Add initial linting and security checks

Introduces CI workflows for YAML linting and secret detection,
and adds basic configuration for both tools. Also adds a
sample connectivity test playbook.

.gitea/workflows/yamllint_and_pass_check.yml

@@ -0,0 +1,23 @@
+---
+name: YAML Lint
+
+on: [push]
+
+jobs:
+  yamllint:
+    runs-on: ubuntu-yamllint
+    steps:
+      - name: Checkout linting
+        uses: actions/checkout@v4
+      - name: Run yamllint with auto-detected config
+        run: yamllint -c .yamllint .
+  gitleaks:
+    runs-on: ubuntu-yamllint
+    steps:
+      - name: Checkout passwords leaks
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Run gitleaks
+        run: gitleaks detect --source .
+...

.gitleaks.toml

@@ -0,0 +1,7 @@
+[extend]
+useDefault = true
+
+[allowlist]
+paths = [
+  '''roles/logs_settings_on_ptaf/templates/filebeat.yml.j2''',
+]

.yamllint

@@ -0,0 +1,11 @@
+---
+extends: default
+
+ignore: |
+  roles/filebeat_install/files/fields.yml
+  .gitea/workflows/yamllint.yml
+
+rules:
+line-length:
+max: 180
+...

ansible_ping_test.yml

@@ -0,0 +1,7 @@
+---
+- name: Test connectivity to localhost
+  hosts: localhost
+  gather_facts: false
+  tasks:
+    - name: Ping localhost
+      ansible.builtin.ping: