Work on issues found by pylint (#896)

* Look at possibly-used-before-assignment. * Use latest beta releases of ansible-core 2.19 for mypy and pylint. * Look at unsupported-*. * Look at unknown-option-value. * Look at redefined-builtin. * Look at superfluous-parens. * Look at unspecified-encoding. * Adjust to new cryptography version and to ansible-core 2.17's pylint. * Look at super-with-arguments. * Look at no-else-*. * Look at try-except-raise. * Look at inconsistent-return-statements. * Look at redefined-outer-name. * Look at redefined-argument-from-local. * Look at attribute-defined-outside-init. * Look at unused-variable. * Look at protected-access. * Look at raise-missing-from. * Look at arguments-differ. * Look at useless-suppression and use-symbolic-message-instead. * Look at consider-using-dict-items. * Look at consider-using-in. * Look at consider-using-set-comprehension. * Look at consider-using-with. * Look at use-dict-literal.
2026-05-07 13:53:06 +00:00 · 2025-05-18 00:57:28 +02:00
parent a3a5284f97
commit 318462fa24
96 changed files with 1748 additions and 1598 deletions
--- a/plugins/module_utils/_acme/backend_cryptography.py
+++ b/plugins/module_utils/_acme/backend_cryptography.py
@@ -211,9 +211,7 @@ class CryptographyChainMatcher(ChainMatcher):

 class CryptographyBackend(CryptoBackend):
    def __init__(self, *, module: AnsibleModule) -> None:
-        super(CryptographyBackend, self).__init__(
-            module=module, with_timezone=CRYPTOGRAPHY_TIMEZONE
-        )
+        super().__init__(module=module, with_timezone=CRYPTOGRAPHY_TIMEZONE)

    def parse_key(
        self,
@@ -242,7 +240,7 @@ class CryptographyBackend(CryptoBackend):
                password=to_bytes(passphrase) if passphrase is not None else None,
            )
        except Exception as e:
-            raise KeyParsingError(f"error while loading key: {e}")
+            raise KeyParsingError(f"error while loading key: {e}") from e
        if isinstance(key, cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey):
            rsa_pk = key.public_key().public_numbers()
            return {
@@ -256,7 +254,7 @@ class CryptographyBackend(CryptoBackend):
                },
                "hash": "sha256",
            }
-        elif isinstance(
+        if isinstance(
            key, cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePrivateKey
        ):
            ec_pk = key.public_key().public_numbers()
@@ -296,8 +294,7 @@ class CryptographyBackend(CryptoBackend):
                "hash": hashalg,
                "point_size": point_size,
            }
-        else:
-            raise KeyParsingError(f'unknown key type "{type(key)}"')
+        raise KeyParsingError(f'unknown key type "{type(key)}"')

    def sign(
        self, *, payload64: str, protected64: str, key_data: dict[str, t.Any]
@@ -332,6 +329,8 @@ class CryptographyBackend(CryptoBackend):
            rr = convert_int_to_hex(r, digits=2 * key_data["point_size"])
            ss = convert_int_to_hex(s, digits=2 * key_data["point_size"])
            signature = binascii.unhexlify(rr) + binascii.unhexlify(ss)
+        else:
+            raise AssertionError("Can never be reached")  # pragma: no cover

        return {
            "protected": protected64,
@@ -472,8 +471,10 @@ class CryptographyBackend(CryptoBackend):
            cert = cryptography.x509.load_pem_x509_certificate(b_cert_content)
        except Exception as e:
            if cert_filename is None:
-                raise BackendException(f"Cannot parse certificate: {e}")
-            raise BackendException(f"Cannot parse certificate {cert_filename}: {e}")
+                raise BackendException(f"Cannot parse certificate: {e}") from e
+            raise BackendException(
+                f"Cannot parse certificate {cert_filename}: {e}"
+            ) from e

        if now is None:
            now = self.get_now()
@@ -508,8 +509,10 @@ class CryptographyBackend(CryptoBackend):
            cert = cryptography.x509.load_pem_x509_certificate(b_cert_content)
        except Exception as e:
            if cert_filename is None:
-                raise BackendException(f"Cannot parse certificate: {e}")
-            raise BackendException(f"Cannot parse certificate {cert_filename}: {e}")
+                raise BackendException(f"Cannot parse certificate: {e}") from e
+            raise BackendException(
+                f"Cannot parse certificate {cert_filename}: {e}"
+            ) from e

        ski = None
        try: