By the first quarter of 2024, all collections must pass ansible-lint
tests run with version 6.22.x. This PR ensure that all ansible-freeipa
tests depending on ansible-lint use a valid version of it.
ansible-lint 6.21+ and pylint 3.0+ will be required for Ansible
collections to be approved on Ansible Galaxy.
This patch updates pre-commit and upstream linters to use the required
versions.
The release version 6.21.0 of ansible-lint introduced a bug that breaks
the reporting of 'warning' messages. [1]
This patch pins ansible-lint version to the latest one in the 6.20
series, so that it can still be used to check pull requests.
[1]: https://github.com/ansible/ansible-lint/issues/3853
Currently, there is a hard coded timeout in galaxy-importer that
prevents larger collections to execute the ansible-lint step [1].
This patch modifies the calls to ansible-lint on development tools and
upstream CI to use the same arguments as galaxy-importer and disables
the execution of the ansible-lint step for the Ansible's sanity test.
Requested ansible-lint version for tools is also updated, as a more
recent one is required.
This change will not allow development using an environment using Python
2.7, due to newer ansible-lint requirements. Roles and modules tests
against target nodes using Python 2.7 is still possible.
[1]: https://github.com/ansible/galaxy-importer/pull/231
'virtualenv' is an external dependency with the same purpose of Python's
'venv' module. This patch removes the external dependency in favor of
the readily available package.
ansible-core 2.15 has been released on May 15th, 2023, and version 2.12
has reached EOL on May 22nd, 2023.
This patch updates the ansible-core versions used on upstream CI tests
to reflect Ansible's new releases.
ansible-lint required to be run in a collection source directory with
correct and working galaxy.yml
As ansible-freeipa is not converted to a collection, the galaxy.yml file
can not be used to create the collection. This needs to be done with
utils/build-galaxy-release.sh. The script is fixing all the prefixes for
the roles and modules in all the yml files and also example snippets and
in the documentation.
Therefore utils/build-galaxy-release.sh is called with the "-k" option
to keep the directory that has been used to generate the collection with
the script. Afterwards ansible-lint is run in this build directory.
The Shellcheck action used in Gtihub workflows has bee updated, but has
not have a new release in 18 months. It is recommended by the action
developers to use the 'master' branch for the action.
This patch enables the use of the master branch for the Shellcheck
action.
There are warnings on Github workflows about the need to update actions
'checkout' and 'setup-python' due to the use of Node.js versions that
are too old.
This patch updates the use of actions/checkout from v2 to v3.1.0, and
setup-python from v2 to v4.3.0.
Under Python 3.11 some linters have failed to execute due to deprecated
items. Increasing or setting specific allow the linters to succeed with
Python's lates version.
The main REAADME has been fixed to contain information about the
automount key and map modules, the reference to the hbacsvcgroup README
has been fixed and a new test has been added as a github workflow.
We used a Github Action to run anisble-lint, but it has not have a
release since 2019, and has not been updated in a year. This action is
showing some issues when evaluating current playbooks.
This PR substitute the action previously used with a shell script
directly define in the workflow job. The ansible-core version was
pinned to the currently available on Fedora 25, 2.11.6.
This test is using the galaxy_importer from ansible project. The
configuration file galaxy-importer.cfg is copied from linux-system-roles
https://github.com/linux-system-roles/auto-maintenance/blob/master/\
lsr_role2collection/galaxy-importer.cfg
The tests script has extra code to parse the output of the importer to
highlight errors and to exit with a proper error code.
The test can be used locally also with "sh tests/sanity/sanity.sh"
New files:
- .github/workflows/ansible-test.yml
- tests/sanity/galaxy-importer.cfg
- tests/sanity/sanity.sh
This patch modifies configuration of both ansible-lint and yamllint
to check for more rules, resulting in a more strict verification.
For ansible-lint verification of errors 301, 305 and 505 are skipped,
due to false positives. For the same reason, 'experimental' rules
are skipped.
ansible-lint error 306 is skipped since the fix is to set pipefail,
which is not available in all shells (for example dash, which runs
ansible-freeipa CI).
Yamllint disabled rules (comments, and indentation) would introduce a
huge amount of small changes, and are left for future changes, it
deemed necessary.
This patch adds ansible-core version to 2.11 when evaluating
documentation with ansible-doc-test, so both 2.9 (ansible) and
2.11 (ansible-core) are covered when testing documentation,
along with the latest Ansible version available.
This PR sets pylint to version 2.10.2 in all linter actions, and
fixes code in plugins so that this version new checks are either
satisfied or ignored if needed.
There are common parameters in all modules like ipaadmin_principal and
ipaadmin_password. As this list of common parameters will be extended
soon, there is a need to reduce the code and documentation duplicates.
A ModuleDocFragment is added to provide the module documentation for the
common parameters. This is used in the modules with
extends_documentation_fragment.
ansible_freeipa_module has additional ipamodule_base_spec and
get_ipamodule_base_vars. ipamodule_base_spec extends argument_spec in
the module and get_ipamodule_base_vars is used to return a dict
containing the common parameters.
This patch modify Github 'lint' workflow to execute each linter
verifications as a separate job. This will allow us to easily see
which linter has failed, and ensure that all are executed, even
if one fails.
The Github workflow Ubuntu images do not provide Ansible pre-installed
anymore, and this patch forces its installation through Python's pip.
Different jobs were created to test documentation with different
versions of Ansible, currently 2.9 and the latest available.
This change add support for running ansible-doc-test on every
commit or PR, ensuring that roles and modules are able to produce
correct documentation with ansible-doc.
Flake8 and Pydocstyle were already being used as checks on Azure
pipelines, and this change enable the use of both as Github actions
run on every push (on any fork) end every pull-request.
I uses `rjeffman/python-lint-action` to run both linters using the
project's configuration.
By running yamllint we add one more verification of quality to the
playbooks used on/provided by ansible-freeipa, that will be executed
on every push (even on forks) or pull-requests.
This patch provides the configuration needed to run yamllint on
the playbooks found in the `tests`, `playbooks` and `molecule`
directories, on every push or pull-request done on Github, using
ibiqlik/action-yamllint action version `v1`.
The current configuration for yamllint has many rules disable, so
the problems found can be fixed later. All rules after the comment
`# Disabled rules` should be enabled in the near future.
By running ansible-lint we check if playbooks provided in
ansible-freipa follow Ansible's best practices, nd the verification
will be performed on every push (even on forks) or pull-request.
This patch provides the configuration needed to run ansible-lint
to the playbooks found in the `tests`, `playbooks` and `molecule`
directories, on every push or pull-request done on Github, using
Ansible's Github Action ansible/ansible-lint-action.
