From b28a86ebc1422191fa2287a423d6024ae87cdb33 Mon Sep 17 00:00:00 2001
From: armab <dev@arma.biz>
Date: Tue, 19 Feb 2019 18:19:10 +0100
Subject: [PATCH 1/6] Correctly specify CircleCI workflow name

---
 .circleci/config.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index a8080d1a..53af0708 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -33,7 +33,7 @@ jobs:
 
 workflows:
   version: 2
-  helm:
+  lint:
     jobs:
       - ansible-lint
       - yaml-lint

From 5d77f242c8983c951cebc153729bc61582784274 Mon Sep 17 00:00:00 2001
From: armab <dev@arma.biz>
Date: Tue, 19 Feb 2019 18:21:34 +0100
Subject: [PATCH 2/6] Remove unnecessary blank line

---
 roles/StackStorm.ewc/tasks/ewc_repos_cleanup_yum.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_yum.yml b/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_yum.yml
index dc73069e..7953fc91 100644
--- a/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_yum.yml
+++ b/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_yum.yml
@@ -1,5 +1,4 @@
 ---
-
 - name: Cleanup repo list file from disk
   become: yes
   yum_resository:

From e8105a684771db57e2198ed5a63960977468b375 Mon Sep 17 00:00:00 2001
From: armab <dev@arma.biz>
Date: Tue, 19 Feb 2019 18:27:17 +0100
Subject: [PATCH 3/6] Minor indent/spaces changes in ewc repo

---
 roles/StackStorm.ewc/tasks/ewc_repos_apt.yml  |   1 -
 .../tasks/ewc_repos_cleanup_apt.yml           |   1 -
 roles/StackStorm.ewc/tasks/ewc_repos_yum.yml  |   1 -
 roles/StackStorm.ewc/tasks/ldap.yml           |   1 -
 roles/StackStorm.ewc/tasks/license.yml        |   1 -
 roles/StackStorm.ewc/tasks/rbac.yml           | 108 +++++++++---------
 6 files changed, 54 insertions(+), 59 deletions(-)

diff --git a/roles/StackStorm.ewc/tasks/ewc_repos_apt.yml b/roles/StackStorm.ewc/tasks/ewc_repos_apt.yml
index 8673619d..55cf6f9c 100644
--- a/roles/StackStorm.ewc/tasks/ewc_repos_apt.yml
+++ b/roles/StackStorm.ewc/tasks/ewc_repos_apt.yml
@@ -1,5 +1,4 @@
 ---
-
 - name: Install prereqs (Debian)
   become: yes
   apt:
diff --git a/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_apt.yml b/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_apt.yml
index 10d498cd..f1afcc57 100644
--- a/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_apt.yml
+++ b/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_apt.yml
@@ -1,5 +1,4 @@
 ---
-
 - name: Cleanup repo list file from disk
   become: yes
   file:
diff --git a/roles/StackStorm.ewc/tasks/ewc_repos_yum.yml b/roles/StackStorm.ewc/tasks/ewc_repos_yum.yml
index 7b49a493..c085d54f 100644
--- a/roles/StackStorm.ewc/tasks/ewc_repos_yum.yml
+++ b/roles/StackStorm.ewc/tasks/ewc_repos_yum.yml
@@ -1,5 +1,4 @@
 ---
-
 # Fixes "Failure talking to yum: Cannot retrieve repository metadata (repomd.xml) for repository: StackStorm_stable. Please verify its path and try again" when installing st2
 - name: Update ca-certificates package
   become: yes
diff --git a/roles/StackStorm.ewc/tasks/ldap.yml b/roles/StackStorm.ewc/tasks/ldap.yml
index 8cb73e32..bc521f78 100644
--- a/roles/StackStorm.ewc/tasks/ldap.yml
+++ b/roles/StackStorm.ewc/tasks/ldap.yml
@@ -1,5 +1,4 @@
 ---
-
 - name: Setup st2.conf auth backend to LDAP
   become: yes
   # Unfortunately, ``with_dict`` also logs the dict which could leak passwords.
diff --git a/roles/StackStorm.ewc/tasks/license.yml b/roles/StackStorm.ewc/tasks/license.yml
index 497c06e8..8e11b485 100644
--- a/roles/StackStorm.ewc/tasks/license.yml
+++ b/roles/StackStorm.ewc/tasks/license.yml
@@ -1,5 +1,4 @@
 ---
-
 - name: Check if EWC license hash file is present
   stat:
     path: /etc/packagecloud/ewc_license_hash.txt
diff --git a/roles/StackStorm.ewc/tasks/rbac.yml b/roles/StackStorm.ewc/tasks/rbac.yml
index 4c1c7aac..e175d552 100644
--- a/roles/StackStorm.ewc/tasks/rbac.yml
+++ b/roles/StackStorm.ewc/tasks/rbac.yml
@@ -1,59 +1,59 @@
 ---
-  - name: Copy default RBAC roles to /opt/stackstorm/rbac/roles directory
-    become: yes
-    template:
-      src: rbac_roles/roles.yml.j2
-      dest: /opt/stackstorm/rbac/roles/{{ item.name }}.yaml
-      owner: st2
-      group: st2
-    loop: "{{ ewc_rbac_default_roles }}"
-    notify:
-      - reload ewc_rbac
+- name: Copy default RBAC roles to /opt/stackstorm/rbac/roles directory
+  become: yes
+  template:
+    src: rbac_roles/roles.yml.j2
+    dest: /opt/stackstorm/rbac/roles/{{ item.name }}.yaml
+    owner: st2
+    group: st2
+  loop: "{{ ewc_rbac_default_roles }}"
+  notify:
+    - reload ewc_rbac
 
-  - name: Copy user defined RBAC roles to /opt/stackstorm/rbac/roles directory
-    become: yes
-    template:
-      src: rbac_roles/roles.yml.j2
-      dest: /opt/stackstorm/rbac/roles/{{ item.name }}.yaml
-      owner: st2
-      group: st2
-    loop: "{{ ewc_rbac.roles }}"
-    when: ewc_rbac.roles is defined
-    notify:
-      - reload ewc_rbac
+- name: Copy user defined RBAC roles to /opt/stackstorm/rbac/roles directory
+  become: yes
+  template:
+    src: rbac_roles/roles.yml.j2
+    dest: /opt/stackstorm/rbac/roles/{{ item.name }}.yaml
+    owner: st2
+    group: st2
+  loop: "{{ ewc_rbac.roles }}"
+  when: ewc_rbac.roles is defined
+  notify:
+    - reload ewc_rbac
 
-  - name: Copy default RBAC assignments to /opt/stackstorm/rbac/assignments directory
-    become: yes
-    template:
-      src: rbac_assignments/assignments.yml.j2
-      dest: /opt/stackstorm/rbac/assignments/{{ item.name }}.yaml
-      owner: st2
-      group: st2
-    loop: "{{ ewc_rbac_default_assignments }}"
-    notify:
-      - reload ewc_rbac
+- name: Copy default RBAC assignments to /opt/stackstorm/rbac/assignments directory
+  become: yes
+  template:
+    src: rbac_assignments/assignments.yml.j2
+    dest: /opt/stackstorm/rbac/assignments/{{ item.name }}.yaml
+    owner: st2
+    group: st2
+  loop: "{{ ewc_rbac_default_assignments }}"
+  notify:
+    - reload ewc_rbac
 
-  - name: Copy user defined RBAC assignments to /opt/stackstorm/rbac/assignments directory
-    become: yes
-    template:
-      src: rbac_assignments/assignments.yml.j2
-      dest: /opt/stackstorm/rbac/assignments/{{ item.name }}.yaml
-      owner: st2
-      group: st2
-    loop: "{{ ewc_rbac.assignments }}"
-    when: ewc_rbac.assignments is defined
-    notify:
-      - reload ewc_rbac
+- name: Copy user defined RBAC assignments to /opt/stackstorm/rbac/assignments directory
+  become: yes
+  template:
+    src: rbac_assignments/assignments.yml.j2
+    dest: /opt/stackstorm/rbac/assignments/{{ item.name }}.yaml
+    owner: st2
+    group: st2
+  loop: "{{ ewc_rbac.assignments }}"
+  when: ewc_rbac.assignments is defined
+  notify:
+    - reload ewc_rbac
 
-  - name: Enable RBAC in st2 configuration
-    become: yes
-    ini_file:
-      dest: /etc/st2/st2.conf
-      section: rbac
-      option: enable
-      value: True
-      backup: yes
-    notify:
-      - restart st2
-      - reload ewc_rbac
-      - restart st2api
+- name: Enable RBAC in st2 configuration
+  become: yes
+  ini_file:
+    dest: /etc/st2/st2.conf
+    section: rbac
+    option: enable
+    value: True
+    backup: yes
+  notify:
+    - restart st2
+    - reload ewc_rbac
+    - restart st2api

From a2db8f2a25f910135bb8b1652242847b294f7d4e Mon Sep 17 00:00:00 2001
From: armab <dev@arma.biz>
Date: Tue, 19 Feb 2019 19:27:03 +0100
Subject: [PATCH 4/6] Fix bug in ewc transition logic when the changed license
 key wasn't replaced

---
 roles/StackStorm.ewc/tasks/ewc_repos_cleanup_yum.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_yum.yml b/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_yum.yml
index 7953fc91..9aeb9348 100644
--- a/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_yum.yml
+++ b/roles/StackStorm.ewc/tasks/ewc_repos_cleanup_yum.yml
@@ -1,7 +1,7 @@
 ---
 - name: Cleanup repo list file from disk
   become: yes
-  yum_resository:
+  yum_repository:
     name: "StackStorm_{{ ewc_repo }}"
     state: absent
   tags:

From 9e75bf86108e9e34d6527a10c92252224262db91 Mon Sep 17 00:00:00 2001
From: armab <dev@arma.biz>
Date: Tue, 19 Feb 2019 19:31:28 +0100
Subject: [PATCH 5/6] Respect ansible-lint '[306] Shells that use pipes should
 set the pipefail option'

---
 roles/StackStorm.st2smoketests/tasks/st2chatops.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/roles/StackStorm.st2smoketests/tasks/st2chatops.yml b/roles/StackStorm.st2smoketests/tasks/st2chatops.yml
index 6f0c8648..36b17047 100644
--- a/roles/StackStorm.st2smoketests/tasks/st2chatops.yml
+++ b/roles/StackStorm.st2smoketests/tasks/st2chatops.yml
@@ -1,9 +1,10 @@
 ---
 - name: Verify st2chatops using bin/hubot
   # when editing, make sure it works for at least 2 adapters: 'shell' and 'slack'
-  shell: timeout 10 bash -c '(sleep 5; echo exit ) | bin/hubot'
+  shell: set -o pipefail && timeout 10 bash -c '(sleep 5; echo exit ) | bin/hubot'
   args:
     chdir: /opt/stackstorm/chatops/
+    executable: /bin/bash
   environment:
     HUBOT_LOG_LEVEL: debug
   register: hubot_output

From 23a77af42b8b7351b985856ae1762d3f1eca5715 Mon Sep 17 00:00:00 2001
From: armab <dev@arma.biz>
Date: Tue, 19 Feb 2019 19:35:21 +0100
Subject: [PATCH 6/6] Ignore false-positives in ansible-lint

---
 roles/StackStorm.nginx/tasks/nginx_yum.yml            | 2 +-
 roles/StackStorm.postgresql/tasks/postgresql_yum6.yml | 2 +-
 roles/StackStorm.postgresql/tasks/postgresql_yum7.yml | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/roles/StackStorm.nginx/tasks/nginx_yum.yml b/roles/StackStorm.nginx/tasks/nginx_yum.yml
index 00774713..5aae92c8 100644
--- a/roles/StackStorm.nginx/tasks/nginx_yum.yml
+++ b/roles/StackStorm.nginx/tasks/nginx_yum.yml
@@ -56,7 +56,7 @@
   setup:
     filter: ansible_selinux
   when: nginx_selinux_dependencies.changed
-  tags: nginx
+  tags: nginx, skip_ansible_lint
 
 - name: Adjust SELinux to allow network access for nginx
   become: yes
diff --git a/roles/StackStorm.postgresql/tasks/postgresql_yum6.yml b/roles/StackStorm.postgresql/tasks/postgresql_yum6.yml
index 855a3fef..3c2643fb 100644
--- a/roles/StackStorm.postgresql/tasks/postgresql_yum6.yml
+++ b/roles/StackStorm.postgresql/tasks/postgresql_yum6.yml
@@ -52,7 +52,7 @@
   become: yes
   command: service postgresql-9.4 initdb
   when: install_postgresql.changed
-  tags: [db, postgresql]
+  tags: [db, postgresql, skip_ansible_lint]
 
 - name: yum | MD5-encrypted password for PostgreSQL 1
   become: yes
diff --git a/roles/StackStorm.postgresql/tasks/postgresql_yum7.yml b/roles/StackStorm.postgresql/tasks/postgresql_yum7.yml
index 90a83744..d7f27683 100644
--- a/roles/StackStorm.postgresql/tasks/postgresql_yum7.yml
+++ b/roles/StackStorm.postgresql/tasks/postgresql_yum7.yml
@@ -17,7 +17,7 @@
   become: yes
   command: postgresql-setup initdb
   when: install_postgresql.changed
-  tags: [db, postgresql]
+  tags: [db, postgresql, skip_ansible_lint]
 
 - name: yum | MD5-encrypted password for PostgreSQL 1
   become: yes