ansible-lint : disable 503

This has got me a number of times; I think we can tell in review if a task firing in response to a "changed" is best in a handler or not. Remove existing noqa flags Change-Id: I80ad631f978eeeb9903abe230a95f23f5709d20e
2020-03-04 13:29:03 +11:00 · 2020-03-04 13:29:03 +11:00 · ac11734cf9
commit ac11734cf9
parent 6b8b665f8a
4 changed files with 8 additions and 4 deletions
--- a/playbooks/roles/backup-server/tasks/user.yaml
+++ b/playbooks/roles/backup-server/tasks/user.yaml
@ -24,7 +24,7 @@
 # ansible-lint wants this in a handler, it should be done here and
 # now; this isn't like a service restart where multiple things might
 # call it.
- name: Initalise bup  # noqa 503
+- name: Initalise bup
  shell: |
    BUP_DIR=/opt/backups/{{ user_name }}/.bup bup init
  become: yes
--- a/playbooks/roles/backup/tasks/main.yaml
+++ b/playbooks/roles/backup/tasks/main.yaml
@ -18,7 +18,7 @@
    type: ed25519
  register: bup_keypair

- name: Initalise bup # noqa 503
+- name: Initalise bup
  command: bup init
  when: bup_keypair.changed

--- a/playbooks/roles/letsencrypt-acme-sh-install/tasks/main.yaml
+++ b/playbooks/roles/letsencrypt-acme-sh-install/tasks/main.yaml
@ -84,7 +84,7 @@
    - /root/.acme.sh/ca/acme-staging-v02.api.letsencrypt.org/account.json
  register: existing_accounts

- name: Run account update # noqa 503
+- name: Run account update
  shell: |
    /opt/acme.sh/acme.sh --debug --updateaccount
  when: account_email.changed and (existing_accounts.results | selectattr('stat.exists') | map(attribute='item') | list | length > 0)
--- a/tox.ini
+++ b/tox.ini
@ -41,10 +41,14 @@ commands =
  #  This requires running the shell as /bin/bash.  There is a small
  #  possibility to hide errors, but we can rely on
  #  developers to decide when to explicitly check for failures.
+  #
+  # 503: tasks that run when "changed" should likely be handlers
+  #  We can trust reviewers to decide if something should be a
+  #  generic handler or not.
  bash -c "find roles playbooks -type f -regex '.*.y[a]?ml' -print0 | xargs -t -n1 -0 \
    ansible-lint -x ANSIBLE0004 -x ANSIBLE0006 -x ANSIBLE0007 -x ANSIBLE0010 \
                 -x ANSIBLE0011 -x ANSIBLE0012 -x ANSIBLE0013 -x ANSIBLE0015 \
-                 -x 204 -x 206 -x 304 -x 306"
+                 -x 204 -x 206 -x 304 -x 306 -x 503"

 [testenv:venv]
 commands = {posargs}