4 Commits

Author SHA1 Message Date
Ian Wienand
826a79f50f linter: update ansible-lint; add auto-download of roles
This updates ansible-lint to the 6.x releases.  It also updates the
ansible installed to our current zuul version.

It cleans up the config file and marks it as yaml.  A few new
exceptions are added with explainations.

We don't need to fake the zuul_return by telling ansible-lint to mock
it.  This is added to the config, and we can remove the stub file.

A constant source of problems running this locally is that you have to
have the other role repos checked out so ansible-lint can do its
checks.  Add a smaller helper script for doing this locally.  In the
gate, ANSIBLE_ROLES_PATH is set to the Zuul checkouts of these
projects.  Locally, add a smaller helper "ansible-lint-roles-cache.sh"
that pulls the projects into a .cache directory.  If they are already
there, they get updated.  By default locally we will use these
checkouts.  This way, "tox -e linters" just works without having to do
anything else.

This also modifies the xargs to run the check all at once, instead of
fork for each file.  I did try autodetection but it seems like other
yaml files in the roles/playbook directories still confuse
ansible-lint.

Also I don't think we need a ansible-playbook --syntax-check step;
ansible-lint covers that.

Change-Id: I972f73037b9f904a555b81f3835ca5261639ed01
2022-08-12 09:29:11 +10:00
Clark Boylan
b6ff3078dc Stop linting zuul-jobs from here
When we run ansible-lint on project-config the tool is finding and
reporting errors in zuul-jobs. Zuul-jobs appears to be included to
ensure that all the roles we use are defined, but we don't want to lint
the content of those roles.

To address this we add ../../zuul to the ansible lint exclude path which
includes zuul-jobs.

Change-Id: Ie9aeca81ba4fb95df0e7e1ee275230378e49b741
2021-03-19 08:18:44 -07:00
Emilien Macchi
d1d0f66734 Disable E106 & E208 for now
E106 rejects roles with '-' in their names, which is important
for collections, but these aren't collections.

Also ansible-lint throws an undocumented error "E208 File permissions not
mentioned" that looks too aggressive, for example it complains IMHO
wrongly about:

roles/add-build-sshkey/tasks/remote-linux.yaml:1: [E208] File
permissions not mentioned
roles/add-build-sshkey/tasks/remote-linux.yaml:14: [E208] File
permissions not mentioned
roles/add-build-sshkey/tasks/remote-linux.yaml:20: [E208] File
permissions not mentioned
roles/add-build-sshkey/tasks/remote-linux.yaml:27: [E208] File
permissions not mentioned

Disable it for now until ansible-lint is fixed - and the real problems
in zuul-jobs are fixed.

https://github.com/ansible/ansible-lint/pull/949 fixes the false
positives. Once that is merged and a new release is out, we should
revert and fix the real problems.

Inspired by I3e3978bbc9458ad79623d22969344fb46f5fee43
and I48f837e8d5bd7d0d9d708d728d93627deb4093cc

Change-Id: I0fdd4a79b886d1c4875e748b08f99da809d9d767
Co-Authored-By: Andreas Jaeger <aj@suse.com>
Co-Authored-By: James E. Blair <jeblair@redhat.com>
2020-08-19 09:51:10 -04:00
Ian Wienand
0326363e48 Update ansible-lint and add fake zuul_return
- Use zuul_return fake module to make ansible lint happy, this allows
  to remove Zuul import.
- While ansible-lint 4.2.0 is now able to detect playbooks/roles, this
  is broken, so don't use it
- move its config out of tox.ini so it can be used by any tools, or
  without tox

Change-Id: Ie8935f47db855647e19ae091044e5ac1871f1551
Co-Authored-By: Sorin Sbarnea <ssbarnea@redhat.com>
Co-Authored-By: Andreas Jaeger <aj@suse.com>
2020-03-18 22:28:10 +01:00