Resolve ansible-lint violations

2025-12-10 00:38:17 -06:00 · 2025-11-13 17:24:00 -05:00 · 2025-11-13 17:24:00 -05:00 · ba11184968
commit ba11184968
parent fed047b297
11 changed files with 21 additions and 19 deletions
--- a/.github/playbooks/gather_agent_logs.yml
+++ b/.github/playbooks/gather_agent_logs.yml
@ -18,7 +18,9 @@
      block:
        - name: Linux | Set required facts for logs gathering (1/2)
          ansible.builtin.set_fact:
-            logs_prefix: "{{ ansible_facts.distribution }}_{{ ansible_facts.distribution_major_version }}_{{ ansible_facts.architecture }}_{{ inventory_hostname }}"
+            logs_prefix: >-
+              {{ ansible_facts.distribution }}_{{ ansible_facts.distribution_major_version }}_{{
+              ansible_facts.architecture }}_{{ inventory_hostname }}

        - name: Linux | Set required facts for logs gathering (2/2)
          ansible.builtin.set_fact:
@ -57,6 +59,7 @@
              ansible.builtin.copy:
                src: "{{ item.path }}"
                dest: "{{ remote_logs_path }}/{{ logs_prefix }}_{{ item.path | basename }}"
+                mode: '0644'
                remote_src: true
              loop: "{{ wazuh_agent_logs.files | default([]) }}"
              loop_control:
@ -67,8 +70,8 @@
              ansible.builtin.copy:
                src: /var/ossec/etc/ossec.conf
                dest: "{{ remote_logs_path }}/{{ logs_prefix }}_ossec.conf"
-                remote_src: true
                mode: '0644'
+                remote_src: true

        - name: Linux | Compress Wazuh logs
          block:
@ -79,7 +82,7 @@
                format: gz
                mode: '0644'
          rescue:
-            - name: Compress Wazuh logs (tar command)
+            - name: Compress Wazuh logs (tar command) # noqa: command-instead-of-module
              ansible.builtin.shell: |
                tar -czf {{ remote_gathering_path }}/compressed_wazuh_agent_logs_{{ logs_prefix }}.tar.gz -C {{ remote_logs_path }} .
              args:
--- a/.github/playbooks/gather_central_logs.yml
+++ b/.github/playbooks/gather_central_logs.yml
@ -68,8 +68,8 @@
          ansible.builtin.copy:
            src: "{{ item.path }}"
            dest: "{{ remote_logs_path }}/wazuh-indexer/{{ logs_prefix }}_{{ item.path | basename }}"
-            remote_src: true
            mode: '0644'
+            remote_src: true
          loop: "{{ wi_indexer_logs.files | default([]) }}"
          loop_control:
            label: "{{ item.path | basename }}"
@ -79,8 +79,8 @@
          ansible.builtin.copy:
            src: /etc/wazuh-indexer/opensearch.yml
            dest: "{{ remote_logs_path }}/wazuh-indexer/{{ logs_prefix }}_opensearch.yml"
-            remote_src: true
            mode: '0644'
+            remote_src: true

    - name: Wazuh Server
      when: (single_node | bool) or inventory_hostname in ['manager', 'worker']
@ -147,7 +147,7 @@
            format: gz
            mode: '0644'
      rescue:
-        - name: Compress Wazuh logs (tar command)
+        - name: Compress Wazuh logs (tar command) # noqa: command-instead-of-module
          ansible.builtin.shell: |
            tar -czf {{ remote_gathering_path }}/compressed_wazuh_logs_{{ logs_prefix }}.tar.gz -C {{ remote_logs_path }} .
          args:
--- a/.github/workflows/aio.yml
+++ b/.github/workflows/aio.yml
@ -601,8 +601,6 @@ jobs:
      - name: Run ansible-lint
        uses: ansible/ansible-lint@v25
        with:
-          args: |
-            -v
-            wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml
+          args: "-v wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml"
          working_directory: "wazuh-ansible"
          requirements_file: "requirements.yml"
--- a/.github/workflows/distributed.yml
+++ b/.github/workflows/distributed.yml
@ -655,8 +655,6 @@ jobs:
      - name: Run ansible-lint
        uses: ansible/ansible-lint@v25
        with:
-          args: |
-            -v
-            wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml
+          args: "-v wazuh-agent.yml wazuh-aio.yml wazuh-distributed.yml .github/playbooks/gather_agent_logs.yml .github/playbooks/gather_central_logs.yml"
          working_directory: "wazuh-ansible"
          requirements_file: "requirements.yml"
--- a/roles/wazuh-agent/tasks/Linux.yml
+++ b/roles/wazuh-agent/tasks/Linux.yml
@ -17,7 +17,7 @@
  when: ansible_facts.os_family == "Debian"

 - name: Linux CentOS/RedHat | Install wazuh-agent
-  ansible.builtin.yum:
+  ansible.builtin.dnf:
    name: "{{ wazuh_agent_package_download_path }}/{{ wazuh_agent_package_name }}_{{ ansible_facts.architecture }}.rpm"
    state: present
    disable_gpg_check: true
--- a/roles/wazuh-agent/tasks/macOS.yml
+++ b/roles/wazuh-agent/tasks/macOS.yml
@ -44,6 +44,8 @@
  block:
    - name: MacOS | Install Wazuh agent using installer
      ansible.builtin.command: "installer -pkg {{ wazuh_agent_package_download_path }}/{{ wazuh_agent_package_name }}.pkg -target /"
+      register: install_pkg
+      changed_when: install_pkg.rc == 0

    - name: MacOS | Initialize Wazuh agent service (MacOS 10.10+)
      ansible.builtin.command: "launchctl bootstrap system /Library/LaunchDaemons/com.wazuh.agent.plist"
--- a/roles/wazuh-dashboard/tasks/dependencies.yml
+++ b/roles/wazuh-dashboard/tasks/dependencies.yml
@ -25,7 +25,7 @@
  when: ansible_facts.os_family == 'RedHat'
  block:
    - name: RedHat/CentOS/Fedora | Install Dashboard dependencies
-      ansible.builtin.yum:
+      ansible.builtin.dnf:
        name: "{{ packages }}"
        state: present
        update_cache: true
--- a/roles/wazuh-dashboard/tasks/main.yml
+++ b/roles/wazuh-dashboard/tasks/main.yml
@ -13,7 +13,7 @@
  become: true

 - name: Linux CentOS/RedHat | Install wazuh-dashboard using yum
-  ansible.builtin.yum:
+  ansible.builtin.dnf:
    name: "{{ wazuh_dashboard_package_download_path }}/{{ wazuh_dashboard_package_name }}_{{ ansible_facts.architecture }}.rpm"
    state: present
    disable_gpg_check: true
--- a/roles/wazuh-indexer/tasks/dependencies.yml
+++ b/roles/wazuh-indexer/tasks/dependencies.yml
@ -10,7 +10,7 @@
  when: ansible_facts.distribution == 'Amazon'
  block:
    - name: Amazon Linux | Install Amazon extras in Amazon Linux 2
-      ansible.builtin.yum:
+      ansible.builtin.dnf:
        name: amazon-linux-extras
        state: present
      when:
@ -34,7 +34,7 @@
  when: ansible_facts.os_family == 'RedHat'
  block:
    - name: RedHat/CentOS/Fedora | Install Indexer dependencies
-      ansible.builtin.yum:
+      ansible.builtin.dnf:
        name: "{{ packages }}"
      vars:
        packages:
--- a/roles/wazuh-indexer/tasks/main.yml
+++ b/roles/wazuh-indexer/tasks/main.yml
@ -13,7 +13,7 @@
  become: true

 - name: Linux CentOS/RedHat | Install wazuh-indexer using yum
-  ansible.builtin.yum:
+  ansible.builtin.dnf:
    name: "{{ wazuh_indexer_package_download_path }}/{{ wazuh_indexer_package_name }}_{{ ansible_facts.architecture }}.rpm"
    state: present
    disable_gpg_check: true
--- a/roles/wazuh-server/tasks/main.yml
+++ b/roles/wazuh-server/tasks/main.yml
@ -51,7 +51,7 @@
            - ansible_facts.architecture == "aarch64"

        - name: RedHat/CentOS/Fedora | Install wazuh-server package
-          ansible.builtin.yum:
+          ansible.builtin.dnf:
            name: "{{ wazuh_server_package_download_path }}/{{ wazuh_server_package_name }}_{{ ansible_facts.architecture }}.rpm"
            state: present
            disable_gpg_check: true
@ -232,6 +232,7 @@
        - name: Wazuh Server | Perform CLI healthcheck (worker)
          ansible.builtin.command: /var/ossec/bin/cluster_control -l
          register: cluster_control_list
+          changed_when: false
          until:
            - cluster_control_list.rc == 0
            - "'ERR' not in cluster_control_list.stdout"