From 4ae73a93be5643d21e98684a20fe7fd7515a5a11 Mon Sep 17 00:00:00 2001
From: Evangelos Foutras <evangelos@foutrelis.com>
Date: Sun, 26 Mar 2023 16:57:00 +0300
Subject: [PATCH] ansible-lint: address no-changed-when fatal errors

Add "noqa no-changed-when" tags to handlers using the command module.
Perhaps it is wrong of ansible-lint to flag these, since handlers are
not the best place to have conditional execution.
---
 roles/archwiki/handlers/main.yml         | 4 ++--
 roles/dovecot/handlers/main.yml          | 2 +-
 roles/fail2ban/handlers/main.yml         | 2 +-
 roles/hardening/handlers/main.yml        | 2 +-
 roles/mailman/handlers/main.yml          | 2 +-
 roles/postfix/handlers/main.yml          | 6 +++---
 roles/security_tracker/handlers/main.yml | 2 +-
 roles/wireguard/handlers/main.yml        | 4 ++--
 8 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/roles/archwiki/handlers/main.yml b/roles/archwiki/handlers/main.yml
index a84ec4253..6da9b638e 100644
--- a/roles/archwiki/handlers/main.yml
+++ b/roles/archwiki/handlers/main.yml
@@ -1,7 +1,7 @@
 - name: Restart php-fpm@archwiki
   service: name=php-fpm@{{ archwiki_user }} state=restarted
 
-- name: Run wiki updatescript
+- name: Run wiki updatescript  # noqa no-changed-when
   command: php {{ archwiki_dir }}/public/maintenance/update.php --quick
   become: true
   become_user: "{{ archwiki_user }}"
@@ -14,7 +14,7 @@
 # otherwise nginx will spit errors into the log until it is restarted (even
 # reload is not enough).
 # reference: https://stackoverflow.com/a/6896903
-- name: Purge nginx cache
+- name: Purge nginx cache  # noqa no-changed-when
   command: find /var/lib/nginx/cache -type f -delete
 
 # The MediaWiki file cache can be invalidated by deleting the files in the
diff --git a/roles/dovecot/handlers/main.yml b/roles/dovecot/handlers/main.yml
index 9315e0850..13a4893aa 100644
--- a/roles/dovecot/handlers/main.yml
+++ b/roles/dovecot/handlers/main.yml
@@ -1,7 +1,7 @@
 - name: Reload dovecot
   service: name=dovecot state=restarted
 
-- name: Run sievec
+- name: Run sievec  # noqa no-changed-when
   command: /usr/bin/sievec /etc/dovecot/sieve/{{ item }}
   loop:
     - spam-to-folder.sieve
diff --git a/roles/fail2ban/handlers/main.yml b/roles/fail2ban/handlers/main.yml
index 15ca93948..a83c6320a 100644
--- a/roles/fail2ban/handlers/main.yml
+++ b/roles/fail2ban/handlers/main.yml
@@ -3,5 +3,5 @@
     name: fail2ban
     state: restarted
 
-- name: Reload fail2ban jails
+- name: Reload fail2ban jails  # noqa no-changed-when
   shell: type fail2ban-server > /dev/null && (fail2ban-client ping > /dev/null && fail2ban-client reload > /dev/null || true) || true
diff --git a/roles/hardening/handlers/main.yml b/roles/hardening/handlers/main.yml
index f3a0d5fa5..f85df1daa 100644
--- a/roles/hardening/handlers/main.yml
+++ b/roles/hardening/handlers/main.yml
@@ -1,2 +1,2 @@
-- name: Apply sysctl settings
+- name: Apply sysctl settings  # noqa no-changed-when
   command: sysctl --system
diff --git a/roles/mailman/handlers/main.yml b/roles/mailman/handlers/main.yml
index 2f46b7622..91b228e1b 100644
--- a/roles/mailman/handlers/main.yml
+++ b/roles/mailman/handlers/main.yml
@@ -7,7 +7,7 @@
 - name: Reload postfix
   service: name=postfix state=reloaded
 
-- name: Run postmap
+- name: Run postmap  # noqa no-changed-when
   command: postmap /etc/postfix/{{ item }}
   loop:
     - aliases
diff --git a/roles/postfix/handlers/main.yml b/roles/postfix/handlers/main.yml
index 322279f47..2267dce37 100644
--- a/roles/postfix/handlers/main.yml
+++ b/roles/postfix/handlers/main.yml
@@ -3,10 +3,10 @@
     name: postfix
     state: restarted
 
-- name: Reload postfix
+- name: Reload postfix  # noqa no-changed-when
   command: postfix reload
 
-- name: Postmap additional files
+- name: Postmap additional files  # noqa no-changed-when
   command: postmap /etc/postfix/{{ item }}
   with_items:
     - access_client
@@ -19,5 +19,5 @@
     - domains
     - msa_header_checks
 
-- name: Update aliases db
+- name: Update aliases db  # noqa no-changed-when
   command: postalias /etc/postfix/aliases
diff --git a/roles/security_tracker/handlers/main.yml b/roles/security_tracker/handlers/main.yml
index 63d6e2b4e..897cfcd0b 100644
--- a/roles/security_tracker/handlers/main.yml
+++ b/roles/security_tracker/handlers/main.yml
@@ -1,4 +1,4 @@
-- name: Upgrade database
+- name: Upgrade database  # noqa no-changed-when
   become: true
   become_user: security
   command: /usr/bin/make db-upgrade chdir="{{ security_tracker_dir }}"
diff --git a/roles/wireguard/handlers/main.yml b/roles/wireguard/handlers/main.yml
index 0f6581659..75b905e7e 100644
--- a/roles/wireguard/handlers/main.yml
+++ b/roles/wireguard/handlers/main.yml
@@ -1,10 +1,10 @@
 # https://github.com/systemd/systemd/issues/9627
-- name: Delete wg0
+- name: Delete wg0  # noqa no-changed-when
   command: networkctl delete wg0
   register: result
   failed_when: result.rc not in [0, 1]
   listen: Reload wireguard
 
-- name: Reload .network and .netdev files
+- name: Reload .network and .netdev files  # noqa no-changed-when
   command: networkctl reload
   listen: Reload wireguard
-- 
GitLab