Fix linting errors.

2026-03-26 21:33:25 +00:00 · 2025-04-26 09:01:44 +02:00
parent 51a4f76f26
commit 33ef158b09
132 changed files with 2305 additions and 2214 deletions
--- a/.github/workflows/ansible-test.yml
+++ b/.github/workflows/ansible-test.yml
@@ -7,7 +7,7 @@
 # https://github.com/marketplace/actions/ansible-test

 name: EOL CI
-on:
+'on':
  # Run EOL CI against all pushes (direct commits, also merged PRs), Pull Requests
  push:
    branches:
--- a/.github/workflows/docs-pr.yml
+++ b/.github/workflows/docs-pr.yml
@@ -7,7 +7,7 @@ name: Collection Docs
 concurrency:
  group: docs-pr-${{ github.head_ref }}
  cancel-in-progress: true
-on:
+'on':
  pull_request_target:
    types: [opened, synchronize, reopened, closed]

--- a/.github/workflows/docs-push.yml
+++ b/.github/workflows/docs-push.yml
@@ -7,7 +7,7 @@ name: Collection Docs
 concurrency:
  group: docs-push-${{ github.sha }}
  cancel-in-progress: true
-on:
+'on':
  push:
    branches:
      - main
--- a/.github/workflows/ee.yml
+++ b/.github/workflows/ee.yml
@@ -4,7 +4,7 @@
 # SPDX-License-Identifier: GPL-3.0-or-later

 name: execution environment
-on:
+'on':
  # Run CI against all pushes (direct commits, also merged PRs), Pull Requests
  push:
    branches:
--- a/antsibull-nox.toml
+++ b/antsibull-nox.toml
@@ -42,3 +42,5 @@ doc_fragment = "community.crypto.attributes.actiongroup_acme"

 [sessions.build_import_check]
 run_galaxy_importer = true
+
+# [sessions.ansible_lint]
--- a/galaxy.yml
+++ b/galaxy.yml
@@ -16,7 +16,7 @@ license:
  - BSD-2-Clause
  - BSD-3-Clause
  - PSF-2.0
-#license_file: COPYING
+# license_file: COPYING
 tags:
  - acme
  - certificate
--- a/plugins/filter/gpg_fingerprint.py
+++ b/plugins/filter/gpg_fingerprint.py
@@ -27,6 +27,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Show fingerprint of GPG public key
  ansible.builtin.debug:
    msg: "{{ lookup('file', '/path/to/public_key.gpg') | community.crypto.gpg_fingerprint }}"
--- a/plugins/filter/openssl_csr_info.py
+++ b/plugins/filter/openssl_csr_info.py
@@ -31,6 +31,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Show the Subject Alt Names of the CSR
  ansible.builtin.debug:
    msg: >-
--- a/plugins/filter/openssl_privatekey_info.py
+++ b/plugins/filter/openssl_privatekey_info.py
@@ -40,6 +40,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Show the Subject Alt Names of the CSR
  ansible.builtin.debug:
    msg: >-
--- a/plugins/filter/openssl_publickey_info.py
+++ b/plugins/filter/openssl_publickey_info.py
@@ -27,6 +27,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Show the type of a public key
  ansible.builtin.debug:
    msg: >-
--- a/plugins/filter/parse_serial.py
+++ b/plugins/filter/parse_serial.py
@@ -27,6 +27,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Parse serial number
  ansible.builtin.debug:
    msg: "{{ '11:22:33' | community.crypto.parse_serial }}"
--- a/plugins/filter/split_pem.py
+++ b/plugins/filter/split_pem.py
@@ -24,6 +24,7 @@ options:
 """

 EXAMPLES = r"""
+---
 - name: Print all CA certificates
  ansible.builtin.debug:
    msg: '{{ item }}'
--- a/plugins/filter/to_serial.py
+++ b/plugins/filter/to_serial.py
@@ -25,6 +25,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Convert integer to serial number
  ansible.builtin.debug:
    msg: "{{ 1234567 | community.crypto.to_serial }}"
--- a/plugins/filter/x509_certificate_info.py
+++ b/plugins/filter/x509_certificate_info.py
@@ -31,6 +31,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Show the Subject Alt Names of the certificate
  ansible.builtin.debug:
    msg: >-
--- a/plugins/filter/x509_crl_info.py
+++ b/plugins/filter/x509_crl_info.py
@@ -39,6 +39,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Show the Organization Name of the CRL's subject
  ansible.builtin.debug:
    msg: >-
--- a/plugins/lookup/gpg_fingerprint.py
+++ b/plugins/lookup/gpg_fingerprint.py
@@ -28,6 +28,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Show fingerprint of GPG public key
  ansible.builtin.debug:
    msg: "{{ lookup('community.crypto.gpg_fingerprint', '/path/to/public_key.gpg') }}"
--- a/plugins/modules/acme_account.py
+++ b/plugins/modules/acme_account.py
@@ -130,6 +130,7 @@ options:
 """

 EXAMPLES = r"""
+---
 - name: Make sure account exists and has given contacts. We agree to TOS.
  community.crypto.acme_account:
    account_key_src: /etc/pki/cert/private/account.key
--- a/plugins/modules/acme_account_info.py
+++ b/plugins/modules/acme_account_info.py
@@ -47,6 +47,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Check whether an account with the given account key exists
  community.crypto.acme_account_info:
    account_key_src: /etc/pki/cert/private/account.key
--- a/plugins/modules/acme_ari_info.py
+++ b/plugins/modules/acme_ari_info.py
@@ -44,6 +44,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Retrieve renewal information for a certificate
  community.crypto.acme_ari_info:
    certificate_path: /etc/httpd/ssl/sample.com.crt
--- a/plugins/modules/acme_certificate.py
+++ b/plugins/modules/acme_certificate.py
@@ -302,6 +302,7 @@ options:
 """

 EXAMPLES = r"""
+---
 ### Example with HTTP challenge ###

 - name: Create a challenge for sample.com using a account key from a variable.
@@ -356,6 +357,7 @@ EXAMPLES = r"""
    chain_dest: /etc/httpd/ssl/sample.com-intermediate.crt
    data: "{{ sample_com_challenge }}"

+---
 ### Example with DNS challenge against production ACME server ###

 - name: Create a challenge for sample.com using a account key file.
--- a/plugins/modules/acme_certificate_deactivate_authz.py
+++ b/plugins/modules/acme_certificate_deactivate_authz.py
@@ -45,6 +45,7 @@ options:
 """

 EXAMPLES = r"""
+---
 - name: Deactivate all authzs for an order
  community.crypto.acme_certificate_deactivate_authz:
    account_key_content: "{{ account_private_key }}"
--- a/plugins/modules/acme_certificate_order_create.py
+++ b/plugins/modules/acme_certificate_order_create.py
@@ -10,7 +10,6 @@ __metaclass__ = type


 DOCUMENTATION = '''
---
 module: acme_certificate_order_create
 author: Felix Fontein (@felixfontein)
 version_added: 2.24.0
@@ -160,6 +159,7 @@ options:
 '''

 EXAMPLES = r'''
+---
 ### Example with HTTP-01 challenge ###

 - name: Create a challenge for sample.com using a account key from a variable
@@ -207,6 +207,7 @@ EXAMPLES = r'''
    fullchain_dest: /etc/httpd/ssl/sample.com-fullchain.crt
    chain_dest: /etc/httpd/ssl/sample.com-intermediate.crt

+---
 ### Example with DNS challenge against production ACME server ###

 - name: Create a challenge for sample.com using a account key file.
--- a/plugins/modules/acme_certificate_order_finalize.py
+++ b/plugins/modules/acme_certificate_order_finalize.py
@@ -10,7 +10,6 @@ __metaclass__ = type


 DOCUMENTATION = '''
---
 module: acme_certificate_order_finalize
 author: Felix Fontein (@felixfontein)
 version_added: 2.24.0
@@ -172,6 +171,7 @@ options:
 '''

 EXAMPLES = r'''
+---
 ### Example with HTTP-01 challenge ###

 - name: Create a challenge for sample.com using a account key from a variable
@@ -219,6 +219,7 @@ EXAMPLES = r'''
    fullchain_dest: /etc/httpd/ssl/sample.com-fullchain.crt
    chain_dest: /etc/httpd/ssl/sample.com-intermediate.crt

+---
 ### Example with DNS challenge against production ACME server ###

 - name: Create a challenge for sample.com using a account key file.
--- a/plugins/modules/acme_certificate_order_info.py
+++ b/plugins/modules/acme_certificate_order_info.py
@@ -10,7 +10,6 @@ __metaclass__ = type


 DOCUMENTATION = '''
---
 module: acme_certificate_order_info
 author: Felix Fontein (@felixfontein)
 version_added: 2.24.0
@@ -59,6 +58,7 @@ options:
 '''

 EXAMPLES = r'''
+---
 - name: Create a challenge for sample.com using a account key from a variable
  community.crypto.acme_certificate_order_create:
    account_key_content: "{{ account_private_key }}"
--- a/plugins/modules/acme_certificate_order_validate.py
+++ b/plugins/modules/acme_certificate_order_validate.py
@@ -10,7 +10,6 @@ __metaclass__ = type


 DOCUMENTATION = '''
---
 module: acme_certificate_order_validate
 author: Felix Fontein (@felixfontein)
 version_added: 2.24.0
@@ -97,6 +96,7 @@ options:
 '''

 EXAMPLES = r'''
+---
 ### Example with HTTP-01 challenge ###

 - name: Create a challenge for sample.com using a account key from a variable
@@ -144,6 +144,7 @@ EXAMPLES = r'''
    fullchain_dest: /etc/httpd/ssl/sample.com-fullchain.crt
    chain_dest: /etc/httpd/ssl/sample.com-intermediate.crt

+---
 ### Example with DNS challenge against production ACME server ###

 - name: Create a challenge for sample.com using a account key file.
--- a/plugins/modules/acme_certificate_renewal_info.py
+++ b/plugins/modules/acme_certificate_renewal_info.py
@@ -97,6 +97,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Retrieve renewal information for a certificate
  community.crypto.acme_certificate_renewal_info:
    certificate_path: /etc/httpd/ssl/sample.com.crt
--- a/plugins/modules/acme_certificate_revoke.py
+++ b/plugins/modules/acme_certificate_revoke.py
@@ -99,6 +99,7 @@ options:
 """

 EXAMPLES = r"""
+---
 - name: Revoke certificate with account key
  community.crypto.acme_certificate_revoke:
    account_key_src: /etc/pki/cert/private/account.key
--- a/plugins/modules/acme_challenge_cert_helper.py
+++ b/plugins/modules/acme_challenge_cert_helper.py
@@ -74,6 +74,7 @@ options:
 """

 EXAMPLES = r"""
+---
 - name: Create challenges for a given CRT for sample.com
  community.crypto.acme_certificate:
    account_key_src: /etc/pki/cert/private/account.key
--- a/plugins/modules/acme_inspect.py
+++ b/plugins/modules/acme_inspect.py
@@ -77,6 +77,7 @@ options:
 """

 EXAMPLES = r"""
+---
 - name: Get directory
  community.crypto.acme_inspect:
    acme_directory: https://acme-staging-v02.api.letsencrypt.org/directory
@@ -181,24 +182,43 @@ directory:
  description: The ACME directory's content.
  returned: always
  type: dict
-  sample: {"a85k3x9f91A4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
+  sample: {
+    "a85k3x9f91A4": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
    "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
-    "meta": {"caaIdentities": ["letsencrypt.org"], "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
-      "website": "https://letsencrypt.org"},
+    "meta": {
+      "caaIdentities": ["letsencrypt.org"],
+      "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
+      "website": "https://letsencrypt.org",
+    },
    "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
    "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
    "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
-    "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"}
+    "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
+  }
 headers:
  description: The request's HTTP headers (with lowercase keys).
  returned: always
  type: dict
-  sample: {"boulder-requester": "12345", "cache-control": "max-age=0, no-cache, no-store", "connection": "close", "content-length": "904",
-    "content-type": "application/json", "cookies": {}, "cookies_string": "", "date": "Wed, 07 Nov 2018 12:34:56 GMT", "expires": "Wed,
-      07 Nov 2018 12:44:56 GMT", "link": '<https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel="terms-of-service"',
-    "msg": "OK (904 bytes)", "pragma": "no-cache", "replay-nonce": "1234567890abcdefghijklmnopqrstuvwxyzABCDEFGH", "server": "nginx",
-    "status": 200, "strict-transport-security": "max-age=604800", "url": "https://acme-v02.api.letsencrypt.org/acme/acct/46161",
-    "x-frame-options": "DENY"}
+  sample: {
+    "boulder-requester": "12345",
+    "cache-control": "max-age=0, no-cache, no-store",
+    "connection": "close",
+    "content-length": "904",
+    "content-type": "application/json",
+    "cookies": {},
+    "cookies_string": "",
+    "date": "Wed, 07 Nov 2018 12:34:56 GMT",
+    "expires": "Wed, 07 Nov 2018 12:44:56 GMT",
+    "link": '<https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf>;rel="terms-of-service"',
+    "msg": "OK (904 bytes)",
+    "pragma": "no-cache",
+    "replay-nonce": "1234567890abcdefghijklmnopqrstuvwxyzABCDEFGH",
+    "server": "nginx",
+    "status": 200,
+    "strict-transport-security": "max-age=604800",
+    "url": "https://acme-v02.api.letsencrypt.org/acme/acct/46161",
+    "x-frame-options": "DENY",
+  }
 output_text:
  description: The raw text output.
  returned: always
--- a/plugins/modules/certificate_complete_chain.py
+++ b/plugins/modules/certificate_complete_chain.py
@@ -67,6 +67,7 @@ options:


 EXAMPLES = r"""
+---
 # Given a leaf certificate for www.ansible.com and one or more intermediate
 # certificates, finds the associated root certificate.
 - name: Find root certificate
--- a/plugins/modules/crypto_info.py
+++ b/plugins/modules/crypto_info.py
@@ -26,6 +26,7 @@ options: {}
 """

 EXAMPLES = r"""
+---
 - name: Retrieve information
  community.crypto.crypto_info:
    account_key_src: /etc/pki/cert/private/account.key
--- a/plugins/modules/ecs_certificate.py
+++ b/plugins/modules/ecs_certificate.py
@@ -140,8 +140,21 @@ options:
      - If a certificate is being reissued or renewed, this parameter is ignored, and the O(cert_type) of the initial certificate
        is used.
    type: str
-    choices: ['STANDARD_SSL', 'ADVANTAGE_SSL', 'UC_SSL', 'EV_SSL', 'WILDCARD_SSL', 'PRIVATE_SSL', 'PD_SSL', 'CODE_SIGNING',
-      'EV_CODE_SIGNING', 'CDS_INDIVIDUAL', 'CDS_GROUP', 'CDS_ENT_LITE', 'CDS_ENT_PRO', 'SMIME_ENT']
+    choices:
+      - STANDARD_SSL
+      - ADVANTAGE_SSL
+      - UC_SSL
+      - EV_SSL
+      - WILDCARD_SSL
+      - PRIVATE_SSL
+      - PD_SSL
+      - CODE_SIGNING
+      - EV_CODE_SIGNING
+      - CDS_INDIVIDUAL
+      - CDS_GROUP
+      - CDS_ENT_LITE
+      - CDS_ENT_PRO
+      - SMIME_ENT
  subject_alt_name:
    description:
      - The subject alternative name identifiers, as an array of values (applies to O(cert_type) with a value of V(STANDARD_SSL),
@@ -377,6 +390,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Request a new certificate from Entrust with bare minimum parameters. Will request a new certificate if current one
    is valid but within 30 days of expiry. If replacing an existing file in path, will back it up.
  community.crypto.ecs_certificate:
--- a/plugins/modules/ecs_domain.py
+++ b/plugins/modules/ecs_domain.py
@@ -100,6 +100,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Request domain validation using email validation for client ID of 2.
  community.crypto.ecs_domain:
    domain_name: ansible.com
--- a/plugins/modules/get_certificate.py
+++ b/plugins/modules/get_certificate.py
@@ -220,6 +220,7 @@ unverified_chain:
 """

 EXAMPLES = r"""
+---
 - name: Get the cert from an RDP port
  community.crypto.get_certificate:
    host: "1.2.3.4"
--- a/plugins/modules/luks_device.py
+++ b/plugins/modules/luks_device.py
@@ -290,6 +290,7 @@ author: Jan Pokorny (@japokorn)
 """

 EXAMPLES = r"""
+---
 - name: Create LUKS container (remains unchanged if it already exists)
  community.crypto.luks_device:
    device: "/dev/loop0"
--- a/plugins/modules/openssh_cert.py
+++ b/plugins/modules/openssh_cert.py
@@ -201,6 +201,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate an OpenSSH user certificate that is valid forever and for all users
  community.crypto.openssh_cert:
    type: user
--- a/plugins/modules/openssh_keypair.py
+++ b/plugins/modules/openssh_keypair.py
@@ -142,6 +142,7 @@ notes:
 """

 EXAMPLES = r"""
+---
 - name: Generate an OpenSSH keypair with the default values (4096 bits, rsa)
  community.crypto.openssh_keypair:
    path: /tmp/id_ssh_rsa
--- a/plugins/modules/openssl_csr.py
+++ b/plugins/modules/openssl_csr.py
@@ -72,6 +72,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate an OpenSSL Certificate Signing Request
  community.crypto.openssl_csr:
    path: /etc/ssl/csr/www.ansible.com.csr
--- a/plugins/modules/openssl_csr_info.py
+++ b/plugins/modules/openssl_csr_info.py
@@ -59,6 +59,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate an OpenSSL Certificate Signing Request
  community.crypto.openssl_csr:
    path: /etc/ssl/csr/www.ansible.com.csr
--- a/plugins/modules/openssl_csr_pipe.py
+++ b/plugins/modules/openssl_csr_pipe.py
@@ -49,6 +49,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate an OpenSSL Certificate Signing Request
  community.crypto.openssl_csr_pipe:
    privatekey_path: /etc/ssl/private/ansible.com.pem
--- a/plugins/modules/openssl_dhparam.py
+++ b/plugins/modules/openssl_dhparam.py
@@ -92,6 +92,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate Diffie-Hellman parameters with the default size (4096 bits)
  community.crypto.openssl_dhparam:
    path: /etc/ssl/dhparams.pem
--- a/plugins/modules/openssl_pkcs12.py
+++ b/plugins/modules/openssl_pkcs12.py
@@ -187,6 +187,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate PKCS#12 file
  community.crypto.openssl_pkcs12:
    action: export
--- a/plugins/modules/openssl_privatekey.py
+++ b/plugins/modules/openssl_privatekey.py
@@ -77,6 +77,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate an OpenSSL private key with the default values (4096 bits, RSA)
  community.crypto.openssl_privatekey:
    path: /etc/ssl/private/ansible.com.pem
--- a/plugins/modules/openssl_privatekey_convert.py
+++ b/plugins/modules/openssl_privatekey_convert.py
@@ -45,6 +45,7 @@ seealso: []
 """

 EXAMPLES = r"""
+---
 - name: Convert private key to PKCS8 format with passphrase
  community.crypto.openssl_privatekey_convert:
    src_path: /etc/ssl/private/ansible.com.pem
--- a/plugins/modules/openssl_privatekey_info.py
+++ b/plugins/modules/openssl_privatekey_info.py
@@ -81,6 +81,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate an OpenSSL private key with the default values (4096 bits, RSA)
  community.crypto.openssl_privatekey:
    path: /etc/ssl/private/ansible.com.pem
--- a/plugins/modules/openssl_privatekey_pipe.py
+++ b/plugins/modules/openssl_privatekey_pipe.py
@@ -86,6 +86,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate an OpenSSL private key with the default values (4096 bits, RSA)
  community.crypto.openssl_privatekey_pipe:
  register: output
--- a/plugins/modules/openssl_publickey.py
+++ b/plugins/modules/openssl_publickey.py
@@ -110,6 +110,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate an OpenSSL public key in PEM format
  community.crypto.openssl_publickey:
    path: /etc/ssl/public/ansible.com.pem
--- a/plugins/modules/openssl_publickey_info.py
+++ b/plugins/modules/openssl_publickey_info.py
@@ -53,6 +53,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate an OpenSSL private key with the default values (4096 bits, RSA)
  community.crypto.openssl_privatekey:
    path: /etc/ssl/private/ansible.com.pem
--- a/plugins/modules/openssl_signature.py
+++ b/plugins/modules/openssl_signature.py
@@ -75,6 +75,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Sign example file
  community.crypto.openssl_signature:
    privatekey_path: private.key
--- a/plugins/modules/openssl_signature_info.py
+++ b/plugins/modules/openssl_signature_info.py
@@ -64,6 +64,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Sign example file
  community.crypto.openssl_signature:
    privatekey_path: private.key
--- a/plugins/modules/x509_certificate.py
+++ b/plugins/modules/x509_certificate.py
@@ -95,6 +95,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate a Self Signed OpenSSL certificate
  community.crypto.x509_certificate:
    path: /etc/ssl/crt/ansible.com.crt
--- a/plugins/modules/x509_certificate_convert.py
+++ b/plugins/modules/x509_certificate_convert.py
@@ -93,6 +93,7 @@ requirements:
 """

 EXAMPLES = r"""
+---
 - name: Convert PEM X.509 certificate to DER format
  community.crypto.x509_certificate_convert:
    src_path: /etc/ssl/cert/ansible.com.pem
--- a/plugins/modules/x509_certificate_info.py
+++ b/plugins/modules/x509_certificate_info.py
@@ -79,6 +79,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate a Self Signed OpenSSL certificate
  community.crypto.x509_certificate:
    path: /etc/ssl/crt/ansible.com.crt
--- a/plugins/modules/x509_certificate_pipe.py
+++ b/plugins/modules/x509_certificate_pipe.py
@@ -55,6 +55,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate a Self Signed OpenSSL certificate
  community.crypto.x509_certificate_pipe:
    provider: selfsigned
--- a/plugins/modules/x509_crl.py
+++ b/plugins/modules/x509_crl.py
@@ -292,6 +292,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Generate a CRL
  community.crypto.x509_crl:
    path: /etc/ssl/my-ca.crl
--- a/plugins/modules/x509_crl_info.py
+++ b/plugins/modules/x509_crl_info.py
@@ -57,6 +57,7 @@ seealso:
 """

 EXAMPLES = r"""
+---
 - name: Get information on CRL
  community.crypto.x509_crl_info:
    path: /etc/ssl/my-ca.crl
--- a/tests/integration/requirements.yml
+++ b/tests/integration/requirements.yml
@@ -4,5 +4,5 @@
 # SPDX-License-Identifier: GPL-3.0-or-later

 collections:
- community.general
- community.internal_test_tools
+  - community.general
+  - community.internal_test_tools
--- a/tests/integration/targets/acme_certificate/tasks/impl.yml
+++ b/tests/integration/targets/acme_certificate/tasks/impl.yml
@@ -25,6 +25,7 @@
      - name: account-rsa
        type: RSA
        size: "{{ default_rsa_key_size }}"
+
 ## SET UP ACCOUNTS ############################################################################
 - name: Make sure ECC256 account hasn't been created yet
  acme_account:
@@ -62,6 +63,7 @@
    allow_creation: true
    terms_agreed: true
    contact: []
+
 ## OBTAIN CERTIFICATES ########################################################################
 - name: Obtain cert 1
  include_tasks: obtain-cert.yml
@@ -363,6 +365,7 @@
        cert_8_obtain_results: "{{ certificate_obtain_result }}"
        cert_8_alternate: "{{ 0 if select_crypto_backend == 'cryptography' else 0 }}"
  when: cryptography_version.stdout is version('1.3', '>=')
+
 ## DISSECT CERTIFICATES #######################################################################
 # Make sure certificates are valid. Root certificate for Pebble equals the chain certificate.
 - name: Verifying cert 1
@@ -400,6 +403,7 @@
  ignore_errors: true
  register: cert_8_valid
  when: cryptography_version.stdout is version('1.3', '>=')
+
 # Dump certificate info
 - name: Dumping cert 1
  command: '{{ openssl_binary }} x509 -in "{{ remote_tmp_dir }}/cert-1.pem" -noout -text'
@@ -428,6 +432,7 @@
  command: '{{ openssl_binary }} x509 -in "{{ remote_tmp_dir }}/cert-8.pem" -noout -text'
  register: cert_8_text
  when: cryptography_version.stdout is version('1.3', '>=')
+
 # Dump certificate info
 - name: Dumping cert 1
  x509_certificate_info:
@@ -464,6 +469,7 @@
    path: "{{ remote_tmp_dir }}/cert-8.pem"
  register: cert_8_info
  when: cryptography_version.stdout is version('1.3', '>=')
+
 ## GET ACCOUNT ORDERS #########################################################################
 - name: Don't retrieve orders
  acme_account_info:
--- a/tests/integration/targets/acme_certificate/tasks/main.yml
+++ b/tests/integration/targets/acme_certificate/tasks/main.yml
@@ -70,14 +70,14 @@
      - subject_key_identifier
      - issuer
      - subject
-      #- serial_number
-      #- public_key_fingerprints
+      # - serial_number
+      # - public_key_fingerprints

 - name: ACME root certificate info
  debug:
    var: acme_roots

-#- name: ACME root certificates as PEM
+# - name: ACME root certificates as PEM
 #   debug:
 #     var: acme_root_certs

@@ -85,7 +85,7 @@
  debug:
    var: acme_intermediates

-#- name: ACME intermediate certificates as PEM
+# - name: ACME intermediate certificates as PEM
 #   debug:
 #     var: acme_intermediate_certs

--- a/tests/integration/targets/acme_certificate_renewal_info/tasks/impl.yml
+++ b/tests/integration/targets/acme_certificate_renewal_info/tasks/impl.yml
@@ -19,6 +19,7 @@
      - name: account-ec256
        type: ECC
        curve: secp256r1
+
 ## CREATE ACCOUNTS AND OBTAIN CERTIFICATES ####################################################
 - name: Obtain cert 1
  include_tasks: obtain-cert.yml
@@ -37,6 +38,7 @@
    remaining_days: "{{ omit }}"
    terms_agreed: true
    account_email: "example@example.org"
+
 ## OBTAIN CERTIFICATE INFOS ###################################################################
 - name: Dump OpenSSL x509 info
  command:
--- a/tests/integration/targets/acme_certificate_revoke/tasks/impl.yml
+++ b/tests/integration/targets/acme_certificate_revoke/tasks/impl.yml
@@ -25,6 +25,7 @@
      - name: account-rsa
        type: RSA
        size: "{{ default_rsa_key_size }}"
+
 ## CREATE ACCOUNTS AND OBTAIN CERTIFICATES ####################################################
 - name: Read account key (EC256)
  slurp:
@@ -80,6 +81,7 @@
    remaining_days: 10
    terms_agreed: true
    account_email: "example@example.org"
+
 ## REVOKE CERTIFICATES ########################################################################
 - name: Revoke certificate 1 via account key
  acme_certificate_revoke:
--- a/tests/integration/targets/ecs_certificate/tasks/main.yml
+++ b/tests/integration/targets/ecs_certificate/tasks/main.yml
@@ -9,8 +9,7 @@
 ####################################################################

 ## Verify that integration_config was specified
- block:
-  - assert:
+- assert:
    that:
      - entrust_api_user is defined
      - entrust_api_key is defined
--- a/tests/integration/targets/ecs_domain/tasks/main.yml
+++ b/tests/integration/targets/ecs_domain/tasks/main.yml
@@ -9,8 +9,7 @@
 ####################################################################

 ## Verify that integration_config was specified
- block:
-  - assert:
+- assert:
    that:
      - entrust_api_user is defined
      - entrust_api_key is defined
@@ -271,7 +270,6 @@
          - file_existing_domain_revalidate.file_contents is string
          - file_existing_domain_revalidate.emails is undefined

-
  always:
    - name: clean-up temporary folder
      file:
--- a/tests/integration/targets/filter_split_pem/tasks/main.yml
+++ b/tests/integration/targets/filter_split_pem/tasks/main.yml
@@ -33,10 +33,7 @@
      Baz
      Bam
      -----END PRIVATE KEY-----
-    pem_3: |
-      -----BEGIN 
-      foo
-      -----END 
+    pem_3: "-----BEGIN \nfoo\n-----END \n"
    crap_1: |
      # Comment
    crap_2: |
--- a/tests/integration/targets/filter_x509_certificate_info/tasks/impl.yml
+++ b/tests/integration/targets/filter_x509_certificate_info/tasks/impl.yml
@@ -137,7 +137,9 @@
      - result.extensions_by_oid | length == 9
      # Precert Signed Certificate Timestamps
      - result.extensions_by_oid['1.3.6.1.4.1.11129.2.4.2'].critical == false
-      - result.extensions_by_oid['1.3.6.1.4.1.11129.2.4.2'].value == 'BIHvAO0AdADd3Mo0ldfhFgXnlTL6x5/4PRxQ39sAOhQSdgosrLvIKgAAAZYL7QgtAAAEAwBFMEMCIAXku/W4fMbkoOkHguRt8RfxVy6dgwpi9A8IDTRkOn1XAh9g9RjiBvMJdM/+UQS+WNXaxOqA5JzUfvCFjbYLbEZ5AHUADeHyMCvTDcFAYhIJ6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGWC+0H2AAABAMARjBEAiB26F5G8YPuZ11gAfEXqAFpVk01VcbOsS6w3dn2CJf6zgIgeEWCpg9tsQ8dB7/hU1zOmkZom62VDXvk8Cs+yscbQq4='
+      - >-
+        result.extensions_by_oid['1.3.6.1.4.1.11129.2.4.2'].value ==
+        'BIHvAO0AdADd3Mo0ldfhFgXnlTL6x5/4PRxQ39sAOhQSdgosrLvIKgAAAZYL7QgtAAAEAwBFMEMCIAXku/W4fMbkoOkHguRt8RfxVy6dgwpi9A8IDTRkOn1XAh9g9RjiBvMJdM/+UQS+WNXaxOqA5JzUfvCFjbYLbEZ5AHUADeHyMCvTDcFAYhIJ6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGWC+0H2AAABAMARjBEAiB26F5G8YPuZ11gAfEXqAFpVk01VcbOsS6w3dn2CJf6zgIgeEWCpg9tsQ8dB7/hU1zOmkZom62VDXvk8Cs+yscbQq4='
      # Authority Information Access
      - result.extensions_by_oid['1.3.6.1.5.5.7.1.1'].critical == false
      - result.extensions_by_oid['1.3.6.1.5.5.7.1.1'].value == 'MGgwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLmZvb2JhcmJhei5leGFtcGxlLmNvbTA3BggrBgEFBQcwAoYraHR0cDovL2NlcnQuZm9vYmFyYmF6LmV4YW1wbGUuY29tL2ludGVyLnBlbQ=='
--- a/tests/integration/targets/openssh_keypair/tests/regenerate.yml
+++ b/tests/integration/targets/openssh_keypair/tests/regenerate.yml
@@ -41,7 +41,7 @@
    mode: '0700'
  with_nested:
    - "{{ regenerate_values }}"
-    - [ '', '.pub' ]
+    - ['', '.pub']

 - name: "({{ backend }}) Regenerate - setup password protected keys for passphrse test"
  command: 'ssh-keygen -f {{ remote_tmp_dir }}/regenerate-d-{{ item }} -N {{ passphrase }}'
@@ -261,7 +261,7 @@
    remote_src: true
  with_nested:
    - "{{ regenerate_values }}"
-    - [ '', '.pub' ]
+    - ['', '.pub']
  when: "item.0 != 'always'"

 - vars:
@@ -315,7 +315,7 @@
        remote_src: true
      with_nested:
        - "{{ regenerate_values }}"
-      - [ '', '.pub' ]
+        - ['', '.pub']
      when: "item.0 != 'always'"

    - name: "({{ backend }}) Regenerate - adjust comment (check mode)"
--- a/tests/integration/targets/openssl_privatekey/tasks/impl.yml
+++ b/tests/integration/targets/openssl_privatekey/tasks/impl.yml
@@ -537,7 +537,6 @@
  when: 'select_crypto_backend == "cryptography" and cryptography_version.stdout is version("2.6", ">=")'


-
 # Test regenerate option

 - name: "({{ select_crypto_backend }}) Regenerate - setup simple keys"
--- a/tests/integration/targets/x509_certificate_info/tasks/impl.yml
+++ b/tests/integration/targets/x509_certificate_info/tasks/impl.yml
@@ -188,7 +188,9 @@
      - result.extensions_by_oid | length == 9
      # Precert Signed Certificate Timestamps
      - result.extensions_by_oid['1.3.6.1.4.1.11129.2.4.2'].critical == false
-      - result.extensions_by_oid['1.3.6.1.4.1.11129.2.4.2'].value == 'BIHvAO0AdADd3Mo0ldfhFgXnlTL6x5/4PRxQ39sAOhQSdgosrLvIKgAAAZYL7QgtAAAEAwBFMEMCIAXku/W4fMbkoOkHguRt8RfxVy6dgwpi9A8IDTRkOn1XAh9g9RjiBvMJdM/+UQS+WNXaxOqA5JzUfvCFjbYLbEZ5AHUADeHyMCvTDcFAYhIJ6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGWC+0H2AAABAMARjBEAiB26F5G8YPuZ11gAfEXqAFpVk01VcbOsS6w3dn2CJf6zgIgeEWCpg9tsQ8dB7/hU1zOmkZom62VDXvk8Cs+yscbQq4='
+      - >-
+        result.extensions_by_oid['1.3.6.1.4.1.11129.2.4.2'].value ==
+        'BIHvAO0AdADd3Mo0ldfhFgXnlTL6x5/4PRxQ39sAOhQSdgosrLvIKgAAAZYL7QgtAAAEAwBFMEMCIAXku/W4fMbkoOkHguRt8RfxVy6dgwpi9A8IDTRkOn1XAh9g9RjiBvMJdM/+UQS+WNXaxOqA5JzUfvCFjbYLbEZ5AHUADeHyMCvTDcFAYhIJ6lUu/Ed0fLHX6TDvDkIetH5OqjQAAAGWC+0H2AAABAMARjBEAiB26F5G8YPuZ11gAfEXqAFpVk01VcbOsS6w3dn2CJf6zgIgeEWCpg9tsQ8dB7/hU1zOmkZom62VDXvk8Cs+yscbQq4='
      # Authority Information Access
      - result.extensions_by_oid['1.3.6.1.5.5.7.1.1'].critical == false
      - result.extensions_by_oid['1.3.6.1.5.5.7.1.1'].value == 'MGgwLQYIKwYBBQUHMAGGIWh0dHA6Ly9vY3NwLmZvb2JhcmJhei5leGFtcGxlLmNvbTA3BggrBgEFBQcwAoYraHR0cDovL2NlcnQuZm9vYmFyYmF6LmV4YW1wbGUuY29tL2ludGVyLnBlbQ=='