Adding upstream version 6.13.1.upstream/6.13.1upstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

5 files changed, 336 insertions, 0 deletions

diff --git a/.github/workflows/ack.yml b/.github/workflows/ack.yml
new file mode 100644
index 0000000..5e7b9f5
--- /dev/null
+++ b/.github/workflows/ack.yml
@@ -0,0 +1,10 @@
+---
+# See https://github.com/ansible/devtools/blob/main/.github/workflows/ack.yml
+name: ack
+on:
+  pull_request_target:
+    types: [opened, labeled, unlabeled, synchronize]
+
+jobs:
+  ack:
+    uses: ansible/devtools/.github/workflows/ack.yml@main
diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
new file mode 100644
index 0000000..1a01af8
--- /dev/null
+++ b/.github/workflows/push.yml
@@ -0,0 +1,13 @@
+---
+# See https://github.com/ansible/devtools/blob/main/.github/workflows/push.yml
+name: push
+on:
+  push:
+    branches:
+      - main
+      - "releases/**"
+      - "stable/**"
+
+jobs:
+  ack:
+    uses: ansible/devtools/.github/workflows/push.yml@main
diff --git a/.github/workflows/redirects.yml b/.github/workflows/redirects.yml
new file mode 100644
index 0000000..28a9a26
--- /dev/null
+++ b/.github/workflows/redirects.yml
@@ -0,0 +1,33 @@
+---
+# Sync RTD redirects
+name: redirects
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - docs/redirects.yml
+      - .github/workflows/redirects.yml
+
+  # Manually triggered using GitHub's UI
+  workflow_dispatch:
+
+jobs:
+  docs:
+    environment: release
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+
+      - name: Upgrade Python toolchain
+        run: python3 -m pip install --upgrade pip setuptools wheel
+
+      - name: Install readthedocs-cli
+        run: python3 -m pip install readthedocs-cli
+
+      - name: Sync redirects
+        run: rtd projects ansible-lint redirects sync -f docs/redirects.yml --wet-run
+        env:
+          RTD_TOKEN: ${{ secrets.RTD_TOKEN }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
new file mode 100644
index 0000000..111f15f
--- /dev/null
+++ b/.github/workflows/release.yml
@@ -0,0 +1,47 @@
+---
+# cspell:ignore mislav
+name: release
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  pypi:
+    name: Publish to PyPI registry
+    environment: release
+    runs-on: ubuntu-22.04
+
+    env:
+      FORCE_COLOR: 1
+      PY_COLORS: 1
+      TOXENV: pkg
+
+    steps:
+      - name: Switch to using Python 3.9 by default
+        uses: actions/setup-python@v4
+        with:
+          python-version: 3.9
+      - name: Install tox
+        run: python3 -m pip install --user "tox>=4.0.0"
+      - name: Check out src from Git
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # needed by setuptools-scm
+          submodules: true
+      - name: Build dists
+        run: python -m tox
+      - name: Publish to pypi.org
+        if: >- # "create" workflows run separately from "push" & "pull_request"
+          github.event_name == 'release'
+        uses: pypa/gh-action-pypi-publish@release/v1
+        with:
+          password: ${{ secrets.pypi_password }}
+
+      - name: Bump homebrew formula
+        uses: mislav/bump-homebrew-formula-action@v2
+        with:
+          # A PR will be sent to github.com/Homebrew/homebrew-core to update this formula:
+          formula-name: ansible-lint
+        env:
+          COMMITTER_TOKEN: ${{ secrets.COMMITTER_TOKEN }}
diff --git a/.github/workflows/tox.yml b/.github/workflows/tox.yml
new file mode 100644
index 0000000..4fe6da7
--- /dev/null
+++ b/.github/workflows/tox.yml
@@ -0,0 +1,233 @@
+---
+name: tox
+
+on:
+  create: # is used for publishing to PyPI and TestPyPI
+    tags: # any tag regardless of its name, no branches
+      - "**"
+  push: # only publishes pushes to the main branch to TestPyPI
+    branches: # any integration branch but not tag
+      - "main"
+  pull_request:
+    branches:
+      - "main"
+  release:
+    types:
+      - published # It seems that you can publish directly without creating
+  schedule:
+    - cron: 1 0 * * * # Run daily at 0:01 UTC
+  # Run every Friday at 18:02 UTC
+  # https://crontab.guru/#2_18_*_*_5
+  # - cron: 2 18 * * 5
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }}
+  cancel-in-progress: true
+
+env:
+  FORCE_COLOR: 1 # tox, pytest, ansible-lint
+  PY_COLORS: 1
+
+jobs:
+  pre:
+    name: pre
+    runs-on: ubuntu-22.04
+    outputs:
+      matrix: ${{ steps.generate_matrix.outputs.matrix }}
+    steps:
+      - name: Determine matrix
+        id: generate_matrix
+        uses: coactions/dynamic-matrix@v1
+        with:
+          min_python: "3.9"
+          max_python: "3.11"
+          other_names: |
+            lint
+            pkg,hook,docs
+            schemas
+            eco
+            py-devel
+          platforms: linux,macos
+
+  build:
+    name: ${{ matrix.name }}
+    runs-on: ${{ matrix.os || 'ubuntu-22.04' }}
+    needs: pre
+    defaults:
+      run:
+        shell: ${{ matrix.shell || 'bash'}}
+    strategy:
+      fail-fast: false
+      matrix: ${{ fromJson(needs.pre.outputs.matrix) }}
+      # max-parallel: 5
+      # The matrix testing goal is to cover the *most likely* environments
+      # which are expected to be used by users in production. Avoid adding a
+      # combination unless there are good reasons to test it, like having
+      # proof that we failed to catch a bug by not running it. Using
+      # distribution should be preferred instead of custom builds.
+    env:
+      # vars safe to be passed to wsl:
+      WSLENV: FORCE_COLOR:PYTEST_REQPASS:TOXENV:GITHUB_STEP_SUMMARY
+      # Number of expected test passes, safety measure for accidental skip of
+      # tests. Update value if you add/remove tests.
+      PYTEST_REQPASS: 791
+
+    steps:
+      - name: Activate WSL1
+        if: "contains(matrix.shell, 'wsl')"
+        uses: Vampire/setup-wsl@v2
+
+      - name: MacOS workaround for https://github.com/actions/virtual-environments/issues/1187
+        if: ${{ matrix.os == 'macOS-latest' }}
+        run: |
+          sudo sysctl -w net.link.generic.system.hwcksum_tx=0
+          sudo sysctl -w net.link.generic.system.hwcksum_rx=0
+
+      - uses: actions/checkout@v3
+        with:
+          fetch-depth: 0 # needed by setuptools-scm
+          submodules: true
+
+      - name: Set pre-commit cache
+        uses: actions/cache@v3
+        if: ${{ matrix.passed_name == 'lint' }}
+        with:
+          path: |
+            ~/.cache/pre-commit
+          key: pre-commit-${{ matrix.name || matrix.passed_name }}-${{ hashFiles('.pre-commit-config.yaml') }}
+
+      - name: Set galaxy cache
+        uses: actions/cache@v3
+        if: ${{ startsWith(matrix.passed_name, 'py') }}
+        with:
+          path: |
+            examples/playbooks/collections/*.tar.gz
+            examples/playbooks/collections/ansible_collections
+          key: galaxy-${{ hashFiles('examples/playbooks/collections/requirements.yml') }}
+
+      - name: Set up Python ${{ matrix.python_version || '3.9' }}
+        if: "!contains(matrix.shell, 'wsl')"
+        uses: actions/setup-python@v4
+        with:
+          cache: pip
+          python-version: ${{ matrix.python_version || '3.9' }}
+
+      - uses: actions/setup-node@v3
+        with:
+          node-version: 18
+          cache: "npm"
+          cache-dependency-path: test/schemas/package-lock.json
+
+      - name: Run ./tools/test-setup.sh
+        run: ./tools/test-setup.sh
+
+      - name: Install tox
+        run: |
+          python3 -m pip install --upgrade pip
+          python3 -m pip install --upgrade "tox>=4.0.0"
+
+      - name: Log installed dists
+        run: python3 -m pip freeze --all
+
+      - name: Initialize tox envs ${{ matrix.passed_name }}
+        run: python3 -m tox --notest --skip-missing-interpreters false -vv -e ${{ matrix.passed_name }}
+        timeout-minutes: 5 # average is under 1, but macos can be over 3
+
+      # sequential run improves browsing experience (almost no speed impact)
+      - name: tox -e ${{ matrix.passed_name }}
+        run: python3 -m tox -e ${{ matrix.passed_name }}
+
+      - name: Combine coverage data
+        if: ${{ startsWith(matrix.passed_name, 'py') }}
+        # produce a single .coverage file at repo root
+        run: tox -e coverage
+
+      - name: Upload coverage data
+        if: ${{ startsWith(matrix.passed_name, 'py') }}
+        uses: codecov/codecov-action@v3
+        with:
+          name: ${{ matrix.passed_name }}
+          fail_ci_if_error: false # see https://github.com/codecov/codecov-action/issues/598
+          token: ${{ secrets.CODECOV_TOKEN }}
+          verbose: true # optional (default = false)
+
+      - name: Archive logs
+        uses: actions/upload-artifact@v3
+        with:
+          name: logs.zip
+          path: .tox/**/log/
+        # https://github.com/actions/upload-artifact/issues/123
+        continue-on-error: true
+
+      - name: Report failure if git reports dirty status
+        run: |
+          git checkout HEAD -- src/ansiblelint/schemas/__store__.json
+          if [[ -n $(git status -s) ]]; then
+            # shellcheck disable=SC2016
+            echo -n '::error file=git-status::'
+            printf '### Failed as git reported modified and/or untracked files\n```\n%s\n```\n' "$(git status -s)" | tee -a "$GITHUB_STEP_SUMMARY"
+            exit 99
+          fi
+        # https://github.com/actions/toolkit/issues/193
+  codeql:
+    name: codeql
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: ["python"]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+
+          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+          # queries: security-extended,security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:${{matrix.language}}"
+
+  check: # This job does nothing and is only used for the branch protection
+    if: always()
+    permissions:
+      pull-requests: write # allow codenotify to comment on pull-request
+
+    needs:
+      - build
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Decide whether the needed jobs succeeded or failed
+        uses: re-actors/alls-green@release/v1
+        with:
+          jobs: ${{ toJSON(needs) }}
+
+      - name: Check out src from Git
+        uses: actions/checkout@v3
+
+      - name: Notify repository owners about lint change affecting them
+        uses: sourcegraph/codenotify@v0.6.4
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        # https://github.com/sourcegraph/codenotify/issues/19
+        continue-on-error: true