diff --git a/.github/workflows/stackhpc-pull-request.yml b/.github/workflows/stackhpc-pull-request.yml index aba6bacb7..6e0b5a56d 100644 --- a/.github/workflows/stackhpc-pull-request.yml +++ b/.github/workflows/stackhpc-pull-request.yml @@ -61,6 +61,46 @@ jobs: - name: Run Tox ${{ matrix.environment }} ๐Ÿงช run: tox -e ${{ matrix.environment }} + lint: + runs-on: ubuntu-22.04 + permissions: {} + strategy: + fail-fast: false + matrix: + include: + # NOTE(upgrade): Keep these in sync with Kayobe's supported Ansible and Python versions (see release notes). + - ansible: "2.12" + # ansible-lint 6+ is not supported on Python 3.8. + ansible-lint: "5" + python: "3.8" + - ansible: "2.13" + ansible-lint: "6" + python: "3.10" + name: Ansible ${{ matrix.ansible }} lint with Python ${{ matrix.python }} + if: github.repository == 'stackhpc/stackhpc-kayobe-config' + steps: + - name: GitHub Checkout ๐Ÿ›Ž + uses: actions/checkout@v3 + + - name: Setup Python ${{ matrix.python-version }} ๐Ÿ + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python }} + + - name: Install dependencies ๐Ÿ“ฆ + run: | + python -m pip install --upgrade pip + pip install ansible-core==${{ matrix.ansible }}.* ansible-lint==${{ matrix.ansible-lint }}.* -r requirements.txt + + - name: Install Ansible Galaxy collections and roles + run: | + ansible-galaxy collection install -r etc/kayobe/ansible/requirements.yml + ansible-galaxy role install -r etc/kayobe/ansible/requirements.yml + + - name: Linting code ๐Ÿงช + run: | + ansible-lint -v --force-color etc/kayobe/ansible/ + # A skipped job is treated as success when used as a required status check. # The registered required status checks refer to the name of the job in the # called reusable workflow rather than the jobs in this file. The following diff --git a/etc/kayobe/ansible/deploy-github-runner.yml b/etc/kayobe/ansible/deploy-github-runner.yml index 47c8211a1..ae6693438 100644 --- a/etc/kayobe/ansible/deploy-github-runner.yml +++ b/etc/kayobe/ansible/deploy-github-runner.yml @@ -8,7 +8,7 @@ tasks: - name: Deploy runners ansible.builtin.include_role: - role: monolithprojects.github_actions_runner + name: monolithprojects.github_actions_runner vars: runner_name: "{{ ansible_facts.nodename }}-{{ runner.key }}" runner_dir: "{{ base_runner_dir }}/{{ runner.key }}" diff --git a/etc/kayobe/ansible/wazuh-manager.yml b/etc/kayobe/ansible/wazuh-manager.yml index d4013ebd6..b75ed261a 100644 --- a/etc/kayobe/ansible/wazuh-manager.yml +++ b/etc/kayobe/ansible/wazuh-manager.yml @@ -35,7 +35,7 @@ # Certificates generation - hosts: localhost roles: - - role: "{{ playbook_dir }}/roles/wazuh-ansible/wazuh-ansible/roles/wazuh/wazuh-indexer" + - role: "wazuh-ansible/wazuh-ansible/roles/wazuh/wazuh-indexer" perform_installation: false become: no tags: @@ -45,10 +45,10 @@ become: yes become_user: root roles: - - role: "{{ playbook_dir }}/roles/wazuh-ansible/wazuh-ansible/roles/wazuh/wazuh-indexer" - - role: "{{ playbook_dir }}/roles/wazuh-ansible/wazuh-ansible/roles/wazuh/ansible-wazuh-manager" - - role: "{{ playbook_dir }}/roles/wazuh-ansible/wazuh-ansible/roles/wazuh/ansible-filebeat-oss" - - role: "{{ playbook_dir }}/roles/wazuh-ansible/wazuh-ansible/roles/wazuh/wazuh-dashboard" + - role: "wazuh-ansible/wazuh-ansible/roles/wazuh/wazuh-indexer" + - role: "wazuh-ansible/wazuh-ansible/roles/wazuh/ansible-wazuh-manager" + - role: "wazuh-ansible/wazuh-ansible/roles/wazuh/ansible-filebeat-oss" + - role: "wazuh-ansible/wazuh-ansible/roles/wazuh/wazuh-dashboard" post_tasks: - block: - name: Check if custom SCA policies directory exists