Fix ansible-lint errors (#169)

Try to reduce ansible-lint errors and warnings to minimum.
Nevertheless:
- The no-handler error has been kept, since I can live test it
- the two line-length errors are errors for comments, so I've
not fixed them.

In order to fix meta data errors, I've modified the generated-templates.sh
script to patch the generated files.

Signed-off-by: Arnaud Patard <apatard@hupstream.com>

.ansible-lint-ignore

@@ -1,67 +1,3 @@
-src/molecule_plugins/docker/playbooks/create.yml yaml[line-length]
-src/molecule_plugins/docker/playbooks/destroy.yml yaml[line-length]
-
-src/molecule_plugins/gce/playbooks/handlers/main.yml yaml[line-length]
-src/molecule_plugins/gce/playbooks/tasks/create_linux_instance.yml yaml[line-length]
-src/molecule_plugins/gce/playbooks/tasks/create_windows_instance.yml yaml[line-length]
-
-src/molecule_plugins/podman/playbooks/create.yml yaml[line-length]
-
-test/gce/scenarios/linux/handlers/main.yml yaml[line-length]
 test/gce/scenarios/linux/molecule.yml yaml[line-length]
-test/gce/scenarios/linux/tasks/create_linux_instance.yml yaml[line-length]
-test/gce/scenarios/linux/tasks/create_windows_instance.yml yaml[line-length]
-
-test/gce/scenarios/windows/handlers/main.yml yaml[line-length]
 test/gce/scenarios/windows/molecule.yml yaml[line-length]
-test/gce/scenarios/windows/tasks/create_linux_instance.yml yaml[line-length]
-test/gce/scenarios/windows/tasks/create_windows_instance.yml yaml[line-length]
-
-test/roles/azureplugin/meta/main.yml meta-incorrect
-test/roles/azureplugin/meta/main.yml meta-no-info
-test/roles/azureplugin/meta/main.yml schema[meta]
-test/roles/azureplugin/molecule/default/create.yml yaml[octal-values]
-test/roles/azureplugin/molecule/default/destroy.yml yaml[octal-values]
-test/roles/azureplugin/molecule/default/verify.yml yaml[indentation]
-test/roles/azureplugin/tests/test.yml name[play]
-
-test/roles/dockerplugin/meta/main.yml meta-incorrect
-test/roles/dockerplugin/meta/main.yml meta-no-info
-test/roles/dockerplugin/meta/main.yml schema[meta]
-test/roles/dockerplugin/molecule/default/verify.yml yaml[indentation]
-test/roles/dockerplugin/tests/test.yml name[play]
-
-test/roles/ec2plugin/meta/main.yml meta-incorrect
-test/roles/ec2plugin/meta/main.yml meta-no-info
-test/roles/ec2plugin/meta/main.yml schema[meta]
-test/roles/ec2plugin/molecule/default/create.yml key-order[task]
-test/roles/ec2plugin/molecule/default/create.yml name[missing]
 test/roles/ec2plugin/molecule/default/create.yml no-handler
-test/roles/ec2plugin/molecule/default/create.yml risky-file-permissions
-test/roles/ec2plugin/molecule/default/destroy.yml risky-file-permissions
-test/roles/ec2plugin/molecule/default/verify.yml yaml[indentation]
-test/roles/ec2plugin/tests/test.yml name[play]
-
-test/roles/gceplugin/meta/main.yml meta-incorrect
-test/roles/gceplugin/meta/main.yml meta-no-info
-test/roles/gceplugin/meta/main.yml schema[meta]
-test/roles/gceplugin/molecule/default/verify.yml yaml[indentation]
-test/roles/gceplugin/tests/test.yml name[play]
-
-test/roles/podmanplugin/meta/main.yml meta-incorrect
-test/roles/podmanplugin/meta/main.yml meta-no-info
-test/roles/podmanplugin/meta/main.yml schema[meta]
-test/roles/podmanplugin/molecule/default/verify.yml yaml[indentation]
-test/roles/podmanplugin/tests/test.yml name[play]
-
-test/roles/vagrantplugin/meta/main.yml meta-incorrect
-test/roles/vagrantplugin/meta/main.yml meta-no-info
-test/roles/vagrantplugin/meta/main.yml schema[meta]
-test/roles/vagrantplugin/molecule/default/verify.yml yaml[indentation]
-test/roles/vagrantplugin/tests/test.yml name[play]
-
-test/roles/containersplugin/meta/main.yml meta-incorrect
-test/roles/containersplugin/meta/main.yml meta-no-info
-test/roles/containersplugin/meta/main.yml schema[meta]
-test/roles/containersplugin/molecule/default/verify.yml yaml[indentation]
-test/roles/containersplugin/tests/test.yml name[play]

src/molecule_plugins/azure/cookiecutter/{{cookiecutter.molecule_directory}}/{{cookiecutter.scenario_name}}/create.yml

@@ -76,7 +76,7 @@
   handlers:
     - name: Populate instance config dict
       ansible.builtin.set_fact:
-        instance_conf_dict:
+        instance_conf_dict:  # noqa: jinja[spacing]
           {
             "instance": "{{ item.ansible_facts.azure_vm.name }}",
             "address": "{{ item.ansible_facts.azure_vm
@@ -99,7 +99,7 @@
       ansible.builtin.copy:
         content: "{{ instance_conf | to_json | from_json | to_yaml }}"
         dest: "{{ molecule_instance_config }}"
-        mode: 0664
+        mode: "0664"
 
     - name: Wait for SSH
       ansible.builtin.wait_for:

src/molecule_plugins/azure/cookiecutter/{{cookiecutter.molecule_directory}}/{{cookiecutter.scenario_name}}/destroy.yml

@@ -28,5 +28,5 @@
       ansible.builtin.copy:
         content: "{{ instance_conf | to_json | from_json | to_yaml }}"
         dest: "{{ molecule_instance_config }}"
-        mode: 0644
+        mode: "0644"
 {%- endraw %}

src/molecule_plugins/docker/playbooks/create.yml

@@ -173,7 +173,9 @@
         restart_retries: "{{ item.restart_retries | default(omit) }}"
         tty: "{{ item.tty | default(omit) }}"
         labels: "{{ molecule_labels | combine(item.labels | default({})) }}"
-        container_default_behavior: "{{ item.container_default_behavior | default('compatibility' if ansible_version.full is version_compare('2.10', '>=') else omit) }}"
+        container_default_behavior: >-
+          {{ item.container_default_behavior
+             | default('compatibility' if ansible_version.full is version_compare('2.10', '>=') else omit) }}
         stop_signal: "{{ item.stop_signal | default(omit) }}"
         kill_signal: "{{ item.kill_signal | default(omit) }}"
         cgroupns_mode: "{{ item.cgroupns_mode | default(omit) }}"

src/molecule_plugins/docker/playbooks/destroy.yml

@@ -23,7 +23,9 @@
         state: absent
         force_kill: "{{ item.force_kill | default(true) }}"
         keep_volumes: "{{ item.keep_volumes | default(true) }}"
-        container_default_behavior: "{{ item.container_default_behavior | default('compatibility' if ansible_version.full is version_compare('2.10', '>=') else omit) }}"
+        container_default_behavior: >-
+          {{ item.container_default_behavior
+             | default('compatibility' if ansible_version.full is version_compare('2.10', '>=') else omit) }}
       register: server
       loop: "{{ molecule_yml.platforms }}"
       loop_control:

src/molecule_plugins/ec2/cookiecutter/{{cookiecutter.molecule_directory}}/{{cookiecutter.scenario_name}}/create.yml

@@ -120,6 +120,7 @@
       ansible.builtin.copy:
         dest: "{{ run_config_path }}"
         content: "{{ run_config | to_yaml }}"
+        mode: "0600"
 
     - name: Generate local key pairs
       community.crypto.openssh_keypair:
@@ -137,7 +138,7 @@
         owners: "{{ item.image_owner }}"
         filters: "{{ item.image_filters | default({}) | combine(image_name_map) }}"
       vars:
-        image_name_map: "{% if item.image_name is defined and item.image_name | length > 0 %}{{ { 'name': item.image_name } }}{% else %}{}{% endif %}"
+        image_name_map: "{% if item.image_name is defined and item.image_name | length > 0 %}{{ {'name': item.image_name} }}{% else %}{}{% endif %}"
       loop: "{{ platforms }}"
       loop_control:
         label: "{{ item.name }}"
@@ -248,6 +249,7 @@
       poll: 0
 
     - name: Instance boot block
+      when: ec2_instances_async is changed
       block:
         - name: Wait for instance creation to complete
           ansible.builtin.async_status:
@@ -288,6 +290,7 @@
                    | to_json
                    | from_json
                    | to_yaml }}
+            mode: "0600"
 
         - name: Start SSH pollers
           ansible.builtin.wait_for:
@@ -318,5 +321,4 @@
         - name: Wait for boot process to finish
           ansible.builtin.pause:
             seconds: "{{ platforms | map(attribute='boot_wait_seconds') | max }}"
-      when: ec2_instances_async is changed
 {%- endraw %}

src/molecule_plugins/ec2/cookiecutter/{{cookiecutter.molecule_directory}}/{{cookiecutter.scenario_name}}/destroy.yml

@@ -109,6 +109,7 @@
       ansible.builtin.copy:
         dest: "{{ molecule_instance_config }}"
         content: "{{ {} | to_yaml }}"
+        mode: "0644"
 
     - name: Destroy ephemeral security groups (if needed)
       amazon.aws.ec2_security_group:

src/molecule_plugins/gce/playbooks/create.yml

@@ -7,7 +7,11 @@
   vars:
     ssh_identity_file: "{{ lookup('env', 'MOLECULE_EPHEMERAL_DIRECTORY') }}/ssh_key"
     gcp_project_id: "{{ molecule_yml.driver.project_id | default(lookup('env', 'GCE_PROJECT_ID')) }}"
-
+    gcp_net_name: "{{ molecule_yml.driver.network_name | default('default') }}"
+    gcp_project: "{{ molecule_yml.driver.vpc_host_project | default(gcp_project_id) }}"
+    gcp_net: "https://www.googleapis.com/compute/v1/projects/{{ gcp_project }}/global/networks/{{ gcp_net_name }}"
+    gcp_snet_name: "{{ molecule_yml.driver.subnetwork_name | default('default') }}"
+    gcp_snet: "https://compute.googleapis.com/compute/v1/projects/{{ gcp_project }}/regions/{{ molecule_yml.driver.region }}/subnetworks/{{ gcp_snet_name }}"
   tasks:
     - name: Make sure if linux or windows either specified
       ansible.builtin.assert:

src/molecule_plugins/gce/playbooks/destroy.yml

@@ -13,8 +13,8 @@
         zone: "{{ item.zone | default(molecule_yml.driver.region + '-b') }}"
         project: "{{ molecule_yml.driver.project_id | default(lookup('env', 'GCE_PROJECT_ID')) }}"
         scopes: "{{ molecule_yml.driver.scopes | default(['https://www.googleapis.com/auth/compute'], True) }}"
-        service_account_email: "{{ molecule_yml.driver.service_account_email | default (omit, true) }}"
-        service_account_file: "{{ molecule_yml.driver.service_account_file | default (omit, true) }}"
+        service_account_email: "{{ molecule_yml.driver.service_account_email | default(omit, true) }}"
+        service_account_file: "{{ molecule_yml.driver.service_account_file | default(omit, true) }}"
         auth_kind: "{{ molecule_yml.driver.auth_kind | default(omit, true) }}"
       register: async_results
       loop: "{{ molecule_yml.platforms }}"

src/molecule_plugins/gce/playbooks/handlers/main.yml

@@ -4,8 +4,10 @@
     instance_conf_dict:
       {
         "instance": "{{ instance_info.name }}",
-        "address": "{{ instance_info.networkInterfaces.0.accessConfigs.0.natIP if molecule_yml.driver.external_access else instance_info.networkInterfaces.0.networkIP }}",
-        "user": "{{ lookup('env','USER') }}",
+        "address": "{{ instance_info.networkInterfaces.0.accessConfigs.0.natIP
+          if molecule_yml.driver.external_access
+          else instance_info.networkInterfaces.0.networkIP }}",
+        "user": "{{ lookup('env', 'USER') }}",
         "port": "22",
         "identity_file": "{{ ssh_identity_file }}",
         "instance_os_type": "{{ molecule_yml.driver.instance_os_type }}",
@@ -21,7 +23,9 @@
     instance_conf_dict:
       {
         "instance": "{{ instance_info.name }}",
-        "address": "{{ instance_info.networkInterfaces.0.accessConfigs.0.natIP if molecule_yml.driver.external_access else instance_info.networkInterfaces.0.networkIP }}",
+        "address": "{{ instance_info.networkInterfaces.0.accessConfigs.0.natIP
+          if molecule_yml.driver.external_access
+          else instance_info.networkInterfaces.0.networkIP }}",
         "user": "molecule_usr",
         "password": "{{ instance_info.password }}",
         "port": "{{ instance_info.winrm_port | default(5986) }}",

src/molecule_plugins/gce/playbooks/tasks/create_linux_instance.yml

@@ -1,7 +1,7 @@
 ---
 - name: Create ssh keypair
   community.crypto.openssh_keypair:
-    comment: "{{ lookup('env','USER') }} user for Molecule"
+    comment: "{{ lookup('env', 'USER') }} user for Molecule"
     path: "{{ ssh_identity_file }}"
   register: keypair
 
@@ -11,7 +11,7 @@
     name: "{{ item.name }}"
     machine_type: "{{ item.machine_type | default('n1-standard-1') }}"
     metadata:
-      ssh-keys: "{{ lookup('env','USER') }}:{{ keypair.public_key }}"
+      ssh-keys: "{{ lookup('env', 'USER') }}:{{ keypair.public_key }}"
     scheduling:
       preemptible: "{{ item.preemptible | default(false) }}"
     disks:
@@ -24,15 +24,15 @@
             raw_key: "{{ item.image_encryption_key | default(omit) }}"
     network_interfaces:
       - network:
-          selfLink: "https://www.googleapis.com/compute/v1/projects/{{ molecule_yml.driver.vpc_host_project | default(gcp_project_id) }}/global/networks/{{ molecule_yml.driver.network_name | default('default') }}"
+          selfLink: "{{ gcp_net }}"
         subnetwork:
-          selfLink: "https://compute.googleapis.com/compute/v1/projects/{{ molecule_yml.driver.vpc_host_project | default(gcp_project_id) }}/regions/{{ molecule_yml.driver.region }}/subnetworks/{{ molecule_yml.driver.subnetwork_name | default('default') }}"
+          selfLink: "{{ gcp_snet }}"
         access_configs: "{{ [{'name': 'instance_ip', 'type': 'ONE_TO_ONE_NAT'}] if molecule_yml.driver.external_access else [] }}"
     zone: "{{ item.zone | default(molecule_yml.driver.region + '-b') }}"
     project: "{{ gcp_project_id }}"
     scopes: "{{ molecule_yml.driver.scopes | default(['https://www.googleapis.com/auth/compute'], True) }}"
-    service_account_email: "{{ molecule_yml.driver.service_account_email | default (omit, true) }}"
-    service_account_file: "{{ molecule_yml.driver.service_account_file | default (omit, true) }}"
+    service_account_email: "{{ molecule_yml.driver.service_account_email | default(omit, true) }}"
+    service_account_file: "{{ molecule_yml.driver.service_account_file | default(omit, true) }}"
     auth_kind: "{{ molecule_yml.driver.auth_kind | default(omit, true) }}"
   register: async_results
   loop: "{{ molecule_yml.platforms }}"

src/molecule_plugins/gce/playbooks/tasks/create_windows_instance.yml

@@ -16,15 +16,15 @@
             raw_key: "{{ item.image_encryption_key | default(omit) }}"
     network_interfaces:
       - network:
-          selfLink: "https://www.googleapis.com/compute/v1/projects/{{ molecule_yml.driver.vpc_host_project | default(gcp_project_id) }}/global/networks/{{ molecule_yml.driver.network_name | default('default') }}"
+          selfLink: "{{ gcp_net }}"
         subnetwork:
-          selfLink: "https://compute.googleapis.com/compute/v1/projects/{{ molecule_yml.driver.vpc_host_project | default(gcp_project_id) }}/regions/{{ molecule_yml.driver.region }}/subnetworks/{{ molecule_yml.driver.subnetwork_name | default('default') }}"
+          selfLink: "{{ gcp_snet }}"
         access_configs: "{{ [{'name': 'instance_ip', 'type': 'ONE_TO_ONE_NAT'}] if molecule_yml.driver.external_access else [] }}"
     zone: "{{ item.zone | default(molecule_yml.driver.region + '-b') }}"
     project: "{{ gcp_project_id }}"
     scopes: "{{ molecule_yml.driver.scopes | default(['https://www.googleapis.com/auth/compute'], True) }}"
-    service_account_email: "{{ molecule_yml.driver.service_account_email | default (omit, true) }}"
-    service_account_file: "{{ molecule_yml.driver.service_account_file | default (omit, true) }}"
+    service_account_email: "{{ molecule_yml.driver.service_account_email | default(omit, true) }}"
+    service_account_file: "{{ molecule_yml.driver.service_account_file | default(omit, true) }}"
     auth_kind: "{{ molecule_yml.driver.auth_kind | default(omit, true) }}"
   register: async_results
   loop: "{{ molecule_yml.platforms }}"
@@ -52,7 +52,12 @@
   loop: "{{ server.results }}"
 
 - name: Prepare Windows User
-  ansible.builtin.script: ./files/windows_auth.py --instance {{ item.name }} --zone {{ item.zone | default(molecule_yml.driver.region + '-b') }} --project {{ gcp_project_id }} --username molecule_usr
+  ansible.builtin.script: >
+    ./files/windows_auth.py
+    --instance {{ item.name }}
+    --zone {{ item.zone | default(molecule_yml.driver.region + '-b') }}
+    --project {{ gcp_project_id }}
+    --username molecule_usr
   args:
     executable: python3
   environment:
@@ -67,6 +72,6 @@
 
 - name: Add password for instances in server list
   ansible.builtin.set_fact:
-    win_instances: "{{ win_instances|default([]) + [dict(item[0], password=item[1].stdout_lines |last)] }}"
+    win_instances: "{{ win_instances | default([]) + [dict(item[0], password=item[1].stdout_lines | last)] }}"
   loop: "{{ server.results | zip(password.results) | list }}"
   no_log: true

src/molecule_plugins/podman/playbooks/create.yml

@@ -28,7 +28,8 @@
         --username {{ item.registry.credentials.username }}
         --password {{ item.registry.credentials.password }}
         --tls-verify={{ item.tls_verify | default(lookup('env', 'DOCKER_TLS_VERIFY')) or false }}
-        {% if lookup('env', 'DOCKER_CERT_PATH') %}--cert-dir {{ item.cert_path | default(lookup('env', 'DOCKER_CERT_PATH') + '/cert.pem') }}{% endif %}
+        {% if lookup('env', 'DOCKER_CERT_PATH') %}
+        --cert-dir {{ item.cert_path | default(lookup('env', 'DOCKER_CERT_PATH') + '/cert.pem') }}{% endif %}
         {{ item.registry.url }}
       with_items: "{{ molecule_yml.platforms }}"
       loop_control:
@@ -86,7 +87,7 @@
         -t molecule_local/{{ item.item.image }}
         {% if item.item.buildargs is defined %}{% for i, k in item.item.buildargs.items() %}--build-arg={{ i }}={{ k }}{% endfor %}{% endif %}
         {% if item.item.pull is defined %}--pull={{ item.item.pull }}{% endif %}
-        {{ molecule_scenario_directory + '/' + (item.item.dockerfile | default( 'Dockerfile.j2')) | dirname }}
+        {{ molecule_scenario_directory + '/' + (item.item.dockerfile | default('Dockerfile.j2')) | dirname }}
       with_items: "{{ platforms.results }}"
       loop_control:
         label: "{{ item.item.image | default('None specified') }}"
@@ -169,11 +170,13 @@
         {% if item.ulimits is defined %}{% for i in item.ulimits %}--ulimit={{ i }} {% endfor %}{% endif %}
         {% if item.dns_servers is defined %}--dns="{{ item.dns_servers | join(',') }}"{% endif %}
         {% if item.env is defined %}{% for i, k in item.env.items() %}--env={{ i }}={{ k }} {% endfor %}{% endif %}
-        {% if item.restart_policy is defined %}--restart={{ item.restart_policy }}{% if item.restart_retries is defined %}:{{ item.restart_retries }}{% endif %}{% endif %}
+        {% if item.restart_policy is defined %}
+        --restart={{ item.restart_policy }}{% if item.restart_retries is defined %}:{{ item.restart_retries }}{% endif %}{% endif %}
         {% if item.tty is defined %}--tty={{ item.tty }}{% endif %}
         {% if item.network is defined %}--network={{ item.network }}{% endif %}
         {% if item.ip is defined %}--ip={{ item.ip }}{% endif %}
-        {% if item.etc_hosts is defined %}{% for i, k in item.etc_hosts.items() %}{% if i != item.name %}--add-host {{ i }}:{{ k }} {% endif %}{% endfor %}{% endif %}
+        {% if item.etc_hosts is defined %}
+        {% for i, k in item.etc_hosts.items() %}{% if i != item.name %}--add-host {{ i }}:{{ k }} {% endif %}{% endfor %}{% endif %}
         {% if item.hostname is defined %}--hostname={{ item.hostname }}{% elif item.name is defined %}--hostname={{ item.name }}{% endif %}
         {% if item.systemd is defined %}--systemd={{ item.systemd | string | lower }}{% endif %}
         {{ item.extra_opts | default([]) | join(' ') }}

tools/generate-templates.sh

@@ -10,6 +10,12 @@ while IFS='' read -r line; do DRIVER_NAMES+=("$line"); done < <(python "tools/ex
 cd test/roles
 for DRIVER_NAME in "${DRIVER_NAMES[@]}"; do
   molecule init role roles."${DRIVER_NAME}"plugin --driver-name="${DRIVER_NAME}"
+  sed \
+	-e 's!author:.*!author: molecule-plugins!g' \
+	-e 's!company:.*!company: ansible-community!g' \
+	-e 's!min_ansible_version:.*!min_ansible_version: "2.1"!g' \
+	-e 's!license:.*!license: MIT!g' \
+	-i "${DRIVER_NAME}"plugin/meta/main.yml
   # Not sure if the issue is in molecule or ansible-lint or pre-commit ansible-lint hook
   # As a workaround, kill the offending files.
   rm -rf "${DRIVER_NAME}"plugin/tests