tudattr/ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(pre-commit): Added linting

Browse Source
This commit is contained in:
Tuan-Dat Tran
2025-07-27 22:46:23 +02:00
parent 2882abfc0b
commit 6eef96b302
18 changed files with 57 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.ansible-lint
View File

@@ -25,7 +25,7 @@ enable_list:
- no-changed-when
# Offline mode disables any features that require internet access.
offline: true
offline: false
# Set the desired verbosity level.
verbosity: 1

23
.pre-commit-config.yaml Normal file
View File

@@ -0,0 +1,23 @@
repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.6.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-yaml
- id: check-added-large-files
- repo: local
hooks:
- id: ansible-galaxy-install
name: Install ansible-galaxy collections
entry: ansible-galaxy collection install -r requirements.yml
language: system
pass_filenames: false
always_run: true
- repo: https://github.com/ansible/ansible-lint
rev: v6.22.2
hooks:
- id: ansible-lint
files: \.(yaml|yml)$
additional_dependencies:
- ansible-core==2.15.8

2
README.md
View File

@@ -89,4 +89,4 @@ echo 1 | sudo tee /sys/class/block/sda/device/rescan
sudo fdisk -l /dev/sda # To check
# sudo apt-get install cloud-guest-utils
sudo growpart /dev/sda 1
```
```

1
ansible.cfg.default
View File

@@ -688,4 +688,3 @@
# (list) default list of tags to skip in your plays, has precedence over Run Tags
;skip=

8
requirements.txt
View File

@@ -1,12 +1,19 @@
cachetools==5.5.2
certifi==2025.1.31
cfgv==3.4.0
charset-normalizer==3.4.1
distlib==0.4.0
durationpy==0.10
filelock==3.18.0
google-auth==2.40.3
identify==2.6.12
idna==3.10
kubernetes==33.1.0
nc-dnsapi==0.1.3
nodeenv==1.9.1
oauthlib==3.3.1
platformdirs==4.3.8
pre_commit==4.2.0
proxmoxer==2.2.0
pyasn1==0.6.1
pyasn1_modules==0.4.2
@@ -17,4 +24,5 @@ requests-oauthlib==2.0.0
rsa==4.9.1
six==1.17.0
urllib3==2.3.0
virtualenv==20.32.0
websocket-client==1.8.0

5
requirements.yml Normal file
View File

@@ -0,0 +1,5 @@
---
collections:
- name: community.docker
- name: community.general
- name: kubernetes.core

1
roles/common/files/ssh/root/sshd_config
View File

@@ -16,4 +16,3 @@ TrustedUserCAKeys /etc/ssh/vault-ca.pub
UseDNS yes
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server

2
roles/common/handlers/main.yml
View File

@@ -3,4 +3,4 @@
service:
name: sshd
state: restarted
become: yes
become: true

2
roles/k3s_agent/handlers/main.yml
View File

@@ -3,4 +3,4 @@
service:
name: k3s
state: restarted
become: yes
become: true

3
roles/k3s_agent/tasks/main.yml
View File

@@ -1,2 +1,3 @@
---
- include_tasks: installation.yml
- name: Install k3s agent
include_tasks: installation.yml

2
roles/k3s_server/handlers/main.yml
View File

@@ -3,4 +3,4 @@
service:
name: k3s
state: restarted
become: yes
become: true

2
roles/k3s_server/tasks/pull_token.yml
View File

@@ -21,6 +21,6 @@
run_once: true
- name: Encrypt k3s token
ansible.builtin.shell: cd ../; ansible-vault encrypt "{{ playbook_dir }}/{{k3s_server_token_vault_file}}"
ansible.builtin.shell: cd ../; ansible-vault encrypt "{{ playbook_dir }}/{{ k3s_server_token_vault_file }}"
delegate_to: localhost
run_once: true

2
roles/k3s_storage/handlers/main.yml
View File

@@ -3,4 +3,4 @@
service:
name: k3s
state: restarted
become: yes
become: true

4
roles/kubernetes_argocd/tasks/main.yml
View File

@@ -25,7 +25,9 @@
name: argocd-server
namespace: "{{ argocd_namespace }}"
register: rollout_status
until: rollout_status.resources[0].status.readyReplicas is defined and rollout_status.resources[0].status.readyReplicas == rollout_status.resources[0].spec.replicas
until: >
rollout_status.resources[0].status.readyReplicas is defined and
rollout_status.resources[0].status.readyReplicas == rollout_status.resources[0].spec.replicas
retries: 30
delay: 10

17
roles/proxmox/tasks/06_hardware_acceleration.yml
View File

@@ -3,15 +3,12 @@
ansible.builtin.lineinfile:
path: /etc/default/grub
regexp: "^GRUB_CMDLINE_LINUX_DEFAULT="
line: 'GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on iommu=pt pcie_acs_override=downstream,multifunction initcall_blacklist=sysfb_init video=simplefb:off video=vesafb:off video=efifb:off video=vesa:off disable_vga=1 vfio_iommu_type1.allow_unsafe_interrupts=1 kvm.ignore_msrs=1 modprobe.blacklist=radeon,nouveau,nvidia,nvidiafb,nvidia-gpu,snd_hda_intel,snd_hda_codec_hdmi,i915"'
backup: true
register: iommu_result
- name: Set GRUB_CMDLINE_LINUX_DEFAULT for PCI passthrough
ansible.builtin.lineinfile:
path: /etc/default/grub
regexp: "^GRUB_CMDLINE_LINUX_DEFAULT="
line: 'GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on iommu=pt pcie_acs_override=downstream,multifunction initcall_blacklist=sysfb_init video=simplefb:off video=vesafb:off video=efifb:off video=vesa:off disable_vga=1 vfio_iommu_type1.allow_unsafe_interrupts=1 kvm.ignore_msrs=1 modprobe.blacklist=radeon,nouveau,nvidia,nvidiafb,nvidia-gpu,snd_hda_intel,snd_hda_codec_hdmi,i915"'
line: >
GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on iommu=pt
pcie_acs_override=downstream,multifunction initcall_blacklist=sysfb_init
video=simplefb:off video=vesafb:off video=efifb:off video=vesa:off
disable_vga=1 vfio_iommu_type1.allow_unsafe_interrupts=1 kvm.ignore_msrs=1
modprobe.blacklist=radeon,nouveau,nvidia,nvidiafb,nvidia-gpu,snd_hda_intel,snd_hda_codec_hdmi,i915"
backup: true
register: iommu_result
@@ -34,7 +31,7 @@
# notify:
# - Reboot Node
- name: update grub configuration
- name: Update grub configuration
ansible.builtin.command: update-grub
when: iommu_result.changed or vfio_result.changed
# notify:

4
roles/proxmox/tasks/15_create_secret.yml
View File

@@ -17,7 +17,7 @@
- name: Setup secret name
ansible.builtin.set_fact:
vm_name_secret: "{{ proxmox_secrets_prefix }}_{{ vm_name | replace('-','_') }}"
vm_name_secret: "{{ proxmox_secrets_prefix }}_{{ vm_name | replace('-', '_') }}"
- name: Check if variable is in vault
ansible.builtin.set_fact:
@@ -30,7 +30,7 @@
- name: Set new secret
ansible.builtin.set_fact:
new_vault_data: "{{ vault_data | combine({ vm_name_secret: cipassword }) }}"
new_vault_data: "{{ vault_data | combine({vm_name_secret: cipassword}) }}"
when: not variable_exists
- name: Write updated Vault content to file (temporary plaintext)

1
vars/k3s.ini
View File

@@ -18,4 +18,3 @@ k3s-agent12
[k3s_loadbalancer]
k3s-loadbalancer

1
vars/vps.ini
View File

@@ -1,3 +1,2 @@
[vps]
mii