From 8fe52d29a838cbbdc0ef16d3f32f6d72ff0fbf94 Mon Sep 17 00:00:00 2001 From: Sorin Sbarnea Date: Tue, 17 Oct 2023 12:19:23 +0100 Subject: [PATCH] Enable ansible-lint --- .ansible-lint | 11 ++++++++++ .ansible-lint-ignore | 3 +++ .pre-commit-config.yaml | 7 ++++++ molecule/kubevirt/create.yml | 6 ++--- playbooks/snap-pre-run.yaml | 3 +++ requirements.yml | 7 ++++++ .../resources/playbooks/delegated/create.yml | 3 +-- .../resources/playbooks/delegated/destroy.yml | 3 +-- .../resources/roles/molecule/meta/main.yml | 2 +- .../resources/roles/molecule/tasks/main.yml | 22 ++++++++++--------- .../resources/sample-collection/CHANGELOG.md | 1 + .../resources/sample-collection/galaxy.yml | 2 ++ .../sample-collection/meta/runtime.yml | 1 + .../roles/get_rich/tasks/main.yml | 2 +- .../molecule/ansible-galaxy/converge.yml | 2 +- .../molecule/ansible-galaxy/requirements.yml | 2 +- .../dependency/molecule/shell/converge.yml | 2 +- .../scenarios/driver/delegated/meta/main.yml | 2 ++ .../meta/main.yml | 3 +++ .../molecule/default/converge.yml | 9 +++++--- .../molecule/links/converge.yml | 3 ++- .../idempotence/molecule/raises/converge.yml | 3 +-- .../test/scenarios/idempotence/tasks/main.yml | 17 +++++++++++--- .../side_effect/molecule/default/converge.yml | 1 + .../molecule/default/converge.yml | 1 + 25 files changed, 87 insertions(+), 31 deletions(-) create mode 100644 .ansible-lint create mode 100644 .ansible-lint-ignore create mode 100644 requirements.yml create mode 100644 src/molecule/test/resources/sample-collection/CHANGELOG.md create mode 100644 src/molecule/test/resources/sample-collection/meta/runtime.yml diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 000000000..1f567dd27 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,11 @@ +exclude_paths: + - mkdocs.yml # using tags + # not really playbooks: +kinds: + - "yaml": "**/docs/*.yml" + - "yaml": "**/snap/*.yaml" + - "yaml": "**/.github/*.yml" + - "yaml": "**/.packit.yaml" + - "yaml": "**/.pre-commit-config.yaml" + - "yaml": "**/.readthedocs.yml" + - "yaml": "**/codecov.yml" diff --git a/.ansible-lint-ignore b/.ansible-lint-ignore new file mode 100644 index 000000000..1f4dc97bd --- /dev/null +++ b/.ansible-lint-ignore @@ -0,0 +1,3 @@ +# This file contains ignores rule violations for ansible-lint +src/molecule/test/scenarios/driver/delegated_invalid_role_name_with_role_name_check_equals_to_1/meta/main.yml role-name +src/molecule/test/scenarios/driver/delegated_invalid_role_name_with_role_name_check_equals_to_1/meta/main.yml schema[meta] diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 2a7f7fdeb..d5d1d811e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,4 +1,7 @@ --- +ci: + skip: + - ansible-lint default_language_version: python: python3.9 repos: @@ -90,3 +93,7 @@ repos: - pytest-mock - pytest-testinfra - wcmatch + - repo: https://github.com/ansible/ansible-lint + rev: v6.21.1 + hooks: + - id: ansible-lint diff --git a/molecule/kubevirt/create.yml b/molecule/kubevirt/create.yml index 3f92133d6..6072dede9 100644 --- a/molecule/kubevirt/create.yml +++ b/molecule/kubevirt/create.yml @@ -7,11 +7,11 @@ tasks: - name: Set default SSH key path # Sets the path of the SSH key ansible.builtin.set_fact: - tempoary_ssh_key_path: "{{ molecule_ephemeral_directory }}/identity_file" + temporary_ssh_key_path: "{{ molecule_ephemeral_directory }}/identity_file" - name: Generate SSH key pair # Generates a new SSH key pair community.crypto.openssh_keypair: - path: "{{ tempoary_ssh_key_path }}" + path: "{{ temporary_ssh_key_path }}" size: "{{ temporary_ssh_key_size }}" register: temporary_ssh_keypair # Stores the output of this task in a variable @@ -85,7 +85,7 @@ ansible.builtin.assert: that: "'molecule' in groups" fail_msg: "Molecule group was not found in inventory groups: {{ groups }}" - run_once: true # Ensures this task is only run once, not on every host in 'hosts' + run_once: true # noqa: run-once - name: Validate that inventory was refreshed # New playbook to validate the inventory hosts: molecule # Runs on hosts in the 'molecule' group diff --git a/playbooks/snap-pre-run.yaml b/playbooks/snap-pre-run.yaml index c34b17aff..64a37dc99 100644 --- a/playbooks/snap-pre-run.yaml +++ b/playbooks/snap-pre-run.yaml @@ -24,13 +24,16 @@ - name: Activate snapd ansible.builtin.shell: | ln -s /var/lib/snapd/snap /snap + changed_when: true - name: Install snapcraft (redhat) ansible.builtin.shell: | type snapcraft || snap install --classic snapcraft + changed_when: true - name: Validate snapd install ansible.builtin.shell: | set -e snap version snapcraft version + changed_when: false diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 000000000..a363745d2 --- /dev/null +++ b/requirements.yml @@ -0,0 +1,7 @@ +# This file is only used for testing purposes as it helps ansible-lint to +# install dependencies when these are missing. +collections: + - community.crypto + - community.docker + - containers.podman + - kubernetes.core diff --git a/src/molecule/test/resources/playbooks/delegated/create.yml b/src/molecule/test/resources/playbooks/delegated/create.yml index bcb29515c..1eeaf9226 100644 --- a/src/molecule/test/resources/playbooks/delegated/create.yml +++ b/src/molecule/test/resources/playbooks/delegated/create.yml @@ -3,5 +3,4 @@ hosts: localhost connection: local gather_facts: false - tasks: - - ansible.builtin.include: create/docker.yml + tasks: [] diff --git a/src/molecule/test/resources/playbooks/delegated/destroy.yml b/src/molecule/test/resources/playbooks/delegated/destroy.yml index a24b7850e..346935b49 100644 --- a/src/molecule/test/resources/playbooks/delegated/destroy.yml +++ b/src/molecule/test/resources/playbooks/delegated/destroy.yml @@ -3,5 +3,4 @@ hosts: localhost connection: local gather_facts: false - tasks: - - ansible.builtin.include: destroy/docker.yml + tasks: [] diff --git a/src/molecule/test/resources/roles/molecule/meta/main.yml b/src/molecule/test/resources/roles/molecule/meta/main.yml index 97b9d2587..9ac05cbad 100644 --- a/src/molecule/test/resources/roles/molecule/meta/main.yml +++ b/src/molecule/test/resources/roles/molecule/meta/main.yml @@ -3,7 +3,7 @@ galaxy_info: author: Ansible Molecule by Red Hat description: Test Molecule role license: MIT - min_ansible_version: 2.5 + min_ansible_version: "2.10" platforms: - name: GenericLinux versions: diff --git a/src/molecule/test/resources/roles/molecule/tasks/main.yml b/src/molecule/test/resources/roles/molecule/tasks/main.yml index 2a0faa81e..947914b19 100644 --- a/src/molecule/test/resources/roles/molecule/tasks/main.yml +++ b/src/molecule/test/resources/roles/molecule/tasks/main.yml @@ -1,14 +1,16 @@ --- - name: Create /etc/molecule - ansible.builtin.file: dest=/etc/molecule - group=root - owner=root - mode=0755 - state=directory + ansible.builtin.file: + dest: /etc/molecule + group: root + owner: root + mode: "0755" + state: directory - name: Create /etc/molecule/{{ ansible_host }} - ansible.builtin.copy: dest="/etc/molecule/{{ ansible_host }}" - group=root - owner=root - mode=0644 - content="{{ ansible_host }}" + ansible.builtin.copy: + dest: "/etc/molecule/{{ ansible_host }}" + group: root + owner: root + mode: "0644" + content: "{{ ansible_host }}" diff --git a/src/molecule/test/resources/sample-collection/CHANGELOG.md b/src/molecule/test/resources/sample-collection/CHANGELOG.md new file mode 100644 index 000000000..825c32f0d --- /dev/null +++ b/src/molecule/test/resources/sample-collection/CHANGELOG.md @@ -0,0 +1 @@ +# Changelog diff --git a/src/molecule/test/resources/sample-collection/galaxy.yml b/src/molecule/test/resources/sample-collection/galaxy.yml index 2a7e1164d..f63e10f31 100644 --- a/src/molecule/test/resources/sample-collection/galaxy.yml +++ b/src/molecule/test/resources/sample-collection/galaxy.yml @@ -29,3 +29,5 @@ build_ignore: repository: https://opendev.org/openstack/tripleo-repos license_file: LICENSE +tags: + - tools diff --git a/src/molecule/test/resources/sample-collection/meta/runtime.yml b/src/molecule/test/resources/sample-collection/meta/runtime.yml new file mode 100644 index 000000000..0967ef424 --- /dev/null +++ b/src/molecule/test/resources/sample-collection/meta/runtime.yml @@ -0,0 +1 @@ +{} diff --git a/src/molecule/test/resources/sample-collection/roles/get_rich/tasks/main.yml b/src/molecule/test/resources/sample-collection/roles/get_rich/tasks/main.yml index cf8063a14..cbab44da7 100644 --- a/src/molecule/test/resources/sample-collection/roles/get_rich/tasks/main.yml +++ b/src/molecule/test/resources/sample-collection/roles/get_rich/tasks/main.yml @@ -1,3 +1,3 @@ -- name: "some task inside foo.bar collection" +- name: Some task inside foo.bar collection ansible.builtin.debug: msg: "hello world!" diff --git a/src/molecule/test/scenarios/dependency/molecule/ansible-galaxy/converge.yml b/src/molecule/test/scenarios/dependency/molecule/ansible-galaxy/converge.yml index c99035fc0..1e22ab251 100644 --- a/src/molecule/test/scenarios/dependency/molecule/ansible-galaxy/converge.yml +++ b/src/molecule/test/scenarios/dependency/molecule/ansible-galaxy/converge.yml @@ -12,6 +12,6 @@ ansible.builtin.debug: msg: "{{ 'foo' | community.molecule.header }}" - - name: test installed role + - name: Test installed role ansible.builtin.include_role: name: ssbarnea.ansible_role_helloworld diff --git a/src/molecule/test/scenarios/dependency/molecule/ansible-galaxy/requirements.yml b/src/molecule/test/scenarios/dependency/molecule/ansible-galaxy/requirements.yml index be1c1b6dd..a96802fd4 100644 --- a/src/molecule/test/scenarios/dependency/molecule/ansible-galaxy/requirements.yml +++ b/src/molecule/test/scenarios/dependency/molecule/ansible-galaxy/requirements.yml @@ -2,4 +2,4 @@ collections: - community.molecule roles: - - ssbarnea.ansible_role_helloworld + - name: ssbarnea.ansible_role_helloworld diff --git a/src/molecule/test/scenarios/dependency/molecule/shell/converge.yml b/src/molecule/test/scenarios/dependency/molecule/shell/converge.yml index c99035fc0..1e22ab251 100644 --- a/src/molecule/test/scenarios/dependency/molecule/shell/converge.yml +++ b/src/molecule/test/scenarios/dependency/molecule/shell/converge.yml @@ -12,6 +12,6 @@ ansible.builtin.debug: msg: "{{ 'foo' | community.molecule.header }}" - - name: test installed role + - name: Test installed role ansible.builtin.include_role: name: ssbarnea.ansible_role_helloworld diff --git a/src/molecule/test/scenarios/driver/delegated/meta/main.yml b/src/molecule/test/scenarios/driver/delegated/meta/main.yml index 9d23420b2..5079e25fb 100644 --- a/src/molecule/test/scenarios/driver/delegated/meta/main.yml +++ b/src/molecule/test/scenarios/driver/delegated/meta/main.yml @@ -6,3 +6,5 @@ galaxy_info: description: Role to test ansible_compat installation of role namespace: molecule role_name: delegated_test + license: GPL + min_ansible_version: "2.9" diff --git a/src/molecule/test/scenarios/driver/delegated_invalid_role_name_with_role_name_check_equals_to_1/meta/main.yml b/src/molecule/test/scenarios/driver/delegated_invalid_role_name_with_role_name_check_equals_to_1/meta/main.yml index 23dcc55ed..04085aed2 100644 --- a/src/molecule/test/scenarios/driver/delegated_invalid_role_name_with_role_name_check_equals_to_1/meta/main.yml +++ b/src/molecule/test/scenarios/driver/delegated_invalid_role_name_with_role_name_check_equals_to_1/meta/main.yml @@ -1,4 +1,5 @@ --- +# noqa: role-name dependencies: [] galaxy_info: @@ -6,3 +7,5 @@ galaxy_info: description: Role to test ansible_compat installation of role namespace: molecule role_name: delegated-test + license: GPL + min_ansible_version: "2.10" diff --git a/src/molecule/test/scenarios/host_group_vars/molecule/default/converge.yml b/src/molecule/test/scenarios/host_group_vars/molecule/default/converge.yml index 1773d9025..162e00717 100644 --- a/src/molecule/test/scenarios/host_group_vars/molecule/default/converge.yml +++ b/src/molecule/test/scenarios/host_group_vars/molecule/default/converge.yml @@ -1,5 +1,6 @@ --- -- hosts: instance +- name: Molecule test fixture + hosts: instance gather_facts: false tasks: - name: Host vars host_var for host host-group-vars from molecule.yml @@ -28,14 +29,16 @@ ansible.builtin.debug: var: hostvars['extra_host']['host_group_vars_extra_host_molecule_yml'] -- hosts: example +- name: Molecule test fixture + hosts: example gather_facts: false tasks: - name: Dummy converge of example group ansible.builtin.debug: var: ansible_host -- hosts: example_1 +- name: Molecule test fixture + hosts: example_1 gather_facts: false tasks: - name: Dummy converge of child example_1 group diff --git a/src/molecule/test/scenarios/host_group_vars/molecule/links/converge.yml b/src/molecule/test/scenarios/host_group_vars/molecule/links/converge.yml index b149009b2..ffda93a4a 100644 --- a/src/molecule/test/scenarios/host_group_vars/molecule/links/converge.yml +++ b/src/molecule/test/scenarios/host_group_vars/molecule/links/converge.yml @@ -1,5 +1,6 @@ --- -- hosts: example +- name: Molecule test fixture + hosts: example gather_facts: false tasks: - name: Host vars from host_vars links diff --git a/src/molecule/test/scenarios/idempotence/molecule/raises/converge.yml b/src/molecule/test/scenarios/idempotence/molecule/raises/converge.yml index 4f7df3055..f542b39b1 100644 --- a/src/molecule/test/scenarios/idempotence/molecule/raises/converge.yml +++ b/src/molecule/test/scenarios/idempotence/molecule/raises/converge.yml @@ -3,5 +3,4 @@ hosts: all gather_facts: false become: true - roles: - - idempotence + roles: [] diff --git a/src/molecule/test/scenarios/idempotence/tasks/main.yml b/src/molecule/test/scenarios/idempotence/tasks/main.yml index a57c3fc4c..2421af99c 100644 --- a/src/molecule/test/scenarios/idempotence/tasks/main.yml +++ b/src/molecule/test/scenarios/idempotence/tasks/main.yml @@ -3,10 +3,21 @@ # Taken from https://github.com/ansible-community/molecule/issues/835 - name: Create /tmp/test1 - ansible.builtin.file: name=/tmp/test1 state=directory + ansible.builtin.file: + name: /tmp/test1 + state: directory + mode: "0600" - name: Replace /tmp/test1 by /tmp/test2 - ansible.builtin.shell: ls -ld /tmp/test1 | grep root + ansible.builtin.shell: | + set -euxo pipefail + ls -ld /tmp/test1 | grep root + changed_when: false - name: Fix /tmp/test1 perms - ansible.builtin.file: name=/tmp/test1 state=directory owner=lp group=lp + ansible.builtin.file: + name: /tmp/test1 + state: directory + owner: lp + group: lp + mode: "0600" diff --git a/src/molecule/test/scenarios/side_effect/molecule/default/converge.yml b/src/molecule/test/scenarios/side_effect/molecule/default/converge.yml index e7f2fef9a..2eb3260ca 100644 --- a/src/molecule/test/scenarios/side_effect/molecule/default/converge.yml +++ b/src/molecule/test/scenarios/side_effect/molecule/default/converge.yml @@ -12,4 +12,5 @@ ansible.builtin.file: path: /tmp/testfile state: touch + mode: "0644" when: not test_file.stat.exists diff --git a/src/molecule/test/scenarios/test_destroy_strategy/molecule/default/converge.yml b/src/molecule/test/scenarios/test_destroy_strategy/molecule/default/converge.yml index b8e6726a9..cdf83c4b5 100644 --- a/src/molecule/test/scenarios/test_destroy_strategy/molecule/default/converge.yml +++ b/src/molecule/test/scenarios/test_destroy_strategy/molecule/default/converge.yml @@ -6,3 +6,4 @@ tasks: - name: Force a converge failure ansible.builtin.command: /bin/false + changed_when: false