6 Commits

Author SHA1 Message Date
Albin Vass
3d4f3a3a28 Add linting rule to enforce no-same-owner policy
Change-Id: I92c66a21be95935d11fc8e9887d9d91c645d28d4
2020-06-18 11:06:45 +02:00
Albin Vass
38053b0826 Policy rule for ownership between remote and executor
Change-Id: Ia0b6bcf221ee053a0c2a2073796cba35fa22efd0
2020-05-13 09:41:38 +02:00
Albin Vass
9ad8c11469 Check blocks recursively for loops
Also updates tests for the custom ansible-lint rules.

Adds a simple testsuite so test roles and playbooks that are known to be
faulty or valid can be put in a directory structure like:

<rule id>/valid/playbooks/valid_playbook.yaml
<rule id>/valid/roles/valid_role/tasks/main.yaml
<rule id>/valid/roles/valid_role/handlers/main.yaml

<rule id>/faulty/playbooks/faulty_playbook.yaml
<rule id>/faulty/roles/faulty_role/tasks/main.yaml
<rule id>/faulty/roles/faulty_role/handlers/main.yaml

So they will verify that the rules work as expected.

Change-Id: I29d0766c67e690e35490586f6befb95e4cd31b98
2020-05-05 22:56:46 +02:00
Albin Vass
bee0c6ae2f ansible-lint: use matchplay instead of matchtask
For some reason matchtask doesn't match includes, matchplay does so use
that instead.

Change-Id: I040f7f3394503e92d06c05e8ff671a43b14baebc
2020-05-05 20:42:38 +02:00
Albin Vass
9062289151 Check for loop_control in with_ type loops
Change-Id: I191265df7709a6262b44a428d78fe28ffaeb4b75
2020-05-01 13:45:34 +02:00
Albin Vass
d0e2016592 Add loop var policy to ansible-lint
This adds a custom ansible-lint rule at .rules/ZuulJobsNamespaceLoopVar.py
that enforces the loop var policy described at:
https://zuul-ci.org/docs/zuul-jobs/policy.html#ansible-loops-in-roles

It also updates existing roles to follow the policy.

Change-Id: I92b2ff56a1c2702542fc07b316f1809087a4c92f
2020-04-29 17:20:59 +02:00