Make ansible-lint and yamllint use more strict rules. #400
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
rjeffman
changed the title
rjeffman
changed the title
rjeffman
force-pushed
the
lint_fix_ansible_lint_issues
branch
2 times, most recently
from
2ccd4d6
to
18f134f
Compare
rjeffman
force-pushed
the
lint_fix_ansible_lint_issues
branch
3 times, most recently
from
6416524
to
c02511d
Compare
rjeffman
force-pushed
the
lint_fix_ansible_lint_issues
branch
3 times, most recently
from
7194e7a
to
4d968e9
Compare
rjeffman
force-pushed
the
lint_fix_ansible_lint_issues
branch
from
4d968e9
to
33d9536
Compare
rjeffman
force-pushed
the
lint_fix_ansible_lint_issues
branch
from
13f9d13
to
55abf8c
Compare
rjeffman
changed the title
rjeffman
force-pushed
the
lint_fix_ansible_lint_issues
branch
2 times, most recently
from
4415c24
to
32235f1
Compare
|
@t-woerner, please, can you review this PR? |
rjeffman
force-pushed
the
lint_fix_ansible_lint_issues
branch
4 times, most recently
from
99f027e
to
ac4643b
Compare
rjeffman
force-pushed
the
lint_fix_ansible_lint_issues
branch
2 times, most recently
from
96c693d
to
fbc8d26
Compare
rjeffman
force-pushed
the
lint_fix_ansible_lint_issues
branch
from
4a8ea90
to
34998cf
Compare
t-woerner
reviewed
Sep 27, 2021
t-woerner
reviewed
Sep 27, 2021
.ansible-lint
Outdated
| - '305' # Use shell only when shell functionality is required | ||
| - '306' # risky-shell-pipe | ||
| - yaml # yamllint should be executed separately. | ||
| - experimental # Ignore rules that resulted in false positives |
There was a problem hiding this comment.
What is experimental exactly?
There was a problem hiding this comment.
experimental varies from release to release. It used to give lots of false positive, but is much more stable in the latest versions.
I enabled experimental and fixed the warnings for ansible-lint 5.0.7 using ansible 2.9.25.
t-woerner
reviewed
Sep 27, 2021
playbooks/dnsforwardzone/ensure-dnsforwardzone-with-forwarder-port.yml
Outdated
Show resolved
Hide resolved
t-woerner
reviewed
Sep 27, 2021
rjeffman
force-pushed
the
lint_fix_ansible_lint_issues
branch
from
34998cf
to
0fcee93
Compare
t-woerner
reviewed
Sep 29, 2021
t-woerner
reviewed
Sep 29, 2021
| ipaadmin_password: SomeADMINpassword | ||
| name: host01.exmaple.com | ||
| name: host01.example.com | ||
| managedby_host: server.exmaple.com |
There was a problem hiding this comment.
We have a lot of "exmaple" in the playbooks folder. Let's fix this with another PR.
t-woerner
reviewed
Sep 29, 2021
This patch adds 'name' to all test playbook tasks that did not have it, fixing ansible-lint's error 'unnamed-task'.
This patch adds 'name' to all example playbook tasks that did not have it, fixing ansible-lint's error 'unnamed-task'.
This patch fixes yamllint's "line too long" (line-lenght) warnings by ensuring all lines in YAML files have, at most, 160 characters. If a line cannot be written as a multiline block, line-length rule evaluation is disabled for the specific line, both on yamllint and on ansible-lint.
Comments in YAML files should be aligned to content.
This patch modifies configuration of both ansible-lint and yamllint to check for more rules, resulting in a more strict verification. For ansible-lint verification of errors 301, 305 and 505 are skipped, due to false positives. For the same reason, 'experimental' rules are skipped. ansible-lint error 306 is skipped since the fix is to set pipefail, which is not available in all shells (for example dash, which runs ansible-freeipa CI). Yamllint disabled rules (comments, and indentation) would introduce a huge amount of small changes, and are left for future changes, it deemed necessary.
Some tests for ipahost and ipauser modules, related to certificates had the verification part disabled. This patch enable these verifications.
These playbooks manage the certificates of a user, but did not have the proper action for it.
As of September, 2021, Ansible-lint cannot evaluate task files which included through `include_tasks`, as it fails syntax-check. This change exclude evaluation of these files (`env_*`) when evaluating files before commit (pre-commit).
rjeffman
force-pushed
the
lint_fix_ansible_lint_issues
branch
from
0fcee93
to
a5310b0
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This patch modifies configuration of both ansible-lint and yamllint
to check for more rules, resulting in a more strict verification.
The rules left disable are either necessary due to missing Ansible
modules, or might impact modules or roles execution or testing.