diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-26 06:24:57 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-26 06:24:57 +0000 |
| commit | 1faea9a6c75f33109e8f66b57b432fdad57b3f46 (patch) | |
| tree | 4184ce38ac0cf9d5a46bbbae03c87be82927f12b /examples/playbooks | |
| parent | Adding upstream version 6.17.2. (diff) | |
| download | ansible-lint-upstream.tar.xz ansible-lint-upstream.zip | |
Adding upstream version 24.6.1.upstream/24.6.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'examples/playbooks')
76 files changed, 1143 insertions, 37 deletions
diff --git a/examples/playbooks/4114/transform-with-missing-role-and-modules.transformed.yml b/examples/playbooks/4114/transform-with-missing-role-and-modules.transformed.yml new file mode 100644 index 0000000..10ae898 --- /dev/null +++ b/examples/playbooks/4114/transform-with-missing-role-and-modules.transformed.yml @@ -0,0 +1,13 @@ +--- +- name: Reproducer for bug 4114 + hosts: localhost + roles: + - this_role_is_missing + tasks: + - name: Task referring to a missing module + this_module_does_not_exist: + foo: bar + + - name: Use raw to echo + ansible.builtin.debug: # <-- this should be converted to fqcn + msg: some message! diff --git a/examples/playbooks/4114/transform-with-missing-role-and-modules.yml b/examples/playbooks/4114/transform-with-missing-role-and-modules.yml new file mode 100644 index 0000000..c166dd5 --- /dev/null +++ b/examples/playbooks/4114/transform-with-missing-role-and-modules.yml @@ -0,0 +1,13 @@ +--- +- name: Reproducer for bug 4114 + hosts: localhost + roles: + - this_role_is_missing + tasks: + - name: Task referring to a missing module + this_module_does_not_exist: + foo: bar + + - name: Use raw to echo + debug: # <-- this should be converted to fqcn + msg: some message! diff --git a/examples/playbooks/action_plugins/some_action.py b/examples/playbooks/action_plugins/some_action.py new file mode 100644 index 0000000..1dc01aa --- /dev/null +++ b/examples/playbooks/action_plugins/some_action.py @@ -0,0 +1,13 @@ +"""Sample action_plugin.""" + +from ansible.plugins.action import ActionBase + + +class ActionModule(ActionBase): # type: ignore[misc] + """Sample module.""" + + def run(self, tmp=None, task_vars=None): # type: ignore[no-untyped-def] + """.""" + super().run(tmp, task_vars) + ret = {"foo": "bar"} + return {"ansible_facts": ret} diff --git a/examples/playbooks/adj_action.yml b/examples/playbooks/adj_action.yml new file mode 100644 index 0000000..4c78a2b --- /dev/null +++ b/examples/playbooks/adj_action.yml @@ -0,0 +1,10 @@ +--- +- name: Fixture for testing adjacent plugins + hosts: localhost + tasks: + - name: Call adjacent action plugin + some_action: {} + + - name: Call adjacent filter plugin + ansible.builtin.debug: + msg: "{{ 'foo' | some_filter }}" diff --git a/examples/playbooks/blockincludes.yml b/examples/playbooks/blockincludes.yml index b8387a8..31317a7 100644 --- a/examples/playbooks/blockincludes.yml +++ b/examples/playbooks/blockincludes.yml @@ -14,7 +14,7 @@ - name: Block level 3 block: - name: Include under block level 3 # noqa: deprecated-module - ansible.builtin.include: "{{ varset }}.yml" + ansible.builtin.include_tasks: "{{ varset }}.yml" - name: Block level 4 block: - name: INCLUDE under block level 4 diff --git a/examples/playbooks/common-include-1.yml b/examples/playbooks/common-include-1.yml index 3a4691f..9885d61 100644 --- a/examples/playbooks/common-include-1.yml +++ b/examples/playbooks/common-include-1.yml @@ -8,3 +8,5 @@ - name: Some include_tasks with file and jinja2 ansible.builtin.include_tasks: file: "{{ 'tasks/included-with-lint.yml' }}" + - name: Some include 3 + ansible.builtin.include_tasks: file=tasks/included-with-lint.yml diff --git a/examples/playbooks/common-include-wrong-syntax.yml b/examples/playbooks/common-include-wrong-syntax.yml new file mode 100644 index 0000000..c59b41b --- /dev/null +++ b/examples/playbooks/common-include-wrong-syntax.yml @@ -0,0 +1,9 @@ +--- +- name: Fixture for test coverage + hosts: localhost + gather_facts: false + tasks: + - name: Some include with invalid syntax + ansible.builtin.include_tasks: "file=" + - name: Some include with invalid syntax + ansible.builtin.include_tasks: other=tasks/included-with-lint.yml diff --git a/examples/playbooks/common-include-wrong-syntax2.yml b/examples/playbooks/common-include-wrong-syntax2.yml new file mode 100644 index 0000000..a4891c8 --- /dev/null +++ b/examples/playbooks/common-include-wrong-syntax2.yml @@ -0,0 +1,8 @@ +--- +- name: Fixture for test coverage + hosts: localhost + gather_facts: false + tasks: + - name: Some include with invalid syntax + ansible.builtin.include_tasks: + file: null diff --git a/examples/playbooks/common-include-wrong-syntax3.yml b/examples/playbooks/common-include-wrong-syntax3.yml new file mode 100644 index 0000000..21bba1e --- /dev/null +++ b/examples/playbooks/common-include-wrong-syntax3.yml @@ -0,0 +1,7 @@ +--- +- name: Fixture + hosts: localhost + tasks: + - name: Fixture + ansible.builtin.include_role: + name: include_wrong_syntax diff --git a/examples/playbooks/conflicting_action2.yml b/examples/playbooks/conflicting_action2.yml new file mode 100644 index 0000000..380857d --- /dev/null +++ b/examples/playbooks/conflicting_action2.yml @@ -0,0 +1,9 @@ +--- +- hosts: localhost + gather_facts: false + tasks: + - block: + include_role: + tasks_from: ghe-config-apply.yml + tags: + - github diff --git a/examples/playbooks/example.yml b/examples/playbooks/example.yml index fa1a635..14f7927 100644 --- a/examples/playbooks/example.yml +++ b/examples/playbooks/example.yml @@ -36,8 +36,8 @@ - git # yamllint wrong indentation - bobbins - - name: Yum latest - ansible.builtin.yum: state=latest name=httpd + - name: Dnf latest + ansible.builtin.dnf: state=latest name=httpd - ansible.builtin.debug: msg="debug task without a name" diff --git a/examples/playbooks/filter_plugins/some_filter.py b/examples/playbooks/filter_plugins/some_filter.py new file mode 100644 index 0000000..86ebda8 --- /dev/null +++ b/examples/playbooks/filter_plugins/some_filter.py @@ -0,0 +1,13 @@ +"""Sample adjacent filter plugin.""" + +from __future__ import annotations + + +class FilterModule: # pylint: disable=too-few-public-methods + """Ansible filters.""" + + def filters(self): # type: ignore[no-untyped-def] + """Return list of exposed filters.""" + return { + "some_filter": str, + } diff --git a/examples/playbooks/handlers/empty.yml b/examples/playbooks/handlers/empty.yml new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/examples/playbooks/handlers/empty.yml diff --git a/examples/playbooks/include.yml b/examples/playbooks/include.yml index 5596728..57fe58e 100644 --- a/examples/playbooks/include.yml +++ b/examples/playbooks/include.yml @@ -11,6 +11,7 @@ tasks: - ansible.builtin.include_tasks: tasks/x.yml - ansible.builtin.include_tasks: tasks/x.yml y=z + - ansible.builtin.include_tasks: file=tasks/x.yml handlers: - ansible.builtin.include_tasks: handlers/y.yml diff --git a/examples/playbooks/incorrect_module_args.yml b/examples/playbooks/incorrect_module_args.yml new file mode 100644 index 0000000..9e4dde6 --- /dev/null +++ b/examples/playbooks/incorrect_module_args.yml @@ -0,0 +1,7 @@ +--- +- name: Demonstrate linting issue. + hosts: all + tasks: + - name: Include a role with the wrong syntax + ansible.builtin.include_role: + role: foo diff --git a/examples/playbooks/invalid-transform.yml b/examples/playbooks/invalid-transform.yml new file mode 100644 index 0000000..3a1d50a --- /dev/null +++ b/examples/playbooks/invalid-transform.yml @@ -0,0 +1,11 @@ +# yamllint disable-file +--- +- name: Test + hosts: localhost + gather_facts: false + + tasks: + - name: Print hello message + ansible.builtin.debug: + msg: "Hello!" + register: vm_output diff --git a/examples/playbooks/module_relative_import.yml b/examples/playbooks/module_relative_import.yml new file mode 100644 index 0000000..8857966 --- /dev/null +++ b/examples/playbooks/module_relative_import.yml @@ -0,0 +1,6 @@ +--- +- name: Module relative import + hosts: localhost + tasks: + - name: Module with relative import + local.testcollection.module_with_relative_import: {} diff --git a/examples/playbooks/multi_yaml_doc.transformed.yml b/examples/playbooks/multi_yaml_doc.transformed.yml new file mode 100644 index 0000000..ab1e02f --- /dev/null +++ b/examples/playbooks/multi_yaml_doc.transformed.yml @@ -0,0 +1,23 @@ +--- +- name: First problematic play + hosts: localhost + tasks: + - name: Echo a message + ansible.builtin.shell: echo hello # <-- command-instead-of-shell + changed_when: false +--- +- name: second problematic play # <-- name[casing] + hosts: localhost + tasks: + - name: Remove file (delete file) + ansible.builtin.file: + path: /etc/foo.txt + state: absent +--- +- name: Third problematic play + hosts: localhost + tasks: + - name: Remove file (delete file) + file: # <-- fqcn[action-core] + path: /etc/foo.txt + state: absent diff --git a/examples/playbooks/multi_yaml_doc.yml b/examples/playbooks/multi_yaml_doc.yml new file mode 100644 index 0000000..ab1e02f --- /dev/null +++ b/examples/playbooks/multi_yaml_doc.yml @@ -0,0 +1,23 @@ +--- +- name: First problematic play + hosts: localhost + tasks: + - name: Echo a message + ansible.builtin.shell: echo hello # <-- command-instead-of-shell + changed_when: false +--- +- name: second problematic play # <-- name[casing] + hosts: localhost + tasks: + - name: Remove file (delete file) + ansible.builtin.file: + path: /etc/foo.txt + state: absent +--- +- name: Third problematic play + hosts: localhost + tasks: + - name: Remove file (delete file) + file: # <-- fqcn[action-core] + path: /etc/foo.txt + state: absent diff --git a/examples/playbooks/name-case.transformed.yml b/examples/playbooks/name-case.transformed.yml index 03b8c46..906a237 100644 --- a/examples/playbooks/name-case.transformed.yml +++ b/examples/playbooks/name-case.transformed.yml @@ -1,4 +1,33 @@ --- - name: This lacks a capitalization hosts: localhost - tasks: [] + tasks: + - name: Task that always changes + ansible.builtin.debug: + msg: I always change! + changed_when: true + notify: My handler + + - name: Task with notify as list + ansible.builtin.debug: + msg: I always change! + changed_when: true + notify: + - my handler 1 + - My handler + - my handler 2 + + - name: Task without notify + ansible.builtin.debug: + msg: I always change! + changed_when: true + + handlers: + - name: My handler + ansible.builtin.debug: + msg: I never run :( + + - name: Test task for listen + ansible.builtin.debug: + msg: I never run :( + listen: My handler diff --git a/examples/playbooks/name-case.yml b/examples/playbooks/name-case.yml index 5480d2c..62d7b56 100644 --- a/examples/playbooks/name-case.yml +++ b/examples/playbooks/name-case.yml @@ -1,4 +1,33 @@ --- - name: this lacks a capitalization hosts: localhost - tasks: [] + tasks: + - name: Task that always changes + ansible.builtin.debug: + msg: I always change! + changed_when: true + notify: my handler + + - name: Task with notify as list + ansible.builtin.debug: + msg: I always change! + changed_when: true + notify: + - my handler 1 + - my handler + - my handler 2 + + - name: Task without notify + ansible.builtin.debug: + msg: I always change! + changed_when: true + + handlers: + - name: my handler + ansible.builtin.debug: + msg: I never run :( + + - name: Test task for listen + ansible.builtin.debug: + msg: I never run :( + listen: "my handler" diff --git a/examples/playbooks/no_handler_pass.yml b/examples/playbooks/no_handler_pass.yml index 5c44891..ea6d61d 100644 --- a/examples/playbooks/no_handler_pass.yml +++ b/examples/playbooks/no_handler_pass.yml @@ -82,3 +82,14 @@ ansible.builtin.debug: msg: why isn't this a handler when: result | changed + + handlers: + # If this task would have being under 'tasks:' it should have triggered + # the rule, but under 'handlers:' it should not. + - name: Reproduce bug 3646 + loop: "{{ _something_done.results }}" + loop_control: + label: "{{ item.item.name }}" + when: item.changed + ansible.builtin.debug: + msg: "{{ item.item.name }} changed" diff --git a/examples/playbooks/nodeps.yml b/examples/playbooks/nodeps.yml new file mode 100644 index 0000000..0ca1aa3 --- /dev/null +++ b/examples/playbooks/nodeps.yml @@ -0,0 +1,6 @@ +--- +- name: Example + hosts: localhost + tasks: + - name: Calling a module that is not installed + a.b.c: {} diff --git a/examples/playbooks/nodeps2.yml b/examples/playbooks/nodeps2.yml new file mode 100644 index 0000000..fc784d0 --- /dev/null +++ b/examples/playbooks/nodeps2.yml @@ -0,0 +1,7 @@ +--- +- name: Fixture for nodeps with missing filter + hosts: localhost + tasks: + - name: Calling a module that is not installed + ansible.builtin.debug: + msg: "{{ foo | missing_filter }}" diff --git a/examples/playbooks/package-check-failure.yml b/examples/playbooks/package-check-failure.yml index 393b52b..69182f3 100644 --- a/examples/playbooks/package-check-failure.yml +++ b/examples/playbooks/package-check-failure.yml @@ -19,3 +19,10 @@ name: sudo state: latest update_only: false + + - name: Install ansible with only_upgrade to false + ansible.builtin.apt: + name: sudo + state: latest + upgrade: true + only_upgrade: false diff --git a/examples/playbooks/package-check-success.yml b/examples/playbooks/package-check-success.yml index a513d5d..a9e8435 100644 --- a/examples/playbooks/package-check-success.yml +++ b/examples/playbooks/package-check-success.yml @@ -20,3 +20,10 @@ name: sudo state: latest update_only: true + + - name: Upgrade ansible + ansible.builtin.apt: + name: sudo + state: latest + upgrade: true + only_upgrade: true diff --git a/examples/playbooks/removed-include.yml b/examples/playbooks/removed-include.yml new file mode 100644 index 0000000..4f0ba58 --- /dev/null +++ b/examples/playbooks/removed-include.yml @@ -0,0 +1,6 @@ +--- +- name: Invalid playbook + hosts: localhost + tasks: + - name: Foo + include: tasks/simple_task.yml # <-- include was removed in 2.16 diff --git a/examples/playbooks/role_vars_prefix_detection.yml b/examples/playbooks/role_vars_prefix_detection.yml new file mode 100644 index 0000000..fee163f --- /dev/null +++ b/examples/playbooks/role_vars_prefix_detection.yml @@ -0,0 +1,53 @@ +--- +- name: Test role-prefix + hosts: localhost + connection: local + roles: + - role_vars_prefix_detection + + - role: role_vars_prefix_detection + var1: val1 + + - role: role_vars_prefix_detection + var1: val1 + become: true + vars: + var2: val2 + + - role: role_vars_prefix_detection + become: true + environment: + FOO: /bar/barr + role_vars_prefix_detection_var1: val1 + + - role: role_vars_prefix_detection + vars: + var1: val1 + + - role: role_vars_prefix_detection + become: true + environment: + BAR: /baz + vars: + var1: val1 + + - role: role_vars_prefix_detection + become: true + environment: + BAR: /baz + vars: + role_vars_prefix_detection_var1: val1 + tasks: + - name: Include1 + ansible.builtin.include_role: + name: role_vars_prefix_detection + vars: + var1: val1 + + - name: Include2 + ansible.builtin.include_role: + name: role_vars_prefix_detection + vars: + role_vars_prefix_detection_var1: val1 + _role_vars_prefix_detection_var2: val2 + __role_vars_prefix_detection_var3: val3 diff --git a/examples/playbooks/rule-command-instead-of-module-pass.yml b/examples/playbooks/rule-command-instead-of-module-pass.yml index c0a26e9..2fbc5c2 100644 --- a/examples/playbooks/rule-command-instead-of-module-pass.yml +++ b/examples/playbooks/rule-command-instead-of-module-pass.yml @@ -5,9 +5,11 @@ - name: Print current git branch ansible.builtin.command: git branch changed_when: false + - name: Print git log ansible.builtin.command: git log changed_when: false + - name: Install git lfs support ansible.builtin.command: git lfs install changed_when: false @@ -20,6 +22,10 @@ ansible.builtin.command: systemctl show-environment changed_when: false + - name: Get systemd runlevel + ansible.builtin.command: systemctl get-default + changed_when: false + - name: Set systemd runlevel ansible.builtin.command: systemctl set-default multi-user.target changed_when: false @@ -35,3 +41,11 @@ - name: Clear yum cache ansible.builtin.command: "" changed_when: false + + - name: Print yum history + ansible.builtin.command: yum history + changed_when: false + + - name: Print yum info + ansible.builtin.command: yum info bash + changed_when: false diff --git a/examples/playbooks/rule-complexity-fail.yml b/examples/playbooks/rule-complexity-fail.yml new file mode 100644 index 0000000..0eb68bf --- /dev/null +++ b/examples/playbooks/rule-complexity-fail.yml @@ -0,0 +1,42 @@ +--- +# no of tasks required are 5 and since there are 6 tasks it will give an error +- name: Test Fixture complexity rule + hosts: all + tasks: + - name: Task 1 + ansible.builtin.debug: + msg: "This is task 1" + + - name: Task 2 + ansible.builtin.debug: + msg: "This is task 2" + + - name: Task 3 + ansible.builtin.debug: + msg: "This is task 3" + + - name: Task 4 + ansible.builtin.debug: + msg: "This is task 4" + + - name: Task 5 + ansible.builtin.debug: + msg: "This is task 5" + + - name: Task 6 + ansible.builtin.debug: + msg: "This is task 6" + + - name: Block Task 7 + block: + - name: 2nd level block + block: + - name: 3rd level block + block: + - name: 4th level block + block: + - name: 5th level block + block: + - name: Nested Task 1 + ansible.builtin.debug: + msg: "This is nested task 1" diff --git a/examples/playbooks/rule-complexity-pass.yml b/examples/playbooks/rule-complexity-pass.yml new file mode 100644 index 0000000..27ec7f4 --- /dev/null +++ b/examples/playbooks/rule-complexity-pass.yml @@ -0,0 +1,35 @@ +--- +- name: Test fixture complexity rule + hosts: all + tasks: + - name: Task 1 + ansible.builtin.debug: + msg: "This is task 1" + + - name: Task 2 + ansible.builtin.debug: + msg: "This is task 2" + + - name: Task 3 + ansible.builtin.debug: + msg: "This is task 3" + + - name: Task 4 + ansible.builtin.debug: + msg: "This is task 4" + + - name: Task 5 + block: + - name: Include under block level 1 + ansible.builtin.debug: + msg: "This is nested block" + - name: Block level 2 + block: + - name: Include under block level 2 + ansible.builtin.debug: + msg: "This is block 2" + - name: Block level 3 + block: + - name: INCLUDE under block level 3 + ansible.builtin.debug: + msg: "This is block 3" diff --git a/examples/playbooks/rule-deprecated-bare-vars-fail.yml b/examples/playbooks/rule-deprecated-bare-vars-fail.yml index 7091f46..a7efeea 100644 --- a/examples/playbooks/rule-deprecated-bare-vars-fail.yml +++ b/examples/playbooks/rule-deprecated-bare-vars-fail.yml @@ -39,12 +39,6 @@ msg: "{{ item }}" with_dict: my_dict - ### Testing with_dict with a default empty dictionary - - name: Use with_dict loop using variable and default - ansible.builtin.debug: - msg: "{{ item.key }} - {{ item.value }}" - with_dict: uwsgi_ini | default({}) - - name: Use with_nested loop using bare variable ansible.builtin.debug: msg: "{{ item.0 }} {{ item.1 }}" diff --git a/examples/playbooks/rule-deprecated-bare-vars-pass.yml b/examples/playbooks/rule-deprecated-bare-vars-pass.yml index c7e6521..fe3ca1d 100644 --- a/examples/playbooks/rule-deprecated-bare-vars-pass.yml +++ b/examples/playbooks/rule-deprecated-bare-vars-pass.yml @@ -166,3 +166,12 @@ with_items: >- {%- set ns = [1, 1, 2] -%} {{- ns.keys | unique -}} + + - name: Reproduce bug 3646 + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: "{{ item.mode }}" + with_community.general.filetree: + - "../templates/SpaceVim.d/" + when: item.state == "directory" and ".git" not in item.path diff --git a/examples/playbooks/rule-jinja-before.transformed.yml b/examples/playbooks/rule-jinja-before.transformed.yml new file mode 100644 index 0000000..ac6a81c --- /dev/null +++ b/examples/playbooks/rule-jinja-before.transformed.yml @@ -0,0 +1,9 @@ +--- +# https://github.com/ansible/ansible-lint/issues/3739 +- name: Reproducer bug 3739 + hosts: all + tasks: + - name: Generate keypair + community.crypto.openssh_keypair: + path: "{{ env.path }}" + when: ( env.path is not none ) diff --git a/examples/playbooks/rule-jinja-before.yml b/examples/playbooks/rule-jinja-before.yml new file mode 100644 index 0000000..355de8a --- /dev/null +++ b/examples/playbooks/rule-jinja-before.yml @@ -0,0 +1,9 @@ +--- +# https://github.com/ansible/ansible-lint/issues/3739 +- name: Reproducer bug 3739 + hosts: all + tasks: + - name: Generate keypair + community.crypto.openssh_keypair: + path: "{{env.path}}" + when: ( env.path is not none ) diff --git a/examples/playbooks/rule-jinja-pass.yml b/examples/playbooks/rule-jinja-pass.yml index cbdfee6..6944611 100644 --- a/examples/playbooks/rule-jinja-pass.yml +++ b/examples/playbooks/rule-jinja-pass.yml @@ -29,6 +29,9 @@ - name: Bug https://github.com/ansible/ansible-lint/issues/3048 ansible.builtin.set_fact: x: "{{ y.json | community.general.json_query(edition.version) }}" + - name: Bug https://github.com/ansible/ansible-lint/issues/3769 + ansible.builtin.debug: + msg: "{{ 65534 | ansible.builtin.random(seed=inventory_hostname) }}" # https://github.com/ansible/ansible-lint/issues/2697 - name: Test linter @@ -81,3 +84,7 @@ - name: "Bug https://github.com/ansible/ansible-lint/issues/3155" ansible.builtin.debug: msg: "Is changed:{{ date_cmd is changed }}" + + - name: Bug https://github.com/ansible/ansible-lint/issues/3908 + ansible.builtin.debug: + msg: "{{ foo | ansible.builtin.mandatory(msg='My message') }}" diff --git a/examples/playbooks/rule-no-free-form-fail.yml b/examples/playbooks/rule-no-free-form-fail.yml index 8360608..dea98b8 100644 --- a/examples/playbooks/rule-no-free-form-fail.yml +++ b/examples/playbooks/rule-no-free-form-fail.yml @@ -5,9 +5,11 @@ - name: Create a placefolder file ansible.builtin.command: chdir=/tmp touch foo # <-- don't use shorthand changed_when: false + - name: Use raw to echo ansible.builtin.raw: executable=/bin/bash echo foo # <-- don't use executable= changed_when: false + - name: Testing anything else passed to raw except for string ansible.builtin.raw: args: "123" diff --git a/examples/playbooks/rule-no-tabs.yml b/examples/playbooks/rule-no-tabs.yml index 4621096..3078e22 100644 --- a/examples/playbooks/rule-no-tabs.yml +++ b/examples/playbooks/rule-no-tabs.yml @@ -16,5 +16,22 @@ - name: Should not trigger no-tabs rules # noqa fqcn lineinfile: path: some.txt - regexp: ^\t$ + regexp: "^\t$" line: string with \t inside + # Disabled as attempt to mock it would trigger an error validating its arguments + # - name: Should not trigger no-tabs rules # noqa fqcn + # win_lineinfile: + # path: some.txt + # regexp: "^\t$" + # line: string with \t inside + - name: Should not trigger no-tabs rules + community.windows.win_lineinfile: + path: some.txt + regexp: "^\t$" + line: string with \t inside + - name: Should not trigger inside jinja + vars: + deep: + "some{{ '\t' }}stuff": true + ansible.builtin.debug: + msg: "{{ 'foo' + '\t' + 'bar' }}" diff --git a/examples/playbooks/rule-partial-become-without-become-fail.yml b/examples/playbooks/rule-partial-become-without-become-fail.yml index da48b2f..80b633d 100644 --- a/examples/playbooks/rule-partial-become-without-become-fail.yml +++ b/examples/playbooks/rule-partial-become-without-become-fail.yml @@ -1,28 +1,27 @@ --- -- hosts: localhost - name: Use of become_user without become play +- name: Use of become_user without become at play level + hosts: localhost become_user: root tasks: - - ansible.builtin.debug: + - name: A task without issues + ansible.builtin.debug: msg: hello -- hosts: localhost - +- name: Use of become_user without become at task level + hosts: localhost tasks: - name: Use of become_user without become task ansible.builtin.command: whoami become_user: postgres changed_when: false -- hosts: localhost - +- name: Use of become_user without become at task level + hosts: localhost tasks: - name: A block with become and become_user on different tasks block: - name: Sample become - become: true - ansible.builtin.command: whoami - - name: Sample become_user - become_user: postgres ansible.builtin.command: whoami + become_user: true + changed_when: false diff --git a/examples/playbooks/rule-partial-become-without-become-pass.yml b/examples/playbooks/rule-partial-become-without-become-pass.yml index e1ae189..c01b141 100644 --- a/examples/playbooks/rule-partial-become-without-become-pass.yml +++ b/examples/playbooks/rule-partial-become-without-become-pass.yml @@ -1,14 +1,16 @@ --- -- hosts: localhost +- name: Test play + hosts: localhost become_user: root become: true tasks: - - ansible.builtin.debug: + - name: Debug + ansible.builtin.debug: msg: hello -- hosts: localhost - +- name: Test play + hosts: localhost tasks: - name: Foo ansible.builtin.command: whoami @@ -16,20 +18,22 @@ become: true changed_when: false -- hosts: localhost - become: true +- name: Test play + hosts: localhost tasks: - name: Accepts a become from higher scope ansible.builtin.command: whoami - become_user: postgres changed_when: false -- hosts: localhost +- name: Test play + hosts: localhost become_user: postgres + become: true tasks: - name: Accepts a become from a lower scope ansible.builtin.command: whoami become: true + become_user: root changed_when: false diff --git a/examples/playbooks/skiptasks.yml b/examples/playbooks/skiptasks.yml index e105ed3..004eb07 100644 --- a/examples/playbooks/skiptasks.yml +++ b/examples/playbooks/skiptasks.yml @@ -37,20 +37,16 @@ - name: Test latest[git] (don't warn) ansible.builtin.command: git log - args: - warn: false changed_when: false - name: Test latest[hg] (don't warn) ansible.builtin.command: chmod 644 A args: - warn: false creates: B - name: Test latest[hg] (warn) ansible.builtin.command: chmod 644 A args: - warn: true creates: B - name: Test latest[git] (don't warn single line) diff --git a/examples/playbooks/tasks/local_action.transformed.yml b/examples/playbooks/tasks/local_action.transformed.yml new file mode 100644 index 0000000..51e2ec1 --- /dev/null +++ b/examples/playbooks/tasks/local_action.transformed.yml @@ -0,0 +1,4 @@ +--- +- name: Sample + ansible.builtin.command: echo 123 + delegate_to: localhost diff --git a/examples/playbooks/tasks/local_action.yml b/examples/playbooks/tasks/local_action.yml new file mode 100644 index 0000000..a4f7a99 --- /dev/null +++ b/examples/playbooks/tasks/local_action.yml @@ -0,0 +1,3 @@ +--- +- name: Sample + local_action: command echo 123 diff --git a/examples/playbooks/tasks/main.yml b/examples/playbooks/tasks/main.yml new file mode 100644 index 0000000..b44604b --- /dev/null +++ b/examples/playbooks/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: This is correct + ansible.builtin.assert: + that: true +- name: A phony prefix | This is also correct + ansible.builtin.assert: + that: true diff --git a/examples/playbooks/tasks/partial_become.yml/main.yml b/examples/playbooks/tasks/partial_become.yml/main.yml new file mode 100644 index 0000000..c7f1980 --- /dev/null +++ b/examples/playbooks/tasks/partial_become.yml/main.yml @@ -0,0 +1,4 @@ +--- +- name: Included with partial become + ansible.builtin.debug: + msg: Included with partial become diff --git a/examples/playbooks/tasks/partial_prefix/foo.yml b/examples/playbooks/tasks/partial_prefix/foo.yml new file mode 100644 index 0000000..5dfb8e9 --- /dev/null +++ b/examples/playbooks/tasks/partial_prefix/foo.yml @@ -0,0 +1,10 @@ +--- +- name: foo | This prefix is incomplete + ansible.builtin.assert: + that: true +- name: partial_prefix | This prefix is incomplete + ansible.builtin.assert: + that: true +- name: partial_prefix | foo | This is correct + ansible.builtin.assert: + that: true diff --git a/examples/playbooks/tasks/partial_prefix/main.yml b/examples/playbooks/tasks/partial_prefix/main.yml new file mode 100644 index 0000000..5c141a8 --- /dev/null +++ b/examples/playbooks/tasks/partial_prefix/main.yml @@ -0,0 +1,10 @@ +--- +- name: partial_prefix | main | This is correct + ansible.builtin.assert: + that: true +- name: main | This prefix is incomplete + ansible.builtin.assert: + that: true +- name: partial_prefix | This prefix is incomplete + ansible.builtin.assert: + that: true diff --git a/examples/playbooks/test-include.yml b/examples/playbooks/test-include.yml new file mode 100644 index 0000000..952e820 --- /dev/null +++ b/examples/playbooks/test-include.yml @@ -0,0 +1,31 @@ +--- +- name: Fixture for testing various includes/imports + hosts: localhost + gather_facts: false + + pre_tasks: + - name: Include 1 + ansible.builtin.include_tasks: tasks/main.yml + + roles: + - test_nop + - { role: test_nop, test_nop_arg1: true } + + tasks: + - name: Include 2 + ansible.builtin.include_tasks: tasks/main.yml + - name: Include 3 + ansible.builtin.include_tasks: tasks/main.yml + - name: Include 4 + ansible.builtin.include_tasks: file=tasks/main.yml + - name: Include 4 + ansible.builtin.import_tasks: file=tasks/main.yml + + handlers: + - name: Include 5 + ansible.builtin.include_tasks: handlers/empty.yml + - name: Include 5 + ansible.builtin.import_tasks: handlers/empty.yml + +- name: Include 6 + ansible.builtin.import_playbook: valid.yml diff --git a/examples/playbooks/test_import_playbook.yml b/examples/playbooks/test_import_playbook.yml new file mode 100644 index 0000000..690950a --- /dev/null +++ b/examples/playbooks/test_import_playbook.yml @@ -0,0 +1,5 @@ +--- +- name: Fixture 1 for bug 4024 + import_playbook: community.molecule.validate.yml +- name: Fixture 2 for bug 4024 + ansible.builtin.import_playbook: community.molecule.validate.yml diff --git a/examples/playbooks/test_import_playbook_invalid.yml b/examples/playbooks/test_import_playbook_invalid.yml new file mode 100644 index 0000000..7bac521 --- /dev/null +++ b/examples/playbooks/test_import_playbook_invalid.yml @@ -0,0 +1,7 @@ +--- +- name: Fixture 3 - not supported (invalid syntax) + ansible.builtin.import_playbook: + file: community.molecule.validate.yml +- name: Fixture 4 - not supported (invalid syntax) + ansible.builtin.import_playbook: + other: community.molecule.validate.yml diff --git a/examples/playbooks/test_skip_inside_yaml.yml b/examples/playbooks/test_skip_inside_yaml.yml index 1f72954..88c396a 100644 --- a/examples/playbooks/test_skip_inside_yaml.yml +++ b/examples/playbooks/test_skip_inside_yaml.yml @@ -44,9 +44,9 @@ - name: Test no-free-form # <-- 3 no-free-form ansible.builtin.command: creates=B chmod 644 A # noqa: no-free-form - name: Test no-free-form # <-- 4 no-free-form - ansible.builtin.command: warn=yes creates=B chmod 644 A # noqa: no-free-form + ansible.builtin.command: creates=B chmod 644 A # noqa: no-free-form - name: Test no-free-form (skipped via no warn) - ansible.builtin.command: warn=no creates=B chmod 644 A # noqa: no-free-form + ansible.builtin.command: creates=B chmod 644 A # noqa: no-free-form - name: Test no-free-form (skipped via skip_ansible_lint) ansible.builtin.command: creates=B chmod 644 A # noqa: no-free-form tags: diff --git a/examples/playbooks/transform-block-indentation-indicator.transformed.yml b/examples/playbooks/transform-block-indentation-indicator.transformed.yml new file mode 100644 index 0000000..e74beff --- /dev/null +++ b/examples/playbooks/transform-block-indentation-indicator.transformed.yml @@ -0,0 +1,10 @@ +--- +- name: Demo + hosts: all + tasks: + - name: Demo + ansible.builtin.debug: + msg: |2 + multi + line + message diff --git a/examples/playbooks/transform-block-indentation-indicator.yml b/examples/playbooks/transform-block-indentation-indicator.yml new file mode 100644 index 0000000..7e9c817 --- /dev/null +++ b/examples/playbooks/transform-block-indentation-indicator.yml @@ -0,0 +1,10 @@ +--- +- name: Demo + hosts: all + tasks: + - name: Demo + ansible.builtin.debug: + msg: |3 + multi + line + message diff --git a/examples/playbooks/transform-deprecated-local-action.transformed.yml b/examples/playbooks/transform-deprecated-local-action.transformed.yml new file mode 100644 index 0000000..5ea7747 --- /dev/null +++ b/examples/playbooks/transform-deprecated-local-action.transformed.yml @@ -0,0 +1,7 @@ +--- +- name: Fixture for deprecated-local-action + hosts: localhost + tasks: + - name: Task example + ansible.builtin.debug: + delegate_to: localhost diff --git a/examples/playbooks/transform-deprecated-local-action.yml b/examples/playbooks/transform-deprecated-local-action.yml new file mode 100644 index 0000000..c8eeb11 --- /dev/null +++ b/examples/playbooks/transform-deprecated-local-action.yml @@ -0,0 +1,7 @@ +--- +- name: Fixture for deprecated-local-action + hosts: localhost + tasks: + - name: Task example + local_action: + module: ansible.builtin.debug diff --git a/examples/playbooks/transform-jinja.transformed.yml b/examples/playbooks/transform-jinja.transformed.yml new file mode 100644 index 0000000..a89dad0 --- /dev/null +++ b/examples/playbooks/transform-jinja.transformed.yml @@ -0,0 +1,40 @@ +--- +- name: Fixture + hosts: localhost + vars: + my_list: + - foo + - bar + tasks: + - name: A block used to check that we do not identify error at correct level + block: + - name: Foo # <-- this is valid jinja2 + ansible.builtin.debug: + foo: "{{ 1 }}" # <-- jinja2[spacing] + msg: "{{ 'a' b }}" # <-- jinja2[invalid] + + - name: A block used to check that we do not identify error at correct level + block: + - name: Foo # <-- this is valid jinja2 + ansible.builtin.debug: + msg: "{{ item }}" # <-- jinja2[spacing] + with_items: + - "{{ items }}" + + - name: Confirm a deeply nested duplicate error is corrected + ansible.builtin.set_fact: + fact: + dict: + dict: + list: + - one + - two + - dict: + fix: "{{ 'VALUE_1' | lower }}" # <-- jinja2[spacing] + - dict: + fix: "{{ 'VALUE_1' | lower }}" # <-- jinja2[spacing] + - dict: + fix: "{{ 'VALUE_2' | lower }}" # <-- jinja2[spacing] + +# It should be noted that even ansible --syntax-check fails to spot the jinja +# error above, but ansible will throw a runtime error when running diff --git a/examples/playbooks/transform-jinja.yml b/examples/playbooks/transform-jinja.yml new file mode 100644 index 0000000..4a4cd32 --- /dev/null +++ b/examples/playbooks/transform-jinja.yml @@ -0,0 +1,40 @@ +--- +- name: Fixture + hosts: localhost + vars: + my_list: + - foo + - bar + tasks: + - name: A block used to check that we do not identify error at correct level + block: + - name: Foo # <-- this is valid jinja2 + ansible.builtin.debug: + foo: "{{ 1 }}" # <-- jinja2[spacing] + msg: "{{ 'a' b }}" # <-- jinja2[invalid] + + - name: A block used to check that we do not identify error at correct level + block: + - name: Foo # <-- this is valid jinja2 + ansible.builtin.debug: + msg: "{{ item }}" # <-- jinja2[spacing] + with_items: + - "{{ items }}" + + - name: Confirm a deeply nested duplicate error is corrected + ansible.builtin.set_fact: + fact: + dict: + dict: + list: + - one + - two + - dict: + fix: "{{'VALUE_1'|lower}}" # <-- jinja2[spacing] + - dict: + fix: "{{'VALUE_1'|lower}}" # <-- jinja2[spacing] + - dict: + fix: "{{'VALUE_2'|lower}}" # <-- jinja2[spacing] + +# It should be noted that even ansible --syntax-check fails to spot the jinja +# error above, but ansible will throw a runtime error when running diff --git a/examples/playbooks/transform-key-order-block.transformed.yml b/examples/playbooks/transform-key-order-block.transformed.yml new file mode 100644 index 0000000..0f1ca12 --- /dev/null +++ b/examples/playbooks/transform-key-order-block.transformed.yml @@ -0,0 +1,20 @@ +--- +- name: Testing multiple plays in a playbook + hosts: localhost + tasks: + - name: First block + when: true + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! + +- name: A second play + hosts: localhost + tasks: + - name: Second block + when: true # <-- name key should be the second one + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! diff --git a/examples/playbooks/transform-key-order-block.yml b/examples/playbooks/transform-key-order-block.yml new file mode 100644 index 0000000..12a171e --- /dev/null +++ b/examples/playbooks/transform-key-order-block.yml @@ -0,0 +1,20 @@ +--- +- name: Testing multiple plays in a playbook + hosts: localhost + tasks: + - name: First block + when: true + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! + +- name: A second play + hosts: localhost + tasks: + - name: Second block + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! + when: true # <-- name key should be the second one diff --git a/examples/playbooks/transform-key-order-play.transformed.yml b/examples/playbooks/transform-key-order-play.transformed.yml new file mode 100644 index 0000000..030364d --- /dev/null +++ b/examples/playbooks/transform-key-order-play.transformed.yml @@ -0,0 +1,10 @@ +--- +- name: This is a playbook # <-- name key should be the first one + hosts: localhost + tasks: + - name: A block + when: true + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! diff --git a/examples/playbooks/transform-key-order-play.yml b/examples/playbooks/transform-key-order-play.yml new file mode 100644 index 0000000..e61920d --- /dev/null +++ b/examples/playbooks/transform-key-order-play.yml @@ -0,0 +1,10 @@ +--- +- hosts: localhost + name: This is a playbook # <-- name key should be the first one + tasks: + - name: A block + when: true + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! diff --git a/examples/playbooks/transform-key-order.transformed.yml b/examples/playbooks/transform-key-order.transformed.yml new file mode 100644 index 0000000..82b62d2 --- /dev/null +++ b/examples/playbooks/transform-key-order.transformed.yml @@ -0,0 +1,32 @@ +--- +- name: Fixture + hosts: localhost + tasks: + # comment before keys + - name: Task with no_log on top # name comment + no_log: true # no_log comment + ansible.builtin.command: echo hello # command comment + changed_when: false # changed_when comment + # comment after keys + - name: Task with when on top + when: true + ansible.builtin.command: echo hello + changed_when: false + - name: Delegate_to on top + delegate_to: localhost + ansible.builtin.command: echo hello + changed_when: false + - name: Loopy + loop: + - 1 + - 2 + ansible.builtin.command: echo {{ item }} + changed_when: false + - name: Become first + become: true + ansible.builtin.command: echo hello + changed_when: false + - name: Register first + register: test + ansible.builtin.command: echo hello + changed_when: false diff --git a/examples/playbooks/transform-key-order.yml b/examples/playbooks/transform-key-order.yml new file mode 100644 index 0000000..71712d1 --- /dev/null +++ b/examples/playbooks/transform-key-order.yml @@ -0,0 +1,32 @@ +--- +- name: Fixture + hosts: localhost + tasks: + - # comment before keys + no_log: true # no_log comment + ansible.builtin.command: echo hello # command comment + name: Task with no_log on top # name comment + changed_when: false # changed_when comment + # comment after keys + - when: true + name: Task with when on top + ansible.builtin.command: echo hello + changed_when: false + - delegate_to: localhost + name: Delegate_to on top + ansible.builtin.command: echo hello + changed_when: false + - loop: + - 1 + - 2 + name: Loopy + ansible.builtin.command: echo {{ item }} + changed_when: false + - become: true + name: Become first + ansible.builtin.command: echo hello + changed_when: false + - register: test + ansible.builtin.command: echo hello + name: Register first + changed_when: false diff --git a/examples/playbooks/transform-no-free-form.transformed.yml b/examples/playbooks/transform-no-free-form.transformed.yml new file mode 100644 index 0000000..e947c34 --- /dev/null +++ b/examples/playbooks/transform-no-free-form.transformed.yml @@ -0,0 +1,30 @@ +--- +- name: Example with discouraged free-form syntax + hosts: localhost + tasks: + - name: Create a placefolder file + ansible.builtin.command: # <-- don't use shorthand + chdir: /tmp + cmd: touch foo + changed_when: false + + - name: Create a placefolder file + ansible.builtin.command: # <-- command can also go first + chdir: /tmp + cmd: touch bar + changed_when: false + + - name: Use raw to echo + ansible.builtin.raw: echo foo # <-- don't use executable= + args: + executable: /bin/bash + changed_when: false + + - name: Example task with usage for '=' as module params + ansible.builtin.debug: + msg: "'Hello there world'" + changed_when: false + + - name: Task that has a non-debug string with spaces + ansible.builtin.set_fact: + foo: '"String with spaces"' diff --git a/examples/playbooks/transform-no-free-form.yml b/examples/playbooks/transform-no-free-form.yml new file mode 100644 index 0000000..c57da0c --- /dev/null +++ b/examples/playbooks/transform-no-free-form.yml @@ -0,0 +1,22 @@ +--- +- name: Example with discouraged free-form syntax + hosts: localhost + tasks: + - name: Create a placefolder file + ansible.builtin.command: chdir=/tmp touch foo # <-- don't use shorthand + changed_when: false + + - name: Create a placefolder file + ansible.builtin.command: touch bar chdir=/tmp # <-- command can also go first + changed_when: false + + - name: Use raw to echo + ansible.builtin.raw: executable=/bin/bash echo foo # <-- don't use executable= + changed_when: false + + - name: Example task with usage for '=' as module params + ansible.builtin.debug: msg='Hello there world' + changed_when: false + + - name: Task that has a non-debug string with spaces + ansible.builtin.set_fact: foo="String with spaces" diff --git a/examples/playbooks/transform-no-jinja-when.transformed.yml b/examples/playbooks/transform-no-jinja-when.transformed.yml new file mode 100644 index 0000000..da93ec5 --- /dev/null +++ b/examples/playbooks/transform-no-jinja-when.transformed.yml @@ -0,0 +1,21 @@ +--- +- name: One + hosts: all + tasks: + - name: Test when with jinja2 # noqa: jinja[spacing] + ansible.builtin.debug: + msg: text + when: "false" + +- name: Two + hosts: all + roles: + - role: hello + when: "'1' = '1'" + +- name: Three + hosts: all + roles: + - role: hello + when: + - "'1' = '1'" diff --git a/examples/playbooks/transform-no-jinja-when.yml b/examples/playbooks/transform-no-jinja-when.yml new file mode 100644 index 0000000..be8dd05 --- /dev/null +++ b/examples/playbooks/transform-no-jinja-when.yml @@ -0,0 +1,21 @@ +--- +- name: One + hosts: all + tasks: + - name: Test when with jinja2 # noqa: jinja[spacing] + ansible.builtin.debug: + msg: text + when: "{{ false }}" + +- name: Two + hosts: all + roles: + - role: hello + when: "{{ '1' = '1' }}" + +- name: Three + hosts: all + roles: + - role: hello + when: + - "{{ '1' = '1' }}" diff --git a/examples/playbooks/transform-no-log-password.transformed.yml b/examples/playbooks/transform-no-log-password.transformed.yml new file mode 100644 index 0000000..791c074 --- /dev/null +++ b/examples/playbooks/transform-no-log-password.transformed.yml @@ -0,0 +1,23 @@ +--- +- name: Fixture for no log password + hosts: all + tasks: + - name: Fail when no_log is set to False + ansible.builtin.user: + name: john_doe + password: "{{ item }}" + state: absent + with_items: + - wow + - now + no_log: true + + - name: Fail when no_log is absent + ansible.builtin.user: + name: john_doe + password: "{{ item }}" + state: absent + with_items: + - wow + - now + no_log: true diff --git a/examples/playbooks/transform-no-log-password.yml b/examples/playbooks/transform-no-log-password.yml new file mode 100644 index 0000000..467883a --- /dev/null +++ b/examples/playbooks/transform-no-log-password.yml @@ -0,0 +1,22 @@ +--- +- name: Fixture for no log password + hosts: all + tasks: + - name: Fail when no_log is set to False + ansible.builtin.user: + name: john_doe + password: "{{ item }}" + state: absent + with_items: + - wow + - now + no_log: false + + - name: Fail when no_log is absent + ansible.builtin.user: + name: john_doe + password: "{{ item }}" + state: absent + with_items: + - wow + - now diff --git a/examples/playbooks/transform-partial-become.transformed.yml b/examples/playbooks/transform-partial-become.transformed.yml new file mode 100644 index 0000000..31d2a15 --- /dev/null +++ b/examples/playbooks/transform-partial-become.transformed.yml @@ -0,0 +1,56 @@ +--- +# The play has become_user and the task has become +# this is fixable, copy the become_user to the task +# and remove from the play +- name: Play 1 + hosts: localhost + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become: true + become_user: root + +# The task has become_user but the play does not +# this is fixable, remove the become_user from the task +- name: Play 2 + hosts: localhost + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + +# The task has become_user and the play has become +# this is fixable, add become to the task +- name: Play 3 + hosts: localhost + become: true + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become: true + become_user: root + +# The play has become_user but has an include +# this is not fixable, the include could be called from multiple playbooks +- name: Play 4 + hosts: localhost + become_user: root + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become: true + + - name: Include + ansible.builtin.include_tasks: + file: ../tasks/partial_become/main.yml diff --git a/examples/playbooks/transform-partial-become.yml b/examples/playbooks/transform-partial-become.yml new file mode 100644 index 0000000..079d1a0 --- /dev/null +++ b/examples/playbooks/transform-partial-become.yml @@ -0,0 +1,56 @@ +--- +# The play has become_user and the task has become +# this is fixable, copy the become_user to the task +# and remove from the play +- name: Play 1 + hosts: localhost + become_user: root + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become: true + +# The task has become_user but the play does not +# this is fixable, remove the become_user from the task +- name: Play 2 + hosts: localhost + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become_user: root + +# The task has become_user and the play has become +# this is fixable, add become to the task +- name: Play 3 + hosts: localhost + become: true + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become_user: root + +# The play has become_user but has an include +# this is not fixable, the include could be called from multiple playbooks +- name: Play 4 + hosts: localhost + become_user: root + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become: true + + - name: Include + ansible.builtin.include_tasks: + file: ../tasks/partial_become/main.yml diff --git a/examples/playbooks/transform_command_instead_of_shell.transformed.yml b/examples/playbooks/transform_command_instead_of_shell.transformed.yml new file mode 100644 index 0000000..f2477a5 --- /dev/null +++ b/examples/playbooks/transform_command_instead_of_shell.transformed.yml @@ -0,0 +1,25 @@ +--- +- name: Fixture + hosts: localhost + tasks: + - name: Shell no pipe + ansible.builtin.command: + cmd: echo hello + changed_when: false + + - name: Shell with jinja filter + ansible.builtin.command: + cmd: echo {{ "hello" | upper }} + changed_when: false + + - name: Shell with jinja filter (fqcn) + ansible.builtin.command: + cmd: echo {{ "hello" | upper }} + changed_when: false + + - name: Command with executable parameter + ansible.builtin.shell: + cmd: clear + args: + executable: /bin/bash + changed_when: false diff --git a/examples/playbooks/transform_command_instead_of_shell.yml b/examples/playbooks/transform_command_instead_of_shell.yml new file mode 100644 index 0000000..278f5d7 --- /dev/null +++ b/examples/playbooks/transform_command_instead_of_shell.yml @@ -0,0 +1,25 @@ +--- +- name: Fixture + hosts: localhost + tasks: + - name: Shell no pipe + ansible.builtin.shell: + cmd: echo hello + changed_when: false + + - name: Shell with jinja filter + ansible.builtin.shell: + cmd: echo {{ "hello" | upper }} + changed_when: false + + - name: Shell with jinja filter (fqcn) + ansible.builtin.shell: + cmd: echo {{ "hello" | upper }} + changed_when: false + + - name: Command with executable parameter + ansible.builtin.shell: + cmd: clear + args: + executable: /bin/bash + changed_when: false diff --git a/examples/playbooks/rule-var-naming-fail.yml b/examples/playbooks/var-naming/rule-var-naming-fail.yml index 888ed72..3861cd9 100644 --- a/examples/playbooks/rule-var-naming-fail.yml +++ b/examples/playbooks/var-naming/rule-var-naming-fail.yml @@ -30,3 +30,15 @@ ansible.builtin.debug: var: test_var register: CamelCaseIsBad # invalid 7 + + - name: This should not trigger due to role name being dynamic (jinja) + ansible.builtin.include_role: + name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + vars: + nginx_logrotate_conf_enable: true + + - name: This should not trigger due to containing a dot in role name + ansible.builtin.include_role: + name: "foo.bar" + vars: + bar_foo: true diff --git a/examples/playbooks/vars/transform_nested_data.transformed.yml b/examples/playbooks/vars/transform_nested_data.transformed.yml new file mode 100644 index 0000000..c0479fc --- /dev/null +++ b/examples/playbooks/vars/transform_nested_data.transformed.yml @@ -0,0 +1,7 @@ +--- +sequence: + - - - 111 + - 112 + - 12 + - - 21 + - - 221 diff --git a/examples/playbooks/vars/transform_nested_data.yml b/examples/playbooks/vars/transform_nested_data.yml new file mode 100644 index 0000000..9f5aeb8 --- /dev/null +++ b/examples/playbooks/vars/transform_nested_data.yml @@ -0,0 +1,7 @@ +--- +sequence: + - - - 111 + - 112 + - 12 + - - 21 + - - 221 |