Fixed review foundings

Signed-off-by: Radovan Sroka <rsroka@redhat.com>
linux-system-roles · Oct 26, 2023 · 953d1b0 · 953d1b0
1 parent 1ee6d33
commit 953d1b0
Show file tree

Hide file tree

Showing 21 changed files with 20 additions and 51 deletions.
diff --git a/.ansible-lint b/.ansible-lint
@@ -19,4 +19,4 @@ exclude_paths:
   - .github/
   - examples/roles/
 mock_roles:
-  - linux-system-roles.template
+  - linux-system-roles.fapolicyd
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -1,3 +1,3 @@
 # https://help.github.com/en/articles/about-code-owners
 # Default reviewers for everything
-* @spetrosi @nhosoi @richm
+* @spetrosi @richm
diff --git a/examples/inventory b/examples/inventory
diff --git a/examples/simple.yml b/examples/simple.yml
@@ -1,6 +1,6 @@
 # SPDX-License-Identifier: MIT
 ---
-- name: Example template role invocation
+- name: Example fapolicyd role invocation
   hosts: all
   vars:
     fapolicyd_setup_enable_service: true
@@ -11,4 +11,4 @@
       - /etc/fapolicyd/fapolicyd.conf
       - /etc/krb5.conf
   roles:
-    - fapolicyd
+    - linux-system-roles.fapolicyd
diff --git a/handlers/main.yml b/handlers/main.yml
@@ -1,7 +1,7 @@
 # SPDX-License-Identifier: MIT
 ---
-- name: Handler for template to restart services
+- name: Handler for fapolicyd to restart services
   service:
     name: "{{ item }}"
     state: restarted
-  loop: "{{ __template_services }}"
+  loop: "{{ __fapolicyd_services }}"
diff --git a/tasks/enable.yml b/tasks/enable.yml
@@ -4,7 +4,7 @@
     msg: Fapolicyd does not support trust setting fapolicyd_setup_trust
   ignore_errors: true
   when:
-    - fapolicyd_setup_trust
+    - fapolicyd_setup_trust | lenght > 0
     - ansible_facts.distribution_version is version("8.2", "<=")
   register: __failed_check_trust
 
@@ -13,7 +13,7 @@
     msg: Fapolicyd does not support integrity setting fapolicyd_setup_integrity
   ignore_errors: true
   when:
-    - fapolicyd_setup_integrity
+    - fapolicyd_setup_integrity | length > 0
     - ansible_facts.distribution_version is version("8.3", "<=")
   register: __failed_check_integrity
 
@@ -22,16 +22,16 @@
     msg: Fapolicyd does not support trust files setting fapolicyd_add_trusted_file
   ignore_errors: true
   when:
-    - fapolicyd_add_trusted_file
+    - fapolicyd_add_trusted_file | length > 0
     - ansible_facts.distribution_version is version("8.3", "<=")
   register: __failed_check_trusted_file
 
 - name: Check failed conditions
   fail:
     msg: Multiple failed conditions
   #failed_when: true
-  when: __failed_check_trust is failed or __failed_check_integrity is failed  or __failed_check_trusted_file is failed
-
+  when: __failed_check_trust is failed or __failed_check_integrity is failed  or
+  __failed_check_trusted_file is failed
 
 - name: Install fapolicyd packages
   package:

diff --git a/templates/fapolicyd.conf.j2 b/templates/fapolicyd.conf.j2
@@ -1,3 +1,5 @@
+{ ansible_managed | comment }}
+{{ "system_role:fapolicyd" | comment(prefix="", postfix="") }}
 #
 # This file controls the configuration of the file access policy daemon.
 # See the fapolicyd.conf man page for explanation.

diff --git a/...oles/linux-system-roles.template/defaults → ...les/linux-system-roles.fapolicyd/defaults b/...oles/linux-system-roles.template/defaults → ...les/linux-system-roles.fapolicyd/defaults
diff --git a/...oles/linux-system-roles.template/handlers → ...les/linux-system-roles.fapolicyd/handlers b/...oles/linux-system-roles.template/handlers → ...les/linux-system-roles.fapolicyd/handlers
diff --git a/tests/roles/linux-system-roles.template/meta → ...s/roles/linux-system-roles.fapolicyd/meta b/tests/roles/linux-system-roles.template/meta → ...s/roles/linux-system-roles.fapolicyd/meta
diff --git a/...s/roles/linux-system-roles.template/tasks → .../roles/linux-system-roles.fapolicyd/tasks b/...s/roles/linux-system-roles.template/tasks → .../roles/linux-system-roles.fapolicyd/tasks
diff --git a/...les/linux-system-roles.template/templates → ...es/linux-system-roles.fapolicyd/templates b/...les/linux-system-roles.template/templates → ...es/linux-system-roles.fapolicyd/templates
diff --git a/tests/roles/linux-system-roles.template/vars → ...s/roles/linux-system-roles.fapolicyd/vars b/tests/roles/linux-system-roles.template/vars → ...s/roles/linux-system-roles.fapolicyd/vars
diff --git a/tests/setup-snapshot.yml b/tests/setup-snapshot.yml
@@ -4,11 +4,11 @@
   tasks:
     - name: Set platform/version specific variables
       include_role:
-        name: linux-system-roles.template
+        name: linux-system-roles.fapolicyd
         tasks_from: set_vars.yml
         public: true
 
     - name: Install test packages
       package:
-        name: "{{ __template_packages }}"
+        name: "{{ __fapolicyd_packages }}"
         state: present
diff --git a/tests/tests_default.yml b/tests/tests_default.yml
@@ -4,10 +4,10 @@
   hosts: all
   gather_facts: false  # test that role works in this case
   roles:
-    - linux-system-roles.template
+    - linux-system-roles.fapolicyd
   tasks:
     - name: Check header for ansible_managed, fingerprint
       include_tasks: tasks/check_header.yml
       vars:
-        __file: /etc/foo.conf
+        __file: "{{ __fapolicyd_dir }}/{{ __fapolicyd_conf }}"
         __fingerprint: system_role:template
diff --git a/vars/CentOS_8.yml b/vars/CentOS_8.yml
diff --git a/vars/CentOS_9.yml b/vars/CentOS_9.yml
diff --git a/vars/Fedora.yml b/vars/Fedora.yml
diff --git a/vars/RedHat_8.yml b/vars/RedHat_8.yml
diff --git a/vars/RedHat_9.yml b/vars/RedHat_9.yml
diff --git a/vars/main.yml b/vars/main.yml
@@ -10,6 +10,9 @@ __fapolicyd_services: fapolicyd.service
 __fapolicyd_dir: /etc/fapolicyd
 __fapolicyd_conf: fapolicyd.conf
 
+__fapolicyd_packages: [fapolicyd]
+__fapolicyd_selinux_packages: [fapolicyd-selinux]
+
 # ansible_facts required by the role
 __template_required_facts:
   - distribution