Changes that make ansible-lint happy. nosec on the subprocess commands

enroll/debian.py

@@ -25,7 +25,9 @@ def dpkg_owner(path: str) -> Optional[str]:
 
 def list_manual_packages() -> List[str]:
     """Return packages marked as manually installed (apt-mark showmanual)."""
-    p = subprocess.run(["apt-mark", "showmanual"], text=True, capture_output=True) #nosec
+    p = subprocess.run(
+        ["apt-mark", "showmanual"], text=True, capture_output=True
+    )  # nosec
     if p.returncode != 0:
         return []
     pkgs: List[str] = []

enroll/harvest.py

@@ -142,6 +142,7 @@ def _role_id(raw: str) -> str:
         s = "r_" + s
     return s
 
+
 def _role_name_from_unit(unit: str) -> str:
     base = _role_id(unit.removesuffix(".service"))
     return _safe_name(base)

enroll/manifest.py

@@ -35,7 +35,13 @@ def _write_role_scaffold(role_dir: str) -> None:
 
 
 def _write_playbook(path: str, roles: List[str]) -> None:
-    pb_lines = ["---", "- name: Apply all roles on host", "  hosts: all", "  become: true", "  roles:"]
+    pb_lines = [
+        "---",
+        "- name: Apply all roles on host",
+        "  hosts: all",
+        "  become: true",
+        "  roles:",
+    ]
     for r in roles:
         pb_lines.append(f"    - {r}")
     with open(path, "w", encoding="utf-8") as f:
@@ -528,5 +534,8 @@ Generated for manual package `{pkg}`.
     # Playbooks
     _write_playbook(
         os.path.join(out_dir, "playbook.yml"),
-        manifested_users_roles + manifested_etc_custom_roles + manifested_pkg_roles + manifested_service_roles,
+        manifested_users_roles
+        + manifested_etc_custom_roles
+        + manifested_pkg_roles
+        + manifested_service_roles,
     )