From 979a02e2763b55e46712394ae4ae625cfc9beb12 Mon Sep 17 00:00:00 2001 From: "ansible-code-bot[bot]" <145416087+ansible-code-bot[bot]@users.noreply.github.com> Date: Fri, 25 Apr 2025 09:30:51 +0000 Subject: [PATCH] Fix ansible-lint rule violations --- galaxy.yml | 9 +++---- meta/runtime.yml | 2 +- playbooks/get_insights_inventory_id.yml | 1 - playbooks/get_my_server.yml | 1 - playbooks/process_cves.yml | 1 - playbooks/update_change_tkt_worknotes.yml | 2 +- roles/process_cves/meta /main.yml | 3 +-- roles/process_cves/tasks/launch_playbooks.yml | 20 +++++++------- roles/process_cves/tasks/main.yml | 26 ++++++++++--------- 9 files changed, 31 insertions(+), 34 deletions(-) diff --git a/galaxy.yml b/galaxy.yml index 0c279ce..812b13e 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -2,12 +2,11 @@ authors: - Eric Ames (ericcames) dependencies: - "amazon.aws": ">=7.2.0" - "servicenow.itsm": ">=2.4.0" + amazon.aws: ">=7.2.0" + servicenow.itsm: ">=2.4.0" license_file: LICENSE name: redhat_automated_patching -description: Use Ansible, Insights and Servicenow to demo automated patching. - Help your control owners demostrate continuous compliance to your auditors. +description: Use Ansible, Insights and Servicenow to demo automated patching. Help your control owners demostrate continuous compliance to your auditors. namespace: ericcames readme: README.md repository: https://github.com/ericcames/redhat.automated.patching @@ -24,4 +23,4 @@ tags: - dailydemo - sales - insights -version: 0.0.0 \ No newline at end of file +version: "0.0.0" diff --git a/meta/runtime.yml b/meta/runtime.yml index 184dd6b..c467dd7 100644 --- a/meta/runtime.yml +++ b/meta/runtime.yml @@ -1,2 +1,2 @@ --- -requires_ansible: ">=2.12.0" \ No newline at end of file +requires_ansible: ">=2.12.0" diff --git a/playbooks/get_insights_inventory_id.yml b/playbooks/get_insights_inventory_id.yml index a35d1c1..6d0e135 100644 --- a/playbooks/get_insights_inventory_id.yml +++ b/playbooks/get_insights_inventory_id.yml @@ -4,7 +4,6 @@ connection: local tasks: - - name: Include the get_insights_inventory_id role ansible.builtin.include_role: name: get_insights_inventory_id diff --git a/playbooks/get_my_server.yml b/playbooks/get_my_server.yml index 63a6aa0..984f0a6 100644 --- a/playbooks/get_my_server.yml +++ b/playbooks/get_my_server.yml @@ -4,7 +4,6 @@ connection: local tasks: - - name: Print hostname ansible.builtin.debug: var: inventory_hostname diff --git a/playbooks/process_cves.yml b/playbooks/process_cves.yml index c618e47..e8b4ba8 100644 --- a/playbooks/process_cves.yml +++ b/playbooks/process_cves.yml @@ -4,7 +4,6 @@ connection: local tasks: - - name: Include the process_cves role ansible.builtin.include_role: name: process_cves diff --git a/playbooks/update_change_tkt_worknotes.yml b/playbooks/update_change_tkt_worknotes.yml index 181d92a..0477603 100644 --- a/playbooks/update_change_tkt_worknotes.yml +++ b/playbooks/update_change_tkt_worknotes.yml @@ -1,9 +1,9 @@ +--- - name: Update the change ticket hosts: localhost connection: local tasks: - - name: Include the update_change_ticket_worknotes role ansible.builtin.include_role: name: update_change_ticket_worknotes diff --git a/roles/process_cves/meta /main.yml b/roles/process_cves/meta /main.yml index d9f92c1..d3b827e 100644 --- a/roles/process_cves/meta /main.yml +++ b/roles/process_cves/meta /main.yml @@ -2,7 +2,6 @@ galaxy_info: role_name: process_cves author: Eric Ames (ericcames) - description: For each cve with a playbook apply the fix. - For each cves with no playbook create a problem record. + description: For each cve with a playbook apply the fix. For each cves with no playbook create a problem record. license: MIT License min_ansible_version: "2.12" diff --git a/roles/process_cves/tasks/launch_playbooks.yml b/roles/process_cves/tasks/launch_playbooks.yml index 8c914be..f1ce274 100644 --- a/roles/process_cves/tasks/launch_playbooks.yml +++ b/roles/process_cves/tasks/launch_playbooks.yml @@ -1,12 +1,12 @@ --- - name: Update job template - ansible.controller.job_template: + awx.awx.job_template: controller_host: "{{ lookup('ansible.builtin.env', 'CONTROLLER_HOST') }}" controller_oauthtoken: "{{ controller_token }}" - name: 'Insights CVE R1000 "The Remediator"' + name: Insights CVE R1000 "The Remediator" job_type: run organization: AmesCO - inventory: "AAP Managed Inventory" + inventory: AAP Managed Inventory project: RedHatInsightsPlaybooks playbook: "{{ item.number }}.yml" credentials: @@ -14,10 +14,10 @@ - name: Run job template register: job - ansible.controller.job_launch: + awx.awx.job_launch: controller_host: "{{ lookup('ansible.builtin.env', 'CONTROLLER_HOST') }}" controller_oauthtoken: "{{ controller_token }}" - job_template: 'Insights CVE R1000 "The Remediator"' + job_template: Insights CVE R1000 "The Remediator" - name: Update the status for ticket servicenow.itsm.change_request_task: @@ -28,13 +28,13 @@ work_notes: "Launched AAP Job ID: {{ job.id }}" - name: Update job template back to default playbook - ansible.controller.job_template: + awx.awx.job_template: controller_host: "{{ lookup('ansible.builtin.env', 'CONTROLLER_HOST') }}" controller_oauthtoken: "{{ controller_token }}" - name: 'Insights CVE R1000 "The Remediator"' + name: Insights CVE R1000 "The Remediator" job_type: run organization: AmesCO - inventory: "AAP Managed Inventory" + inventory: AAP Managed Inventory project: RedHatInsightsPlaybooks playbook: hello_world.yml credentials: @@ -42,10 +42,10 @@ - name: Wait for a job max 120 seconds register: job_status - ansible.controller.job_wait: + awx.awx.job_wait: controller_host: "{{ lookup('ansible.builtin.env', 'CONTROLLER_HOST') }}" controller_oauthtoken: "{{ controller_token }}" - job_id: '{{ job.id }}' + job_id: "{{ job.id }}" timeout: 120 - name: Closing task diff --git a/roles/process_cves/tasks/main.yml b/roles/process_cves/tasks/main.yml index 40e363e..85e6da6 100644 --- a/roles/process_cves/tasks/main.yml +++ b/roles/process_cves/tasks/main.yml @@ -3,19 +3,19 @@ - name: Determine that both AAP and Machine credentials are set ansible.builtin.assert: that: - - "lookup('ansible.builtin.env', 'CONTROLLER_USERNAME') !=''" - - "lookup('ansible.builtin.env', 'CONTROLLER_HOST') !=''" - - "lookup('ansible.builtin.env', 'CONTROLLER_PASSWORD') !=''" + - lookup('ansible.builtin.env', 'CONTROLLER_USERNAME') !='' + - lookup('ansible.builtin.env', 'CONTROLLER_HOST') !='' + - lookup('ansible.builtin.env', 'CONTROLLER_PASSWORD') !='' fail_msg: - - "Red Hat Ansible Automation Platform credential is not set" - - "Please assign correct credentials to the Job Template" + - Red Hat Ansible Automation Platform credential is not set + - Please assign correct credentials to the Job Template - name: Set a fact for controller_host ansible.builtin.set_fact: controller_host: "{{ lookup('ansible.builtin.env', 'CONTROLLER_HOST') }}" - name: Create a new token using username/password - ansible.controller.token: + awx.awx.token: controller_host: "{{ lookup('ansible.builtin.env', 'CONTROLLER_HOST') }}" controller_username: "{{ lookup('ansible.builtin.env', 'CONTROLLER_USERNAME') }}" controller_password: "{{ lookup('ansible.builtin.env', 'CONTROLLER_PASSWORD') }}" @@ -65,7 +65,9 @@ loop: "{{ task_numbers_are_here['results'] }}" when: item.changed == true ansible.builtin.set_fact: - chg_tkt_list: "{{ chg_tkt_list | default([]) + [{'number': item.record.number, 'short_description': item.record.short_description, 'task_sys_id': item.record.sys_id, 'change_request_sys_id': item.record.change_request, 'cmdb_ci': item.record.cmdb_ci, 'insights_id': my_insights_inventory_id, 'cve_id': item.record.user_input}] }}" + chg_tkt_list: "{{ chg_tkt_list | default([]) + [{'number': item.record.number, 'short_description': item.record.short_description, 'task_sys_id': item.record.sys_id, + 'change_request_sys_id': item.record.change_request, 'cmdb_ci': item.record.cmdb_ci, 'insights_id': my_insights_inventory_id, 'cve_id': item.record.user_input}] + }}" - name: Print out Change Task Tickets list ansible.builtin.debug: @@ -88,7 +90,8 @@ loop: "{{ problem_numbers_are_here['results'] }}" when: item.changed == true ansible.builtin.set_fact: - pbm_tkt_list: "{{ pbm_tkt_list | default([]) + [{'number': item.record.number, 'short_description': item.record.short_description, 'sys_id': item.record.sys_id, 'cmdb_ci': item.record.user_input}] }}" + pbm_tkt_list: "{{ pbm_tkt_list | default([]) + [{'number': item.record.number, 'short_description': item.record.short_description, 'sys_id': item.record.sys_id, + 'cmdb_ci': item.record.user_input}] }}" - name: Generate playbooks to remediate vulnerabilities register: my_playbooks @@ -149,7 +152,7 @@ ansible.builtin.copy: dest: "{{ process_cves_local_repo }}/{{ item.item.number }}.yml" content: "{{ item.content }}" - mode: '0644' + mode: "0644" # - name: Update playbooks to use the public facing dns name # loop: "{{ my_playbooks['results'] }}" @@ -198,12 +201,11 @@ ansible.builtin.shell: git push - name: Kick off a project sync - ansible.controller.project_update: + awx.awx.project_update: controller_host: "{{ lookup('ansible.builtin.env', 'CONTROLLER_HOST') }}" controller_oauthtoken: "{{ controller_token }}" project: RedHatInsightsPlaybooks - - name: Pausing for 20 seconds to allow for the project sync up to finish ansible.builtin.pause: seconds: 20 @@ -214,7 +216,7 @@ file: tasks/launch_playbooks.yml - name: Remove automated patching token - ansible.controller.token: + awx.awx.token: controller_host: "{{ lookup('ansible.builtin.env', 'CONTROLLER_HOST') }}" controller_oauthtoken: "{{ controller_token }}" existing_token: "{{ controller_token }}"