Skip V-38462 in gate and cap ansible-lint

openstack-infra are creating images containing an apt.d configuration that sets AllowUnauthenticated to true to support their custom apt repos which contain unsigned packages. The presence of this file causes openstack-ansible-security to fail. We can either remove the file, or skip the V-38462 tag. Skipping the tag in the gate is probably the better long term solution. Additionally, ansible-lint 2.3.8 was released today and is now causing a number of ANSIBLE0008 errors to fail the gate. This is a temporary cap to unblock the gate. Change-Id: I2c78f4e913e99e5fc5d84fba9e28197b73ac8f25
openstack · Feb 11, 2016 · b4bb510 · b4bb510
1 parent 3232ce0
commit b4bb510
Show file tree

Hide file tree

Showing 3 changed files with 6 additions and 3 deletions.
diff --git a/scripts/run-playbooks.sh b/scripts/run-playbooks.sh
@@ -44,7 +44,10 @@ pushd "playbooks"
     install_bits lxc-hosts-setup.yml
 
     # Apply security hardening
-    install_bits security-hardening.yml
+    # NOTE(mattt): We have to skip V-38462 as openstack-infra are now building
+    #              images with apt config Apt::Get::AllowUnauthenticated set
+    #              to true.
+    install_bits --skip-tag V-38462 security-hardening.yml
 
     # Bring the lxc bridge down and back up to ensures the iptables rules are in-place
     # This also will ensure that the lxc dnsmasq rules are active.

diff --git a/test-requirements.txt b/test-requirements.txt
@@ -1,4 +1,4 @@
-ansible-lint>=2.0.3
+ansible-lint>=2.0.3,<2.3.8
 flake8==2.2.4
 hacking>=0.10.0,<0.11
 pep8==1.5.7

diff --git a/tox.ini b/tox.ini
@@ -69,7 +69,7 @@ commands =
 [testenv:ansible-lint]
 deps =
   ansible>1.9,<2.0
-  ansible-lint
+  ansible-lint>=2.0.3,<2.3.8
 whitelist_externals = bash
 commands =
   # Perform an Ansible lint check