From a4ecbfc6dcc85ed01c09b34efe7ee8672b67b579 Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Mon, 17 Jul 2023 10:25:45 +0200 Subject: [PATCH] Fix linters and metadata With update of ansible-lint to version >=6.0.0 a lot of new linters were added, that enabled by default. In order to comply with linter rules we're applying changes to the role. With that we also update metdata to reflect current state. Change-Id: I40ff3ec0393bf90836d943fc09e74d6a5f207b48 --- defaults/main.yml | 33 ++++++++++++++++----------- handlers/main.yml | 1 + meta/main.yml | 12 ++++++---- tasks/horizon_apache.yml | 1 + tasks/horizon_install.yml | 1 + tasks/horizon_post_install.yml | 3 ++- tasks/horizon_post_install_source.yml | 9 ++++---- tasks/horizon_pre_install.yml | 6 ++--- tasks/horizon_translations_update.yml | 6 ++++- tasks/main.yml | 18 ++++++++++----- vars/distro_install.yml | 5 ++-- vars/source_install.yml | 5 ++-- 12 files changed, 63 insertions(+), 37 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index af9efe59..a48f6179 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -20,7 +20,11 @@ debug: False # for the service setup. The host must already have # clouds.yaml properly configured. horizon_service_setup_host: "{{ openstack_service_setup_host | default('localhost') }}" -horizon_service_setup_host_python_interpreter: "{{ openstack_service_setup_host_python_interpreter | default((horizon_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) }}" +horizon_service_setup_host_python_interpreter: >- + {{ + openstack_service_setup_host_python_interpreter | default( + (horizon_service_setup_host == 'localhost') | ternary(ansible_playbook_python, ansible_facts['python']['executable'])) + }} # Set the package install state for distribution packages # Options are 'present' and 'latest' @@ -30,7 +34,8 @@ horizon_package_state: "{{ package_state | default('latest') }}" horizon_install_method: "{{ service_install_method | default('source') }}" horizon_venv_python_executable: "{{ openstack_venv_python_executable | default('python3') }}" -horizon_upper_constraints_url: "{{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }}" +horizon_upper_constraints_url: >- + {{ requirements_git_url | default('https://releases.openstack.org/constraints/upper/' ~ requirements_git_install_branch | default('master')) }} horizon_venv_extra_constraints: [] @@ -154,7 +159,7 @@ horizon_allowed_hosts: ## Installation directories # When horizon_lib_dir is not defined, it will be detected automatically -#horizon_lib_dir: "" +# horizon_lib_dir: "" horizon_lib_wsgi_file: "{{ horizon_lib_dir }}/openstack_dashboard/wsgi.py" horizon_endpoint_type: internalURL @@ -219,7 +224,7 @@ horizon_disallow_iframe_embed: True ## Cap the maximun number of threads / workers when a user value is unspecified. horizon_wsgi_threads_max: 16 -horizon_wsgi_threads: "{{ [[ansible_facts['processor_vcpus']|default(2) // 2, 1] | max, horizon_wsgi_threads_max] | min }}" +horizon_wsgi_threads: "{{ [[ansible_facts['processor_vcpus'] | default(2) // 2, 1] | max, horizon_wsgi_threads_max] | min }}" ## Horizon SSL horizon_ssl_cert: /etc/ssl/certs/horizon.pem @@ -227,7 +232,8 @@ horizon_ssl_key: /etc/ssl/private/horizon.key horizon_ssl_ca_cert: /etc/ssl/certs/horizon-ca.pem horizon_ssl_protocol: "{{ ssl_protocol | default('ALL -SSLv2 -SSLv3 -TLSv1 -TLSv1.1') }}" # TLS v1.2 and below -horizon_ssl_cipher_suite_tls12: "{{ horizon_ssl_cipher_suite | default(ssl_cipher_suite | default('ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES256:ECDH+AES128:!aNULL:!SHA1:!AESCCM')) }}" +horizon_ssl_cipher_suite_tls12: >- + {{ horizon_ssl_cipher_suite | default(ssl_cipher_suite | default('ECDH+AESGCM:ECDH+CHACHA20:ECDH+AES256:ECDH+AES128:!aNULL:!SHA1:!AESCCM')) }} # TLS v1.3 horizon_ssl_cipher_suite_tls13: "{{ ssl_cipher_suite_tls13 | default('TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256') }}" @@ -505,9 +511,9 @@ horizon_translations_pull: "{{ _horizon_translations_pull }}" horizon_config_overrides: {} # Set overrides for horizon embedded policies -#horizon_policy_overrides: -# cinder: -# "volume:create": "rule:admin_or_owner" +# horizon_policy_overrides: +# cinder: +# "volume:create": "rule:admin_or_owner" horizon_policy_overrides: {} horizon_init_overrides: {} @@ -519,7 +525,7 @@ horizon_keystone_admin_roles: # Set the "credentials" authentication choice to show as default. # The list of authentication mechanisms which include keystone # federation protocols and identity provider/federation protocol -#horizon_websso_keystone_url: "{{ horizon_keystone_endpoint }}" +# horizon_websso_keystone_url: "{{ horizon_keystone_endpoint }}" horizon_websso_initial_choice: "credentials" horizon_websso_default_redirect: False horizon_websso_default_redirect_region: "{{ horizon_websso_keystone_url | default(horizon_keystone_endpoint) }}" @@ -540,7 +546,8 @@ horizon_pki_setup_host: "{{ openstack_pki_setup_host | default('localhost') }}" horizon_pki_keys_path: "{{ horizon_pki_dir ~ '/certs/private/' }}" horizon_pki_certs_path: "{{ horizon_pki_dir ~ '/certs/certs/' }}" horizon_pki_intermediate_cert_name: "{{ openstack_pki_service_intermediate_cert_name | default('ExampleCorpIntermediate') }}" -horizon_pki_intermediate_cert_path: "{{ horizon_pki_dir ~ '/roots/' ~ horizon_pki_intermediate_cert_name ~ '/certs/' ~ horizon_pki_intermediate_cert_name ~ '.crt' }}" +horizon_pki_intermediate_cert_path: >- + {{ horizon_pki_dir ~ '/roots/' ~ horizon_pki_intermediate_cert_name ~ '/certs/' ~ horizon_pki_intermediate_cert_name ~ '.crt' }} horizon_pki_regen_cert: '' horizon_pki_san: "{{ openstack_pki_san | default('DNS:' ~ ansible_facts['hostname'] ~ ',IP:' ~ management_address) }}" horizon_pki_certificates: @@ -570,6 +577,6 @@ horizon_pki_install_certificates: condition: "{{ horizon_user_ssl_ca_cert is defined }}" # Define user-provided SSL certificates -#horizon_user_ssl_cert: -#horizon_user_ssl_key: -#horizon_user_ssl_ca_cert: +# horizon_user_ssl_cert: +# horizon_user_ssl_key: +# horizon_user_ssl_ca_cert: diff --git a/handlers/main.yml b/handlers/main.yml index 240d91c7..741815ad 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -17,6 +17,7 @@ command: "{{ horizon_manage }} compilemessages" become: "{{ (horizon_install_method == 'source') }}" become_user: "{{ horizon_system_user_name }}" + changed_when: false args: chdir: "{{ horizon_lib_dir }}/" listen: diff --git a/meta/main.yml b/meta/main.yml index 2e18c89c..31f21bd1 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -18,19 +18,21 @@ galaxy_info: description: Installation and setup of horizon company: Rackspace license: Apache2 - min_ansible_version: 2.2 + role_name: os_horizon + namespace: openstack + min_ansible_version: "2.10" platforms: - name: Debian versions: - - buster + - bullseye - name: Ubuntu versions: - - bionic - focal + - jammy - name: EL versions: - - 8 - categories: + - "9" + galaxy_tags: - cloud - python - horizon diff --git a/tasks/horizon_apache.yml b/tasks/horizon_apache.yml index 198fded1..018f7ff0 100644 --- a/tasks/horizon_apache.yml +++ b/tasks/horizon_apache.yml @@ -31,6 +31,7 @@ dest: "{{ item.dest }}" owner: "{{ item.owner | default(horizon_system_user_name) }}" group: "{{ item.group | default(horizon_system_group_name) }}" + mode: "0644" with_items: "{{ horizon_apache_configs }}" notify: Restart wsgi process diff --git a/tasks/horizon_install.yml b/tasks/horizon_install.yml index 6c166311..2497b401 100644 --- a/tasks/horizon_install.yml +++ b/tasks/horizon_install.yml @@ -19,6 +19,7 @@ section: "horizon" option: "install_method" value: "{{ horizon_install_method }}" + mode: "0644" - name: Refresh local facts to ensure the horizon section is present setup: diff --git a/tasks/horizon_post_install.yml b/tasks/horizon_post_install.yml index 92b1a07e..5739e704 100644 --- a/tasks/horizon_post_install.yml +++ b/tasks/horizon_post_install.yml @@ -49,7 +49,7 @@ template: src: "{{ item.src }}" dest: "{{ item.dest }}" - owner: "{{ item.owner|default(horizon_system_user_name) }}" + owner: "{{ item.owner | default(horizon_system_user_name) }}" group: "{{ horizon_system_group_name }}" mode: "{{ item.mode }}" with_items: @@ -84,6 +84,7 @@ copy: src: "{{ item.value.src }}" dest: "{{ horizon_lib_dir }}/openstack_dashboard/static/dashboard/{{ item.value.dest }}" + mode: "0644" with_dict: "{{ horizon_custom_uploads | default({}) }}" - name: Create horizon links diff --git a/tasks/horizon_post_install_source.yml b/tasks/horizon_post_install_source.yml index 6c8983bd..feb09874 100644 --- a/tasks/horizon_post_install_source.yml +++ b/tasks/horizon_post_install_source.yml @@ -17,8 +17,9 @@ file: path: "{{ item.path }}" state: "directory" - owner: "{{ item.owner|default(horizon_system_user_name) }}" - group: "{{ item.group|default(horizon_system_group_name) }}" + owner: "{{ item.owner | default(horizon_system_user_name) }}" + group: "{{ item.group | default(horizon_system_group_name) }}" + mode: "{{ item.mode | default('0755') }}" with_items: - { path: "{{ horizon_lib_dir }}/static", mode: "2755" } - { path: "{{ horizon_lib_dir }}/openstack_dashboard", mode: "2755" } @@ -68,7 +69,7 @@ - name: Link policy files file: src: "{{ item.path }}" - dest: "{{ horizon_lib_dir }}/openstack_dashboard/conf/{{ item.path|basename }}" + dest: "{{ horizon_lib_dir }}/openstack_dashboard/conf/{{ item.path | basename }}" state: link with_items: "{{ found_policy.files }}" notify: @@ -77,7 +78,7 @@ - name: Enable project panels file: src: "{{ item.path }}" - path: "{{ horizon_dashboard_panel_dir }}/{{ item.path|basename }}" + path: "{{ horizon_dashboard_panel_dir }}/{{ item.path | basename }}" state: link with_items: "{{ found_panels.files }}" notify: diff --git a/tasks/horizon_pre_install.yml b/tasks/horizon_pre_install.yml index 52435b03..951edf92 100644 --- a/tasks/horizon_pre_install.yml +++ b/tasks/horizon_pre_install.yml @@ -33,9 +33,9 @@ file: path: "{{ item.path }}" state: "directory" - owner: "{{ item.owner|default(horizon_system_user_name) }}" - group: "{{ item.group|default(horizon_system_group_name) }}" - mode: "{{ item.mode|default('0755') }}" + owner: "{{ item.owner | default(horizon_system_user_name) }}" + group: "{{ item.group | default(horizon_system_group_name) }}" + mode: "{{ item.mode | default('0755') }}" when: item.condition | default(True) with_items: - { path: "/openstack/venvs", mode: "0755", owner: "root", group: "root" } diff --git a/tasks/horizon_translations_update.yml b/tasks/horizon_translations_update.yml index a9916b8b..a644cf00 100644 --- a/tasks/horizon_translations_update.yml +++ b/tasks/horizon_translations_update.yml @@ -14,9 +14,13 @@ # limitations under the License. - name: Perform a Zanata Pull Catalog - command: "{{ horizon_manage }} pull_catalog -p {{ translation.project }} -m {{ translation.module }} -b {{ (translation.branch | default('master')) | replace('/', '-') }}" + command: >- + {{ horizon_manage }} pull_catalog -p {{ translation.project }} -m {{ translation.module }} -b {{ + (translation.branch | default('master')) | replace('/', '-') + }} args: chdir: "{{ horizon_lib_dir }}/" + changed_when: false with_items: "{{ horizon_translations_pull }}" loop_control: loop_var: translation diff --git a/tasks/main.yml b/tasks/main.yml index 81e6b334..84fe4f48 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -43,11 +43,13 @@ tags: - always -- import_tasks: horizon_pre_install.yml +- name: Importing horizon_pre_install tasks + import_tasks: horizon_pre_install.yml tags: - horizon-install -- import_tasks: horizon_install.yml +- name: Importing horizon_install tasks + import_tasks: horizon_install.yml tags: - horizon-install @@ -71,11 +73,13 @@ tags: - always -- import_tasks: horizon_post_install.yml +- name: Importing horizon_post_install tasks + import_tasks: horizon_post_install.yml tags: - horizon-config -- import_tasks: horizon_service_setup.yml +- name: Importing horizon_service_setup tasks + import_tasks: horizon_service_setup.yml when: - ('horizon_all' in group_names) - inventory_hostname == groups['horizon_all'][0] @@ -97,11 +101,13 @@ tags: - horizon-config -- import_tasks: "{{ (horizon_use_uwsgi | bool) | ternary('horizon_uwsgi.yml', 'horizon_apache.yml') }}" +- name: Importing uwsgi/apache tasks + import_tasks: "{{ (horizon_use_uwsgi | bool) | ternary('horizon_uwsgi.yml', 'horizon_apache.yml') }}" tags: - horizon-config -- import_tasks: horizon_translations_update.yml +- name: Importing horizon_translations_update tasks + import_tasks: horizon_translations_update.yml when: horizon_translations_update | bool tags: - horizon-config diff --git a/vars/distro_install.yml b/vars/distro_install.yml index 9fffdbda..5dd9457b 100644 --- a/vars/distro_install.yml +++ b/vars/distro_install.yml @@ -13,7 +13,8 @@ # See the License for the specific language governing permissions and # limitations under the License. -horizon_package_list: "{{ +horizon_package_list: >- + {{ horizon_distro_packages | union( ( (horizon_use_uwsgi | bool) | ternary([], horizon_apache_distro_packages) @@ -21,6 +22,6 @@ horizon_package_list: "{{ ) | union( horizon_service_distro_packages ) - }}" + }} _horizon_bin: "/usr/bin" diff --git a/vars/source_install.yml b/vars/source_install.yml index b6f5e049..ee0cdddb 100644 --- a/vars/source_install.yml +++ b/vars/source_install.yml @@ -13,13 +13,14 @@ # See the License for the specific language governing permissions and # limitations under the License. -horizon_package_list: "{{ +horizon_package_list: >- + {{ horizon_distro_packages | union( ( (horizon_use_uwsgi | bool) | ternary([], horizon_apache_distro_packages) ) ) - }}" + }} _horizon_bin: "/openstack/venvs/horizon-{{ horizon_venv_tag }}/bin"