linting

Signed-off-by: Frederick Witty <frederickw@mindpointgroup.com>

Author: frederickw082922

tasks/LE_audit_setup.yml

@@ -1,31 +1,31 @@
 ---
 - name: Pre Audit Setup | Set audit package name
   block:
-    - name: Pre Audit Setup | Set audit package name | 64bit
-      when: ansible_facts.machine == "x86_64"
-      ansible.builtin.set_fact:
-        audit_pkg_arch_name: AMD64
+      - name: Pre Audit Setup | Set audit package name | 64bit
+        when: ansible_facts.machine == "x86_64"
+        ansible.builtin.set_fact:
+            audit_pkg_arch_name: AMD64
 
-    - name: Pre Audit Setup | Set audit package name | ARM64
-      when: (ansible_facts.machine == "arm64" or ansible_facts.machine == "aarch64")
-      ansible.builtin.set_fact:
-        audit_pkg_arch_name: ARM64
+      - name: Pre Audit Setup | Set audit package name | ARM64
+        when: (ansible_facts.machine == "arm64" or ansible_facts.machine == "aarch64")
+        ansible.builtin.set_fact:
+            audit_pkg_arch_name: ARM64
 
 - name: Pre Audit Setup | Download audit binary
   when: get_audit_binary_method == 'download'
   ansible.builtin.get_url:
-    url: "{{ audit_bin_url }}{{ audit_pkg_arch_name }}"
-    dest: "{{ audit_bin }}"
-    owner: root
-    group: root
-    checksum: "{{ audit_bin_version[audit_pkg_arch_name + '_checksum'] }}"
-    mode: 'u+x,go-w'
+      url: "{{ audit_bin_url }}{{ audit_pkg_arch_name }}"
+      dest: "{{ audit_bin }}"
+      owner: root
+      group: root
+      checksum: "{{ audit_bin_version[audit_pkg_arch_name + '_checksum'] }}"
+      mode: 'u+x,go-w'
 
 - name: Pre Audit Setup | Copy audit binary
   when: get_audit_binary_method == 'copy'
   ansible.builtin.copy:
-    src: "{{ audit_bin_copy_location }}/goss-linux-{{ audit_pkg_arch_name }}"
-    dest: "{{ audit_bin }}"
-    owner: root
-    group: root
-    mode: 'u+x,go-w'
+      src: "{{ audit_bin_copy_location }}/goss-linux-{{ audit_pkg_arch_name }}"
+      dest: "{{ audit_bin }}"
+      owner: root
+      group: root
+      mode: 'u+x,go-w'

tasks/audit_only.yml

@@ -2,15 +2,15 @@
 
 - name: Audit_only | Fetch audit files
   when:
-    - fetch_audit_output
-    - audit_only
+      - fetch_audit_output
+      - audit_only
   ansible.builtin.import_tasks:
-    file: fetch_audit_output.yml
+      file: fetch_audit_output.yml
 
 - name: Audit_only | Show Audit Summary
   when: audit_only
   ansible.builtin.debug:
-    msg: "{{ audit_results.split('\n') }}"
+      msg: "{{ audit_results.split('\n') }}"
 
 - name: Audit_only | Stop task for host as audit_only selected
   when: audit_only

tasks/fetch_audit_output.yml

@@ -5,43 +5,43 @@
 - name: "POST | FETCH | Fetch files and copy to controller"
   when: audit_output_collection_method == "fetch"
   ansible.builtin.fetch:
-    src: "{{ item }}"
-    dest: "{{ audit_output_destination }}"
-    flat: true
+      src: "{{ item }}"
+      dest: "{{ audit_output_destination }}"
+      flat: true
   changed_when: true
   failed_when: false
   register: discovered_audit_fetch_state
   loop:
-    - "{{ pre_audit_outfile }}"
-    - "{{ post_audit_outfile }}"
+      - "{{ pre_audit_outfile }}"
+      - "{{ post_audit_outfile }}"
   become: false
 
 # Added this option for continuity but could be changed by adjusting the variable audit_conf_dest
 # Allowing backup to one location
 - name: "POST | FETCH | Copy files to location available to managed node"
   when: audit_output_collection_method == "copy"
   ansible.builtin.copy:
-    src: "{{ item }}"
-    dest: "{{ audit_output_destination }}"
-    mode: 'u-x,go-wx'
-    flat: true
+      src: "{{ item }}"
+      dest: "{{ audit_output_destination }}"
+      mode: 'u-x,go-wx'
+      flat: true
   failed_when: false
   register: discovered_audit_copy_state
   loop:
-    - "{{ pre_audit_outfile }}"
-    - "{{ post_audit_outfile }}"
+      - "{{ pre_audit_outfile }}"
+      - "{{ post_audit_outfile }}"
 
 - name: "POST | FETCH | Fetch files and copy to controller | Warning if issues with fetch_audit_files"
   when:
-    - (audit_output_collection_method == "fetch" and not discovered_audit_fetch_state.changed) or
-      (audit_output_collection_method == "copy" and not discovered_audit_copy_state.changed)
+      - (audit_output_collection_method == "fetch" and not discovered_audit_fetch_state.changed) or
+        (audit_output_collection_method == "copy" and not discovered_audit_copy_state.changed)
   block:
-    - name: "POST | FETCH | Fetch files and copy to controller | Warning if issues with fetch_audit_files"
-      ansible.builtin.debug:
-        msg: "Warning!! Unable to write to localhost {{ audit_output_destination }} for audit file copy"
+      - name: "POST | FETCH | Fetch files and copy to controller | Warning if issues with fetch_audit_files"
+        ansible.builtin.debug:
+            msg: "Warning!! Unable to write to localhost {{ audit_output_destination }} for audit file copy"
 
-    - name: "POST | FETCH | Fetch files and copy to controller | Warning if issues with fetch_audit_files"
-      vars:
-        warn_control_id: "FETCH_AUDIT_FILES"
-      ansible.builtin.import_tasks:
-        file: warning_facts.yml
+      - name: "POST | FETCH | Fetch files and copy to controller | Warning if issues with fetch_audit_files"
+        vars:
+            warn_control_id: "FETCH_AUDIT_FILES"
+        ansible.builtin.import_tasks:
+            file: warning_facts.yml

tasks/post_remediation_audit.yml

@@ -4,30 +4,30 @@
   ansible.builtin.shell: "umask 0022 && {{ audit_conf_dir }}/run_audit.sh -v {{ audit_vars_path }} -f {{ audit_format }} -m {{ audit_max_concurrent }} -o {{ post_audit_outfile }} -g \"{{ group_names }}\""  # noqa yaml[line-length]
   changed_when: true
   environment:
-    AUDIT_BIN: "{{ audit_bin }}"
-    AUDIT_CONTENT_LOCATION: "{{ audit_conf_dest | default('/opt') }}"
-    AUDIT_FILE: goss.yml
+      AUDIT_BIN: "{{ audit_bin }}"
+      AUDIT_CONTENT_LOCATION: "{{ audit_conf_dest | default('/opt') }}"
+      AUDIT_FILE: goss.yml
 
 - name: Post Audit | Capture audit data if json format
   when: audit_format == "json"
   block:
-    - name: Post Audit | Capture audit data if json format
-      ansible.builtin.shell: grep -E '"summary-line.*Count:.*Failed' "{{ post_audit_outfile }}" | cut -d'"' -f4
-      changed_when: false
-      register: post_audit_summary
+      - name: Post Audit | Capture audit data if json format
+        ansible.builtin.shell: grep -E '"summary-line.*Count:.*Failed' "{{ post_audit_outfile }}" | cut -d'"' -f4
+        changed_when: false
+        register: post_audit_summary
 
-    - name: Post Audit | Set Fact for audit summary
-      ansible.builtin.set_fact:
-        post_audit_results: "{{ post_audit_summary.stdout }}"
+      - name: Post Audit | Set Fact for audit summary
+        ansible.builtin.set_fact:
+            post_audit_results: "{{ post_audit_summary.stdout }}"
 
 - name: Post Audit | Capture audit data if documentation format
   when: audit_format == "documentation"
   block:
-    - name: Post Audit | Capture audit data if documentation format
-      ansible.builtin.shell: tail -2 "{{ post_audit_outfile }}"  | tac | tr '\n' ' '
-      changed_when: false
-      register: post_audit_summary
+      - name: Post Audit | Capture audit data if documentation format
+        ansible.builtin.shell: tail -2 "{{ post_audit_outfile }}"  | tac | tr '\n' ' '
+        changed_when: false
+        register: post_audit_summary
 
-    - name: Post Audit | Set Fact for audit summary
-      ansible.builtin.set_fact:
-        post_audit_results: "{{ post_audit_summary.stdout }}"
+      - name: Post Audit | Set Fact for audit summary
+        ansible.builtin.set_fact:
+            post_audit_results: "{{ post_audit_summary.stdout }}"

tasks/pre_remediation_audit.yml

@@ -4,106 +4,106 @@
   when: setup_audit
   tags: setup_audit
   ansible.builtin.include_tasks:
-    file: LE_audit_setup.yml
+      file: LE_audit_setup.yml
 
 - name: Pre Audit Setup | Ensure existence of {{ audit_conf_dir }}  # noqa name[template]
   ansible.builtin.file:
-    path: "{{ audit_conf_dir }}"
-    mode: 'go-w'
-    state: directory
+      path: "{{ audit_conf_dir }}"
+      mode: 'go-w'
+      state: directory
 
 - name: Pre Audit Setup | If using git for content set up
   when: audit_content == 'git'
   block:
-    - name: Pre Audit Setup | Install git
-      ansible.builtin.package:
-        name: git
-        state: present
+      - name: Pre Audit Setup | Install git
+        ansible.builtin.package:
+            name: git
+            state: present
 
-    - name: Pre Audit Setup | Retrieve audit content files from git
-      ansible.builtin.git:
-        repo: "{{ audit_file_git }}"
-        dest: "{{ audit_conf_dir }}"
-        version: "{{ audit_git_version }}"
+      - name: Pre Audit Setup | Retrieve audit content files from git
+        ansible.builtin.git:
+            repo: "{{ audit_file_git }}"
+            dest: "{{ audit_conf_dir }}"
+            version: "{{ audit_git_version }}"
 
 - name: Pre Audit Setup | Copy to audit content files to server
   when: audit_content == 'copy'
   ansible.builtin.copy:
-    src: "{{ audit_conf_source }}"
-    dest: "{{ audit_conf_dest }}"
-    mode: preserve
+      src: "{{ audit_conf_source }}"
+      dest: "{{ audit_conf_dest }}"
+      mode: preserve
 
 - name: Pre Audit Setup | Unarchive audit content files on server
   when: audit_content == 'archive'
   ansible.builtin.unarchive:
-    src: "{{ audit_conf_source }}"
-    dest: "{{ audit_conf_dest }}"
+      src: "{{ audit_conf_source }}"
+      dest: "{{ audit_conf_dest }}"
 
 - name: Pre Audit Setup | Get audit content from url
   when: audit_content == 'get_url'
   ansible.builtin.unarchive:
-    src: "{{ audit_conf_source }}"
-    dest: "{{ audit_conf_dest }}/{{ benchmark }}-Audit"
-    remote_src: "{{ (audit_conf_source is contains('http')) | ternary(true, false) }}"
-    extra_opts: "{{ (audit_conf_source is contains('github')) | ternary('--strip-components=1', []) }}"
+      src: "{{ audit_conf_source }}"
+      dest: "{{ audit_conf_dest }}/{{ benchmark }}-Audit"
+      remote_src: "{{ (audit_conf_source is contains('http')) | ternary(true, false) }}"
+      extra_opts: "{{ (audit_conf_source is contains('github')) | ternary('--strip-components=1', []) }}"
 
 - name: Pre Audit Setup | Check Goss is available
   when: run_audit
   block:
-    - name: Pre Audit Setup | Check for goss file
-      ansible.builtin.stat:
-        path: "{{ audit_bin }}"
-      register: prelim_goss_available
+      - name: Pre Audit Setup | Check for goss file
+        ansible.builtin.stat:
+            path: "{{ audit_bin }}"
+        register: prelim_goss_available
 
-    - name: Pre Audit Setup | If audit ensure goss is available
-      when: not prelim_goss_available.stat.exists
-      ansible.builtin.assert:
-        that: prelim_goss_available['stat']['exists'] == true
-        msg: "Audit has been selected: unable to find goss binary at {{ audit_bin }}"
+      - name: Pre Audit Setup | If audit ensure goss is available
+        when: not prelim_goss_available.stat.exists
+        ansible.builtin.assert:
+            that: prelim_goss_available['stat']['exists'] == true
+            msg: "Audit has been selected: unable to find goss binary at {{ audit_bin }}"
 
 - name: Pre Audit Setup | Copy ansible default vars values to test audit
   when: run_audit
   tags:
-    - goss_template
-    - run_audit
+      - goss_template
+      - run_audit
   ansible.builtin.template:
-    src: ansible_vars_goss.yml.j2
-    dest: "{{ audit_vars_path }}"
-    mode: 'go-rwx'
+      src: ansible_vars_goss.yml.j2
+      dest: "{{ audit_vars_path }}"
+      mode: 'go-rwx'
 
 - name: Pre Audit | Run pre_remediation audit {{ benchmark }}  # noqa name[template]
-  ansible.builtin.shell: "umask 0022 && {{ audit_conf_dir }}/run_audit.sh -v {{ audit_vars_path }} -f {{ audit_format }} -m {{ audit_max_concurrent }} -o {{ pre_audit_outfile }} -g \"{{ group_names }}\"" # noqa yaml[line-length]
+  ansible.builtin.shell: "umask 0022 && {{ audit_conf_dir }}/run_audit.sh -v {{ audit_vars_path }} -f {{ audit_format }} -m {{ audit_max_concurrent }} -o {{ pre_audit_outfile }} -g \"{{ group_names }}\""  # noqa yaml[line-length]
   changed_when: true
   environment:
-    AUDIT_BIN: "{{ audit_bin }}"
-    AUDIT_CONTENT_LOCATION: "{{ audit_conf_dest | default('/opt') }}"
-    AUDIT_FILE: goss.yml
+      AUDIT_BIN: "{{ audit_bin }}"
+      AUDIT_CONTENT_LOCATION: "{{ audit_conf_dest | default('/opt') }}"
+      AUDIT_FILE: goss.yml
 
 - name: Pre Audit | Capture audit data if json format
   when: audit_format == "json"
   block:
-    - name: Pre Audit | Capture audit data if json format
-      ansible.builtin.shell: grep -E '\"summary-line.*Count:.*Failed' "{{ pre_audit_outfile }}" | cut -d'"' -f4
-      changed_when: false
-      register: pre_audit_summary
+      - name: Pre Audit | Capture audit data if json format
+        ansible.builtin.shell: grep -E '\"summary-line.*Count:.*Failed' "{{ pre_audit_outfile }}" | cut -d'"' -f4
+        changed_when: false
+        register: pre_audit_summary
 
-    - name: Pre Audit | Set Fact for audit summary
-      ansible.builtin.set_fact:
-        pre_audit_results: "{{ pre_audit_summary.stdout }}"
+      - name: Pre Audit | Set Fact for audit summary
+        ansible.builtin.set_fact:
+            pre_audit_results: "{{ pre_audit_summary.stdout }}"
 
 - name: Pre Audit | Capture audit data if documentation format
   when: audit_format == "documentation"
   block:
-    - name: Pre Audit | Capture audit data if documentation format
-      ansible.builtin.shell: tail -2 "{{ pre_audit_outfile }}"  | tac | tr '\n' ' '
-      changed_when: false
-      register: pre_audit_summary
+      - name: Pre Audit | Capture audit data if documentation format
+        ansible.builtin.shell: tail -2 "{{ pre_audit_outfile }}"  | tac | tr '\n' ' '
+        changed_when: false
+        register: pre_audit_summary
 
-    - name: Pre Audit | Set Fact for audit summary
-      ansible.builtin.set_fact:
-        pre_audit_results: "{{ pre_audit_summary.stdout }}"
+      - name: Pre Audit | Set Fact for audit summary
+        ansible.builtin.set_fact:
+            pre_audit_results: "{{ pre_audit_summary.stdout }}"
 
 - name: Audit_Only | Run Audit Only
   when: audit_only
   ansible.builtin.import_tasks:
-    file: audit_only.yml
+      file: audit_only.yml