systemli / ansible-role-bind9

Ansible role to install and maintain the Bind9 nameserver on Debian
GNU General Public License v3.0
24 stars 26 forks source link

ACLs and per zone controls configuration #38

Open ulvida opened 2 years ago

ulvida commented 2 years ago

Hello, in our fork we are working on this issue to extend this bind9 role.

Working on this, and thinking to yours' merging the PR: do you agree we clean and (re)format a little bit the code (see examples in our issue)? Or would you prefer we submit the minimal changes for easier understanding?

t2d commented 2 years ago

Hi @ulvida, thanks for raising this issue. Any kind of improvement is highly welcome in our roles. Please be mindful of making small PRs with specific purposes and we'll try to give feedback quickly.

ulvida commented 2 years ago

Thanks for your answer, @t2d. So let's start by an basic PR: #39. For the mentioned features, to make templates' code understandable, I'm planning to propose a separate set of templates, using bind9_templates. With several folders under templates/ the role could propose several "profiles" for bind configuration.

ulvida commented 2 years ago

@t2d, @xshadow : I'm exploring tests, starting with ansible-lint. Would you agree we update module's call to FCQN, present notation with explicit ansible collections?

ulvida@paname:~/(...)/UdelaRInterior/udelarinterior.bind9$ ansible-lint 
WARNING  Listing 66 violation(s) that are fatal
fqcn-builtins: Use FQCN for builtin actions.
handlers/main.yml:3 Task/Handler: restart bind9

fqcn-builtins: Use FQCN for builtin actions.
handlers/main.yml:8 Task/Handler: reload bind9

fqcn-builtins: Use FQCN for builtin actions.
handlers/main.yml:13 Task/Handler: restart monit

fqcn-builtins: Use FQCN for builtin actions.
handlers/main.yml:18 Task/Handler: zone file change

schema: 2.4 is not of type 'string' (schema[meta])
meta/main.yml:1  Returned errors will not include exact line numbers, but they will mention
the schema name being used as a tag, like ``playbook-schema``,
``tasks-schema``.

This rule is not skippable and stops further processing of the file.

Schema bugs should be reported towards (https://github.com/ansible/schemas) project instead of ansible-lint.

If incorrect schema was picked, you might want to either:

* move the file to standard location, so its file is detected correctly.
* use ``kinds:`` option in linter config to help it pick correct file type.

fqcn-builtins: Use FQCN for builtin actions.
molecule/default/roles/ansible-role-bind9/handlers/main.yml:3 Task/Handler: restart bind9

fqcn-builtins: Use FQCN for builtin actions.
molecule/default/roles/ansible-role-bind9/handlers/main.yml:8 Task/Handler: reload bind9

fqcn-builtins: Use FQCN for builtin actions.
molecule/default/roles/ansible-role-bind9/handlers/main.yml:13 Task/Handler: restart monit

fqcn-builtins: Use FQCN for builtin actions.
molecule/default/roles/ansible-role-bind9/handlers/main.yml:18 Task/Handler: zone file change

schema: 2.4 is not of type 'string' (schema[meta])
molecule/default/roles/ansible-role-bind9/meta/main.yml:1  Returned errors will not include exact line numbers, but they will mention
the schema name being used as a tag, like ``playbook-schema``,
``tasks-schema``.

This rule is not skippable and stops further processing of the file.

Schema bugs should be reported towards (https://github.com/ansible/schemas) project instead of ansible-lint.

If incorrect schema was picked, you might want to either:

* move the file to standard location, so its file is detected correctly.
* use ``kinds:`` option in linter config to help it pick correct file type.

fqcn-builtins: Use FQCN for builtin actions.
molecule/default/roles/ansible-role-bind9/tasks/main.yml:3 Task/Handler: install bind9 packages

(...)

fqcn-builtins: Use FQCN for builtin actions.
tasks/monit.yml:3 Task/Handler: ensure monit configs are present

You can skip specific rules or tags by adding them to your configuration file:
# .config/ansible-lint.yml
warn_list:  # or 'skip_list' to silence them completely
  - experimental  # all rules tagged as experimental
  - fqcn-builtins  # Use FQCN for builtin actions.
  - unnamed-task  # All tasks should be named.

Finished with 64 failure(s), 2 warning(s) on 33 files.
t2d commented 2 years ago

@t2d, @xshadow : I'm exploring tests, starting with ansible-lint. Would you agree we update module's call to FCQN, present notation with explicit ansible collections?

Sure, that can't hurt. You can also start to iqnore fqcn-builtins. I don't see a lot of value for them at the moment https://github.com/systemli/ansible-role-letsencrypt/blob/f9bfc4be5135f5f850a23a008ae06b3688a1d4c3/.ansible-lint