refactor(ANSIBLE-LINT): reorganize, enforce fqcn

defaults/main.yml

@@ -5,8 +5,8 @@ brew_prefix: "{{ (ansible_machine == 'arm64') | ternary('/opt/homebrew', '/usr/l
 
 clamav_clamwatch: true
 
-clamav_clamwatch_target_folder: "{{ lookup('env','HOME') }}/Downloads"
-clamav_clamwatch_quarantine_folder: "{{ lookup('env','HOME') }}/Quarantine"
+clamav_clamwatch_target_folder: "{{ lookup('env', 'HOME') }}/Downloads"
+clamav_clamwatch_quarantine_folder: "{{ lookup('env', 'HOME') }}/Quarantine"
 clamav_clamwatch_log_file: /var/log/clamav.clamwatch.log
 clamav_clamwatch_stderr_log_file: /var/log/clamav.clamwatch.error.log
 

molecule/clamwatch/converge.yml

@@ -6,4 +6,4 @@
     clamav_clamwatch: true
   tasks:
     - name: Include Roles
-      include_tasks: "../common/tasks/roles.yml"
+      ansible.builtin.include_tasks: "../common/tasks/roles.yml"

molecule/clamwatch/verify.yml

@@ -5,13 +5,13 @@
   tasks:
 
     - name: Check File System Content
-      include_tasks: "../common/tasks/files.yml"
+      ansible.builtin.include_tasks: "../common/tasks/files.yml"
 
     - name: Check Processes
-      include_tasks: "../common/tasks/processes.yml"
+      ansible.builtin.include_tasks: "../common/tasks/processes.yml"
 
     - name: Assert the binaries are symlinked correctly
-      assert:
+      ansible.builtin.assert:
         that:
           - clamd_file.stat.executable
           - freshclam_file.stat.executable

molecule/common/tasks/files.yml

@@ -1,10 +1,10 @@
 ---
 - name: Set CI Machine Type
-  set_fact:
-    ansible_machine: "{{ lookup('env','PLATFORM') }}"
+  ansible.builtin.set_fact:
+    ansible_machine: "{{ lookup('env', 'PLATFORM') }}"
 
 - name: Load Default Var Content
-  include_vars: "../../../defaults/main.yml"
+  ansible.builtin.include_vars: "../../../defaults/main.yml"
 
 - name: Check clamd is installed
   ansible.builtin.stat:

molecule/common/tasks/processes.yml

@@ -1,18 +1,18 @@
 ---
 - name: Set CI Machine Type
-  set_fact:
-    ansible_machine: "{{ lookup('env','PLATFORM') }}"
+  ansible.builtin.set_fact:
+    ansible_machine: "{{ lookup('env', 'PLATFORM') }}"
 
 - name: Load Default Var Content
-  include_vars: "../../../defaults/main.yml"
+  ansible.builtin.include_vars: "../../../defaults/main.yml"
 
 - name: Capture Root Processes
   ansible.builtin.command: ps -u root
   register: root_processes
   changed_when: not root_processes.stdout
 
 - name: Create Root Processes Match String
-  set_fact:
+  ansible.builtin.set_fact:
     root_process_match_string1: '{{ brew_prefix }}/sbin/clamd --foreground -c {{ clamav_clamd_config_file }}'
     root_process_match_string2: '/bin/bash {{ brew_prefix }}/bin/clamwatch {{ clamav_clamwatch_target_folder }} {{ clamav_clamwatch_quarantine_folder }} {{ clamav_clamwatch_log_file }}'
 
@@ -22,5 +22,5 @@
   changed_when: not _clamav_processes.stdout
 
 - name: Create _clamav Processes Match String
-  set_fact:
+  ansible.builtin.set_fact:
     _clamav_processes_match_string: '{{ brew_prefix }}/bin/freshclam --daemon --foreground --config-file {{ clamav_freshclam_config_file }}'

molecule/no_clamwatch/converge.yml

@@ -6,4 +6,4 @@
     clamav_clamwatch: false
   tasks:
     - name: Include Roles
-      include_tasks: "../common/tasks/roles.yml"
+      ansible.builtin.include_tasks: "../common/tasks/roles.yml"

molecule/no_clamwatch/verify.yml

@@ -5,16 +5,16 @@
   tasks:
 
     - name: Check File System Content
-      include_tasks: "../common/tasks/files.yml"
+      ansible.builtin.include_tasks: "../common/tasks/files.yml"
 
     - name: Check File System Content
-      include_tasks: "../common/tasks/files.yml"
+      ansible.builtin.include_tasks: "../common/tasks/files.yml"
 
     - name: Check Processes
-      include_tasks: "../common/tasks/processes.yml"
+      ansible.builtin.include_tasks: "../common/tasks/processes.yml"
 
     - name: Assert the binaries are symlinked correctly
-      assert:
+      ansible.builtin.assert:
         that:
           - clamd_file.stat.executable
           - freshclam_file.stat.executable

tasks/logging.yml → tasks/clam_av/logging.yml

@@ -1,6 +1,6 @@
 ---
 - name: Check FreshClam logfile exists
-  stat:
+  ansible.builtin.stat:
     path: "{{ clamav_freshclam_log_file }}"
   register: freshclam_log
 - name: Create FreshClam logfile
@@ -14,7 +14,7 @@
   when: not freshclam_log.stat.exists
 
 - name: Check FreshClam Error logfile exists
-  stat:
+  ansible.builtin.stat:
     path: "{{ clamav_freshclam_stderr_log_file }}"
   register: freshclam_error_log
 - name: Create FreshClam Error logfile
@@ -28,7 +28,7 @@
   when: not freshclam_error_log.stat.exists
 
 - name: Check Clamd logfile exists
-  stat:
+  ansible.builtin.stat:
     path: "{{ clamav_clamd_log_file }}"
   register: clamd_log
 - name: Create Clamd logfile
@@ -42,7 +42,7 @@
   when: not clamd_log.stat.exists
 
 - name: Check Clamd Error logfile exists
-  stat:
+  ansible.builtin.stat:
     path: "{{ clamav_clamd_stderr_log_file }}"
   register: clamd_error_log
 - name: Create Clamd Error logfile

tasks/started.yml → tasks/clam_av/processes.yml

@@ -12,12 +12,3 @@
     name: "clamav.freshclam"
     enabled: true
     state: started
-
-- name: Start Clamwatch
-  become: true
-  community.general.launchd:
-    name: "clamav.clamwatch"
-    enabled: true
-    state: started
-    force_stop: yes
-  when: clamav_clamwatch

tasks/clam_watch/configuration.yml

@@ -0,0 +1,22 @@
+---
+- name: Install ClamWatch Daemon Configuration
+  become: true
+  ansible.builtin.template:
+    src: clamav.clamwatch.plist.j2
+    dest: /Library/LaunchDaemons/clamav.clamwatch.plist
+    mode: 0644
+    owner: root
+    group: wheel
+  notify:
+    - Restart Clamwatch
+
+- name: Install ClamWatch Script
+  become: true
+  ansible.builtin.template:
+    src: clamwatch.sh.j2
+    dest: "{{ brew_prefix }}/bin/clamwatch"
+    mode: 0755
+    owner: root
+    group: wheel
+  notify:
+    - Restart Clamwatch

tasks/clam_watch/folders.yml

@@ -0,0 +1,7 @@
+---
+- name: Create ClamWatch Quarantine Folder
+  become: true
+  ansible.builtin.file:
+    path: "{{ clamav_clamwatch_quarantine_folder }}"
+    state: directory
+    mode: 0700

tasks/watcher.yml → tasks/clam_watch/logging.yml

@@ -1,15 +1,9 @@
 ---
-- name: Create ClamWatch Quarantine Folder
-  become: true
-  ansible.builtin.file:
-    path: "{{ clamav_clamwatch_quarantine_folder }}"
-    state: directory
-    mode: 0700
-
 - name: Check ClamWatch logfile exists
-  stat:
+  ansible.builtin.stat:
     path: "{{ clamav_clamwatch_log_file }}"
   register: clamwatch_log
+
 - name: Create Clamd logfile
   become: true
   ansible.builtin.file:
@@ -21,9 +15,10 @@
   when: not clamwatch_log.stat.exists
 
 - name: Check ClamWatch Error logfile exists
-  stat:
+  ansible.builtin.stat:
     path: "{{ clamav_clamwatch_stderr_log_file }}"
   register: clamwatch_error_log
+
 - name: Create ClamWatch Error logfile
   become: true
   ansible.builtin.file:
@@ -33,25 +28,3 @@
     owner: root
     group: wheel
   when: not clamwatch_error_log.stat.exists
-
-- name: Install ClamWatch Daemon Configuration
-  become: true
-  ansible.builtin.template:
-    src: clamav.clamwatch.plist.j2
-    dest: /Library/LaunchDaemons/clamav.clamwatch.plist
-    mode: 0644
-    owner: root
-    group: wheel
-  notify:
-    - Restart Clamwatch
-
-- name: Install ClamWatch Script
-  become: true
-  ansible.builtin.template:
-    src: clamwatch.sh.j2
-    dest: "{{ brew_prefix }}/bin/clamwatch"
-    mode: 0755
-    owner: root
-    group: wheel
-  notify:
-    - Restart Clamwatch

tasks/clam_watch/processes.yml

@@ -0,0 +1,8 @@
+---
+- name: Start Clamwatch
+  become: true
+  community.general.launchd:
+    name: "clamav.clamwatch"
+    enabled: true
+    state: started
+    force_stop: yes

tasks/main.yml

@@ -14,30 +14,44 @@
   tags:
     - clamav
 
-- name: Setup Folders
+- name: Setup ClamAV Folders
   ansible.builtin.include_tasks:
-    file: "folders.yml"
+    file: "clam_av/folders.yml"
   tags:
     - clamav
 
-- name: Setup Logging
+- name: Setup ClamAV Logging
   ansible.builtin.include_tasks:
-    file: "logging.yml"
+    file: "clam_av/logging.yml"
   tags:
     - clamav
 
-- name: Setup Configuration
+- name: Setup ClamAV Configuration
   ansible.builtin.include_tasks:
-    file: "configuration.yml"
+    file: "clam_av/configuration.yml"
   tags:
     - clamav
 
-- name: Setup ClamWatch Service
+- name: Setup ClamWatch Folders
   ansible.builtin.include_tasks:
-    file: "watcher.yml"
+    file: "clam_watch/folders.yml"
+  tags:
+    - clamav
+  when: clamav_clamwatch
+
+- name: Setup ClamWatch Logging
+  ansible.builtin.include_tasks:
+    file: "clam_watch/logging.yml"
+  tags:
+    - clamav
   when: clamav_clamwatch
+
+- name: Setup ClamWatch Configuration
+  ansible.builtin.include_tasks:
+    file: "clam_watch/configuration.yml"
   tags:
     - clamav
+  when: clamav_clamwatch
 
 - name: Flush Handlers
   ansible.builtin.meta: flush_handlers
@@ -46,6 +60,13 @@
 
 - name: Ensure Services Are Always Running
   ansible.builtin.include_tasks:
-    file: "started.yml"
+    file: "clam_av/processes.yml"
+  tags:
+    - clamav
+
+- name: Ensure Services Are Always Running
+  ansible.builtin.include_tasks:
+    file: "clam_watch/processes.yml"
   tags:
     - clamav
+  when: clamav_clamwatch