From 2ec8fbfa46286cf6929389247aff0de5b79b5618 Mon Sep 17 00:00:00 2001
From: Adrien Waksberg <git@waks.be>
Date: Fri, 30 Jun 2023 11:16:45 +0200
Subject: [PATCH] chore: fix syntax for ansible-lint

---
 handlers/main.yml |  8 +++----
 tasks/base.yml    | 40 ++++++++++++++-----------------
 tasks/keys.yml    | 12 +++++-----
 tasks/main.yml    | 15 +++++++-----
 tasks/zones.yml   | 60 +++++++++++++++++++++++------------------------
 5 files changed, 66 insertions(+), 69 deletions(-)

diff --git a/handlers/main.yml b/handlers/main.yml
index 2672dce..a188f31 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -1,10 +1,10 @@
 ---
-- name: restart bind
-  service:
+- name: Restart bind
+  ansible.builtin.service:
     name: bind9
     state: restarted
 
-- name: reload bind
-  service:
+- name: Reload bind
+  ansible.builtin.service:
     name: bind9
     state: reloaded
diff --git a/tasks/base.yml b/tasks/base.yml
index 59e6b3e..4ed5821 100644
--- a/tasks/base.yml
+++ b/tasks/base.yml
@@ -1,38 +1,32 @@
 ---
-- name: install packages for bind9
-  apt:
-    name: '{{ packages }}'
-    state: present
-  vars:
-    packages:
+- name: Install packages for bind9
+  ansible.builtin.package:
+    name:
       - bind9
       - bind9-host
       - cron
-  register: result
-  retries: 3
-  delay: 1
-  until: result is success
+    state: present
 
-- name: create zone directory
-  file:
+- name: Create zone directory
+  ansible.builtin.file:
     path: /etc/bind/zones
     owner: bind
     group: bind
     mode: 0700
     state: directory
 
-- name: create log directory
-  file:
+- name: Create log directory
+  ansible.builtin.file:
     path: /var/log/named
     owner: bind
     group: bind
     mode: 0700
     state: directory
 
-- name: copy bind configuration files
-  template:
-    src: '{{ item }}.j2'
-    dest: '/etc/bind/{{ item }}'
+- name: Copy bind configuration files
+  ansible.builtin.template:
+    src: "{{ item }}.j2"
+    dest: "/etc/bind/{{ item }}"
     owner: root
     group: root
     mode: 0644
@@ -40,18 +34,18 @@
     - named.conf
     - named.conf.options
     - named.conf.local
-  notify: restart bind
+  notify: Restart bind
 
-- name: create keys directory
-  file:
+- name: Create keys directory
+  ansible.builtin.file:
     path: /etc/bind/keys
     owner: root
     group: bind
     mode: 0750
     state: directory
 
-- name: add cron dnssec
-  template:
+- name: Add cron dnssec
+  ansible.builtin.template:
     src: dnssec.j2
     dest: /etc/cron.weekly/dnssec
     owner: root
diff --git a/tasks/keys.yml b/tasks/keys.yml
index 3eb1d8b..1c79d72 100644
--- a/tasks/keys.yml
+++ b/tasks/keys.yml
@@ -1,6 +1,6 @@
 ---
-- name: copy private key
-  copy:
+- name: Copy private key
+  ansible.builtin.copy:
     dest: "/etc/bind/keys/K{{ item.0 }}.\
       +{{ '00{}'.format(bind_dnssec[item.0][item.1].algorithm)[-3:] }}\
       +{{ bind_dnssec[item.0][item.1].tag }}.private"
@@ -9,14 +9,14 @@
     group: bind
     mode: 0640
   no_log: true
-  loop: '{{ bind_dnssec|product(file_ext)|list }}'
+  loop: '{{ bind_dnssec | product(file_ext) | list }}'
   vars:
     file_ext:
       - ksk
       - zsk
 
-- name: copy public key
-  template:
+- name: Copy public key
+  ansible.builtin.template:
     src: public.key.j2
     dest: "/etc/bind/keys/K{{ item.0 }}.\
       +{{ '00{}'.format(bind_dnssec[item.0][item.1].algorithm)[-3:] }}\
@@ -25,7 +25,7 @@
     group: bind
     mode: 0640
   no_log: true
-  loop: '{{ bind_dnssec|product(file_ext)|list }}'
+  loop: '{{ bind_dnssec | product(file_ext) | list }}'
   vars:
     file_ext:
       - ksk
diff --git a/tasks/main.yml b/tasks/main.yml
index fe3dae6..2de4ff5 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,16 +1,19 @@
 ---
-- import_tasks: base.yml
+- name: Import base tasks
+  ansible.builtin.import_tasks: base.yml
   tags: bind
 
-- import_tasks: keys.yml
+- name: Import keys tasks
+  ansible.builtin.import_tasks: keys.yml
   tags: bind
 
-- import_tasks: zones.yml
+- name: Import zones tasks
+  ansible.builtin.import_tasks: zones.yml
   tags: bind
 
-- name: enable and start bind9
-  service:
+- name: Enable and start bind9
+  ansible.builtin.service:
     name: bind9
-    enabled: yes
+    enabled: true
     state: started
   tags: bind
diff --git a/tasks/zones.yml b/tasks/zones.yml
index cee3ed0..537f87e 100644
--- a/tasks/zones.yml
+++ b/tasks/zones.yml
@@ -1,64 +1,64 @@
 ---
-- name: set fact bind_zone_play if it empty
-  set_fact:
-    bind_zones_play: '{{ bind_zones_play|default([]) + [ item ] }}'
-  loop: '{{ bind_zones|dict2items }}'
+- name: Set fact bind_zone_play if it empty
+  ansible.builtin.set_fact:
+    bind_zones_play: "{{ bind_zones_play | default([]) + [item] }}"
+  loop: "{{ bind_zones | dict2items }}"
   loop_control:
-    label: '{{ item.key }}'
+    label: "{{ item.key }}"
   when: >
-    (item.value.state is not defined or item.value.state != 'absent')
+    (item.value.state is not defined or item.value.state != "absent")
     and (bind_zones_subset is not defined or item.key in bind_zones_subset)
 
-- name: create zone folder
-  file:
-    path: '/etc/bind/zones/{{ item.key }}'
+- name: Create zone folder
+  ansible.builtin.file:
+    path: "/etc/bind/zones/{{ item.key }}"
     owner: bind
     group: bind
     mode: 0755
     state: directory
   loop_control:
-    label: '{{ item.key }}'
-  loop: '{{ bind_zones_play }}'
+    label: "{{ item.key }}"
+  loop: "{{ bind_zones_play }}"
 
-- name: copy zone files
-  template:
+- name: Copy zone files
+  ansible.builtin.template:
     src: db.j2
-    dest: '/etc/bind/zones/{{ item.key }}/db'
+    dest: "/etc/bind/zones/{{ item.key }}/db"
     owner: root
     group: root
     mode: 0644
-  loop: '{{ bind_zones_play }}'
+  loop: "{{ bind_zones_play }}"
   loop_control:
-    label: '{{ item.key }}'
+    label: "{{ item.key }}"
   register: zone
-  notify: reload bind
+  notify: Reload bind
 
-- name: dnssec sign
-  shell: >
+- name: Dnssec sign  # noqa risky-shell-pipe no-changed-when
+  ansible.builtin.shell: >
     dnssec-signzone -3 $(head -n 1000 /dev/urandom | sha1sum | cut -b 1-16) -A -N INCREMENT
     -o {{ item.item.key }} -t /etc/bind/zones/{{ item.item.key }}/db
   args:
     chdir: /etc/bind/keys
-  loop: '{{ zone.results }}'
+  loop: "{{ zone.results }}"
   loop_control:
-    label: '{{ item.item.key }}'
+    label: "{{ item.item.key }}"
   when: item.item.key in bind_dnssec and item.changed
-  notify: reload bind
+  notify: Reload bind
 
-- name: get zones files
-  find:
+- name: Get zones files
+  ansible.builtin.find:
     path: /etc/bind/zones
     file_type: directory
     recurse: no
   register: zone_folders
 
-- name: delete old zone file
-  file:
-    path: '{{ item.path }}'
+- name: Delete old zone file
+  ansible.builtin.file:
+    path: "{{ item.path }}"
     state: absent
-  loop: '{{ zone_folders.files }}'
+  loop: "{{ zone_folders.files }}"
   loop_control:
-    label: '{{ item.path|basename }}'
+    label: "{{ item.path | basename }}"
   when: >
     item.path|basename not in bind_zones or
-    ('state' in bind_zones[item.path|basename] and bind_zones[item.path|basename].state == 'absent')
+    ("state" in bind_zones[item.path | basename] and bind_zones[item.path | basename].state == "absent")