Add certcheck role for TLS certificate verification

[Amunagala-itential]

Changes

Adds new certcheck role and playbook for TLS certificate verification on IAG5 infrastructure.

New Files

• docs/certcheck_README.md - Comprehensive documentation for the certcheck functionality
• playbooks/certcheck.yml - Main playbook for certificate checking operations
• roles/certcheck_initiator/tasks/main.yml - Initiator role tasks (625 lines)
• roles/certcheck_responder/tasks/main.yml - Responder role tasks (748 lines)
• roles/certcheck_connect_server_to_gwm/tasks/main.yml - Server-to-GWM connection tasks (506 lines)
• roles/certcheck_common/tasks/summary.yml - Common summary generation tasks
• Default variable files for all new roles

Modified Files

• playbooks/site.yml - Added certcheck playbook integration

Summary

Implements complete TLS certificate verification workflow with initiator/responder pattern and GWM connectivity checks across multiple roles and tasks.

[Amunagala-itential]

.ansible-lint warn_list additions — summary

command-instead-of-module

Several tasks across the certcheck roles use ansible.builtin.shell with systemctl and curl commands that include pipes (e.g. systemctl show ... | grep ...). Because pipes require shell execution, these cannot be replaced with Ansible's systemd or uri modules. The rule is suppressed to allow this necessary pattern.

jinja[spacing]

The certcheck roles build a check_results list using multi-line Jinja2 dict blocks. ansible-lint's jinja[spacing] rule does not handle this multi-line pattern consistently — it flagged violations in one role file but not in others using identical syntax. The rule is suppressed to avoid restructuring a core pattern across all three roles for a purely stylistic and inconsistently applied rule.

var-naming[no-role-prefix], yaml[line-length], meta-runtime[unsupported-version], run-once[task]

Pre-existing suppressions in the collection, not related to the certcheck work.

[Amunagala-itential]

#12 Created new PR. Closing this