diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 00000000..2b977948 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,105 @@ +--- +# .ansible-lint +# exclude_paths included in this file are parsed relative to this file's location +# and not relative to the CWD of execution. CLI arguments passed to the --exclude +# option will be parsed relative to the CWD of execution. +exclude_paths: + - .cache/ # implicit unless exclude_paths is defined in config + - .github/ + - roles/compute_build_nodes + - roles/compute_build_vnfs + - roles/gpu_build_nodes + - roles/gpu_build_vnfs + - roles/login_build_nodes + - roles/login_build_vnfs + - roles/nodes_vivify + - roles/ohpc_config + - roles/ohpc_install + - roles/pre_ohpc + - roles/viz_build_nodes +# parseable: true +# quiet: true +# verbosity: 1 + +# Mock modules or roles in order to pass ansible-playbook --syntax-check +#mock_modules: +# - zuul_return +# # note the foo.bar is invalid as being neither a module or a collection +# - fake_namespace.fake_collection.fake_module +# - fake_namespace.fake_collection.fake_module.fake_submodule +#mock_roles: +# - mocked_role +# - author.role_name # old standalone galaxy role +# - fake_namespace.fake_collection.fake_role # role within a collection + +# Enable checking of loop variable prefixes in roles +#loop_var_prefix: "{role}_" + +# Enforce variable names to follow pattern below, in addition to Ansible own +# requirements, like avoiding python identifiers. To disable add `var-naming` +# to skip_list. +# var_naming_pattern: "^[a-z_][a-z0-9_]*$" + +use_default_rules: true +# Load custom rules from this specific folder +# rulesdir: +# - ./rule/directory/ + +# This makes linter to fully ignore rules/tags listed below +skip_list: + - skip_this_tag + - git-latest + +# Any rule that has the 'opt-in' tag will not be loaded unless its 'id' is +# mentioned in the enable_list: +enable_list: + - empty-string-compare # opt-in + - no-log-password # opt-in + - no-same-owner # opt-in + # add yaml here if you want to avoid ignoring yaml checks when yamllint + # library is missing. Normally its absence just skips using that rule. + - yaml +# Report only a subset of tags and fully ignore any others +# tags: +# - jinja[spacing] + +# This makes the linter display but not fail for rules/tags listed below: +warn_list: + - skip_this_tag + - git-latest + - experimental # experimental is included in the implicit list + # - role-name + # - yaml[document-start] # you can also use sub-rule matches + +# Some rules can transform files to fix (or make it easier to fix) identified +# errors. `ansible-lint --write` will reformat YAML files and run these transforms. +# By default it will run all transforms (effectively `write_list: ["all"]`). +# You can disable running transforms by setting `write_list: ["none"]`. +# Or only enable a subset of rule transforms by listing rules/tags here. +# write_list: +# - all + +# Offline mode disables installation of requirements.yml +offline: false + +# Define required Ansible's variables to satisfy syntax check +#extra_vars: +# foo: bar +# multiline_string_variable: | +# line1 +# line2 +# complex_variable: ":{;\t$()" + +# Uncomment to enforce action validation with tasks, usually is not +# needed as Ansible syntax check also covers it. +# skip_action_validation: false + +# List of additional kind:pattern to be added at the top of the default +# match list, first match determines the file kind. +kinds: + # - playbook: "**/examples/*.{yml,yaml}" + # - galaxy: "**/folder/galaxy.yml" + # - tasks: "**/tasks/*.yml" + # - vars: "**/vars/*.yml" + # - meta: "**/meta/main.yml" + - yaml: "**/*.yaml-too" diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml index 7ac4222d..df1b2924 100644 --- a/.github/workflows/ansible-lint.yml +++ b/.github/workflows/ansible-lint.yml @@ -18,55 +18,9 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - uses: actions/checkout@v2 - - name: Get file changes - id: get_file_changes - uses: trilom/file-changes-action@v1.2.4 - with: - output: ' ' - - - name: Echo file changes - run: | - echo Changed files: ${{ steps.get_file_changes.outputs.files }} - - name: Lint Ansible Playbook # replace "master" with any valid ref - uses: iranzo/ansible-lint-action@master - with: - # [required] - # Paths to ansible files (i.e., playbooks, tasks, handlers etc..) - # or valid Ansible directories according to the Ansible role - # directory structure. - # If you want to lint multiple ansible files, use the following syntax - # targets: | - # playbook_1.yml - # playbook_2.yml - targets: "${{ steps.get_file_changes.outputs.files }}" - # [optional] - # Arguments to override a package and its version to be set explicitly. - # Must follow the example syntax. - override-deps: | - ansible==2.9 - ansible-lint==4.2.0 - # [optional] - # Arguments to be passed to the ansible-lint - - # Options: - # -q quieter, although not silent output - # -p parseable output in the format of pep8 - # --parseable-severity parseable output including severity of rule - # -r RULESDIR specify one or more rules directories using one or - # more -r arguments. Any -r flags override the default - # rules in ansiblelint/rules, unless -R is also used. - # -R Use default rules in ansiblelint/rules in addition to - # any extra - # rules directories specified with -r. There is no need - # to specify this if no -r flags are used - # -t TAGS only check rules whose id/tags match these values - # -x SKIP_LIST only check rules whose id/tags do not match these - # values - # --nocolor disable colored output - # --exclude=EXCLUDE_PATHS - # path to directories or files to skip. This option is - # repeatable. - # -c C Specify configuration file to use. Defaults to ".ansible-lint" - args: "--exclude .github" + uses: ansible-community/ansible-lint-action@v6 + # optional: + # with: + # path: "playbooks/" # <-- only one value is allowed