ansible-lint [201] Trailing whitespace

README.md

@@ -1,7 +1,7 @@
 # IBM Sample Code
 
-This repository contains Ansible Custom Modules and Roles for automating ISAM Appliance tasks. Custom Modules provide the 
-interface to python idempotent functions in ibmsecurity package. Handlers are coded into the roles to ensure changes are 
+This repository contains Ansible Custom Modules and Roles for automating ISAM Appliance tasks. Custom Modules provide the
+interface to python idempotent functions in ibmsecurity package. Handlers are coded into the roles to ensure changes are
 committed (deployed) and relevant processes restarted.
 
 ## Requirements
@@ -12,7 +12,7 @@ The following Python Packages are required (including their dependencies):
 1. ibmsecurity
 2. ansible
 
-Appliances need to have an ip address defined for their LMI. This may mean that appliances have had their initial setup 
+Appliances need to have an ip address defined for their LMI. This may mean that appliances have had their initial setup
 done with license acceptance.
 
 ## Get Started
@@ -32,16 +32,16 @@ roles_path = <dest dir>
 
 git tag will be used to indicate version numbers. The version numbers will be based on date. For example: "2017.03.20.0"
 
-It is the date when the package is released with a sequence number at the end to handle when there are 
+It is the date when the package is released with a sequence number at the end to handle when there are
 multiple releases in one day (expected to be uncommon).
 
 ## Features
 
-The `start_config` role is a requirement for every playbok. It contains the custom modules and all handlers. All other 
+The `start_config` role is a requirement for every playbok. It contains the custom modules and all handlers. All other
 roles have a dependency on it and `start_config` will get automatically invoked as needed.This repository contains a small selection of roles - users are encouraged to add more as needed.
 
 ### Custom Modules
-_”Modules (also referred to as “task plugins” or “library plugins”) are the ones that do the actual work in ansible, 
+_”Modules (also referred to as “task plugins” or “library plugins”) are the ones that do the actual work in ansible,
 they are what gets executed in each playbook task. But you can also run a single one using the ‘ansible’ command.”_
 http://docs.ansible.com/ansible/modules_intro.html
 
@@ -57,22 +57,22 @@ the JSON data from one appliance is comapared against another.
 
 ### Handlers
 After a change happens, ansible can be set to execute "handlers" to commit changes and/or restart processes. Handlers
-are just other tasks. Handlers execute based on the sequence in which they are listed. See `start_config` role for 
+are just other tasks. Handlers execute based on the sequence in which they are listed. See `start_config` role for
 details.
 
 ### Roles
-“Roles in Ansible build on the idea of include files and combine them to form clean, reusable abstractions – they allow 
+“Roles in Ansible build on the idea of include files and combine them to form clean, reusable abstractions – they allow
 you to focus more on the big picture and only dive down into the details when needed.”
 http://docs.ansible.com/ansible/playbooks_roles.html
 
-Using roles allows one to concentrate on describing the business needs in a playbook. The actual call to the python 
+Using roles allows one to concentrate on describing the business needs in a playbook. The actual call to the python
 function and the need to deploy and restart processes is taken care of isnide the role.
 
 ## Naming of Roles and variables
-Roles start with a verb like "set" or "add" followed by a name that describes either the task or the python function 
+Roles start with a verb like "set" or "add" followed by a name that describes either the task or the python function
 being called. This depends on whether the role contains a single tasks or a combination of tasks.
 
-Preference should be given to using "set" roles versus ones that do an "add" or "update". This allows for the role to 
+Preference should be given to using "set" roles versus ones that do an "add" or "update". This allows for the role to
 either do an add or an update as the situation demands.
 
 # License

aac/configure_access_control_policy_attachments/tasks/main.yml

@@ -3,7 +3,7 @@
 #   access_control_policy_attachments:
 #     server: /WebSEAL/default
 #     resourceUri: /index.html
-#     attachments: 
+#     attachments:
 #       - name: test_access_policy
 #         type: policy
 #     action: set
@@ -25,7 +25,7 @@
     isamapi: "{{ item }}"
   when: item is defined
   with_items: "{{ access_control_policy_attachments }}"
-  
+
 - name: Publish access control policy attachments
   isam:
     appliance: "{{ inventory_hostname }}"
@@ -44,4 +44,4 @@
       server: "{{ item.server }}"
       resourceUri: "{{ item.resourceUri }}"
   when: item is defined
-  with_items: "{{ access_control_policy_attachments }}"
+  with_items: "{{ access_control_policy_attachments }}"

aac/configure_api_protection_clients/tasks/main.yml

@@ -7,10 +7,10 @@
 #           grantTypes:
 #             - AUTHORIZATION_CODE
 #           tcmBehavior: NEVER_PROMPT
-#           clients: 
+#           clients:
 #             - name: TestApp
 #               companyName: IBM demo client for OAuth flows
-#               redirectUri: 
+#               redirectUri:
 #                 - https://localhost
 #               contractType: ADMINISTRATIVE
 ---
@@ -30,10 +30,10 @@
     action: ibmsecurity.isam.aac.api_protection.clients.set
     isamapi: "{{ item.1 | combine({ 'definitionName': item.0.name }) }}"
   when: item.1.name == client_name
-  with_subelements: 
+  with_subelements:
     - "{{ api_protection.definitions | default([])}}"
     - clients
     - skip_missing: True
   loop_control:
     label: "{ 'definitionName': {{ item.0.name }}, 'client_name': {{ item.1.name }} }"
-  notify: Commit Changes
+  notify: Commit Changes

aac/configure_runtime_template_root/tasks/include_import_runtime_template_root.yml

@@ -12,8 +12,8 @@
     log:       "{{ log_level | default(omit) }}"
     force:     "{{ force | default(omit) }}"
     action: ibmsecurity.isam.aac.runtime_template.root.import_file
-    isamapi: 
+    isamapi:
       filename: "{{ inventory_dir }}/{{ item.file }}"
       delete_missing: "{{ item.delete_missing | default(delete_missing) }}"
   when: item.file is defined
-  notify: Commit Changes
+  notify: Commit Changes

aac/configure_runtime_template_root/tasks/include_sync_runtime_template_root.yml

@@ -25,7 +25,7 @@
     loop_var: element
   register: locals
 
-- name: Delete missing local files on the server 
+- name: Delete missing local files on the server
   isam:
     appliance: "{{ inventory_hostname }}"
     adminProxyProtocol: "{{ adminProxyProtocol | default(omit) }}"
@@ -50,20 +50,20 @@
   notify: Commit Changes
 
 - name: list of directory update items
-  set_fact: 
+  set_fact:
     directory_update_item: "{{ {'action': 'create', 'type': create.state, 'path': ((item.target+'/'+create.path) | dirname) if (item.target != '') else (create.path | dirname), 'name': (create.path | basename) } }}"
   when: create.state == "directory"
   with_filetree: "{{ inventory_dir }}/{{ item.directory }}"
   loop_control:
     loop_var: create
     label: "{{ {'action': 'create', 'type': create.state, 'path': ((item.target+'/'+create.path) | dirname) if (item.target != '') else (create.path | dirname), 'name': (create.path | basename) } }}"
-  register: directory_update_result  
+  register: directory_update_result
 - name: consolidate uptate items in a list of updates [directory]
-  set_fact: 
+  set_fact:
     directory_updates: "{{ directory_update_result.results | selectattr('ansible_facts','defined') | map(attribute='ansible_facts.directory_update_item') | list }}"
 
 - name: list of file update items
-  set_fact: 
+  set_fact:
     file_update_item: "{{ {'action': 'upload', 'target': (item.target+'/'+ upload.path) if (item.target != '') else (upload.path), 'type': upload.state, 'file': upload.src } }}"
   when: upload.state == "file"
   with_filetree: "{{ inventory_dir }}/{{ item.directory }}"
@@ -73,8 +73,8 @@
   register: file_update_result
 
 - name: consolidate uptate items in a list of updates [files]
-  set_fact: 
+  set_fact:
     file_updates: "{{ file_update_result.results | selectattr('ansible_facts','defined') | map(attribute='ansible_facts.file_update_item') | list }}"
 
 - set_fact:
-    runtime_template_root: "{{ hostvars[inventory_hostname].runtime_template_root }} + {{ directory_updates }} + {{ file_updates }}"
+    runtime_template_root: "{{ hostvars[inventory_hostname].runtime_template_root }} + {{ directory_updates }} + {{ file_updates }}"

aac/configure_runtime_template_root/tasks/main.yml

@@ -60,12 +60,12 @@
   when: item.action == 'upload' and item.type == 'file' and item.target is defined and item.file is defined and item.target == target and item.file == file
   with_items: "{{ runtime_template_root }}"
   notify: Commit Changes
-  
+
 - name: Import runtime template zip files
   include: include_import_runtime_template_root.yml
   when: item.action == 'import_file' and (skip_imports | upper) != "TRUE"
   with_items: "{{ runtime_template_root }}"
-  
+
 - name: Import a single runtime template zip file
   isam:
     appliance: "{{ inventory_hostname }}"
@@ -80,8 +80,8 @@
     log:       "{{ log_level | default(omit) }}"
     force:     "{{ force | default(omit) }}"
     action: ibmsecurity.isam.aac.runtime_template.root.import_file
-    isamapi: 
+    isamapi:
       filename: "{{ inventory_dir }}/{{ file }}"
       delete_missing: "{{ delete_missing }}"
   when: file is defined and file != 'none'
-  notify: Commit Changes
+  notify: Commit Changes

aac/create_api_protection_clients/tasks/main.yml

@@ -7,10 +7,10 @@
 #           grantTypes:
 #             - AUTHORIZATION_CODE
 #           tcmBehavior: NEVER_PROMPT
-#           clients: 
+#           clients:
 #             - name: TestApp
 #               companyName: IBM demo client for OAuth flows
-#               redirectUri: 
+#               redirectUri:
 #                 - https://localhost
 #               contractType: ADMINISTRATIVE
 #               definitionName: oauth-provider
@@ -31,10 +31,10 @@
     action: ibmsecurity.isam.aac.api_protection.clients.add
     isamapi: "{{ item.1 | combine({ 'definitionName': item.0.name }) }}"
   when: item.1.name == client_name
-  with_subelements: 
+  with_subelements:
     - "{{ api_protection.definitions | default([]) }}"
     - clients
     - skip_missing: True
   loop_control:
     label: "{ 'definitionName': {{ item.0.name }}, 'clients[i].name': {{ item.1.name }} }"
-  notify: Commit Changes
+  notify: Commit Changes

aac/create_authentication_mechanisms/tasks/main.yml

@@ -5,7 +5,7 @@
 #         uri: "urn:ibm:security:authentication:asf:mechanism:mappingRule1"
 #         description: "Mapping Rule 1"
 #         typeName: InfoMapAuthenticationName
-#         properties:     
+#         properties:
 #           - key: infoMap.HTMLPage
 #             value: ""
 #           - key: infoMap.JSRule
@@ -34,4 +34,4 @@
       predefined:         "{{ item.predefined | default('False') }}"
       typeName:           "{{ item.typeName | default([]) }}"
   with_items: "{{ authentication_mechanisms }}"
-  notify: Commit Changes
+  notify: Commit Changes

aac/disable_all_authentication_policies/tasks/main.yml

@@ -31,11 +31,11 @@
     log:       "{{ log_level | default(omit) }}"
     force:     "{{ force | default(omit) }}"
     action: ibmsecurity.isam.aac.authentication.policies.activate
-    isamapi: 
+    isamapi:
       name: "{{ item.name }}"
       enabled: "FALSE"
   with_items: "{{ authPolicies.data }}"
   when: item.name is defined and item.name == name
   loop_control:
     label: "{{ item.name }}"
-  notify: Commit Changes
+  notify: Commit Changes

aac/export_runtime_template_root/tasks/main.yml

@@ -13,6 +13,6 @@
     log:       "{{ log_level | default(omit) }}"
     force:     "{{ force | default(omit) }}"
     action: ibmsecurity.isam.aac.runtime_template.root.export_file
-    isamapi: 
+    isamapi:
       filename: "{{ inventory_dir }}/{{ file }}"
-  when: file is defined and file != 'none'
+  when: file is defined and file != 'none'

aac/get_accesscontrol_configuration/README.md

@@ -4,7 +4,7 @@ Will download into a separate directory, a full dump of the AAC advanced access
 These files can be used to configure the actual Ansible configuraiton.
 
 The role creates a randomly named directory to store all files in; in the access_control_output_dir you define .
-See defaults/main.yml for the default configuration. 
+See defaults/main.yml for the default configuration.
 
 It exports
 - the Access control policies, in the xml format required to upload them.

aac/set_accesscontrol_policies/README.md

@@ -17,7 +17,7 @@ the policy files of a configured system.
       import_role:
        name: aac/set_accesscontrol_policies
       vars:
-       accesscontrol_policies: 
+       accesscontrol_policies:
         -  attributesrequired: false
            description: 'TOTP Policy'
            dialect: urn:oasis:names:tc:xacml:2.0:policy:schema:os
@@ -30,7 +30,7 @@ the policy files of a configured system.
 start_config
 
 ```
-The policy file (policy_file) needs to exist , in the correct xacml format . 
+The policy file (policy_file) needs to exist , in the correct xacml format .
 
 ```
 

aac/update_api_protection_clients/tasks/main.yml

@@ -7,10 +7,10 @@
 #           grantTypes:
 #             - AUTHORIZATION_CODE
 #           tcmBehavior: NEVER_PROMPT
-#           clients: 
+#           clients:
 #             - name: TestApp
 #               companyName: IBM demo client for OAuth flows
-#               redirectUri: 
+#               redirectUri:
 #                 - https://localhost
 #               contractType: ADMINISTRATIVE
 #               definitionName: oauth-provider
@@ -31,10 +31,10 @@
     action: ibmsecurity.isam.aac.api_protection.clients.update
     isamapi: "{{ item.1 | combine({ 'definitionName': item.0.name }) }}"
   when: item.1.name == client_name
-  with_subelements: 
+  with_subelements:
     - "{{ api_protection.definitions | default([]) }}"
     - clients
     - skip_missing: True
   loop_control:
     label: "{ 'definitionName': {{ item.0.name }}, 'clients[i].name': {{ item.1.name }} }"
-  notify: Commit Changes
+  notify: Commit Changes

add_oauth_client/tasks/main.yml

@@ -28,5 +28,5 @@
   when: (add_oauth_client_name is defined and add_oauth_client_definitionName is defined and add_oauth_client_companyName is defined)
   notify:
   - Commit Changes
-  
-  
+
+

add_runtime_listening_interface/tasks/main.yml

@@ -1,4 +1,4 @@
-- name: Snapshot Appliance Before Adding Runtime Listening Interfaces 
+- name: Snapshot Appliance Before Adding Runtime Listening Interfaces
   isam:
     appliance: "{{ inventory_hostname }}"
     username:  "{{ username }}"

add_server_connection_ldap/README.md

@@ -42,7 +42,7 @@ Here is an example of how to use this role:
            ldap_server_connection_description: "This is a connection to an LDAP server"
            ldap_server_connection_locked: false
            ldap_server_connection_manager: {"connectTimeout": 300}
-           
+
 
 License
 -------

add_server_connection_ldap/defaults/main.yml

@@ -1,5 +1,5 @@
 # Provide the name, connection, description, locked flag, and connection manager for the LDAP server connection
-# 
+#
 # ldap_server_connection_name: "LDAP Connection"
 # ldap_server_connection_connection: {"hostName": "ldap.int", "hostPort": "636", "bindDN": "cn=root", "bindPwd": "secret", "ssl": true, "sslTruststore": "trust.kdb", "sslAuthKey": "client_key"}
 # ldap_server_connection_description: "This is a connection to an LDAP server"

add_server_connection_ws/README.md

@@ -42,7 +42,7 @@ Here is an example of how to use this role:
            ws_server_connection_description: "This is a connection to a Web Service"
            ws_server_connection_locked: false
            ws_server_connection_connection_manager: {"connectTimeout": 300}
-           
+
 
 License
 -------

add_server_connection_ws/defaults/main.yml

@@ -1,5 +1,5 @@
 # Provide the name, connection, description, and locked flag for the Web Service connection
-# 
+#
 # ws_server_connection_name: "Web Service Connection"
 # ws_server_connection_connection: {"url": "https://someserver:443/someWebServiceURI", "user": "aUser", "password": "secret", "ssl": true, "sslTruststore": "trust.kdb", "sslAuthKey": "client_key"}
 # ws_server_connection_description: "This is a connection to a Web Service"

base/add_bonding_interfaces/README.md

@@ -10,9 +10,9 @@ TODO: Does not currently include vlanId (not sure if that is even relevant for b
 Requirements
 ------------
 
-The other roles that also use the "interfaces" object , need to be modified that they use specific items instead of 
+The other roles that also use the "interfaces" object , need to be modified that they use specific items instead of
  isamapi: "{{ {} | combine(item.0) | combine(item.1) }}", instead it needs to be like this:
- 
+
  isamapi:
       label: "{{ item.0.label }}"
       address: "{{ item.1.address }}"

base/add_interfaces/defaults/main.yml

@@ -14,4 +14,4 @@
 # Default values for adding an ipv4 address - override as needed
 #
 # possible values: [interfaces_ipv4, interfaces_ipv6, interfaces_vlan]
-add_interfaces_action: interfaces_ipv4 
+add_interfaces_action: interfaces_ipv4

base/add_interfaces/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 # Adding interface with custom isamapi parameters
 # Therefore combining label with interface parameter:
-# Example: 
+# Example:
 #  interfaces:
 #    - label:  '1.1'
 #      addresses: