Skip V-38462 in gate and cap ansible-lint

openstack-infra are creating images containing an apt.d configuration that sets AllowUnauthenticated to true to support their custom apt repos which contain unsigned packages. The presence of this file causes openstack-ansible-security to fail. We can either remove the file, or skip the V-38462 tag. Skipping the tag in the gate is probably the better long term solution. Additionally, ansible-lint 2.3.8 was released today and is now causing a number of ANSIBLE0008 errors to fail the gate. This is a temporary cap to unblock the gate. Change-Id: I2c78f4e913e99e5fc5d84fba9e28197b73ac8f25
2016-02-10 23:14:35 +00:00 · 2016-02-10 23:14:35 +00:00 · b4bb5105b6
parent 3232ce0a56
commit b4bb5105b6
3 changed files with 6 additions and 3 deletions
--- a/scripts/run-playbooks.sh
+++ b/scripts/run-playbooks.sh
@ -44,7 +44,10 @@ pushd "playbooks"
    install_bits lxc-hosts-setup.yml

    # Apply security hardening
-    install_bits security-hardening.yml
+    # NOTE(mattt): We have to skip V-38462 as openstack-infra are now building
+    #              images with apt config Apt::Get::AllowUnauthenticated set
+    #              to true.
+    install_bits --skip-tag V-38462 security-hardening.yml

    # Bring the lxc bridge down and back up to ensures the iptables rules are in-place
    # This also will ensure that the lxc dnsmasq rules are active.
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -1,4 +1,4 @@
-ansible-lint>=2.0.3
+ansible-lint>=2.0.3,<2.3.8
 flake8==2.2.4
 hacking>=0.10.0,<0.11
 pep8==1.5.7
--- a/tox.ini
+++ b/tox.ini
@ -69,7 +69,7 @@ commands =
 [testenv:ansible-lint]
 deps =
  ansible>1.9,<2.0
-  ansible-lint
+  ansible-lint>=2.0.3,<2.3.8
 whitelist_externals = bash
 commands =
  # Perform an Ansible lint check