lint step was enabled (#64)

* lint step was enabled Signed-off-by: kogeler <roman.gavrilov@parity.io>
paritytech · Nov 27, 2023 · 224c408 · 224c408
1 parent a2c729e
commit 224c408
Show file tree

Hide file tree

Showing 100 changed files with 1,324 additions and 1,215 deletions.
diff --git a/.github/workflows/pr-secure-apt.yml b/.github/workflows/pr-secure-apt.yml
@@ -0,0 +1,18 @@
+name: check PR (secure_apt)
+
+on:
+  pull_request:
+    paths:
+      - roles/secure_apt/**
+      - .github/**
+
+jobs:
+  run-molecule-tests:
+    strategy:
+      fail-fast: false
+      matrix:
+        molecule-driver: [docker]
+    uses: ./.github/workflows/reusable-molecule.yml
+    with:
+      role-name: secure_apt
+      molecule-driver: ${{ matrix.molecule-driver }}
diff --git a/.github/workflows/pr-state-exporter.yml b/.github/workflows/pr-state-exporter.yml
@@ -0,0 +1,18 @@
+name: check PR (state_exporter)
+
+on:
+  pull_request:
+    paths:
+      - roles/state_exporter/**
+      - .github/**
+
+jobs:
+  run-molecule-tests:
+    strategy:
+      fail-fast: false
+      matrix:
+        molecule-driver: [docker]
+    uses: ./.github/workflows/reusable-molecule.yml
+    with:
+      role-name: state_exporter
+      molecule-driver: ${{ matrix.molecule-driver }}
diff --git a/.github/workflows/reusable-molecule.yml b/.github/workflows/reusable-molecule.yml
@@ -48,13 +48,12 @@ jobs:
         if: ${{ env.MOLECULE_IS_PRESENT && inputs.molecule-driver == 'lxd' }}
         run: |
           pip3 install --no-cache-dir molecule-lxd
-# enable and fix issues as separate PR
-#      - name: Run lint
-#        run: |
-#          set -e
-#          yamllint .
-#          ansible-lint
-#        working-directory: "${{ github.repository }}/roles/${{ inputs.role-name }}"
+      - name: Run lint
+        run: |
+          set -e
+          yamllint .
+          ansible-lint
+        working-directory: "${{ github.repository }}/roles/${{ inputs.role-name }}"
       - name: Run molecule tests
         if: ${{ env.MOLECULE_IS_PRESENT }}
         run: molecule test --all

diff --git a/galaxy.yml b/galaxy.yml
@@ -8,7 +8,7 @@ namespace: paritytech
 name: chain
 
 # The version of the collection. Must be compatible with semantic versioning
-version: 1.8.0
+version: 1.8.1
 
 # The path to the Markdown (.md) readme file. This path is relative to the root of the collection
 readme: README.md

diff --git a/roles/key_inject/.ansible-lint b/roles/key_inject/.ansible-lint
@@ -0,0 +1,3 @@
+---
+skip_list:
+  - name[casing]
diff --git a/roles/key_inject/.yamllint b/roles/key_inject/.yamllint
@@ -0,0 +1,33 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+  braces:
+    max-spaces-inside: 1
+    level: error
+  brackets:
+    max-spaces-inside: 1
+    level: error
+  colons:
+    max-spaces-after: -1
+    level: error
+  commas:
+    max-spaces-after: -1
+    level: error
+  comments: disable
+  comments-indentation: disable
+  document-start: disable
+  empty-lines:
+    max: 3
+    level: error
+  hyphens:
+    level: error
+  indentation: disable
+  key-duplicates: enable
+  line-length: disable
+  new-line-at-end-of-file: disable
+  new-lines:
+    type: unix
+  trailing-spaces: disable
+  truthy: disable
diff --git a/roles/key_inject/defaults/main.yml b/roles/key_inject/defaults/main.yml
@@ -1,8 +1,9 @@
-subkey_path: 'https://releases.parity.io/substrate/x86_64-debian%3Astretch/v3.0.0/subkey/subkey'
+---
+subkey_path: https://releases.parity.io/substrate/x86_64-debian%3Astretch/v3.0.0/subkey/subkey
 
 # Parachain key injection variables
 key_inject_parachain_rpc_port: 9955
-key_inject_parachain_scheme: "sr25519"
+key_inject_parachain_scheme: sr25519
 # key_inject_parachain_aura_private_key=
 
 # Relay chain key injection variables

diff --git a/roles/key_inject/tasks/check_session_key.yml b/roles/key_inject/tasks/check_session_key.yml
@@ -1,33 +1,32 @@
+---
 - name: Check session key | Generate session
   ansible.builtin.set_fact:
-    key_inject_session_key: "0x\
-    {% for key in key_inject_relay_chain_key_list %}\
-      {{ (key.priv_key | parity.chain.subkey_inspect(scheme=(key.scheme | default('sr25519')) )).publicKey.replace('0x','') }}\
-    {% endfor %}"
+    key_inject_session_key: "0x{% for key in key_inject_relay_chain_key_list %}{{ (key.priv_key | parity.chain.subkey_inspect(scheme=(key.scheme | default('sr25519')))).publicKey.replace('0x',
+      '') }}{% endfor %}"
 
 - name: Check session key | Run rpc
   ansible.builtin.uri:
-    url: "http://127.0.0.1:{{ key_inject_relay_chain_rpc_port }}"
+    url: http://127.0.0.1:{{ key_inject_relay_chain_rpc_port }}
     method: POST
     body:
       jsonrpc: "2.0"
-      method: "author_hasSessionKeys"
+      method: author_hasSessionKeys
       params: ["{{ key_inject_session_key }}"]
       id: 1
     body_format: json
     headers:
-      Content-Type: 'application/json'
+      Content-Type: application/json
     use_proxy: false
   changed_when: false
   check_mode: false
   register: key_inject_has_session_keys
 
 - name: Check session key | Debug
-  debug:
+  ansible.builtin.debug:
     msg: "RPC call failed: {{ key_inject_has_session_keys.json }}"
   when: key_inject_has_session_keys.json.result is not defined
 
 - name: Check session key | Check
   ansible.builtin.debug:
-    msg: "Session Key {{ key_inject_session_key }} is {{ 'NOT ' if not key_inject_has_session_keys.json.result else '' }}present in keystore"
-  changed_when: not key_inject_has_session_keys.json.result
+    msg: Session Key {{ key_inject_session_key }} is {{ 'NOT ' if not key_inject_has_session_keys.json.result else '' }}present in keystore
+  changed_when: not key_inject_has_session_keys.json.result
diff --git a/roles/key_inject/tasks/inject.yml b/roles/key_inject/tasks/inject.yml
@@ -1,22 +1,23 @@
+---
 - name: Inject keys
+  tags: [key-inject, key_inject]
   block:
     - name: Inject | Setting {{ item.type }} pub keys
       ansible.builtin.set_fact:
-        key_inject_pub_key: "{{ (item.priv_key |
-           parity.chain.subkey_inspect(scheme=(item.scheme | default('sr25519')) )).publicKey }}"
+        key_inject_pub_key: "{{ (item.priv_key | parity.chain.subkey_inspect(scheme=(item.scheme | default('sr25519')))).publicKey }}"
 
     - name: Inject | Check {{ item.type }} key
       ansible.builtin.uri:
-        url: "http://127.0.0.1:{{ item.rpc_port | default(key_inject_relay_chain_rpc_port) }}"
+        url: http://127.0.0.1:{{ item.rpc_port | default(key_inject_relay_chain_rpc_port) }}
         method: POST
         body:
           jsonrpc: "2.0"
-          method: "author_hasKey"
+          method: author_hasKey
           params: ["{{ key_inject_pub_key }}", "{{ item.type }}"]
           id: 1
         body_format: json
         headers:
-          Content-Type: 'application/json'
+          Content-Type: application/json
         use_proxy: false
       changed_when: false
       check_mode: false
@@ -28,21 +29,22 @@
 
     - name: Inject | Check {{ item.type }} key results
       ansible.builtin.debug:
-        msg: "Key {{ key_inject_pub_key }} ({{ item.type }}, {{ item.scheme | default('sr25519') }}) is {{ 'NOT ' if not key_inject_uri.json.result else '' }}present in keystore"
+        msg: Key {{ key_inject_pub_key }} ({{ item.type }}, {{ item.scheme | default('sr25519') }}) is {{ 'NOT ' if not key_inject_uri.json.result else '' }}present
+          in keystore
       changed_when: not key_inject_uri.json.result
 
     - name: Inject | Inject {{ item.type }} keys
       ansible.builtin.uri:
-        url: "http://127.0.0.1:{{ item.rpc_port | default(key_inject_relay_chain_rpc_port) }}"
+        url: http://127.0.0.1:{{ item.rpc_port | default(key_inject_relay_chain_rpc_port) }}
         method: POST
         body:
           jsonrpc: "2.0"
-          method: "author_insertKey"
+          method: author_insertKey
           params: ["{{ item.type }}", "{{ item.priv_key }}", "{{ key_inject_pub_key }}"]
           id: 1
         body_format: json
         headers:
-          Content-Type: 'application/json'
+          Content-Type: application/json
         use_proxy: false
       changed_when: true
       notify: Restart service
@@ -53,5 +55,3 @@
       ansible.builtin.debug:
         var: key_inject_uri
       when: not ansible_check_mode
-
-  tags: ['key-inject', 'key_inject']
diff --git a/roles/key_inject/tasks/main.yml b/roles/key_inject/tasks/main.yml
@@ -1,28 +1,26 @@
-- block:
+---
+- tags: [key-inject, key_inject]
+  block:
+    - name: Parachain keys
+      ansible.builtin.include_tasks: inject.yml
+      loop:
+        - rpc_port: "{{ key_inject_parachain_rpc_port }}"
+          scheme: "{{ key_inject_parachain_scheme }}"
+          type: aura
+          priv_key: "{{ key_inject_parachain_aura_private_key }}"
+      loop_control:
+        label: Parachain {{ item.type }} key
+      when: key_inject_parachain_aura_private_key is defined
 
+    - name: Relaychain keys
+      ansible.builtin.include_tasks: inject.yml
+      loop: "{{ key_inject_relay_chain_key_list }}"
+      loop_control:
+        label: Relaychain {{ item.type }} key
+      when: key_inject_relay_chain_key_list is defined
 
-  - name: Parachain keys
-    ansible.builtin.include_tasks: inject.yml
-    loop:
-      - rpc_port: "{{ key_inject_parachain_rpc_port }}"
-        scheme: "{{ key_inject_parachain_scheme }}"
-        type: "aura"
-        priv_key: "{{ key_inject_parachain_aura_private_key }}"
-    loop_control:
-      label: "Parachain {{ item.type }} key"
-    when: key_inject_parachain_aura_private_key is defined
-
-  - name: Relaychain keys
-    ansible.builtin.include_tasks: inject.yml
-    loop: "{{ key_inject_relay_chain_key_list }}"
-    loop_control:
-      label: "Relaychain {{ item.type }} key"
-    when: key_inject_relay_chain_key_list is defined
-
-  - name: Check session key is present
-    ansible.builtin.include_tasks: check_seesion_key.yml
-    when:
-     - key_inject_relay_chain_key_list is defined
-     - key_inject_check_session_key
-
-  tags: ['key-inject', 'key_inject']
+    - name: Check session key is present
+      ansible.builtin.include_tasks: check_seesion_key.yml
+      when:
+        - key_inject_relay_chain_key_list is defined
+        - key_inject_check_session_key
diff --git a/roles/nginx/.ansible-lint b/roles/nginx/.ansible-lint
@@ -0,0 +1,4 @@
+---
+skip_list:
+  - name[casing]
+  - name[template]
diff --git a/roles/nginx/defaults/main.yml b/roles/nginx/defaults/main.yml
@@ -1,12 +1,12 @@
-nginx_letsencrypt_email: "devops-team@parity.io"
+---
+nginx_letsencrypt_email: devops-team@parity.io
 nginx_letsencrypt_mock: false
 nginx_dhparam_size: 4096
 nginx_worker_rlimit_nofile: 30000
 # requests per second
 nginx_max_request_rate: 2
 nginx_burst_request_rate: 5
 
-
 # print extended data about clients
 nginx_log_extended_enable: false
 

diff --git a/roles/nginx/handlers/main.yml b/roles/nginx/handlers/main.yml
@@ -1,8 +1,7 @@
 ---
-
 - name: reload nginx config
   ansible.builtin.systemd:
-    name: "nginx"
+    name: nginx
     state: reloaded
-    enabled: yes
-    daemon_reload: yes
+    enabled: true
+    daemon_reload: true
diff --git a/roles/nginx/molecule/default/converge.yml b/roles/nginx/molecule/default/converge.yml
@@ -4,6 +4,6 @@
   tasks:
     - name: converge | deploy nginx without wipe
       ansible.builtin.include_role:
-        name: "nginx"
+        name: nginx
       vars:
         nginx_remove_enable: false
diff --git a/roles/nginx/molecule/default/group_vars/all.yml b/roles/nginx/molecule/default/group_vars/all.yml
@@ -1,30 +1,31 @@
+---
 ## Molecule
 ansible_user: root
 
 nginx_letsencrypt_mock: true
 nginx_dhparam_size: 1024
 nginx_sites:
   - template: site-rpc.j2
-    domain: "a.rpc.lan"
+    domain: a.rpc.lan
     ssl_issuer: letsencrypt
     params:
       rpc_port: 9933
       rpc_ws_port: 9944
   - template: site-rpc.j2
-    domain: "b.rpc.lan"
+    domain: b.rpc.lan
     ssl_issuer: manual
-    ssl_manual_cert_file: "test1.pem"
+    ssl_manual_cert_file: test1.pem
     params:
       rpc_port: 9933
       rpc_ws_port: 9944
   - template: site-connect.j2
-    domain: "c.rpc.lan"
+    domain: c.rpc.lan
     ssl_issuer: letsencrypt
     params:
       connect_port: 9944
   - template: site-connect.j2
-    domain: "d.rpc.lan"
+    domain: d.rpc.lan
     ssl_issuer: manual
-    ssl_manual_cert_file: "test2.pem"
+    ssl_manual_cert_file: test2.pem
     params:
       connect_port: 9944
diff --git a/roles/nginx/molecule/default/molecule.yml b/roles/nginx/molecule/default/molecule.yml
@@ -9,26 +9,26 @@ platforms:
     source:
       alias: debian/bullseye/amd64
     # DOCKER
-    image: "paritytech/debian11:latest"
+    image: paritytech/debian11:latest
     command: ${MOLECULE_DOCKER_COMMAND:-""}
     # need this for systemctl to work in Docker
     privileged: true
     # to pull image  from docker hub uncomment this
     pre_build_image: true
     etc_hosts:
-      'a.rpc.lan': '127.0.0.1'
-      'b.rpc.lan': '127.0.0.1'
-      'c.rpc.lan': '127.0.0.1'
-      'd.rpc.lan': '127.0.0.1'
+      a.rpc.lan: 127.0.0.1
+      b.rpc.lan: 127.0.0.1
+      c.rpc.lan: 127.0.0.1
+      d.rpc.lan: 127.0.0.1
 
 provisioner:
   name: ansible
   options:
-    D: True
+    D: true
   config_options:
     defaults:
       callbacks_enabled: timer
 verifier:
   name: ansible
   options:
-    D: True
+    D: true