Fixed ansible-lint problems

dmotte · Jul 20, 2023 · 2810e35 · 2810e35
1 parent 67a950c
commit 2810e35
Show file tree

Hide file tree

Showing 7 changed files with 18 additions and 16 deletions.
diff --git a/.ansible-lint b/.ansible-lint
@@ -1,2 +1,4 @@
 ---
 strict: true
+exclude_paths:
+  - .github/
diff --git a/defaults/main.yml b/defaults/main.yml
@@ -1,14 +1,14 @@
 ---
 # Content for the /etc/iptables/rules.v4 file. If set to empty string, that file
 # won't be created
-rules_v4: ""
+iptables_rules_v4: ""
 
 # Content for the /etc/iptables/rules.v6 file. If set to empty string, that file
 # won't be created
-rules_v6: ""
+iptables_rules_v6: ""
 
 # Whether or not to reload the iptables rules if changed
-reload_rules_if_changed: true
+iptables_rules_reload_if_changed: true
 
 # List of services that must be restarted if the iptables rules change
-restart_services: []
+iptables_rules_restart_services: []
diff --git a/handlers/main.yml b/handlers/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: Iptables IPv4 reset
-  when: reload_rules_if_changed
+  when: iptables_rules_reload_if_changed
   block:
     - name: Set the iptables policy for the filter:INPUT chain to ACCEPT
       ansible.builtin.iptables:
@@ -36,7 +36,7 @@
       listen: Reload iptables rules and restart services
 
 - name: Iptables IPv6 reset
-  when: reload_rules_if_changed
+  when: iptables_rules_reload_if_changed
   block:
     - name: Set the iptables IPv6 policy for the filter:INPUT chain to ACCEPT
       ansible.builtin.iptables:
@@ -81,11 +81,11 @@
     name: netfilter-persistent
     state: restarted
   listen: Reload iptables rules and restart services
-  when: reload_rules_if_changed
+  when: iptables_rules_reload_if_changed
 
 - name: Restart other services
   ansible.builtin.service:
     name: "{{ item }}"
     state: restarted
-  loop: "{{ restart_services }}"
+  loop: "{{ iptables_rules_restart_services }}"
   listen: Reload iptables rules and restart services
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -28,15 +28,15 @@
     src: rules_v4.j2
     dest: /etc/iptables/rules.v4
     mode: "0644"
-  when: rules_v4 != ""
+  when: iptables_rules_v4 != ""
   notify: Reload iptables rules and restart services
 
 - name: Create the rules.v6 file
   ansible.builtin.template:
     src: rules_v6.j2
     dest: /etc/iptables/rules.v6
     mode: "0644"
-  when: rules_v6 != ""
+  when: iptables_rules_v6 != ""
   notify: Reload iptables rules and restart services
 
 - name: Force all notified handlers to run at this point

diff --git a/templates/rules_v4.j2 b/templates/rules_v4.j2
@@ -1 +1 @@
-{{ rules_v4 | regex_replace('\r\n', '\n') }}
+{{ iptables_rules_v4 | regex_replace('\r\n', '\n') }}
diff --git a/templates/rules_v6.j2 b/templates/rules_v6.j2
@@ -1 +1 @@
-{{ rules_v6 | regex_replace('\r\n', '\n') }}
+{{ iptables_rules_v6 | regex_replace('\r\n', '\n') }}
diff --git a/test/playbook.yml b/test/playbook.yml
@@ -6,8 +6,8 @@
   tasks:
     - name: Include the role from the parent directory
       ansible.builtin.include_role: { name: "{{ playbook_dir | dirname }}" }
-      vars:
+      vars: # noqa: var-naming[no-role-prefix]
         ansible_become: true
-        rules_v4: "{{ lookup('ansible.builtin.file', 'rules.v4') }}"
-        reload_rules_if_changed: false
-        restart_services: [docker]
+        iptables_rules_v4: "{{ lookup('ansible.builtin.file', 'rules.v4') }}"
+        iptables_rules_reload_if_changed: false
+        iptables_rules_restart_services: [docker]
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		{{ rules_v4 \| regex_replace('\r\n', '\n') }}
		{{ iptables_rules_v4 \| regex_replace('\r\n', '\n') }}
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		{{ rules_v6 \| regex_replace('\r\n', '\n') }}
		{{ iptables_rules_v6 \| regex_replace('\r\n', '\n') }}