Add ansible-lint to CI (#886)

* Enable ansible-lint. * Fix broken task name. * Fix command-instead-of-shell instances. * Clean up tasks to eliminate command-instead-of-module. * Skip yaml errors. * Remove .stdout from versions. * Avoid stdin.
2026-05-08 14:22:56 +00:00 · 2025-05-03 14:42:41 +02:00
parent 12f958c955
commit 8156468898
53 changed files with 186 additions and 133 deletions
--- a/tests/integration/targets/openssl_privatekey/tasks/impl.yml
+++ b/tests/integration/targets/openssl_privatekey/tasks/impl.yml
@@ -158,7 +158,7 @@
    curve: "{{ item.curve }}"
    select_crypto_backend: '{{ select_crypto_backend }}'
  when: |
-    cryptography_version.stdout is version(item.min_cryptography_version, '>=') and
+    cryptography_version is version(item.min_cryptography_version, '>=') and
    item.openssl_name in openssl_ecc_list
  loop: "{{ ecc_types }}"
  loop_control:
@@ -172,7 +172,7 @@
    curve: "{{ item.curve }}"
    select_crypto_backend: '{{ select_crypto_backend }}'
  when: |
-    cryptography_version.stdout is version(item.min_cryptography_version, '>=') and
+    cryptography_version is version(item.min_cryptography_version, '>=') and
    item.openssl_name in openssl_ecc_list
  loop: "{{ ecc_types }}"
  loop_control:
@@ -185,7 +185,7 @@
        path: '{{ remote_tmp_dir }}/privatekey-{{ item.type }}.pem'
        type: "{{ item.type }}"
        select_crypto_backend: '{{ select_crypto_backend }}'
-      when: cryptography_version.stdout is version(item.min_version, '>=')
+      when: cryptography_version is version(item.min_version, '>=')
      loop: "{{ types }}"
      loop_control:
        label: "{{ item.type }}"
@@ -197,7 +197,7 @@
        path: '{{ remote_tmp_dir }}/privatekey-{{ item.type }}.pem'
        type: "{{ item.type }}"
        select_crypto_backend: '{{ select_crypto_backend }}'
-      when: cryptography_version.stdout is version(item.min_version, '>=')
+      when: cryptography_version is version(item.min_version, '>=')
      loop: "{{ types }}"
      loop_control:
        label: "{{ item.type }}"
--- a/tests/integration/targets/openssl_privatekey/tasks/main.yml
+++ b/tests/integration/targets/openssl_privatekey/tasks/main.yml
@@ -50,4 +50,4 @@
      vars:
        select_crypto_backend: cryptography

-  when: cryptography_version.stdout is version('3.3', '>=')
+  when: cryptography_version is version('3.3', '>=')
--- a/tests/integration/targets/openssl_privatekey/tests/validate.yml
+++ b/tests/integration/targets/openssl_privatekey/tests/validate.yml
@@ -75,13 +75,13 @@
  register: privatekey5
  # Current version of OS/X that runs in the CI (10.11) does not have an up to date version of the OpenSSL library
  # leading to this test to fail when run in the CI. However, this test has been run for 10.12 and has returned successfully.
-  when: openssl_version.stdout is version('0.9.8zh', '>=')
+  when: openssl_version is version('0.9.8zh', '>=')

 - name: "({{ select_crypto_backend }}) Validate privatekey5 (assert - Passphrase protected key + idempotence)"
  assert:
    that:
      - privatekey5.stdout == (default_rsa_key_size | string)
-  when: openssl_version.stdout is version('0.9.8zh', '>=')
+  when: openssl_version is version('0.9.8zh', '>=')

 - name: "({{ select_crypto_backend }}) Validate privatekey5 idempotence (assert - Passphrase protected key + idempotence)"
  assert:
@@ -92,19 +92,19 @@
 - name: "({{ select_crypto_backend }}) Validate privatekey6 (test - Passphrase protected key with non ascii character)"
  shell: "{{ openssl_binary }} rsa -noout -text -in {{ remote_tmp_dir }}/privatekey6.pem -passin pass:ànsïblé | grep Private | sed 's/\\(RSA *\\)*Private-Key: (\\(.*\\) bit.*)/\\2/'"
  register: privatekey6
-  when: openssl_version.stdout is version('0.9.8zh', '>=')
+  when: openssl_version is version('0.9.8zh', '>=')

 - name: "({{ select_crypto_backend }}) Validate privatekey6 (assert - Passphrase protected key with non ascii character)"
  assert:
    that:
      - privatekey6.stdout == (default_rsa_key_size | string)
-  when: openssl_version.stdout is version('0.9.8zh', '>=')
+  when: openssl_version is version('0.9.8zh', '>=')

 - name: "({{ select_crypto_backend }}) Validate ECC generation (dump with OpenSSL)"
  shell: "{{ openssl_binary }} ec -in {{ remote_tmp_dir }}/privatekey-{{ item.item.curve }}.pem -noout -text | grep 'ASN1 OID: ' | sed 's/ASN1 OID: \\([^ ]*\\)/\\1/'"
  loop: "{{ privatekey_ecc_generate.results }}"
  register: privatekey_ecc_dump
-  when: openssl_version.stdout is version('0.9.8zh', '>=') and 'skip_reason' not in item
+  when: openssl_version is version('0.9.8zh', '>=') and 'skip_reason' not in item
  loop_control:
    label: "{{ item.item.curve }}"