feat(pre-commit): Added linting

2025-07-27 22:46:23 +02:00
parent 2882abfc0b
commit 6eef96b302
18 changed files with 57 additions and 25 deletions
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -25,7 +25,7 @@ enable_list:
  - no-changed-when
 # Offline mode disables any features that require internet access.
-offline: true
+offline: false
 # Set the desired verbosity level.
 verbosity: 1
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,23 @@
 repos:
  - repo: https://github.com/pre-commit/pre-commit-hooks
    rev: v4.6.0
    hooks:
      - id: trailing-whitespace
      - id: end-of-file-fixer
      - id: check-yaml
      - id: check-added-large-files
  - repo: local
    hooks:
      - id: ansible-galaxy-install
        name: Install ansible-galaxy collections
        entry: ansible-galaxy collection install -r requirements.yml
        language: system
        pass_filenames: false
        always_run: true
  - repo: https://github.com/ansible/ansible-lint
    rev: v6.22.2
    hooks:
      - id: ansible-lint
        files: \.(yaml|yml)$
        additional_dependencies:
          - ansible-core==2.15.8
--- a/README.md
+++ b/README.md
@@ -89,4 +89,4 @@ echo 1 | sudo tee /sys/class/block/sda/device/rescan
 sudo fdisk -l /dev/sda # To check
 # sudo apt-get install cloud-guest-utils
 sudo growpart /dev/sda 1
-```
+```
--- a/ansible.cfg.default
+++ b/ansible.cfg.default
@@ -688,4 +688,3 @@
 # (list) default list of tags to skip in your plays, has precedence over Run Tags
 ;skip=
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,12 +1,19 @@
 cachetools==5.5.2
 certifi==2025.1.31
 cfgv==3.4.0
 charset-normalizer==3.4.1
 distlib==0.4.0
 durationpy==0.10
 filelock==3.18.0
 google-auth==2.40.3
 identify==2.6.12
 idna==3.10
 kubernetes==33.1.0
 nc-dnsapi==0.1.3
 nodeenv==1.9.1
 oauthlib==3.3.1
 platformdirs==4.3.8
 pre_commit==4.2.0
 proxmoxer==2.2.0
 pyasn1==0.6.1
 pyasn1_modules==0.4.2
@@ -17,4 +24,5 @@ requests-oauthlib==2.0.0
 rsa==4.9.1
 six==1.17.0
 urllib3==2.3.0
 virtualenv==20.32.0
 websocket-client==1.8.0
--- a/requirements.yml
+++ b/requirements.yml
@@ -0,0 +1,5 @@
 ---
 collections:
  - name: community.docker
  - name: community.general
  - name: kubernetes.core
--- a/roles/common/files/ssh/root/sshd_config
+++ b/roles/common/files/ssh/root/sshd_config
@@ -16,4 +16,3 @@ TrustedUserCAKeys /etc/ssh/vault-ca.pub
 UseDNS yes
 AcceptEnv LANG LC_*
 Subsystem	sftp	/usr/lib/openssh/sftp-server
--- a/roles/common/handlers/main.yml
+++ b/roles/common/handlers/main.yml
@@ -3,4 +3,4 @@
  service:
    name: sshd
    state: restarted
-  become: yes
+  become: true
--- a/roles/k3s_agent/handlers/main.yml
+++ b/roles/k3s_agent/handlers/main.yml
@@ -3,4 +3,4 @@
  service:
    name: k3s
    state: restarted
-  become: yes
+  become: true
--- a/roles/k3s_agent/tasks/main.yml
+++ b/roles/k3s_agent/tasks/main.yml
@@ -1,2 +1,3 @@
 ---
- include_tasks: installation.yml
+- name: Install k3s agent
  include_tasks: installation.yml
--- a/roles/k3s_server/handlers/main.yml
+++ b/roles/k3s_server/handlers/main.yml
@@ -3,4 +3,4 @@
  service:
    name: k3s
    state: restarted
-  become: yes
+  become: true
--- a/roles/k3s_server/tasks/pull_token.yml
+++ b/roles/k3s_server/tasks/pull_token.yml
@@ -21,6 +21,6 @@
  run_once: true
 - name: Encrypt k3s token
-  ansible.builtin.shell: cd ../; ansible-vault encrypt "{{ playbook_dir }}/{{k3s_server_token_vault_file}}"
+  ansible.builtin.shell: cd ../; ansible-vault encrypt "{{ playbook_dir }}/{{ k3s_server_token_vault_file }}"
  delegate_to: localhost
  run_once: true
--- a/roles/k3s_storage/handlers/main.yml
+++ b/roles/k3s_storage/handlers/main.yml
@@ -3,4 +3,4 @@
  service:
    name: k3s
    state: restarted
-  become: yes
+  become: true
--- a/roles/kubernetes_argocd/tasks/main.yml
+++ b/roles/kubernetes_argocd/tasks/main.yml
@@ -25,7 +25,9 @@
        name: argocd-server
        namespace: "{{ argocd_namespace }}"
      register: rollout_status
-      until: rollout_status.resources[0].status.readyReplicas is defined and rollout_status.resources[0].status.readyReplicas == rollout_status.resources[0].spec.replicas
+      until: >
        rollout_status.resources[0].status.readyReplicas is defined and
        rollout_status.resources[0].status.readyReplicas == rollout_status.resources[0].spec.replicas
      retries: 30
      delay: 10
--- a/roles/proxmox/tasks/06_hardware_acceleration.yml
+++ b/roles/proxmox/tasks/06_hardware_acceleration.yml
@@ -3,15 +3,12 @@
  ansible.builtin.lineinfile:
    path: /etc/default/grub
    regexp: "^GRUB_CMDLINE_LINUX_DEFAULT="
-    line: 'GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on iommu=pt pcie_acs_override=downstream,multifunction initcall_blacklist=sysfb_init video=simplefb:off video=vesafb:off video=efifb:off video=vesa:off disable_vga=1 vfio_iommu_type1.allow_unsafe_interrupts=1 kvm.ignore_msrs=1 modprobe.blacklist=radeon,nouveau,nvidia,nvidiafb,nvidia-gpu,snd_hda_intel,snd_hda_codec_hdmi,i915"'
+    line: >
-    backup: true
+      GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on iommu=pt
-  register: iommu_result
+      pcie_acs_override=downstream,multifunction initcall_blacklist=sysfb_init
-
+      video=simplefb:off video=vesafb:off video=efifb:off video=vesa:off
- name: Set GRUB_CMDLINE_LINUX_DEFAULT for PCI passthrough
+      disable_vga=1 vfio_iommu_type1.allow_unsafe_interrupts=1 kvm.ignore_msrs=1
-  ansible.builtin.lineinfile:
+      modprobe.blacklist=radeon,nouveau,nvidia,nvidiafb,nvidia-gpu,snd_hda_intel,snd_hda_codec_hdmi,i915"
    path: /etc/default/grub
    regexp: "^GRUB_CMDLINE_LINUX_DEFAULT="
    line: 'GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on iommu=pt pcie_acs_override=downstream,multifunction initcall_blacklist=sysfb_init video=simplefb:off video=vesafb:off video=efifb:off video=vesa:off disable_vga=1 vfio_iommu_type1.allow_unsafe_interrupts=1 kvm.ignore_msrs=1 modprobe.blacklist=radeon,nouveau,nvidia,nvidiafb,nvidia-gpu,snd_hda_intel,snd_hda_codec_hdmi,i915"'
    backup: true
  register: iommu_result
@@ -34,7 +31,7 @@
  # notify:
  #   - Reboot Node
- name: update grub configuration
+- name: Update grub configuration
  ansible.builtin.command: update-grub
  when: iommu_result.changed or vfio_result.changed
  # notify:
--- a/roles/proxmox/tasks/15_create_secret.yml
+++ b/roles/proxmox/tasks/15_create_secret.yml
@@ -17,7 +17,7 @@
 - name: Setup secret name
  ansible.builtin.set_fact:
-    vm_name_secret: "{{ proxmox_secrets_prefix }}_{{ vm_name | replace('-','_') }}"
+    vm_name_secret: "{{ proxmox_secrets_prefix }}_{{ vm_name | replace('-', '_') }}"
 - name: Check if variable is in vault
  ansible.builtin.set_fact:
@@ -30,7 +30,7 @@
 - name: Set new secret
  ansible.builtin.set_fact:
-    new_vault_data: "{{ vault_data | combine({ vm_name_secret: cipassword }) }}"
+    new_vault_data: "{{ vault_data | combine({vm_name_secret: cipassword}) }}"
  when: not variable_exists
 - name: Write updated Vault content to file (temporary plaintext)
--- a/vars/k3s.ini
+++ b/vars/k3s.ini
@@ -18,4 +18,3 @@ k3s-agent12
 [k3s_loadbalancer]
 k3s-loadbalancer
--- a/vars/vps.ini
+++ b/vars/vps.ini
@@ -1,3 +1,2 @@
 [vps]
 mii
`@@ -688,4 +688,3 @@`

	`# (list) default list of tags to skip in your plays, has precedence over Run Tags`	`# (list) default list of tags to skip in your plays, has precedence over Run Tags`
	`;skip=`	`;skip=`
`@@ -18,4 +18,3 @@ k3s-agent12`

	`[k3s_loadbalancer]`	`[k3s_loadbalancer]`
	`k3s-loadbalancer`	`k3s-loadbalancer`