From 3a7f091e66c59a49fb38d9fc2e632da09dd4ece6 Mon Sep 17 00:00:00 2001 From: Norman Ziegner Date: Tue, 21 Jan 2025 12:44:18 +0100 Subject: [PATCH 1/2] Fix incompatibilities with ansible-lint in custom yamllint config Signed-off-by: Norman Ziegner --- .yamllint.yml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/.yamllint.yml b/.yamllint.yml index 99352e46..2655c4d2 100644 --- a/.yamllint.yml +++ b/.yamllint.yml @@ -23,7 +23,8 @@ rules: commas: max-spaces-after: -1 level: "error" - comments: "disable" + comments: + min-spaces-from-content: 1 comments-indentation: "disable" document-start: "disable" empty-lines: @@ -37,6 +38,9 @@ rules: new-line-at-end-of-file: "enable" new-lines: type: "unix" + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true quoted-strings: quote-type: "any" required: true From 9f8f91d1077df11eaba459297026064a44ce3ff4 Mon Sep 17 00:00:00 2001 From: Norman Ziegner Date: Tue, 21 Jan 2025 13:11:07 +0100 Subject: [PATCH 2/2] Add missing starting space in comments Signed-off-by: Norman Ziegner --- roles/unattended_upgrades/defaults/main.yml | 62 ++++++++++----------- 1 file changed, 31 insertions(+), 31 deletions(-) diff --git a/roles/unattended_upgrades/defaults/main.yml b/roles/unattended_upgrades/defaults/main.yml index 38e2f6ac..7f4265b5 100644 --- a/roles/unattended_upgrades/defaults/main.yml +++ b/roles/unattended_upgrades/defaults/main.yml @@ -8,7 +8,7 @@ # Cache update time for apt module unattended_cache_valid_time: 3600 -#Unattended-Upgrade::Origins-Pattern +# Unattended-Upgrade::Origins-Pattern # Automatically upgrade packages from these origin patterns # e.g.: 'o=Debian,a=stable', 'o=Debian,a=stable-updates' # @@ -16,32 +16,32 @@ unattended_cache_valid_time: 3600 # __unattended_origins_patterns variable only if this variable # is not provided externally # REFS https://github.com/ansible/ansible/issues/8121 -#unattended_origins_patterns: [] +# unattended_origins_patterns: [] -#Unattended-Upgrade::Package-Blacklist +# Unattended-Upgrade::Package-Blacklist # List of packages to not update unattended_package_blacklist: [] -#Unattended-Upgrade::AutoFixInterruptedDpkg +# Unattended-Upgrade::AutoFixInterruptedDpkg # On a unclean dpkg exit unattended-upgrades will run # dpkg --force-confold --configure -a # The default is true, to ensure updates keep getting installed unattended_autofix_interrupted_dpkg: true -#Unattended-Upgrade::MinimalSteps +# Unattended-Upgrade::MinimalSteps # Split the upgrade into the smallest possible chunks so that # they can be interrupted with SIGUSR1. This makes the upgrade # a bit slower but it has the benefit that shutdown while a upgrade # is running is possible (with a small delay) unattended_minimal_steps: true -#Unattended-Upgrade::InstallOnShutdown +# Unattended-Upgrade::InstallOnShutdown # Install all unattended-upgrades when the machine is shuting down # instead of doing it in the background while the machine is running # This will (obviously) make shutdown slower unattended_install_on_shutdown: false -#Unattended-Upgrade::Mail +# Unattended-Upgrade::Mail # Send email to this address for problems or packages upgrades # If empty or unset then no email is sent, make sure that you # have a working mail setup on your system. A package that provides @@ -52,97 +52,97 @@ unattended_mail: false # Use the specified value in the "From" field of outgoing mails. unattended_mail_sender: false -#Unattended-Upgrade::MailOnlyOnError +# Unattended-Upgrade::MailOnlyOnError # Set this value to "true" to get emails only on errors. Default # is to always send a mail if Unattended-Upgrade::Mail is set unattended_mail_only_on_error: false -#Unattended-Upgrade::MailReport +# Unattended-Upgrade::MailReport # Set this value to one of: # "always", "only-on-error" or "on-change" # If this is not set, then any legacy MailOnlyOnError (boolean) value # is used to chose between "only-on-error" and "on-change" unattended_mail_report: false -#Unattended-Upgrade::Remove-Unused-Dependencies +# Unattended-Upgrade::Remove-Unused-Dependencies # Do automatic removal of all unused dependencies after the upgrade # (equivalent to apt-get autoremove) unattended_remove_unused_dependencies: false -#Unattended-Upgrade::Remove-New-Unused-Dependencies +# Unattended-Upgrade::Remove-New-Unused-Dependencies # Remove any new unused dependencies after the upgrade unattended_remove_new_unused_dependencies: true -#Unattended-Upgrade::Remove-Unused-Kernel-Packages +# Unattended-Upgrade::Remove-Unused-Kernel-Packages # Remove unused automatically installed kernel-related packages # (kernel images, kernel headers and kernel version locked tools) unattended_remove_unused_kernel_packages: false -#Unattended-Upgrade::Automatic-Reboot +# Unattended-Upgrade::Automatic-Reboot # Automatically reboot *WITHOUT CONFIRMATION* if a # the file /var/run/reboot-required is found after the upgrade unattended_automatic_reboot: false -#Unattended-Upgrade::Automatic-Reboot-Time +# Unattended-Upgrade::Automatic-Reboot-Time # If automatic reboot is enabled and needed, reboot at the specific # time instead of immediately unattended_automatic_reboot_time: false -#Unattended-Upgrade::IgnoreAppsRequireRestart +# Unattended-Upgrade::IgnoreAppsRequireRestart # Do upgrade application even if it requires restart after upgrade # I.e. "XB-Upgrade-Requires: app-restart" is set in the debian/control file unattended_ignore_apps_require_restart: false -#Unattended-Upgrade::SyslogEnable +# Unattended-Upgrade::SyslogEnable # Write events to syslog, which is useful in environments where syslog -# messages are sent to a central store. +# messages are sent to a central store. unattended_syslog_enable: false -#Unattended-Upgrade::SyslogFacility +# Unattended-Upgrade::SyslogFacility # Write events to the specified syslog facility, or the daemon facility if # not specified. Requires the Unattended-Upgrade::SyslogEnable option to be # set to true. -#unattended_syslog_facility: "daemon" +# unattended_syslog_facility: "daemon" ### APT::Periodic configuration # Snatched from /usr/lib/apt/apt.systemd.daily -#APT::Periodic::Update-Package-Lists "0"; +# APT::Periodic::Update-Package-Lists "0"; # - Do "apt-get update" automatically every n-days (0=disable) unattended_update_package_list: 1 -#APT::Periodic::Download-Upgradeable-Packages "0"; +# APT::Periodic::Download-Upgradeable-Packages "0"; # - Do "apt-get upgrade --download-only" every n-days (0=disable) -#unattended_download_upgradeable: 0 +# unattended_download_upgradeable: 0 -#APT::Periodic::AutocleanInterval "0"; +# APT::Periodic::AutocleanInterval "0"; # - Do "apt-get autoclean" every n-days (0=disable) unattended_autoclean_interval: 7 -#APT::Periodic::CleanInterval "0"; +# APT::Periodic::CleanInterval "0"; # - Do "apt-get clean" every n-days (0=disable) -#unattended_clean_interval: 0 +# unattended_clean_interval: 0 -#APT::Periodic::Verbose "0"; +# APT::Periodic::Verbose "0"; # - Send report mail to root # 0: no report (or null string) # 1: progress report (actually any string) # 2: + command outputs (remove -qq, remove 2>/dev/null, add -d) # 3: + trace on -#unattended_verbose: 0 +# unattended_verbose: 0 ## Cron systems only -#APT::Periodic::RandomSleep +# APT::Periodic::RandomSleep # When the apt job starts, it will sleep for a random period between 0 # and APT::Periodic::RandomSleep seconds # The default value is "1800" so that the script will stall for up to 30 # minutes (1800 seconds) so that the mirror servers are not crushed by # everyone running their updates all at the same time # Kept undefined to allow default (1800) -#unattended_random_sleep: 0 +# unattended_random_sleep: 0 -#Dpkg::Options +# Dpkg::Options # Provide dpkg options that take effect during unattended upgrades. # By default no flags are appended. Configuration file changes can # block installation of certain packages. Passing the flags @@ -156,7 +156,7 @@ unattended_dpkg_options: [] # Use apt bandwidth limit feature, this example limits the download speed to 70kb/sec -#unattended_dl_limit: 70 +# unattended_dl_limit: 70 # Unattended-Upgrade::OnlyOnACPower # Download and install upgrades only on AC power