup('first_found', transfer_custom_logo_logopng) }}"
@ -33,7 +33,7 @@
  tags: skip_ansible_lint
  ignore_errors: true

- name: transfer custom favicon.png
+- name: Transfer custom favicon.png
  become: true
  ansible.builtin.copy:
    src: "{{ lookup('first_found', transfer_custom_logo_faviconpng) }}"
@ -44,7 +44,7 @@
  tags: skip_ansible_lint
  ignore_errors: true

- name: transfer custom apple-touch-icon.png
+- name: Transfer custom apple-touch-icon.png
  become: true
  ansible.builtin.copy:
    src: "{{ lookup('first_found', transfer_custom_logo_appletouchiconpng) }}"
--- a/tasks/customize_public_files.yml
+++ b/tasks/customize_public_files.yml
@ -1,5 +1,5 @@
 ---
- name: create public directory for custom public web files
+- name: Create public directory for custom public web files
  become: true
  ansible.builtin.file:
    path: "{{ item }}"
@ -10,7 +10,7 @@
  with_items:
    - "{{ gitea_custom }}/public"

- name: transfer custom public web data
+- name: Transfer custom public web data
  become: true
  ansible.builtin.copy:
    src: "{{ gitea_customize_files_path }}"
--- a/tasks/fail2ban.yml
+++ b/tasks/fail2ban.yml
@ -7,7 +7,7 @@
    owner: root
    group: root
    mode: 0444
-  notify: systemctl restart fail2ban
+  notify: "Systemctl restart fail2ban"
  when: "'fail2ban' in ansible_facts.packages"

 - name: Install fail2ban jail
@ -18,12 +18,12 @@
    owner: root
    group: root
    mode: 0444
-  notify: systemctl restart fail2ban
+  notify: "Systemctl restart fail2ban"
  when: "'fail2ban' in ansible_facts.packages"

- name: warn if fail2ban is not installed
+- name: Warn if fail2ban is not installed
  ansible.builtin.fail:
    msg: "the package fail2ban is not installed. no fail2ban filters deployed."
  when: "'fail2ban' not in ansible_facts.packages"
-  tags: skip_ansible_lint
  ignore_errors: true
+  tags: skip_ansible_lint_ignore-errors
--- a/tasks/gitea_secrets.yml
+++ b/tasks/gitea_secrets.yml
@ -1,38 +1,38 @@
 ---
- name: generate gitea SECRET_KEY if not provided
+- name: Generate gitea SECRET_KEY if not provided
  become: true
  ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret SECRET_KEY > {{ gitea_configuraion_path }}/gitea_secret_key'
  args:
    creates: '{{ gitea_configuraion_path }}/gitea_secret_key'
  when: gitea_secret_key | string | length == 0

- name: read gitea SECRET_KEY from file
+- name: Read gitea SECRET_KEY from file
  become: true
  ansible.builtin.slurp:
    src: '{{ gitea_configuraion_path }}/gitea_secret_key'
  register: remote_secret_key
  when: gitea_secret_key | string | length == 0

- name: set fact gitea_secret_key
+- name: Set fact gitea_secret_key
  ansible.builtin.set_fact:
    gitea_secret_key: "{{ remote_secret_key['content'] | b64decode }}"
-  when: gitea_secret_key | string |  length == 0
+  when: gitea_secret_key | string | length == 0

- name: generate gitea INTERNAL_TOKEN if not provided
+- name: Generate gitea INTERNAL_TOKEN if not provided
  become: true
  ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret INTERNAL_TOKEN > {{ gitea_configuraion_path }}/gitea_internal_token'
  args:
    creates: '{{ gitea_configuraion_path }}/gitea_internal_token'
  when: gitea_internal_token | string | length == 0

- name: read gitea INTERNAL_TOKEN from file
+- name: Read gitea INTERNAL_TOKEN from file
  become: true
  ansible.builtin.slurp:
    src: '{{ gitea_configuraion_path }}/gitea_internal_token'
  register: remote_internal_token
  when: gitea_internal_token | string | length == 0

- name: set fact gitea_internal_token
+- name: Set fact gitea_internal_token
  ansible.builtin.set_fact:
    gitea_internal_token: "{{ remote_internal_token['content'] | b64decode }}"
  when: gitea_internal_token | string | length == 0
--- a/tasks/install.yml
+++ b/tasks/install.yml
@ -22,6 +22,7 @@
      delay: 2

 - name: Install block
+  when: (not gitea_version_check | bool) or (not ansible_check_mode and (gitea_active_version.stdout != gitea_version_target))
  block:
    - name: Download gitea archive
      ansible.builtin.get_url:
@ -75,4 +76,3 @@
        owner: root
        group: root
      notify: "Restart gitea"
-  when: (not gitea_version_check|bool) or (not ansible_check_mode and (gitea_active_version.stdout != gitea_version_target))
--- a/tasks/jwt_secrets.yml
+++ b/tasks/jwt_secrets.yml
@ -1,38 +1,38 @@
 ---
- name: generate OAuth2 JWT_SECRET if not provided
+- name: Generate OAuth2 JWT_SECRET if not provided
  become: true
  ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret JWT_SECRET > {{ gitea_configuraion_path }}/gitea_oauth_jwt_secret'
  args:
    creates: '{{ gitea_configuraion_path }}/gitea_oauth_jwt_secret'
  when: gitea_oauth2_jwt_secret | length == 0

- name: read OAuth2 JWT_SECRET from file
+- name: Read OAuth2 JWT_SECRET from file
  become: true
  ansible.builtin.slurp:
    src: '{{ gitea_configuraion_path }}/gitea_oauth_jwt_secret'
  register: oauth_jwt_secret
  when: gitea_oauth2_jwt_secret | length == 0

- name: set fact gitea_oauth2_jwt_secret
+- name: Set fact gitea_oauth2_jwt_secret
  ansible.builtin.set_fact:
    gitea_oauth2_jwt_secret: "{{ oauth_jwt_secret['content'] | b64decode }}"
  when: gitea_oauth2_jwt_secret | length == 0

- name: generate LFS JWT_SECRET if not provided
+- name: Generate LFS JWT_SECRET if not provided
  become: true
  ansible.builtin.shell: 'umask 077; {{ gitea_executable_path }} generate secret JWT_SECRET > {{ gitea_configuraion_path }}/gitea_lfs_jwt_secret'
  args:
    creates: '{{ gitea_configuraion_path }}/gitea_lfs_jwt_secret'
  when: gitea_lfs_jwt_secret | length == 0

- name: read LFS JWT_SECRET from file
+- name: Read LFS JWT_SECRET from file
  become: true
  ansible.builtin.slurp:
    src: '{{ gitea_configuraion_path }}/gitea_lfs_jwt_secret'
  register: lfs_jwt_secret
  when: gitea_lfs_jwt_secret | length == 0

- name: set fact gitea_lfs_jwt_secret
+- name: Set fact gitea_lfs_jwt_secret
  ansible.builtin.set_fact:
    gitea_lfs_jwt_secret: "{{ lfs_jwt_secret['content'] | b64decode }}"
  when: gitea_lfs_jwt_secret | length == 0
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -1,5 +1,5 @@
 ---
- name: perform optional versionscheck
+- name: Perform optional versionscheck
  ansible.builtin.include_tasks: versioncheck.yml
  when: submodules_versioncheck|bool

@ -13,44 +13,44 @@
 - name: Gather versioning information
  ansible.builtin.include_tasks: set_version.yml

- name: backup gitea before update
+- name: Backup gitea before update
  ansible.builtin.include_tasks: backup.yml
  when: gitea_backup_on_upgrade|bool

- name: create gitea user and role
+- name: Create gitea user and role
  ansible.builtin.include_tasks: create_user.yml

- name: install or update gitea
+- name: Install or update gitea
  ansible.builtin.include_tasks: install.yml

 - name: Create directories
  ansible.builtin.include_tasks: directory.yml

- name: setup gitea systemd service
+- name: Setup gitea systemd service
  ansible.builtin.include_tasks: install_systemd.yml
  when: ansible_service_mgr == "systemd"

- name: generate JWT Secrets if undefined
+- name: Generate JWT Secrets if undefined
  ansible.builtin.include_tasks: jwt_secrets.yml

- name: generate gitea secrets if undefined
+- name: Generate gitea secrets if undefined
  ansible.builtin.include_tasks: gitea_secrets.yml

- name: configure gitea
+- name: Configure gitea
  ansible.builtin.include_tasks: configure.yml

- name: deploy optional fail2ban rules
+- name: Deploy optional fail2ban rules
  ansible.builtin.include_tasks: fail2ban.yml
  when: gitea_fail2ban_enabled|bool

- name: optionally customize gitea
+- name: Optionally customize gitea
  ansible.builtin.include_tasks: customize_logo.yml
  when: gitea_customize_logo|bool

- name: optionally customize footer
+- name: Optionally customize footer
  ansible.builtin.include_tasks: customize_footer.yml
  when: gitea_customize_footer|bool

- name: optionally deploy public files
+- name: Optionally deploy public files
  ansible.builtin.include_tasks: customize_public_files.yml
  when: gitea_customize_files|bool
--- a/tasks/set_version.yml
+++ b/tasks/set_version.yml
@ -8,6 +8,7 @@
  failed_when: false

 - name: "Determine 'latest' version release"
+  when: gitea_version == "latest"
  block:
    - name: "Get latest gitea release metadata"
      ansible.builtin.uri:
@ -21,7 +22,7 @@
        msg: |
          "You are running this playbook in check mode:
          Please set the Gitea version with the variable 'gitea_version', because the URI module cannot detect the latest version in this mode."
-      when: ansible_check_mode and ( gitea_version == 'latest' or gitea_version == 'present' )
+      when: ansible_check_mode and (gitea_version == 'latest' or gitea_version == 'present')

    - name: "Set fact latest gitea release"
      ansible.builtin.set_fact:
@ -32,9 +33,8 @@
      ansible.builtin.set_fact:
        gitea_version_target: "{{ gitea_remote_version }}"
      when: not ansible_check_mode
-  when: gitea_version == "latest"

- name: "Set gitea version target ({{ gitea_version }})"
+- name: "Set gitea version target {{ gitea_version }}"
  ansible.builtin.set_fact:
    gitea_version_target: "{{ gitea_version }}"
  when: gitea_version != "latest"
--- a/tasks/versioncheck.yml
+++ b/tasks/versioncheck.yml
@ -8,37 +8,38 @@
    path: '/etc/.ansible-version'
    state: directory
    mode: 0755
-  when: submodules_versioncheck|bool
+  when: submodules_versioncheck | bool

- name: check playbook version
+- name: Check playbook version
  become: true
  ansible.builtin.slurp:
    src: "/etc/.ansible-version/{{ playbook_version_path }}"
  register: playbook_version
-  when: submodules_versioncheck|bool
+  when: submodules_versioncheck | bool
  ignore_errors: true
  failed_when: false

 - name: Print remote role version
  ansible.builtin.debug:
    msg: "Remote role version: {{ playbook_version.content | default('Y3VycmVudGx5IG5vdCBkZXBsb3llZAo=') | b64decode | string }}"
-  when: submodules_versioncheck|bool
+  when: submodules_versioncheck | bool

 - name: Print locale role version
  ansible.builtin.debug:
    msg: "Local role version: '{{ playbook_version_number | string }}'."
-  when: submodules_versioncheck|bool
+  when: submodules_versioncheck | bool

 - name: Check if your version is outdated
  ansible.builtin.fail:
    msg: "Your ansible module has the version '{{ playbook_version_number }}' and is outdated. You need to update it!"
  when:
-    - playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck|bool
+    - playbook_version.content|default("Mgo=")|b64decode|int - 1 >= playbook_version_number|int and submodules_versioncheck | bool

- name: write new version to remote disk
+- name: Write new version to remote disk
  become: true
  ansible.builtin.copy:
    content: "{{ playbook_version_number }}"
    dest: "/etc/.ansible-version/{{ playbook_version_path }}"
    mode: '0644'
-  when: submodules_versioncheck|bool
+  when: submodules_versioncheck | bool
+  tags: skip_ansible_lint_template-instead-of-copy