fix lint

rancherfederal · May 21, 2024 · b0c6736 · b0c6736
1 parent 495e453
commit b0c6736
Show file tree

Hide file tree

Showing 3 changed files with 104 additions and 104 deletions.
diff --git a/roles/rke2_common/tasks/images_tarball_install.yml b/roles/rke2_common/tasks/images_tarball_install.yml
@@ -23,12 +23,12 @@
 
 - name: Download images tar files url
   ansible.builtin.get_url:
-    url: "{{item}}"
+    url: "{{ item  }}"
     dest: "/var/lib/rancher/rke2/agent/images"
     mode: "0644"
   when:
     - rke2_images_urls != []
-  with_items: "{{rke2_images_urls}}"
+  with_items: "{{ rke2_images_urls }}"
 
 - name: Add images tar.gz to needed directory if provided
   ansible.builtin.copy:

diff --git a/roles/rke2_server/tasks/add-pod-security-admission-config.yml b/roles/rke2_server/tasks/add-pod-security-admission-config.yml
@@ -1,45 +1,45 @@
----
-- name: Create the /etc/rancher/rke2 config dir
-  ansible.builtin.file:
-    path: /etc/rancher/rke2
-    state: directory
-    recurse: yes
-
-- name: Add pod security admission config file
-  vars:
-    file_contents: "{{ lookup('file', pod_security_admission_config_file_path) }}"
-  ansible.builtin.template:
-    src: ansible_header.j2
-    dest: "/etc/rancher/rke2/pod-security-admission-config.yaml"
-    mode: '0640'
-    owner: root
-    group: root
-  when:
-    - pod_security_admission_config_file_path is defined
-    - pod_security_admission_config_file_path|length != 0
-  notify: Restart rke2-server
-
-- name: Remove pod security admission config file
-  block:
-    - name: Check that the PSA config file exists
-      ansible.builtin.stat:
-        path: "/etc/rancher/rke2/pod-security-admission-config.yaml"
-      register: stat_result
-
-    - name: "Check that the PSA config file has ansible managed comments"
-      lineinfile:
-        name: "/etc/rancher/rke2/pod-security-admission-config.yaml"
-        line: '## This is an Ansible managed file, contents will be overwritten ##'
-        state: present
-      check_mode: yes
-      register: ansible_managed_check
-      when: stat_result.stat.exists
-
-    - name: Remove the PSA config file if exists and has ansible managed comments
-      ansible.builtin.file:
-        path: "/etc/rancher/rke2/pod-security-admission-config.yaml"
-        state: absent
-      when:
-        - ansible_managed_check.changed == false
-  when:
-    - pod_security_admission_config_file_path is not defined or pod_security_admission_config_file_path|length == 0
+---
+- name: Create the /etc/rancher/rke2 config dir
+  ansible.builtin.file:
+    path: /etc/rancher/rke2
+    state: directory
+    recurse: yes
+
+- name: Add pod security admission config file
+  vars:
+    file_contents: "{{ lookup('file', pod_security_admission_config_file_path) }}"
+  ansible.builtin.template:
+    src: ansible_header.j2
+    dest: "/etc/rancher/rke2/pod-security-admission-config.yaml"
+    mode: '0640'
+    owner: root
+    group: root
+  when:
+    - pod_security_admission_config_file_path is defined
+    - pod_security_admission_config_file_path|length != 0
+  notify: Restart rke2-server
+
+- name: Remove pod security admission config file
+  when:
+    - pod_security_admission_config_file_path is not defined or pod_security_admission_config_file_path|length == 0
+  block:
+    - name: Check that the PSA config file exists
+      ansible.builtin.stat:
+        path: "/etc/rancher/rke2/pod-security-admission-config.yaml"
+      register: stat_result
+
+    - name: "Check that the PSA config file has ansible managed comments"
+      ansible.builtin.lineinfile:
+        name: "/etc/rancher/rke2/pod-security-admission-config.yaml"
+        line: '## This is an Ansible managed file, contents will be overwritten ##'
+        state: present
+      check_mode: yes
+      register: ansible_managed_check
+      when: stat_result.stat.exists | bool is true
+
+    - name: Remove the PSA config file if exists and has ansible managed comments
+      ansible.builtin.file:
+        path: "/etc/rancher/rke2/pod-security-admission-config.yaml"
+        state: absent
+      when:
+        - ansible_managed_check.changed | bool is false
diff --git a/sample_files/pod-security-admission-config.yaml b/sample_files/pod-security-admission-config.yaml
@@ -1,57 +1,57 @@
----
-apiVersion: apiserver.config.k8s.io/v1
-kind: AdmissionConfiguration
-plugins:
-  - name: PodSecurity
-    configuration:
-      apiVersion: pod-security.admission.config.k8s.io/v1
-      kind: PodSecurityConfiguration
-      defaults:
-        enforce: "restricted"
-        enforce-version: "latest"
-        audit: "restricted"
-        audit-version: "latest"
-        warn: "restricted"
-        warn-version: "latest"
-      exemptions:
-        usernames: []
-        runtimeClasses: []
-        namespaces: [calico-apiserver,
-                     calico-system,
-                     cattle-alerting,
-                     cattle-csp-adapter-system,
-                     cattle-elemental-system,
-                     cattle-epinio-system,
-                     cattle-externalip-system,
-                     cattle-fleet-local-system,
-                     cattle-fleet-system,
-                     cattle-gatekeeper-system,
-                     cattle-global-data,
-                     cattle-global-nt,
-                     cattle-impersonation-system,
-                     cattle-istio,
-                     cattle-istio-system,
-                     cattle-logging,
-                     cattle-logging-system,
-                     cattle-monitoring-system,
-                     cattle-neuvector-system,
-                     cattle-prometheus,
-                     cattle-provisioning-capi-system,
-                     cattle-resources-system,
-                     cattle-sriov-system,
-                     cattle-system,
-                     cattle-ui-plugin-system,
-                     cattle-windows-gmsa-system,
-                     cert-manager,
-                     cis-operator-system,
-                     fleet-default,
-                     ingress-nginx,
-                     istio-system,
-                     kube-node-lease,
-                     kube-public,
-                     kube-system,
-                     longhorn-system,
-                     local-path-storage,
-                     rancher-alerting-drivers,
-                     security-scan,
-                     tigera-operator]
+---
+apiVersion: apiserver.config.k8s.io/v1
+kind: AdmissionConfiguration
+plugins:
+  - name: PodSecurity
+    configuration:
+      apiVersion: pod-security.admission.config.k8s.io/v1
+      kind: PodSecurityConfiguration
+      defaults:
+        enforce: "restricted"
+        enforce-version: "latest"
+        audit: "restricted"
+        audit-version: "latest"
+        warn: "restricted"
+        warn-version: "latest"
+      exemptions:
+        usernames: []
+        runtimeClasses: []
+        namespaces: [calico-apiserver,
+                     calico-system,
+                     cattle-alerting,
+                     cattle-csp-adapter-system,
+                     cattle-elemental-system,
+                     cattle-epinio-system,
+                     cattle-externalip-system,
+                     cattle-fleet-local-system,
+                     cattle-fleet-system,
+                     cattle-gatekeeper-system,
+                     cattle-global-data,
+                     cattle-global-nt,
+                     cattle-impersonation-system,
+                     cattle-istio,
+                     cattle-istio-system,
+                     cattle-logging,
+                     cattle-logging-system,
+                     cattle-monitoring-system,
+                     cattle-neuvector-system,
+                     cattle-prometheus,
+                     cattle-provisioning-capi-system,
+                     cattle-resources-system,
+                     cattle-sriov-system,
+                     cattle-system,
+                     cattle-ui-plugin-system,
+                     cattle-windows-gmsa-system,
+                     cert-manager,
+                     cis-operator-system,
+                     fleet-default,
+                     ingress-nginx,
+                     istio-system,
+                     kube-node-lease,
+                     kube-public,
+                     kube-system,
+                     longhorn-system,
+                     local-path-storage,
+                     rancher-alerting-drivers,
+                     security-scan,
+                     tigera-operator]