redhat-cop · GomathiselviS · Aug 28, 2023 · Jul 5, 2023 · Jul 5, 2023 · Jul 5, 2023
diff --git a/.github/workflows/linters.yml b/.github/workflows/linters.yml
@@ -1,35 +1,21 @@
 ---
 name: Linters
-'on':
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+on:
   push:
-    branches:
-      - main
   pull_request:
-    branches:
-      - main
 
 jobs:
-
   linters:
+    uses: ansible-network/github_actions/.github/workflows/tox-linters.yml@main
+  ansible-lint:
+    name: Ansible Lint
     runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        python_version: ['3.8']
     steps:
-      - name: Check out code
-        uses: actions/checkout@v2
+      - uses: ansible-network/github_actions/.github/actions/checkout_dependency@main
 
-      - name: Set up Python ${{ matrix.python_version }}
-        uses: actions/setup-python@v2
-        with:
-          python-version: ${{ matrix.python_version }}
-
-      - name: Install dependencies
-        run: |
-          python -m pip install --upgrade pip
-          pip install tox
-      - name: Test with tox
-        run: tox -e linters -vv
-
-  ansible-lint:
-    uses: ansible-network/github_actions/.github/workflows/ansible-lint.yml@main
+      - name: Run ansible-lint
+        uses: ansible/ansible-lint@v6.18.0
diff --git a/.github/workflows/sanity.yml b/.github/workflows/sanity.yml
@@ -5,13 +5,6 @@ concurrency:
 
 on:
   pull_request:
-    types:
-      - opened
-      - reopened
-      - labeled
-      - unlabeled
-      - synchronize
-      - closed
     branches:
       - main
       - stable-*
@@ -68,13 +61,21 @@ jobs:
               "ansible-version": "milestone",
               "python-version": "3.8"
             },
+            {
+              "ansible-version": "milestone",
+              "python-version": "3.9"
+            },
             {
               "ansible-version": "devel",
               "python-version": "3.7"
             },
             {
               "ansible-version": "devel",
               "python-version": "3.8"
+            },
+            {
+              "ansible-version": "devel",
+              "python-version": "3.9"
             }
           ]
   all_green:

diff --git a/changelogs/fragments/ansible_lint_sanity_fixes.yml b/changelogs/fragments/ansible_lint_sanity_fixes.yml
@@ -0,0 +1,3 @@
+breaking_changes:
+  - role/aws_setup_credentials - Due to ansible-lint issue, the AWS generated credentials are now stored into variable `aws_setup_credentials__output` instead of `aws_role_credentials`  (https://github.com/redhat-cop/cloud.aws_troubleshooting/pull/24)."
+  - role/connectivity_troubleshooter_validated - Due to ansible-lint issue, the next hop information stored into variable `connectivity_troubleshooter_validate__next_hop` instead of `next_hop`  (https://github.com/redhat-cop/cloud.aws_troubleshooting/pull/24)."
diff --git a/plugins/modules/eval_nat_network_acls.py b/plugins/modules/eval_nat_network_acls.py
@@ -4,10 +4,6 @@
 # Copyright: (c) 2022, Ansible Project
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 
-from __future__ import absolute_import, division, print_function
-
-__metaclass__ = type
-
 
 DOCUMENTATION = r"""
 ---
@@ -123,7 +119,6 @@
 
 class EvalNatNetworkAcls(AnsibleModule):
     def __init__(self):
-
         argument_spec = dict(
             src_ip=dict(type="str", required=True),
             src_port_range=dict(type="str"),
@@ -195,11 +190,12 @@ def check_egress_towards_dst(acls, dst_ip, dst_port):
                                        outbound traffic to destination: \
                                        {self.dst_ip} : {str(dst_port)}"
                                 )
-            else:
-                self.fail_json(
-                    msg=f"NatGateway Subnet {self.src_subnet_id} \
-                          Network Acl Egress Rules do not allow outbound traffic to destination: {self.dst_ip} : {str(dst_port)}"
+
+            self.fail_json(
+                msg="NatGateway Subnet {0} Network Acl Egress Rules do not allow outbound traffic to destination: {1} : {2}".format(
+                    self.src_subnet_id, self.dst_ip, str(dst_port)
                 )
+            )
 
         def check_ingress_from_dst(acls, src_ip):
             for item in acls:
@@ -228,12 +224,12 @@ def check_ingress_from_dst(acls, src_ip):
                                         Network Acl Ingress Rules do not allow \
                                         inbound traffic from destination: {self.dst_ip}"
                                 )
-            else:
-                self.fail_json(
-                    msg=f"NatGateway Subnet {self.src_subnet_id} \
-                          Network Acl Ingress Rules do not allow \
-                          inbound traffic from destination: {self.dst_ip}"
+
+            self.fail_json(
+                msg="NatGateway Subnet {0} Network Acl Ingress Rules do not allow inbound traffic from destination: {1}".format(
+                    self.src_subnet_id, self.dst_ip
                 )
+            )
 
         def check_ingress_from_src(acls, src_ip, dst_port):
             for item in acls:
@@ -255,15 +251,18 @@ def check_ingress_from_src(acls, src_ip, dst_port):
                                 break
                             else:
                                 self.fail_json(
-                                    msg=f"NatGateway Subnet Network Acl \
+                                    msg="NatGateway Subnet Network Acl \
                                           Ingress Rules do not allow inbound \
-                                          traffic from source: {self.src_ip} towards destination port {str(dst_port)}"
+                                          traffic from source: {0} towards destination port {1}".format(
+                                        self.src_ip, str(dst_port)
+                                    )
                                 )
-            else:
-                self.fail_json(
-                    msg=f"NatGateway Subnet Network Acl Ingress Rules do not allow \
-                          inbound traffic from source {self.src_ip} towards destination port {str(dst_port)}"
+
+            self.fail_json(
+                msg="NatGateway Subnet Network Acl Ingress Rules do not allow inbound traffic from source {0} towards destination port {1}".format(
+                    self.src_ip, str(dst_port)
                 )
+            )
 
         def check_egress_towards_src(acls, dst_ip):
             for item in acls:
@@ -288,12 +287,16 @@ def check_egress_towards_src(acls, dst_ip):
                                 break
                             else:
                                 self.fail_json(
-                                    msg=f"NatGateway Subnet Network Acl Egress Rules do not allow outbound traffic to source: {self.src_ip}"
+                                    msg="NatGateway Subnet Network Acl Egress Rules do not allow outbound traffic to source: {0}".format(
+                                        self.src_ip
+                                    )
                                 )
-            else:
-                self.fail_json(
-                    msg=f"NatGateway Subnet Network Acl Egress Rules do not allow outbound traffic to source: {self.src_ip}"
+
+            self.fail_json(
+                msg=f"NatGateway Subnet Network Acl Egress Rules do not allow outbound traffic to source: {0}".format(
+                    self.src_ip
                 )
+            )
 
         check_egress_towards_dst(egress_acls, dst_ip, dst_port)
         check_ingress_from_dst(ingress_acls, dst_ip)
@@ -332,7 +335,9 @@ def get_nat_next_hop(self):
         if most_specific >= 0 and "igw-" in str(next_hop):
             return True
         self.fail_json(
-            msg=f"No Internet Gateway route found for destination: {self.dst_ip}"
+            msg="No Internet Gateway route found for destination: {0}".format(
+                self.dst_ip
+            )
         )
 
     def execute_module(self):
@@ -342,11 +347,10 @@ def execute_module(self):
             self.get_nat_next_hop()
             self.exit_json(result="NAT Network ACLs evaluation successful")
         except Exception as e:
-            self.fail_json(msg=f"NAT Network ACLs evaluation failed: {e}")
+            self.fail_json(msg="NAT Network ACLs evaluation failed: {0}".format(e))
 
 
 def main():
-
     EvalNatNetworkAcls()
 
 

diff --git a/plugins/modules/eval_network_acls.py b/plugins/modules/eval_network_acls.py
@@ -4,10 +4,6 @@
 # Copyright: (c) 2022, Ansible Project
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 
-from __future__ import absolute_import, division, print_function
-
-__metaclass__ = type
-
 
 DOCUMENTATION = r"""
 ---
@@ -129,7 +125,6 @@
 
 class EvalNetworkAcls(AnsibleModule):
     def __init__(self):
-
         argument_spec = dict(
             src_ip=dict(type="str", required=True),
             src_subnet_id=dict(type="str", required=True),
@@ -193,12 +188,15 @@ def check_egress_acls(acls, dst_ip, dst_port):
                                     return True
                                 else:
                                     self.fail_json(
-                                        msg=f"Source Subnet Network Acl Egress Rules \
-                                              do not allow outbound traffic to destination: {self.dst_ip} : {str(dst_port)}"
+                                        msg=f"Source Subnet Network Acl Egress Rules do not allow outbound traffic to destination: {0} : {1}".format(
+                                            self.dst_ip, str(dst_port)
+                                        )
                                     )
 
                 self.fail_json(
-                    msg=f"Source Subnet Network Acl Egress Rules do not allow outbound traffic to destination: {self.dst_ip} : {str(dst_port)}"
+                    msg="Source Subnet Network Acl Egress Rules do not allow outbound traffic to destination: {0} : {1}".format(
+                        self.dst_ip, str(dst_port)
+                    )
                 )
 
             def check_ingress_acls(acls, src_ip):
@@ -224,11 +222,15 @@ def check_ingress_acls(acls, src_ip):
                                     return True
                                 else:
                                     self.fail_json(
-                                        msg=f"Source Subnet Network Acl Ingress Rules do not allow inbound traffic from destination: {self.dst_ip}"
+                                        msg="Source Subnet Network Acl Ingress Rules do not allow inbound traffic from destination: {0}".format(
+                                            self.dst_ip
+                                        )
                                     )
 
                 self.fail_json(
-                    msg=f"Source Subnet Network Acl Ingress Rules do not allow inbound traffic from destination: {self.dst_ip}"
+                    msg="Source Subnet Network Acl Ingress Rules do not allow inbound traffic from destination: {0}".format(
+                        self.dst_ip
+                    )
                 )
 
             egress_acls = [acl["egress"] for acl in acls if acl["egress"]][0]
@@ -264,10 +266,14 @@ def check_egress_acls(acls, dst_ip):
                                     break
                                 else:
                                     self.fail_json(
-                                        msg=f"Destination Subnet Network Acl Egress Rules do not allow outbound traffic to source: {self.src_ip}"
+                                        msg="Destination Subnet Network Acl Egress Rules do not allow outbound traffic to source: {0}".format(
+                                            self.src_ip
+                                        )
                                     )
                 self.fail_json(
-                    msg=f"Destination Subnet Network Acl Egress Rules do not allow outbound traffic to source: {self.src_ip}"
+                    msg="Destination Subnet Network Acl Egress Rules do not allow outbound traffic to source: {0}".format(
+                        self.src_ip
+                    )
                 )
 
             def check_ingress_acls(acls, src_ip, dst_port):
@@ -290,14 +296,16 @@ def check_ingress_acls(acls, src_ip, dst_port):
                                     return True
                                 else:
                                     self.fail_json(
-                                        msg=f"Destination Subnet Network Acl Ingress Rules \
-                                              do not allow inbound traffic from source: \
-                                              {self.src_ip} towards destination port {str(self.dst_port)}"
+                                        msg="Destination Subnet Network Acl Ingress Rules do not allow inbound traffic from source: {0} \
+                                            towards destination port {1}".format(
+                                            self.src_ip, str(self.dst_port)
+                                        )
                                     )
 
                 self.fail_json(
-                    msg=f"Destination Subnet Network Acl Ingress Rules do not allow\
-                          inbound traffic from source: {self.src_ip} towards destination port {str(self.dst_port)}"
+                    msg="Destination Subnet Network Acl Ingress Rules do not allow inbound traffic from source: {0} towards destination port {1}".format(
+                        self.src_ip, str(self.dst_port)
+                    )
                 )
 
             egress_acls = [acl["egress"] for acl in acls if acl["egress"]][0]
@@ -320,11 +328,10 @@ def execute_module(self):
             self.eval_nacls()
             self.exit_json(result="Network ACLs evaluation successful")
         except Exception as e:
-            self.fail_json(msg=f"Network ACLs evaluation failed: {e}")
+            self.fail_json(msg="Network ACLs evaluation failed: {0}".format(e))
 
 
 def main():
-
     EvalNetworkAcls()
 
 

diff --git a/plugins/modules/eval_security_groups.py b/plugins/modules/eval_security_groups.py
@@ -4,10 +4,6 @@
 # Copyright: (c) 2022, Ansible Project
 # GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
 
-from __future__ import absolute_import, division, print_function
-
-__metaclass__ = type
-
 
 DOCUMENTATION = r"""
 ---
@@ -131,7 +127,6 @@
 
 class EvalSecurityGroups(AnsibleModule):
     def __init__(self):
-
         argument_spec = dict(
             src_ip=dict(type="str", required=True),
             src_security_groups=dict(type="list", elements="str", required=True),
@@ -179,7 +174,9 @@ def eval_src_egress_rules():
                             ):
                                 return True
             self.fail_json(
-                msg=f"Egress rules on source do not allow traffic towards destination: {self.dst_ip} : {str(dst_port)}"
+                msg="Egress rules on source do not allow traffic towards destination: {0} : {1}".format(
+                    self.dst_ip, str(dst_port)
+                )
             )
 
         def eval_dst_ingress_rules():
@@ -208,7 +205,9 @@ def eval_dst_ingress_rules():
                             ):
                                 return True
             self.fail_json(
-                msg=f"Ingress rules on destination do not allow traffic from source: {self.src_ip} towards destination port {str(dst_port)}"
+                msg="Ingress rules on destination do not allow traffic from source: {0} towards destination port {1}".format(
+                    self.src_ip, str(dst_port)
+                )
             )
 
         eval_src_egress_rules()
@@ -237,7 +236,9 @@ def check_src_egress_rules(self):
                         if dst_ip in ip_network(cidr["cidr_ip"], strict=False):
                             return True
         self.fail_json(
-            msg=f"Egress rules on source do not allow traffic towards destination: {self.dst_ip} : {str(dst_port)}"
+            msg="Egress rules on source do not allow traffic towards destination: {0} : {1}".format(
+                self.dst_ip, str(dst_port)
+            )
         )
 
     def execute_module(self):
@@ -247,11 +248,10 @@ def execute_module(self):
             self.eval_sg_rules()
             self.exit_json(result="Security Groups rules validation successful")
         except Exception as e:
-            self.fail_json(msg=f"Security Groups rules validation failed: {e}")
+            self.fail_json(msg="Security Groups rules validation failed: {0}".format(e))
 
 
 def main():
-
     EvalSecurityGroups()