From be906f20434a2bda5e9252059477b96537d1dd7a Mon Sep 17 00:00:00 2001
From: Stephen Williams <stephenw@mindpointgroup.com>
Date: Thu, 23 Mar 2023 08:35:00 -0400
Subject: [PATCH] Linting Updates

Signed-off-by: Stephen Williams <stephenw@mindpointgroup.com>
---
 .ansible-lint                | 35 +++++++++++++++-------------
 .travis.yml                  | 29 ------------------------
 .yamllint                    | 44 ++++++++++++++++++++----------------
 collections/requirements.yml |  5 ++--
 site.yml                     |  4 +++-
 tasks/cat1.yml               |  4 ++--
 tasks/cat2.yml               |  4 ++--
 tasks/cat3.yml               |  2 +-
 tasks/warning_facts.yml      |  4 ++--
 tests/test.yml               |  2 +-
 10 files changed, 57 insertions(+), 76 deletions(-)
 delete mode 100644 .travis.yml

diff --git a/.ansible-lint b/.ansible-lint
index c65e7eb..39c4d62 100644
--- a/.ansible-lint
+++ b/.ansible-lint
@@ -1,21 +1,24 @@
+---
+
 parseable: true
 quiet: true
 skip_list:
-  - 'schema'
-  - 'no-changed-when'
-  - 'fqcn-builtins'
-  - 'experimental'
-  - 'fqcn[action-core]'
-  - 'fqcn[action]'
-  - 'name[casing]'
-  - 'name[template]'
-  - 'jinja[spacing]'
-  - 'var-naming'  # Older playbook no new release
-  - '204'
-  - '305'
-  - '303'
-  - '403'
-  - '306'
-  - '602'
+    - 'schema'
+    - 'no-changed-when'
+    - 'fqcn-builtins'
+    - 'experimental'
+    - 'fqcn[action-core]'
+    - 'fqcn[action]'
+    - 'name[casing]'
+    - 'name[template]'
+    - 'jinja[spacing]'
+    - 'var-naming'  # Older playbook no new release
+    - '204'
+    - '208'
+    - '305'
+    - '303'
+    - '403'
+    - '306'
+    - '602'
 use_default_rules: true
 verbosity: 0
diff --git a/.travis.yml b/.travis.yml
deleted file mode 100644
index 36bbf62..0000000
--- a/.travis.yml
+++ /dev/null
@@ -1,29 +0,0 @@
----
-language: python
-python: "2.7"
-
-# Use the new container infrastructure
-sudo: false
-
-# Install ansible
-addons:
-  apt:
-    packages:
-    - python-pip
-
-install:
-  # Install ansible
-  - pip install ansible
-
-  # Check ansible version
-  - ansible --version
-
-  # Create ansible.cfg with correct roles_path
-  - printf '[defaults]\nroles_path=../' >ansible.cfg
-
-script:
-  # Basic role syntax check
-  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
-
-notifications:
-  webhooks: https://galaxy.ansible.com/api/v1/notifications/
\ No newline at end of file
diff --git a/.yamllint b/.yamllint
index faa9773..c054b57 100644
--- a/.yamllint
+++ b/.yamllint
@@ -1,24 +1,28 @@
 ---
-ignore: |
-  tests/
-  molecule/
-  .github/
-  .gitlab-ci.yml
-  *molecule.yml
-
+# Based on ansible-lint config
 extends: default
 
 rules:
-  indentation:
-    # Requiring 4 space indentation
-    spaces: 4
-    # Requiring consistent indentation within a file, either indented or not
-    indent-sequences: consistent
-  truthy: disable
-  braces:
-    max-spaces-inside: 1
-    level: error
-  brackets:
-    max-spaces-inside: 1
-    level: error
-  line-length: disable
+    braces: {max-spaces-inside: 1, level: error}
+    brackets: {max-spaces-inside: 1, level: error}
+    colons: {max-spaces-after: -1, level: error}
+    commas: {max-spaces-after: -1, level: error}
+    comments: disable
+    comments-indentation: disable
+    document-start: disable
+    empty-lines: {max: 3, level: error}
+    hyphens: {level: error}
+    indentation:
+        # Requiring 4 space indentation
+        spaces: 4
+        # Requiring consistent indentation within a file, either indented or not
+        indent-sequences: consistent
+    key-duplicates: enable
+    line-length: disable
+    new-line-at-end-of-file: enable
+    new-lines:
+        type: unix
+    trailing-spaces: enable
+    truthy:
+        allowed-values: ['true', 'false']
+        check-keys: true
diff --git a/collections/requirements.yml b/collections/requirements.yml
index 39ea5cf..9971cfb 100644
--- a/collections/requirements.yml
+++ b/collections/requirements.yml
@@ -1,6 +1,7 @@
 ---
 
 collections:
-  - name: community.windows
 
-  - name: community.general
+    - name: community.windows
+
+    - name: community.general
diff --git a/site.yml b/site.yml
index 734dedc..9afec1f 100644
--- a/site.yml
+++ b/site.yml
@@ -1,5 +1,7 @@
 ---
-- hosts: all
+
+- hosts: all  # noqa: name[play]
+
   vars:
       is_container: false
 
diff --git a/tasks/cat1.yml b/tasks/cat1.yml
index 1f6580f..7cd8560 100644
--- a/tasks/cat1.yml
+++ b/tasks/cat1.yml
@@ -45,7 +45,7 @@
                 - "Warning!! You do not have any AV software running"
                 - "Please enable defender or a 3rd party AV software like McAfee or Symantec"
         when:
-            - win10_00_000045_av_sftw_status.exists == false or
+            - not win10_00_000045_av_sftw_status.exists or
               win10_00_000045_av_sftw_status.services[0].state != "started"
 
       - name: "HIGH | WN10-00-000045 | AUDIT | The Windows 10 system must use an anti-virus program | Warn Count."
@@ -53,7 +53,7 @@
         vars:
             warn_control_id: 'WN10-00-000045'
         when:
-            - win10_00_000045_av_sftw_status.exists == false or
+            - not win10_00_000045_av_sftw_status.exists or
               win10_00_000045_av_sftw_status.services[0].state != "started"
   when:
       - wn10_00_000045
diff --git a/tasks/cat2.yml b/tasks/cat2.yml
index b4d3210..de90b65 100644
--- a/tasks/cat2.yml
+++ b/tasks/cat2.yml
@@ -2267,7 +2267,7 @@
   win_regedit:
       path: HKLM:\SOFTWARE\Policies\Microsoft\MicrosoftEdge\Main
       value: FormSuggest Passwords
-      data: no
+      data: no  # yamllint disable-line rule:truthy
       type: string
   when:
       - wn10_CC_000245
@@ -3338,7 +3338,7 @@
       - name: "MEDIUM | WN10-SO-000251 | PATCH | Windows 10 must use multifactor authentication for local and network access to privileged and non-privileged accounts. | Warning Message."
         debug:
             msg: "Warning!! You are not on a domain which means you should configure Windows Hello for sign on options would be suggested based on the organizations needs and capabilities."
-            
+
       - name: "MEDIUM | WN10-SO-000251 | PATCH | Windows 10 must use multifactor authentication for local and network access to privileged and non-privileged accounts. | Warn Count."
         ansible.builtin.import_tasks: warning_facts.yml
         vars:
diff --git a/tasks/cat3.yml b/tasks/cat3.yml
index 927a20e..cf22e04 100644
--- a/tasks/cat3.yml
+++ b/tasks/cat3.yml
@@ -238,7 +238,7 @@
             warn_control_id: 'WN10-CC-000206'
         when:
             - ansible_windows_domain_member
-            - win10stig_dodownloadmod_domain != 0 or 
+            - win10stig_dodownloadmod_domain != 0 or
               win10stig_dodownloadmod_domain != 1
             - win10_displayversion.value == '1507'
 
diff --git a/tasks/warning_facts.yml b/tasks/warning_facts.yml
index b2f0677..37d04fa 100644
--- a/tasks/warning_facts.yml
+++ b/tasks/warning_facts.yml
@@ -16,5 +16,5 @@
 # the count increases by a value of 1
 - name: "NO CONTROL ID | AUDIT | Set fact for manual task warning."
   set_fact:
-    warn_control_list: "{{ warn_control_list }} [{{ warn_control_id }}]"
-    warn_count: "{{ warn_count | int + 1 }}"
+      warn_control_list: "{{ warn_control_list }} [{{ warn_control_id }}]"
+      warn_count: "{{ warn_count | int + 1 }}"
diff --git a/tests/test.yml b/tests/test.yml
index 14d2c49..8b81962 100644
--- a/tests/test.yml
+++ b/tests/test.yml
@@ -2,4 +2,4 @@
 - hosts: localhost
   remote_user: root
   roles:
-    - .
+      - .