diff options
Diffstat (limited to 'examples')
123 files changed, 1375 insertions, 48 deletions
diff --git a/examples/collection/CHANGELOG.rst b/examples/.collection/CHANGELOG.rst index e69de29..e69de29 100644 --- a/examples/collection/CHANGELOG.rst +++ b/examples/.collection/CHANGELOG.rst diff --git a/examples/collection/galaxy.yml b/examples/.collection/galaxy.yml index d21efb2..d21efb2 100644 --- a/examples/collection/galaxy.yml +++ b/examples/.collection/galaxy.yml diff --git a/examples/collection/meta/runtime.yml b/examples/.collection/meta/runtime.yml index e69de29..e69de29 100644 --- a/examples/collection/meta/runtime.yml +++ b/examples/.collection/meta/runtime.yml diff --git a/examples/collection/plugins/modules/alpha.py b/examples/.collection/plugins/modules/alpha.py index c806cad..a508a05 100644 --- a/examples/collection/plugins/modules/alpha.py +++ b/examples/.collection/plugins/modules/alpha.py @@ -1,6 +1,5 @@ """An ansible test module.""" - DOCUMENTATION = """ module: mod_1 author: diff --git a/examples/collection/plugins/modules/deep/beta.py b/examples/.collection/plugins/modules/deep/beta.py index ffd9ff8..3b60edc 100644 --- a/examples/collection/plugins/modules/deep/beta.py +++ b/examples/.collection/plugins/modules/deep/beta.py @@ -1,6 +1,5 @@ """An ansible test module.""" - DOCUMENTATION = """ module: mod_2 author: diff --git a/examples/.github/workflows/sample.yml b/examples/.github/workflows/sample.yml new file mode 100644 index 0000000..71b2975 --- /dev/null +++ b/examples/.github/workflows/sample.yml @@ -0,0 +1,9 @@ +--- +name: ack +on: # <-- ansible-lint should not complain or touch about this 'on' + pull_request_target: + types: [opened] + +jobs: + ack: + uses: ansible/team-devtools/.github/workflows/ack.yml@main diff --git a/examples/no_changelog/meta/runtime.yml b/examples/.invalid_dependencies/CHANGELOG.rst index e69de29..e69de29 100644 --- a/examples/no_changelog/meta/runtime.yml +++ b/examples/.invalid_dependencies/CHANGELOG.rst diff --git a/examples/.invalid_dependencies/galaxy.yml b/examples/.invalid_dependencies/galaxy.yml new file mode 100644 index 0000000..c3cbeda --- /dev/null +++ b/examples/.invalid_dependencies/galaxy.yml @@ -0,0 +1,18 @@ +--- +name: foo +namespace: bar +version: 0.0.0 # noqa: galaxy[version-incorrect] +authors: + - John +readme: ../README.md +description: "..." +dependencies: + other_namespace.collection1: ">=1.0.0" + other_namespace.collection2: ">=2.0.0,<3.0.0" + anderson55.my_collection: "*" # note: "*" selects the highest version available + foo.my_collection1: " " # note: this should error out because of invalid dependency version + foo.my_collection2: "" # note: this should error out because of invalid dependency version +license: + - Apache-2.0 +repository: some-url +tags: [networking, test_tag] diff --git a/examples/.invalid_dependencies/meta/runtime.yml b/examples/.invalid_dependencies/meta/runtime.yml new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/examples/.invalid_dependencies/meta/runtime.yml diff --git a/examples/no_changelog/galaxy.yml b/examples/.no_changelog/galaxy.yml index 2c35693..2c35693 100644 --- a/examples/no_changelog/galaxy.yml +++ b/examples/.no_changelog/galaxy.yml diff --git a/examples/.no_changelog/meta/runtime.yml b/examples/.no_changelog/meta/runtime.yml new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/examples/.no_changelog/meta/runtime.yml diff --git a/examples/no_collection_version/changelogs/changelog.yaml b/examples/.no_collection_version/changelogs/changelog.yaml index 52e7f38..52e7f38 100644 --- a/examples/no_collection_version/changelogs/changelog.yaml +++ b/examples/.no_collection_version/changelogs/changelog.yaml diff --git a/examples/no_collection_version/galaxy.yml b/examples/.no_collection_version/galaxy.yml index 95d9d18..95d9d18 100644 --- a/examples/no_collection_version/galaxy.yml +++ b/examples/.no_collection_version/galaxy.yml diff --git a/examples/.test_collection/.ansible-lint b/examples/.test_collection/.ansible-lint new file mode 100644 index 0000000..0967ef4 --- /dev/null +++ b/examples/.test_collection/.ansible-lint @@ -0,0 +1 @@ +{} diff --git a/examples/test_collection/README.md b/examples/.test_collection/README.md index b4aaea4..b4aaea4 100644 --- a/examples/test_collection/README.md +++ b/examples/.test_collection/README.md diff --git a/examples/test_collection/galaxy.yml b/examples/.test_collection/galaxy.yml index 633719b..633719b 100644 --- a/examples/test_collection/galaxy.yml +++ b/examples/.test_collection/galaxy.yml diff --git a/examples/test_collection/roles/my_role/tasks/main.yml b/examples/.test_collection/roles/my_role/tasks/main.yml index 784a814..784a814 100644 --- a/examples/test_collection/roles/my_role/tasks/main.yml +++ b/examples/.test_collection/roles/my_role/tasks/main.yml diff --git a/examples/test_collection/roles/my_role2/tasks/main.yml b/examples/.test_collection/roles/my_role2/tasks/main.yml index 27954a5..27954a5 100644 --- a/examples/test_collection/roles/my_role2/tasks/main.yml +++ b/examples/.test_collection/roles/my_role2/tasks/main.yml diff --git a/examples/broken_supported_ansible_also/.ansible-lint b/examples/broken_supported_ansible_also/.ansible-lint new file mode 100644 index 0000000..7897948 --- /dev/null +++ b/examples/broken_supported_ansible_also/.ansible-lint @@ -0,0 +1,2 @@ +# Invalid supported_ansible_also type +supported_ansible_also: True diff --git a/examples/meta/changelogs/changelog.yml b/examples/meta/changelogs/changelog.yml new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/examples/meta/changelogs/changelog.yml diff --git a/examples/meta_runtime_version_checks/fail_2/meta/runtime.yml b/examples/meta_runtime_version_checks/fail_2/meta/runtime.yml index 92db835..a574d0a 100644 --- a/examples/meta_runtime_version_checks/fail_2/meta/runtime.yml +++ b/examples/meta_runtime_version_checks/fail_2/meta/runtime.yml @@ -1,2 +1,2 @@ --- -requires_ansible: "2.13.0,<2.15" +requires_ansible: "2.15.0,<2.16" diff --git a/examples/meta_runtime_version_checks/pass/meta/runtime.yml b/examples/meta_runtime_version_checks/pass/meta/runtime.yml deleted file mode 100644 index 2b69758..0000000 --- a/examples/meta_runtime_version_checks/pass/meta/runtime.yml +++ /dev/null @@ -1,2 +0,0 @@ ---- -requires_ansible: ">=2.13.0,<2.15" diff --git a/examples/meta_runtime_version_checks/pass_0/meta/runtime.yml b/examples/meta_runtime_version_checks/pass_0/meta/runtime.yml new file mode 100644 index 0000000..9257a8c --- /dev/null +++ b/examples/meta_runtime_version_checks/pass_0/meta/runtime.yml @@ -0,0 +1,2 @@ +--- +requires_ansible: ">=2.15.0,<2.17.0" diff --git a/examples/meta_runtime_version_checks/pass_1/meta/runtime.yml b/examples/meta_runtime_version_checks/pass_1/meta/runtime.yml new file mode 100644 index 0000000..460bbaf --- /dev/null +++ b/examples/meta_runtime_version_checks/pass_1/meta/runtime.yml @@ -0,0 +1,2 @@ +--- +requires_ansible: ">=2.9.10" diff --git a/examples/playbooks/4114/transform-with-missing-role-and-modules.transformed.yml b/examples/playbooks/4114/transform-with-missing-role-and-modules.transformed.yml new file mode 100644 index 0000000..10ae898 --- /dev/null +++ b/examples/playbooks/4114/transform-with-missing-role-and-modules.transformed.yml @@ -0,0 +1,13 @@ +--- +- name: Reproducer for bug 4114 + hosts: localhost + roles: + - this_role_is_missing + tasks: + - name: Task referring to a missing module + this_module_does_not_exist: + foo: bar + + - name: Use raw to echo + ansible.builtin.debug: # <-- this should be converted to fqcn + msg: some message! diff --git a/examples/playbooks/4114/transform-with-missing-role-and-modules.yml b/examples/playbooks/4114/transform-with-missing-role-and-modules.yml new file mode 100644 index 0000000..c166dd5 --- /dev/null +++ b/examples/playbooks/4114/transform-with-missing-role-and-modules.yml @@ -0,0 +1,13 @@ +--- +- name: Reproducer for bug 4114 + hosts: localhost + roles: + - this_role_is_missing + tasks: + - name: Task referring to a missing module + this_module_does_not_exist: + foo: bar + + - name: Use raw to echo + debug: # <-- this should be converted to fqcn + msg: some message! diff --git a/examples/playbooks/action_plugins/some_action.py b/examples/playbooks/action_plugins/some_action.py new file mode 100644 index 0000000..1dc01aa --- /dev/null +++ b/examples/playbooks/action_plugins/some_action.py @@ -0,0 +1,13 @@ +"""Sample action_plugin.""" + +from ansible.plugins.action import ActionBase + + +class ActionModule(ActionBase): # type: ignore[misc] + """Sample module.""" + + def run(self, tmp=None, task_vars=None): # type: ignore[no-untyped-def] + """.""" + super().run(tmp, task_vars) + ret = {"foo": "bar"} + return {"ansible_facts": ret} diff --git a/examples/playbooks/adj_action.yml b/examples/playbooks/adj_action.yml new file mode 100644 index 0000000..4c78a2b --- /dev/null +++ b/examples/playbooks/adj_action.yml @@ -0,0 +1,10 @@ +--- +- name: Fixture for testing adjacent plugins + hosts: localhost + tasks: + - name: Call adjacent action plugin + some_action: {} + + - name: Call adjacent filter plugin + ansible.builtin.debug: + msg: "{{ 'foo' | some_filter }}" diff --git a/examples/playbooks/blockincludes.yml b/examples/playbooks/blockincludes.yml index b8387a8..31317a7 100644 --- a/examples/playbooks/blockincludes.yml +++ b/examples/playbooks/blockincludes.yml @@ -14,7 +14,7 @@ - name: Block level 3 block: - name: Include under block level 3 # noqa: deprecated-module - ansible.builtin.include: "{{ varset }}.yml" + ansible.builtin.include_tasks: "{{ varset }}.yml" - name: Block level 4 block: - name: INCLUDE under block level 4 diff --git a/examples/playbooks/common-include-1.yml b/examples/playbooks/common-include-1.yml index 3a4691f..9885d61 100644 --- a/examples/playbooks/common-include-1.yml +++ b/examples/playbooks/common-include-1.yml @@ -8,3 +8,5 @@ - name: Some include_tasks with file and jinja2 ansible.builtin.include_tasks: file: "{{ 'tasks/included-with-lint.yml' }}" + - name: Some include 3 + ansible.builtin.include_tasks: file=tasks/included-with-lint.yml diff --git a/examples/playbooks/common-include-wrong-syntax.yml b/examples/playbooks/common-include-wrong-syntax.yml new file mode 100644 index 0000000..c59b41b --- /dev/null +++ b/examples/playbooks/common-include-wrong-syntax.yml @@ -0,0 +1,9 @@ +--- +- name: Fixture for test coverage + hosts: localhost + gather_facts: false + tasks: + - name: Some include with invalid syntax + ansible.builtin.include_tasks: "file=" + - name: Some include with invalid syntax + ansible.builtin.include_tasks: other=tasks/included-with-lint.yml diff --git a/examples/playbooks/common-include-wrong-syntax2.yml b/examples/playbooks/common-include-wrong-syntax2.yml new file mode 100644 index 0000000..a4891c8 --- /dev/null +++ b/examples/playbooks/common-include-wrong-syntax2.yml @@ -0,0 +1,8 @@ +--- +- name: Fixture for test coverage + hosts: localhost + gather_facts: false + tasks: + - name: Some include with invalid syntax + ansible.builtin.include_tasks: + file: null diff --git a/examples/playbooks/common-include-wrong-syntax3.yml b/examples/playbooks/common-include-wrong-syntax3.yml new file mode 100644 index 0000000..21bba1e --- /dev/null +++ b/examples/playbooks/common-include-wrong-syntax3.yml @@ -0,0 +1,7 @@ +--- +- name: Fixture + hosts: localhost + tasks: + - name: Fixture + ansible.builtin.include_role: + name: include_wrong_syntax diff --git a/examples/playbooks/conflicting_action2.yml b/examples/playbooks/conflicting_action2.yml new file mode 100644 index 0000000..380857d --- /dev/null +++ b/examples/playbooks/conflicting_action2.yml @@ -0,0 +1,9 @@ +--- +- hosts: localhost + gather_facts: false + tasks: + - block: + include_role: + tasks_from: ghe-config-apply.yml + tags: + - github diff --git a/examples/playbooks/example.yml b/examples/playbooks/example.yml index fa1a635..14f7927 100644 --- a/examples/playbooks/example.yml +++ b/examples/playbooks/example.yml @@ -36,8 +36,8 @@ - git # yamllint wrong indentation - bobbins - - name: Yum latest - ansible.builtin.yum: state=latest name=httpd + - name: Dnf latest + ansible.builtin.dnf: state=latest name=httpd - ansible.builtin.debug: msg="debug task without a name" diff --git a/examples/playbooks/filter_plugins/some_filter.py b/examples/playbooks/filter_plugins/some_filter.py new file mode 100644 index 0000000..86ebda8 --- /dev/null +++ b/examples/playbooks/filter_plugins/some_filter.py @@ -0,0 +1,13 @@ +"""Sample adjacent filter plugin.""" + +from __future__ import annotations + + +class FilterModule: # pylint: disable=too-few-public-methods + """Ansible filters.""" + + def filters(self): # type: ignore[no-untyped-def] + """Return list of exposed filters.""" + return { + "some_filter": str, + } diff --git a/examples/playbooks/handlers/empty.yml b/examples/playbooks/handlers/empty.yml new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/examples/playbooks/handlers/empty.yml diff --git a/examples/playbooks/include.yml b/examples/playbooks/include.yml index 5596728..57fe58e 100644 --- a/examples/playbooks/include.yml +++ b/examples/playbooks/include.yml @@ -11,6 +11,7 @@ tasks: - ansible.builtin.include_tasks: tasks/x.yml - ansible.builtin.include_tasks: tasks/x.yml y=z + - ansible.builtin.include_tasks: file=tasks/x.yml handlers: - ansible.builtin.include_tasks: handlers/y.yml diff --git a/examples/playbooks/incorrect_module_args.yml b/examples/playbooks/incorrect_module_args.yml new file mode 100644 index 0000000..9e4dde6 --- /dev/null +++ b/examples/playbooks/incorrect_module_args.yml @@ -0,0 +1,7 @@ +--- +- name: Demonstrate linting issue. + hosts: all + tasks: + - name: Include a role with the wrong syntax + ansible.builtin.include_role: + role: foo diff --git a/examples/playbooks/invalid-transform.yml b/examples/playbooks/invalid-transform.yml new file mode 100644 index 0000000..3a1d50a --- /dev/null +++ b/examples/playbooks/invalid-transform.yml @@ -0,0 +1,11 @@ +# yamllint disable-file +--- +- name: Test + hosts: localhost + gather_facts: false + + tasks: + - name: Print hello message + ansible.builtin.debug: + msg: "Hello!" + register: vm_output diff --git a/examples/playbooks/module_relative_import.yml b/examples/playbooks/module_relative_import.yml new file mode 100644 index 0000000..8857966 --- /dev/null +++ b/examples/playbooks/module_relative_import.yml @@ -0,0 +1,6 @@ +--- +- name: Module relative import + hosts: localhost + tasks: + - name: Module with relative import + local.testcollection.module_with_relative_import: {} diff --git a/examples/playbooks/multi_yaml_doc.transformed.yml b/examples/playbooks/multi_yaml_doc.transformed.yml new file mode 100644 index 0000000..ab1e02f --- /dev/null +++ b/examples/playbooks/multi_yaml_doc.transformed.yml @@ -0,0 +1,23 @@ +--- +- name: First problematic play + hosts: localhost + tasks: + - name: Echo a message + ansible.builtin.shell: echo hello # <-- command-instead-of-shell + changed_when: false +--- +- name: second problematic play # <-- name[casing] + hosts: localhost + tasks: + - name: Remove file (delete file) + ansible.builtin.file: + path: /etc/foo.txt + state: absent +--- +- name: Third problematic play + hosts: localhost + tasks: + - name: Remove file (delete file) + file: # <-- fqcn[action-core] + path: /etc/foo.txt + state: absent diff --git a/examples/playbooks/multi_yaml_doc.yml b/examples/playbooks/multi_yaml_doc.yml new file mode 100644 index 0000000..ab1e02f --- /dev/null +++ b/examples/playbooks/multi_yaml_doc.yml @@ -0,0 +1,23 @@ +--- +- name: First problematic play + hosts: localhost + tasks: + - name: Echo a message + ansible.builtin.shell: echo hello # <-- command-instead-of-shell + changed_when: false +--- +- name: second problematic play # <-- name[casing] + hosts: localhost + tasks: + - name: Remove file (delete file) + ansible.builtin.file: + path: /etc/foo.txt + state: absent +--- +- name: Third problematic play + hosts: localhost + tasks: + - name: Remove file (delete file) + file: # <-- fqcn[action-core] + path: /etc/foo.txt + state: absent diff --git a/examples/playbooks/name-case.transformed.yml b/examples/playbooks/name-case.transformed.yml index 03b8c46..906a237 100644 --- a/examples/playbooks/name-case.transformed.yml +++ b/examples/playbooks/name-case.transformed.yml @@ -1,4 +1,33 @@ --- - name: This lacks a capitalization hosts: localhost - tasks: [] + tasks: + - name: Task that always changes + ansible.builtin.debug: + msg: I always change! + changed_when: true + notify: My handler + + - name: Task with notify as list + ansible.builtin.debug: + msg: I always change! + changed_when: true + notify: + - my handler 1 + - My handler + - my handler 2 + + - name: Task without notify + ansible.builtin.debug: + msg: I always change! + changed_when: true + + handlers: + - name: My handler + ansible.builtin.debug: + msg: I never run :( + + - name: Test task for listen + ansible.builtin.debug: + msg: I never run :( + listen: My handler diff --git a/examples/playbooks/name-case.yml b/examples/playbooks/name-case.yml index 5480d2c..62d7b56 100644 --- a/examples/playbooks/name-case.yml +++ b/examples/playbooks/name-case.yml @@ -1,4 +1,33 @@ --- - name: this lacks a capitalization hosts: localhost - tasks: [] + tasks: + - name: Task that always changes + ansible.builtin.debug: + msg: I always change! + changed_when: true + notify: my handler + + - name: Task with notify as list + ansible.builtin.debug: + msg: I always change! + changed_when: true + notify: + - my handler 1 + - my handler + - my handler 2 + + - name: Task without notify + ansible.builtin.debug: + msg: I always change! + changed_when: true + + handlers: + - name: my handler + ansible.builtin.debug: + msg: I never run :( + + - name: Test task for listen + ansible.builtin.debug: + msg: I never run :( + listen: "my handler" diff --git a/examples/playbooks/no_handler_pass.yml b/examples/playbooks/no_handler_pass.yml index 5c44891..ea6d61d 100644 --- a/examples/playbooks/no_handler_pass.yml +++ b/examples/playbooks/no_handler_pass.yml @@ -82,3 +82,14 @@ ansible.builtin.debug: msg: why isn't this a handler when: result | changed + + handlers: + # If this task would have being under 'tasks:' it should have triggered + # the rule, but under 'handlers:' it should not. + - name: Reproduce bug 3646 + loop: "{{ _something_done.results }}" + loop_control: + label: "{{ item.item.name }}" + when: item.changed + ansible.builtin.debug: + msg: "{{ item.item.name }} changed" diff --git a/examples/playbooks/nodeps.yml b/examples/playbooks/nodeps.yml new file mode 100644 index 0000000..0ca1aa3 --- /dev/null +++ b/examples/playbooks/nodeps.yml @@ -0,0 +1,6 @@ +--- +- name: Example + hosts: localhost + tasks: + - name: Calling a module that is not installed + a.b.c: {} diff --git a/examples/playbooks/nodeps2.yml b/examples/playbooks/nodeps2.yml new file mode 100644 index 0000000..fc784d0 --- /dev/null +++ b/examples/playbooks/nodeps2.yml @@ -0,0 +1,7 @@ +--- +- name: Fixture for nodeps with missing filter + hosts: localhost + tasks: + - name: Calling a module that is not installed + ansible.builtin.debug: + msg: "{{ foo | missing_filter }}" diff --git a/examples/playbooks/package-check-failure.yml b/examples/playbooks/package-check-failure.yml index 393b52b..69182f3 100644 --- a/examples/playbooks/package-check-failure.yml +++ b/examples/playbooks/package-check-failure.yml @@ -19,3 +19,10 @@ name: sudo state: latest update_only: false + + - name: Install ansible with only_upgrade to false + ansible.builtin.apt: + name: sudo + state: latest + upgrade: true + only_upgrade: false diff --git a/examples/playbooks/package-check-success.yml b/examples/playbooks/package-check-success.yml index a513d5d..a9e8435 100644 --- a/examples/playbooks/package-check-success.yml +++ b/examples/playbooks/package-check-success.yml @@ -20,3 +20,10 @@ name: sudo state: latest update_only: true + + - name: Upgrade ansible + ansible.builtin.apt: + name: sudo + state: latest + upgrade: true + only_upgrade: true diff --git a/examples/playbooks/removed-include.yml b/examples/playbooks/removed-include.yml new file mode 100644 index 0000000..4f0ba58 --- /dev/null +++ b/examples/playbooks/removed-include.yml @@ -0,0 +1,6 @@ +--- +- name: Invalid playbook + hosts: localhost + tasks: + - name: Foo + include: tasks/simple_task.yml # <-- include was removed in 2.16 diff --git a/examples/playbooks/role_vars_prefix_detection.yml b/examples/playbooks/role_vars_prefix_detection.yml new file mode 100644 index 0000000..fee163f --- /dev/null +++ b/examples/playbooks/role_vars_prefix_detection.yml @@ -0,0 +1,53 @@ +--- +- name: Test role-prefix + hosts: localhost + connection: local + roles: + - role_vars_prefix_detection + + - role: role_vars_prefix_detection + var1: val1 + + - role: role_vars_prefix_detection + var1: val1 + become: true + vars: + var2: val2 + + - role: role_vars_prefix_detection + become: true + environment: + FOO: /bar/barr + role_vars_prefix_detection_var1: val1 + + - role: role_vars_prefix_detection + vars: + var1: val1 + + - role: role_vars_prefix_detection + become: true + environment: + BAR: /baz + vars: + var1: val1 + + - role: role_vars_prefix_detection + become: true + environment: + BAR: /baz + vars: + role_vars_prefix_detection_var1: val1 + tasks: + - name: Include1 + ansible.builtin.include_role: + name: role_vars_prefix_detection + vars: + var1: val1 + + - name: Include2 + ansible.builtin.include_role: + name: role_vars_prefix_detection + vars: + role_vars_prefix_detection_var1: val1 + _role_vars_prefix_detection_var2: val2 + __role_vars_prefix_detection_var3: val3 diff --git a/examples/playbooks/rule-command-instead-of-module-pass.yml b/examples/playbooks/rule-command-instead-of-module-pass.yml index c0a26e9..2fbc5c2 100644 --- a/examples/playbooks/rule-command-instead-of-module-pass.yml +++ b/examples/playbooks/rule-command-instead-of-module-pass.yml @@ -5,9 +5,11 @@ - name: Print current git branch ansible.builtin.command: git branch changed_when: false + - name: Print git log ansible.builtin.command: git log changed_when: false + - name: Install git lfs support ansible.builtin.command: git lfs install changed_when: false @@ -20,6 +22,10 @@ ansible.builtin.command: systemctl show-environment changed_when: false + - name: Get systemd runlevel + ansible.builtin.command: systemctl get-default + changed_when: false + - name: Set systemd runlevel ansible.builtin.command: systemctl set-default multi-user.target changed_when: false @@ -35,3 +41,11 @@ - name: Clear yum cache ansible.builtin.command: "" changed_when: false + + - name: Print yum history + ansible.builtin.command: yum history + changed_when: false + + - name: Print yum info + ansible.builtin.command: yum info bash + changed_when: false diff --git a/examples/playbooks/rule-complexity-fail.yml b/examples/playbooks/rule-complexity-fail.yml new file mode 100644 index 0000000..0eb68bf --- /dev/null +++ b/examples/playbooks/rule-complexity-fail.yml @@ -0,0 +1,42 @@ +--- +# no of tasks required are 5 and since there are 6 tasks it will give an error +- name: Test Fixture complexity rule + hosts: all + tasks: + - name: Task 1 + ansible.builtin.debug: + msg: "This is task 1" + + - name: Task 2 + ansible.builtin.debug: + msg: "This is task 2" + + - name: Task 3 + ansible.builtin.debug: + msg: "This is task 3" + + - name: Task 4 + ansible.builtin.debug: + msg: "This is task 4" + + - name: Task 5 + ansible.builtin.debug: + msg: "This is task 5" + + - name: Task 6 + ansible.builtin.debug: + msg: "This is task 6" + + - name: Block Task 7 + block: + - name: 2nd level block + block: + - name: 3rd level block + block: + - name: 4th level block + block: + - name: 5th level block + block: + - name: Nested Task 1 + ansible.builtin.debug: + msg: "This is nested task 1" diff --git a/examples/playbooks/rule-complexity-pass.yml b/examples/playbooks/rule-complexity-pass.yml new file mode 100644 index 0000000..27ec7f4 --- /dev/null +++ b/examples/playbooks/rule-complexity-pass.yml @@ -0,0 +1,35 @@ +--- +- name: Test fixture complexity rule + hosts: all + tasks: + - name: Task 1 + ansible.builtin.debug: + msg: "This is task 1" + + - name: Task 2 + ansible.builtin.debug: + msg: "This is task 2" + + - name: Task 3 + ansible.builtin.debug: + msg: "This is task 3" + + - name: Task 4 + ansible.builtin.debug: + msg: "This is task 4" + + - name: Task 5 + block: + - name: Include under block level 1 + ansible.builtin.debug: + msg: "This is nested block" + - name: Block level 2 + block: + - name: Include under block level 2 + ansible.builtin.debug: + msg: "This is block 2" + - name: Block level 3 + block: + - name: INCLUDE under block level 3 + ansible.builtin.debug: + msg: "This is block 3" diff --git a/examples/playbooks/rule-deprecated-bare-vars-fail.yml b/examples/playbooks/rule-deprecated-bare-vars-fail.yml index 7091f46..a7efeea 100644 --- a/examples/playbooks/rule-deprecated-bare-vars-fail.yml +++ b/examples/playbooks/rule-deprecated-bare-vars-fail.yml @@ -39,12 +39,6 @@ msg: "{{ item }}" with_dict: my_dict - ### Testing with_dict with a default empty dictionary - - name: Use with_dict loop using variable and default - ansible.builtin.debug: - msg: "{{ item.key }} - {{ item.value }}" - with_dict: uwsgi_ini | default({}) - - name: Use with_nested loop using bare variable ansible.builtin.debug: msg: "{{ item.0 }} {{ item.1 }}" diff --git a/examples/playbooks/rule-deprecated-bare-vars-pass.yml b/examples/playbooks/rule-deprecated-bare-vars-pass.yml index c7e6521..fe3ca1d 100644 --- a/examples/playbooks/rule-deprecated-bare-vars-pass.yml +++ b/examples/playbooks/rule-deprecated-bare-vars-pass.yml @@ -166,3 +166,12 @@ with_items: >- {%- set ns = [1, 1, 2] -%} {{- ns.keys | unique -}} + + - name: Reproduce bug 3646 + ansible.builtin.file: + path: "{{ item.path }}" + state: directory + mode: "{{ item.mode }}" + with_community.general.filetree: + - "../templates/SpaceVim.d/" + when: item.state == "directory" and ".git" not in item.path diff --git a/examples/playbooks/rule-jinja-before.transformed.yml b/examples/playbooks/rule-jinja-before.transformed.yml new file mode 100644 index 0000000..ac6a81c --- /dev/null +++ b/examples/playbooks/rule-jinja-before.transformed.yml @@ -0,0 +1,9 @@ +--- +# https://github.com/ansible/ansible-lint/issues/3739 +- name: Reproducer bug 3739 + hosts: all + tasks: + - name: Generate keypair + community.crypto.openssh_keypair: + path: "{{ env.path }}" + when: ( env.path is not none ) diff --git a/examples/playbooks/rule-jinja-before.yml b/examples/playbooks/rule-jinja-before.yml new file mode 100644 index 0000000..355de8a --- /dev/null +++ b/examples/playbooks/rule-jinja-before.yml @@ -0,0 +1,9 @@ +--- +# https://github.com/ansible/ansible-lint/issues/3739 +- name: Reproducer bug 3739 + hosts: all + tasks: + - name: Generate keypair + community.crypto.openssh_keypair: + path: "{{env.path}}" + when: ( env.path is not none ) diff --git a/examples/playbooks/rule-jinja-pass.yml b/examples/playbooks/rule-jinja-pass.yml index cbdfee6..6944611 100644 --- a/examples/playbooks/rule-jinja-pass.yml +++ b/examples/playbooks/rule-jinja-pass.yml @@ -29,6 +29,9 @@ - name: Bug https://github.com/ansible/ansible-lint/issues/3048 ansible.builtin.set_fact: x: "{{ y.json | community.general.json_query(edition.version) }}" + - name: Bug https://github.com/ansible/ansible-lint/issues/3769 + ansible.builtin.debug: + msg: "{{ 65534 | ansible.builtin.random(seed=inventory_hostname) }}" # https://github.com/ansible/ansible-lint/issues/2697 - name: Test linter @@ -81,3 +84,7 @@ - name: "Bug https://github.com/ansible/ansible-lint/issues/3155" ansible.builtin.debug: msg: "Is changed:{{ date_cmd is changed }}" + + - name: Bug https://github.com/ansible/ansible-lint/issues/3908 + ansible.builtin.debug: + msg: "{{ foo | ansible.builtin.mandatory(msg='My message') }}" diff --git a/examples/playbooks/rule-no-free-form-fail.yml b/examples/playbooks/rule-no-free-form-fail.yml index 8360608..dea98b8 100644 --- a/examples/playbooks/rule-no-free-form-fail.yml +++ b/examples/playbooks/rule-no-free-form-fail.yml @@ -5,9 +5,11 @@ - name: Create a placefolder file ansible.builtin.command: chdir=/tmp touch foo # <-- don't use shorthand changed_when: false + - name: Use raw to echo ansible.builtin.raw: executable=/bin/bash echo foo # <-- don't use executable= changed_when: false + - name: Testing anything else passed to raw except for string ansible.builtin.raw: args: "123" diff --git a/examples/playbooks/rule-no-tabs.yml b/examples/playbooks/rule-no-tabs.yml index 4621096..3078e22 100644 --- a/examples/playbooks/rule-no-tabs.yml +++ b/examples/playbooks/rule-no-tabs.yml @@ -16,5 +16,22 @@ - name: Should not trigger no-tabs rules # noqa fqcn lineinfile: path: some.txt - regexp: ^\t$ + regexp: "^\t$" line: string with \t inside + # Disabled as attempt to mock it would trigger an error validating its arguments + # - name: Should not trigger no-tabs rules # noqa fqcn + # win_lineinfile: + # path: some.txt + # regexp: "^\t$" + # line: string with \t inside + - name: Should not trigger no-tabs rules + community.windows.win_lineinfile: + path: some.txt + regexp: "^\t$" + line: string with \t inside + - name: Should not trigger inside jinja + vars: + deep: + "some{{ '\t' }}stuff": true + ansible.builtin.debug: + msg: "{{ 'foo' + '\t' + 'bar' }}" diff --git a/examples/playbooks/rule-partial-become-without-become-fail.yml b/examples/playbooks/rule-partial-become-without-become-fail.yml index da48b2f..80b633d 100644 --- a/examples/playbooks/rule-partial-become-without-become-fail.yml +++ b/examples/playbooks/rule-partial-become-without-become-fail.yml @@ -1,28 +1,27 @@ --- -- hosts: localhost - name: Use of become_user without become play +- name: Use of become_user without become at play level + hosts: localhost become_user: root tasks: - - ansible.builtin.debug: + - name: A task without issues + ansible.builtin.debug: msg: hello -- hosts: localhost - +- name: Use of become_user without become at task level + hosts: localhost tasks: - name: Use of become_user without become task ansible.builtin.command: whoami become_user: postgres changed_when: false -- hosts: localhost - +- name: Use of become_user without become at task level + hosts: localhost tasks: - name: A block with become and become_user on different tasks block: - name: Sample become - become: true - ansible.builtin.command: whoami - - name: Sample become_user - become_user: postgres ansible.builtin.command: whoami + become_user: true + changed_when: false diff --git a/examples/playbooks/rule-partial-become-without-become-pass.yml b/examples/playbooks/rule-partial-become-without-become-pass.yml index e1ae189..c01b141 100644 --- a/examples/playbooks/rule-partial-become-without-become-pass.yml +++ b/examples/playbooks/rule-partial-become-without-become-pass.yml @@ -1,14 +1,16 @@ --- -- hosts: localhost +- name: Test play + hosts: localhost become_user: root become: true tasks: - - ansible.builtin.debug: + - name: Debug + ansible.builtin.debug: msg: hello -- hosts: localhost - +- name: Test play + hosts: localhost tasks: - name: Foo ansible.builtin.command: whoami @@ -16,20 +18,22 @@ become: true changed_when: false -- hosts: localhost - become: true +- name: Test play + hosts: localhost tasks: - name: Accepts a become from higher scope ansible.builtin.command: whoami - become_user: postgres changed_when: false -- hosts: localhost +- name: Test play + hosts: localhost become_user: postgres + become: true tasks: - name: Accepts a become from a lower scope ansible.builtin.command: whoami become: true + become_user: root changed_when: false diff --git a/examples/playbooks/skiptasks.yml b/examples/playbooks/skiptasks.yml index e105ed3..004eb07 100644 --- a/examples/playbooks/skiptasks.yml +++ b/examples/playbooks/skiptasks.yml @@ -37,20 +37,16 @@ - name: Test latest[git] (don't warn) ansible.builtin.command: git log - args: - warn: false changed_when: false - name: Test latest[hg] (don't warn) ansible.builtin.command: chmod 644 A args: - warn: false creates: B - name: Test latest[hg] (warn) ansible.builtin.command: chmod 644 A args: - warn: true creates: B - name: Test latest[git] (don't warn single line) diff --git a/examples/playbooks/tasks/local_action.transformed.yml b/examples/playbooks/tasks/local_action.transformed.yml new file mode 100644 index 0000000..51e2ec1 --- /dev/null +++ b/examples/playbooks/tasks/local_action.transformed.yml @@ -0,0 +1,4 @@ +--- +- name: Sample + ansible.builtin.command: echo 123 + delegate_to: localhost diff --git a/examples/playbooks/tasks/local_action.yml b/examples/playbooks/tasks/local_action.yml new file mode 100644 index 0000000..a4f7a99 --- /dev/null +++ b/examples/playbooks/tasks/local_action.yml @@ -0,0 +1,3 @@ +--- +- name: Sample + local_action: command echo 123 diff --git a/examples/playbooks/tasks/main.yml b/examples/playbooks/tasks/main.yml new file mode 100644 index 0000000..b44604b --- /dev/null +++ b/examples/playbooks/tasks/main.yml @@ -0,0 +1,7 @@ +--- +- name: This is correct + ansible.builtin.assert: + that: true +- name: A phony prefix | This is also correct + ansible.builtin.assert: + that: true diff --git a/examples/playbooks/tasks/partial_become.yml/main.yml b/examples/playbooks/tasks/partial_become.yml/main.yml new file mode 100644 index 0000000..c7f1980 --- /dev/null +++ b/examples/playbooks/tasks/partial_become.yml/main.yml @@ -0,0 +1,4 @@ +--- +- name: Included with partial become + ansible.builtin.debug: + msg: Included with partial become diff --git a/examples/playbooks/tasks/partial_prefix/foo.yml b/examples/playbooks/tasks/partial_prefix/foo.yml new file mode 100644 index 0000000..5dfb8e9 --- /dev/null +++ b/examples/playbooks/tasks/partial_prefix/foo.yml @@ -0,0 +1,10 @@ +--- +- name: foo | This prefix is incomplete + ansible.builtin.assert: + that: true +- name: partial_prefix | This prefix is incomplete + ansible.builtin.assert: + that: true +- name: partial_prefix | foo | This is correct + ansible.builtin.assert: + that: true diff --git a/examples/playbooks/tasks/partial_prefix/main.yml b/examples/playbooks/tasks/partial_prefix/main.yml new file mode 100644 index 0000000..5c141a8 --- /dev/null +++ b/examples/playbooks/tasks/partial_prefix/main.yml @@ -0,0 +1,10 @@ +--- +- name: partial_prefix | main | This is correct + ansible.builtin.assert: + that: true +- name: main | This prefix is incomplete + ansible.builtin.assert: + that: true +- name: partial_prefix | This prefix is incomplete + ansible.builtin.assert: + that: true diff --git a/examples/playbooks/test-include.yml b/examples/playbooks/test-include.yml new file mode 100644 index 0000000..952e820 --- /dev/null +++ b/examples/playbooks/test-include.yml @@ -0,0 +1,31 @@ +--- +- name: Fixture for testing various includes/imports + hosts: localhost + gather_facts: false + + pre_tasks: + - name: Include 1 + ansible.builtin.include_tasks: tasks/main.yml + + roles: + - test_nop + - { role: test_nop, test_nop_arg1: true } + + tasks: + - name: Include 2 + ansible.builtin.include_tasks: tasks/main.yml + - name: Include 3 + ansible.builtin.include_tasks: tasks/main.yml + - name: Include 4 + ansible.builtin.include_tasks: file=tasks/main.yml + - name: Include 4 + ansible.builtin.import_tasks: file=tasks/main.yml + + handlers: + - name: Include 5 + ansible.builtin.include_tasks: handlers/empty.yml + - name: Include 5 + ansible.builtin.import_tasks: handlers/empty.yml + +- name: Include 6 + ansible.builtin.import_playbook: valid.yml diff --git a/examples/playbooks/test_import_playbook.yml b/examples/playbooks/test_import_playbook.yml new file mode 100644 index 0000000..690950a --- /dev/null +++ b/examples/playbooks/test_import_playbook.yml @@ -0,0 +1,5 @@ +--- +- name: Fixture 1 for bug 4024 + import_playbook: community.molecule.validate.yml +- name: Fixture 2 for bug 4024 + ansible.builtin.import_playbook: community.molecule.validate.yml diff --git a/examples/playbooks/test_import_playbook_invalid.yml b/examples/playbooks/test_import_playbook_invalid.yml new file mode 100644 index 0000000..7bac521 --- /dev/null +++ b/examples/playbooks/test_import_playbook_invalid.yml @@ -0,0 +1,7 @@ +--- +- name: Fixture 3 - not supported (invalid syntax) + ansible.builtin.import_playbook: + file: community.molecule.validate.yml +- name: Fixture 4 - not supported (invalid syntax) + ansible.builtin.import_playbook: + other: community.molecule.validate.yml diff --git a/examples/playbooks/test_skip_inside_yaml.yml b/examples/playbooks/test_skip_inside_yaml.yml index 1f72954..88c396a 100644 --- a/examples/playbooks/test_skip_inside_yaml.yml +++ b/examples/playbooks/test_skip_inside_yaml.yml @@ -44,9 +44,9 @@ - name: Test no-free-form # <-- 3 no-free-form ansible.builtin.command: creates=B chmod 644 A # noqa: no-free-form - name: Test no-free-form # <-- 4 no-free-form - ansible.builtin.command: warn=yes creates=B chmod 644 A # noqa: no-free-form + ansible.builtin.command: creates=B chmod 644 A # noqa: no-free-form - name: Test no-free-form (skipped via no warn) - ansible.builtin.command: warn=no creates=B chmod 644 A # noqa: no-free-form + ansible.builtin.command: creates=B chmod 644 A # noqa: no-free-form - name: Test no-free-form (skipped via skip_ansible_lint) ansible.builtin.command: creates=B chmod 644 A # noqa: no-free-form tags: diff --git a/examples/playbooks/transform-block-indentation-indicator.transformed.yml b/examples/playbooks/transform-block-indentation-indicator.transformed.yml new file mode 100644 index 0000000..e74beff --- /dev/null +++ b/examples/playbooks/transform-block-indentation-indicator.transformed.yml @@ -0,0 +1,10 @@ +--- +- name: Demo + hosts: all + tasks: + - name: Demo + ansible.builtin.debug: + msg: |2 + multi + line + message diff --git a/examples/playbooks/transform-block-indentation-indicator.yml b/examples/playbooks/transform-block-indentation-indicator.yml new file mode 100644 index 0000000..7e9c817 --- /dev/null +++ b/examples/playbooks/transform-block-indentation-indicator.yml @@ -0,0 +1,10 @@ +--- +- name: Demo + hosts: all + tasks: + - name: Demo + ansible.builtin.debug: + msg: |3 + multi + line + message diff --git a/examples/playbooks/transform-deprecated-local-action.transformed.yml b/examples/playbooks/transform-deprecated-local-action.transformed.yml new file mode 100644 index 0000000..5ea7747 --- /dev/null +++ b/examples/playbooks/transform-deprecated-local-action.transformed.yml @@ -0,0 +1,7 @@ +--- +- name: Fixture for deprecated-local-action + hosts: localhost + tasks: + - name: Task example + ansible.builtin.debug: + delegate_to: localhost diff --git a/examples/playbooks/transform-deprecated-local-action.yml b/examples/playbooks/transform-deprecated-local-action.yml new file mode 100644 index 0000000..c8eeb11 --- /dev/null +++ b/examples/playbooks/transform-deprecated-local-action.yml @@ -0,0 +1,7 @@ +--- +- name: Fixture for deprecated-local-action + hosts: localhost + tasks: + - name: Task example + local_action: + module: ansible.builtin.debug diff --git a/examples/playbooks/transform-jinja.transformed.yml b/examples/playbooks/transform-jinja.transformed.yml new file mode 100644 index 0000000..a89dad0 --- /dev/null +++ b/examples/playbooks/transform-jinja.transformed.yml @@ -0,0 +1,40 @@ +--- +- name: Fixture + hosts: localhost + vars: + my_list: + - foo + - bar + tasks: + - name: A block used to check that we do not identify error at correct level + block: + - name: Foo # <-- this is valid jinja2 + ansible.builtin.debug: + foo: "{{ 1 }}" # <-- jinja2[spacing] + msg: "{{ 'a' b }}" # <-- jinja2[invalid] + + - name: A block used to check that we do not identify error at correct level + block: + - name: Foo # <-- this is valid jinja2 + ansible.builtin.debug: + msg: "{{ item }}" # <-- jinja2[spacing] + with_items: + - "{{ items }}" + + - name: Confirm a deeply nested duplicate error is corrected + ansible.builtin.set_fact: + fact: + dict: + dict: + list: + - one + - two + - dict: + fix: "{{ 'VALUE_1' | lower }}" # <-- jinja2[spacing] + - dict: + fix: "{{ 'VALUE_1' | lower }}" # <-- jinja2[spacing] + - dict: + fix: "{{ 'VALUE_2' | lower }}" # <-- jinja2[spacing] + +# It should be noted that even ansible --syntax-check fails to spot the jinja +# error above, but ansible will throw a runtime error when running diff --git a/examples/playbooks/transform-jinja.yml b/examples/playbooks/transform-jinja.yml new file mode 100644 index 0000000..4a4cd32 --- /dev/null +++ b/examples/playbooks/transform-jinja.yml @@ -0,0 +1,40 @@ +--- +- name: Fixture + hosts: localhost + vars: + my_list: + - foo + - bar + tasks: + - name: A block used to check that we do not identify error at correct level + block: + - name: Foo # <-- this is valid jinja2 + ansible.builtin.debug: + foo: "{{ 1 }}" # <-- jinja2[spacing] + msg: "{{ 'a' b }}" # <-- jinja2[invalid] + + - name: A block used to check that we do not identify error at correct level + block: + - name: Foo # <-- this is valid jinja2 + ansible.builtin.debug: + msg: "{{ item }}" # <-- jinja2[spacing] + with_items: + - "{{ items }}" + + - name: Confirm a deeply nested duplicate error is corrected + ansible.builtin.set_fact: + fact: + dict: + dict: + list: + - one + - two + - dict: + fix: "{{'VALUE_1'|lower}}" # <-- jinja2[spacing] + - dict: + fix: "{{'VALUE_1'|lower}}" # <-- jinja2[spacing] + - dict: + fix: "{{'VALUE_2'|lower}}" # <-- jinja2[spacing] + +# It should be noted that even ansible --syntax-check fails to spot the jinja +# error above, but ansible will throw a runtime error when running diff --git a/examples/playbooks/transform-key-order-block.transformed.yml b/examples/playbooks/transform-key-order-block.transformed.yml new file mode 100644 index 0000000..0f1ca12 --- /dev/null +++ b/examples/playbooks/transform-key-order-block.transformed.yml @@ -0,0 +1,20 @@ +--- +- name: Testing multiple plays in a playbook + hosts: localhost + tasks: + - name: First block + when: true + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! + +- name: A second play + hosts: localhost + tasks: + - name: Second block + when: true # <-- name key should be the second one + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! diff --git a/examples/playbooks/transform-key-order-block.yml b/examples/playbooks/transform-key-order-block.yml new file mode 100644 index 0000000..12a171e --- /dev/null +++ b/examples/playbooks/transform-key-order-block.yml @@ -0,0 +1,20 @@ +--- +- name: Testing multiple plays in a playbook + hosts: localhost + tasks: + - name: First block + when: true + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! + +- name: A second play + hosts: localhost + tasks: + - name: Second block + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! + when: true # <-- name key should be the second one diff --git a/examples/playbooks/transform-key-order-play.transformed.yml b/examples/playbooks/transform-key-order-play.transformed.yml new file mode 100644 index 0000000..030364d --- /dev/null +++ b/examples/playbooks/transform-key-order-play.transformed.yml @@ -0,0 +1,10 @@ +--- +- name: This is a playbook # <-- name key should be the first one + hosts: localhost + tasks: + - name: A block + when: true + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! diff --git a/examples/playbooks/transform-key-order-play.yml b/examples/playbooks/transform-key-order-play.yml new file mode 100644 index 0000000..e61920d --- /dev/null +++ b/examples/playbooks/transform-key-order-play.yml @@ -0,0 +1,10 @@ +--- +- hosts: localhost + name: This is a playbook # <-- name key should be the first one + tasks: + - name: A block + when: true + block: + - name: Display a message + ansible.builtin.debug: + msg: Hello world! diff --git a/examples/playbooks/transform-key-order.transformed.yml b/examples/playbooks/transform-key-order.transformed.yml new file mode 100644 index 0000000..82b62d2 --- /dev/null +++ b/examples/playbooks/transform-key-order.transformed.yml @@ -0,0 +1,32 @@ +--- +- name: Fixture + hosts: localhost + tasks: + # comment before keys + - name: Task with no_log on top # name comment + no_log: true # no_log comment + ansible.builtin.command: echo hello # command comment + changed_when: false # changed_when comment + # comment after keys + - name: Task with when on top + when: true + ansible.builtin.command: echo hello + changed_when: false + - name: Delegate_to on top + delegate_to: localhost + ansible.builtin.command: echo hello + changed_when: false + - name: Loopy + loop: + - 1 + - 2 + ansible.builtin.command: echo {{ item }} + changed_when: false + - name: Become first + become: true + ansible.builtin.command: echo hello + changed_when: false + - name: Register first + register: test + ansible.builtin.command: echo hello + changed_when: false diff --git a/examples/playbooks/transform-key-order.yml b/examples/playbooks/transform-key-order.yml new file mode 100644 index 0000000..71712d1 --- /dev/null +++ b/examples/playbooks/transform-key-order.yml @@ -0,0 +1,32 @@ +--- +- name: Fixture + hosts: localhost + tasks: + - # comment before keys + no_log: true # no_log comment + ansible.builtin.command: echo hello # command comment + name: Task with no_log on top # name comment + changed_when: false # changed_when comment + # comment after keys + - when: true + name: Task with when on top + ansible.builtin.command: echo hello + changed_when: false + - delegate_to: localhost + name: Delegate_to on top + ansible.builtin.command: echo hello + changed_when: false + - loop: + - 1 + - 2 + name: Loopy + ansible.builtin.command: echo {{ item }} + changed_when: false + - become: true + name: Become first + ansible.builtin.command: echo hello + changed_when: false + - register: test + ansible.builtin.command: echo hello + name: Register first + changed_when: false diff --git a/examples/playbooks/transform-no-free-form.transformed.yml b/examples/playbooks/transform-no-free-form.transformed.yml new file mode 100644 index 0000000..e947c34 --- /dev/null +++ b/examples/playbooks/transform-no-free-form.transformed.yml @@ -0,0 +1,30 @@ +--- +- name: Example with discouraged free-form syntax + hosts: localhost + tasks: + - name: Create a placefolder file + ansible.builtin.command: # <-- don't use shorthand + chdir: /tmp + cmd: touch foo + changed_when: false + + - name: Create a placefolder file + ansible.builtin.command: # <-- command can also go first + chdir: /tmp + cmd: touch bar + changed_when: false + + - name: Use raw to echo + ansible.builtin.raw: echo foo # <-- don't use executable= + args: + executable: /bin/bash + changed_when: false + + - name: Example task with usage for '=' as module params + ansible.builtin.debug: + msg: "'Hello there world'" + changed_when: false + + - name: Task that has a non-debug string with spaces + ansible.builtin.set_fact: + foo: '"String with spaces"' diff --git a/examples/playbooks/transform-no-free-form.yml b/examples/playbooks/transform-no-free-form.yml new file mode 100644 index 0000000..c57da0c --- /dev/null +++ b/examples/playbooks/transform-no-free-form.yml @@ -0,0 +1,22 @@ +--- +- name: Example with discouraged free-form syntax + hosts: localhost + tasks: + - name: Create a placefolder file + ansible.builtin.command: chdir=/tmp touch foo # <-- don't use shorthand + changed_when: false + + - name: Create a placefolder file + ansible.builtin.command: touch bar chdir=/tmp # <-- command can also go first + changed_when: false + + - name: Use raw to echo + ansible.builtin.raw: executable=/bin/bash echo foo # <-- don't use executable= + changed_when: false + + - name: Example task with usage for '=' as module params + ansible.builtin.debug: msg='Hello there world' + changed_when: false + + - name: Task that has a non-debug string with spaces + ansible.builtin.set_fact: foo="String with spaces" diff --git a/examples/playbooks/transform-no-jinja-when.transformed.yml b/examples/playbooks/transform-no-jinja-when.transformed.yml new file mode 100644 index 0000000..da93ec5 --- /dev/null +++ b/examples/playbooks/transform-no-jinja-when.transformed.yml @@ -0,0 +1,21 @@ +--- +- name: One + hosts: all + tasks: + - name: Test when with jinja2 # noqa: jinja[spacing] + ansible.builtin.debug: + msg: text + when: "false" + +- name: Two + hosts: all + roles: + - role: hello + when: "'1' = '1'" + +- name: Three + hosts: all + roles: + - role: hello + when: + - "'1' = '1'" diff --git a/examples/playbooks/transform-no-jinja-when.yml b/examples/playbooks/transform-no-jinja-when.yml new file mode 100644 index 0000000..be8dd05 --- /dev/null +++ b/examples/playbooks/transform-no-jinja-when.yml @@ -0,0 +1,21 @@ +--- +- name: One + hosts: all + tasks: + - name: Test when with jinja2 # noqa: jinja[spacing] + ansible.builtin.debug: + msg: text + when: "{{ false }}" + +- name: Two + hosts: all + roles: + - role: hello + when: "{{ '1' = '1' }}" + +- name: Three + hosts: all + roles: + - role: hello + when: + - "{{ '1' = '1' }}" diff --git a/examples/playbooks/transform-no-log-password.transformed.yml b/examples/playbooks/transform-no-log-password.transformed.yml new file mode 100644 index 0000000..791c074 --- /dev/null +++ b/examples/playbooks/transform-no-log-password.transformed.yml @@ -0,0 +1,23 @@ +--- +- name: Fixture for no log password + hosts: all + tasks: + - name: Fail when no_log is set to False + ansible.builtin.user: + name: john_doe + password: "{{ item }}" + state: absent + with_items: + - wow + - now + no_log: true + + - name: Fail when no_log is absent + ansible.builtin.user: + name: john_doe + password: "{{ item }}" + state: absent + with_items: + - wow + - now + no_log: true diff --git a/examples/playbooks/transform-no-log-password.yml b/examples/playbooks/transform-no-log-password.yml new file mode 100644 index 0000000..467883a --- /dev/null +++ b/examples/playbooks/transform-no-log-password.yml @@ -0,0 +1,22 @@ +--- +- name: Fixture for no log password + hosts: all + tasks: + - name: Fail when no_log is set to False + ansible.builtin.user: + name: john_doe + password: "{{ item }}" + state: absent + with_items: + - wow + - now + no_log: false + + - name: Fail when no_log is absent + ansible.builtin.user: + name: john_doe + password: "{{ item }}" + state: absent + with_items: + - wow + - now diff --git a/examples/playbooks/transform-partial-become.transformed.yml b/examples/playbooks/transform-partial-become.transformed.yml new file mode 100644 index 0000000..31d2a15 --- /dev/null +++ b/examples/playbooks/transform-partial-become.transformed.yml @@ -0,0 +1,56 @@ +--- +# The play has become_user and the task has become +# this is fixable, copy the become_user to the task +# and remove from the play +- name: Play 1 + hosts: localhost + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become: true + become_user: root + +# The task has become_user but the play does not +# this is fixable, remove the become_user from the task +- name: Play 2 + hosts: localhost + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + +# The task has become_user and the play has become +# this is fixable, add become to the task +- name: Play 3 + hosts: localhost + become: true + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become: true + become_user: root + +# The play has become_user but has an include +# this is not fixable, the include could be called from multiple playbooks +- name: Play 4 + hosts: localhost + become_user: root + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become: true + + - name: Include + ansible.builtin.include_tasks: + file: ../tasks/partial_become/main.yml diff --git a/examples/playbooks/transform-partial-become.yml b/examples/playbooks/transform-partial-become.yml new file mode 100644 index 0000000..079d1a0 --- /dev/null +++ b/examples/playbooks/transform-partial-become.yml @@ -0,0 +1,56 @@ +--- +# The play has become_user and the task has become +# this is fixable, copy the become_user to the task +# and remove from the play +- name: Play 1 + hosts: localhost + become_user: root + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become: true + +# The task has become_user but the play does not +# this is fixable, remove the become_user from the task +- name: Play 2 + hosts: localhost + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become_user: root + +# The task has become_user and the play has become +# this is fixable, add become to the task +- name: Play 3 + hosts: localhost + become: true + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become_user: root + +# The play has become_user but has an include +# this is not fixable, the include could be called from multiple playbooks +- name: Play 4 + hosts: localhost + become_user: root + tasks: + - name: A block + block: + - name: Debug + ansible.builtin.debug: + msg: hello + become: true + + - name: Include + ansible.builtin.include_tasks: + file: ../tasks/partial_become/main.yml diff --git a/examples/playbooks/transform_command_instead_of_shell.transformed.yml b/examples/playbooks/transform_command_instead_of_shell.transformed.yml new file mode 100644 index 0000000..f2477a5 --- /dev/null +++ b/examples/playbooks/transform_command_instead_of_shell.transformed.yml @@ -0,0 +1,25 @@ +--- +- name: Fixture + hosts: localhost + tasks: + - name: Shell no pipe + ansible.builtin.command: + cmd: echo hello + changed_when: false + + - name: Shell with jinja filter + ansible.builtin.command: + cmd: echo {{ "hello" | upper }} + changed_when: false + + - name: Shell with jinja filter (fqcn) + ansible.builtin.command: + cmd: echo {{ "hello" | upper }} + changed_when: false + + - name: Command with executable parameter + ansible.builtin.shell: + cmd: clear + args: + executable: /bin/bash + changed_when: false diff --git a/examples/playbooks/transform_command_instead_of_shell.yml b/examples/playbooks/transform_command_instead_of_shell.yml new file mode 100644 index 0000000..278f5d7 --- /dev/null +++ b/examples/playbooks/transform_command_instead_of_shell.yml @@ -0,0 +1,25 @@ +--- +- name: Fixture + hosts: localhost + tasks: + - name: Shell no pipe + ansible.builtin.shell: + cmd: echo hello + changed_when: false + + - name: Shell with jinja filter + ansible.builtin.shell: + cmd: echo {{ "hello" | upper }} + changed_when: false + + - name: Shell with jinja filter (fqcn) + ansible.builtin.shell: + cmd: echo {{ "hello" | upper }} + changed_when: false + + - name: Command with executable parameter + ansible.builtin.shell: + cmd: clear + args: + executable: /bin/bash + changed_when: false diff --git a/examples/playbooks/rule-var-naming-fail.yml b/examples/playbooks/var-naming/rule-var-naming-fail.yml index 888ed72..3861cd9 100644 --- a/examples/playbooks/rule-var-naming-fail.yml +++ b/examples/playbooks/var-naming/rule-var-naming-fail.yml @@ -30,3 +30,15 @@ ansible.builtin.debug: var: test_var register: CamelCaseIsBad # invalid 7 + + - name: This should not trigger due to role name being dynamic (jinja) + ansible.builtin.include_role: + name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + vars: + nginx_logrotate_conf_enable: true + + - name: This should not trigger due to containing a dot in role name + ansible.builtin.include_role: + name: "foo.bar" + vars: + bar_foo: true diff --git a/examples/playbooks/vars/transform_nested_data.transformed.yml b/examples/playbooks/vars/transform_nested_data.transformed.yml new file mode 100644 index 0000000..c0479fc --- /dev/null +++ b/examples/playbooks/vars/transform_nested_data.transformed.yml @@ -0,0 +1,7 @@ +--- +sequence: + - - - 111 + - 112 + - 12 + - - 21 + - - 221 diff --git a/examples/playbooks/vars/transform_nested_data.yml b/examples/playbooks/vars/transform_nested_data.yml new file mode 100644 index 0000000..9f5aeb8 --- /dev/null +++ b/examples/playbooks/vars/transform_nested_data.yml @@ -0,0 +1,7 @@ +--- +sequence: + - - - 111 + - 112 + - 12 + - - 21 + - - 221 diff --git a/examples/playbooks_globs/a.yml b/examples/playbooks_globs/a.yml new file mode 100644 index 0000000..37b6d9e --- /dev/null +++ b/examples/playbooks_globs/a.yml @@ -0,0 +1,4 @@ +--- +- name: A + hosts: localhost + tasks: [] diff --git a/examples/playbooks_globs/b.yml b/examples/playbooks_globs/b.yml new file mode 100644 index 0000000..19f17c5 --- /dev/null +++ b/examples/playbooks_globs/b.yml @@ -0,0 +1,4 @@ +--- +- # missing name + hosts: localhost + tasks: [] diff --git a/examples/roles/include_wrong_syntax/tasks/main.yml b/examples/roles/include_wrong_syntax/tasks/main.yml new file mode 100644 index 0000000..be269e5 --- /dev/null +++ b/examples/roles/include_wrong_syntax/tasks/main.yml @@ -0,0 +1,3 @@ +--- +- name: Invalid syntax for import (coverage) + ansible.builtin.import_tasks: wrong=imported_tasks.yml diff --git a/examples/roles/name_casing/tasks/main.transformed.yml b/examples/roles/name_casing/tasks/main.transformed.yml new file mode 100644 index 0000000..74c18ae --- /dev/null +++ b/examples/roles/name_casing/tasks/main.transformed.yml @@ -0,0 +1,15 @@ +--- +- name: Test nested tasks within block and always + block: + - name: Test1 + ansible.builtin.debug: + msg: Foo + + - name: Test2 + ansible.builtin.debug: + msg: Bar + + always: + - name: From always block to be auto fixed as name[casing] scenario + ansible.builtin.debug: + msg: Baz diff --git a/examples/roles/name_casing/tasks/main.yml b/examples/roles/name_casing/tasks/main.yml new file mode 100644 index 0000000..7bf73ff --- /dev/null +++ b/examples/roles/name_casing/tasks/main.yml @@ -0,0 +1,15 @@ +--- +- name: Test nested tasks within block and always + block: + - name: test1 + ansible.builtin.debug: + msg: Foo + + - name: Test2 + ansible.builtin.debug: + msg: Bar + + always: + - name: from always block to be auto fixed as name[casing] scenario + ansible.builtin.debug: + msg: Baz diff --git a/examples/roles/name_prefix/tasks/test.transformed.yml b/examples/roles/name_prefix/tasks/test.transformed.yml new file mode 100644 index 0000000..eb6e116 --- /dev/null +++ b/examples/roles/name_prefix/tasks/test.transformed.yml @@ -0,0 +1,8 @@ +--- +- name: test | Not cap + ansible.builtin.debug: + msg: not cap + +- name: test | Cap + ansible.builtin.debug: + msg: Cap diff --git a/examples/roles/name_prefix/tasks/test.yml b/examples/roles/name_prefix/tasks/test.yml new file mode 100644 index 0000000..679332a --- /dev/null +++ b/examples/roles/name_prefix/tasks/test.yml @@ -0,0 +1,8 @@ +--- +- name: test | not cap + ansible.builtin.debug: + msg: not cap + +- name: test | Cap + ansible.builtin.debug: + msg: Cap diff --git a/examples/roles/role_detection/base/bar/defaults/main.yml b/examples/roles/role_detection/base/bar/defaults/main.yml new file mode 100644 index 0000000..faa4ea1 --- /dev/null +++ b/examples/roles/role_detection/base/bar/defaults/main.yml @@ -0,0 +1,3 @@ +--- +base_var_1: foo +base_var_2: foo diff --git a/examples/roles/role_detection/foo/defaults/main.yml b/examples/roles/role_detection/foo/defaults/main.yml new file mode 100644 index 0000000..1a5b54b --- /dev/null +++ b/examples/roles/role_detection/foo/defaults/main.yml @@ -0,0 +1,3 @@ +--- +foo_var_1: bar +foo_var_2: bar diff --git a/examples/roles/role_vars_prefix_detection/defaults/main.yml b/examples/roles/role_vars_prefix_detection/defaults/main.yml new file mode 100644 index 0000000..23809fe --- /dev/null +++ b/examples/roles/role_vars_prefix_detection/defaults/main.yml @@ -0,0 +1,2 @@ +--- +foo: bar diff --git a/examples/roles/role_vars_prefix_detection/vars/main.yml b/examples/roles/role_vars_prefix_detection/vars/main.yml new file mode 100644 index 0000000..143ee72 --- /dev/null +++ b/examples/roles/role_vars_prefix_detection/vars/main.yml @@ -0,0 +1,3 @@ +--- +role_vars_prefix_detection_bar: baz +bar: baz diff --git a/examples/roles/role_with_deps_paths/meta/main.yml b/examples/roles/role_with_deps_paths/meta/main.yml new file mode 100644 index 0000000..51efd72 --- /dev/null +++ b/examples/roles/role_with_deps_paths/meta/main.yml @@ -0,0 +1,10 @@ +--- +dependencies: + - role: subfolder/1st_role + vars: + param: baz + - role: subfolder + vars: + param: baz + - role: subfolder/2nd_role + - subfolder/3rd_role diff --git a/examples/roles/role_with_handler/handlers/main.yml b/examples/roles/role_with_handler/handlers/main.yml new file mode 100644 index 0000000..9ca1ab1 --- /dev/null +++ b/examples/roles/role_with_handler/handlers/main.yml @@ -0,0 +1,8 @@ +--- +- name: Debug + loop: "{{ _something_done.results }}" + loop_control: + label: "{{ item.item.name }}" + when: item.changed + ansible.builtin.debug: + msg: "{{ item.item.name }} changed" diff --git a/examples/roles/role_with_handler/tasks/main.yml b/examples/roles/role_with_handler/tasks/main.yml new file mode 100644 index 0000000..362dc78 --- /dev/null +++ b/examples/roles/role_with_handler/tasks/main.yml @@ -0,0 +1,17 @@ +--- +- name: Get info + delegate_to: localhost + register: collected_info + ansible.builtin.debug: + msg: test + +- name: Do something + delegate_to: localhost + loop: "{{ collected_info['some_list'] }}" + loop_control: + label: "{{ item.name }}" + notify: + - Debug + register: _something_done + ansible.builtin.debug: + msg: test2 diff --git a/examples/roles/test-no-deps-role/meta/main.yml b/examples/roles/test-no-deps-role/meta/main.yml new file mode 100644 index 0000000..1d80cc3 --- /dev/null +++ b/examples/roles/test-no-deps-role/meta/main.yml @@ -0,0 +1,55 @@ +--- +galaxy_info: + author: audgirka + description: your role description + company: Red Hat + role_name: test_no_deps_role # if absent directory name hosting role is used instead + namespace: foo # if absent, author is used instead + + # If the issue tracker for your role is not on github, uncomment the + # next line and provide a value + # issue_tracker_url: http://example.com/issue/tracker + + # Choose a valid license ID from https://spdx.org - some suggested licenses: + # - BSD-3-Clause (default) + # - MIT + # - GPL-2.0-or-later + # - GPL-3.0-only + # - Apache-2.0 + # - CC-BY-4.0 + license: GPL-2.0-or-later + + min_ansible_version: "2.1" + + # If this a Container Enabled role, provide the minimum Ansible Container version. + # min_ansible_container_version: + + # + # Provide a list of supported platforms, and for each platform a list of versions. + # If you don't wish to enumerate all versions for a particular platform, use 'all'. + # To view available platforms and versions (or releases), visit: + # https://galaxy.ansible.com/api/v1/platforms/ + # + # platforms: + # - name: Fedora + # versions: + # - all + # - 25 + # - name: SomePlatform + # versions: + # - all + # - 1.0 + # - 7 + # - 99.99 + + galaxy_tags: [] + # List tags for your role here, one per line. A tag is a keyword that describes + # and categorizes the role. Users find roles by searching for tags. Be sure to + # remove the '[]' above, if you add tags to this list. + # + # NOTE: A tag is limited to a single word comprised of alphanumeric characters. + # Maximum 20 tags per role. +# Skipping deps for testing scenario when no role deps are present +# dependencies: [] +# List your role dependencies here, one per line. Be sure to remove the '[]' above, +# if you add dependencies to this list. diff --git a/examples/roles/var_naming_pattern/tasks/include_task_with_vars.yml b/examples/roles/var_naming_pattern/tasks/include_task_with_vars.yml index 5151cd3..40b6729 100644 --- a/examples/roles/var_naming_pattern/tasks/include_task_with_vars.yml +++ b/examples/roles/var_naming_pattern/tasks/include_task_with_vars.yml @@ -1,10 +1,15 @@ --- -- name: include_task_with_vars | Foo +- name: include_task_with_vars | Var1 + ansible.builtin.include_tasks: file=../tasks/included-task-with-vars.yml + +- name: include_task_with_vars | Var2 ansible.builtin.include_tasks: ../tasks/included-task-with-vars.yml vars: - var_naming_pattern_foo: bar + var_naming_pattern_1: bar + _var_naming_pattern_2: ... # we allow _ before the prefix + __var_naming_pattern_3: ... # we allow __ before the prefix -- name: include_task_with_vars | Foo +- name: include_task_with_vars | Var3 ansible.builtin.include_role: name: bobbins vars: diff --git a/examples/rulebooks/rulebook-fail.yml b/examples/rulebooks/rulebook-fail.yml index 11472b4..b08cd03 100644 --- a/examples/rulebooks/rulebook-fail.yml +++ b/examples/rulebooks/rulebook-fail.yml @@ -1,8 +1,8 @@ --- - name: Sample rulebooks hosts: all - that_should_not_be_here: foo - sources: # should be "sources" + that_should_not_be_here: foo # <-- this is not supported + sources: # <-- should be "sources" - name: listen for alerts ansible.eda.alertmanager: host: 0.0.0.0 @@ -18,4 +18,4 @@ - name: debug condition: event.alert.labels.job == "fastapi" action: - debug: sss + debug: sss # <-- this should be an object diff --git a/examples/rules/task_has_tag.py b/examples/rules/task_has_tag.py index a4b927c..a96d123 100644 --- a/examples/rules/task_has_tag.py +++ b/examples/rules/task_has_tag.py @@ -1,4 +1,5 @@ """Example implementation of a rule requiring tasks to have tags set.""" + from __future__ import annotations from typing import TYPE_CHECKING diff --git a/examples/sanity_ignores/tests/sanity/ignore-2.13.txt b/examples/sanity_ignores/tests/sanity/ignore-2.13.txt index 2b95cf5..fedd39e 100644 --- a/examples/sanity_ignores/tests/sanity/ignore-2.13.txt +++ b/examples/sanity_ignores/tests/sanity/ignore-2.13.txt @@ -1 +1,2 @@ plugins/module_utils/ansible_example_module.py validate-modules:deprecation-mismatch # comment +tests/unit/file.py import-3.6!skip diff --git a/examples/sanity_ignores/tests/sanity/ignore-2.15.txt b/examples/sanity_ignores/tests/sanity/ignore-2.15.txt index 069ef15..08d21a2 100644 --- a/examples/sanity_ignores/tests/sanity/ignore-2.15.txt +++ b/examples/sanity_ignores/tests/sanity/ignore-2.15.txt @@ -1,2 +1,3 @@ plugins/module_utils/ansible_example_module.incorrect-3.6!skip #plugins/module_utils/ansible_example_module.py import-3.6!skip +other_dir/module_utils/ansible_example_module incorrect-3.6!skip diff --git a/examples/sanity_ignores/tests/sanity/ignore-2.9.txt b/examples/sanity_ignores/tests/sanity/ignore-2.9.txt index bfee509..4727a66 100644 --- a/examples/sanity_ignores/tests/sanity/ignore-2.9.txt +++ b/examples/sanity_ignores/tests/sanity/ignore-2.9.txt @@ -1,2 +1,4 @@ +# Should be fully skipped plugins/module_utils/ansible_example_module.py validate-modules:deprecation-mismatch plugins/module_utils/ansible_example_module.py import-2.6!skip +plugins/module_utils/ansible_example_module.py validate-modules diff --git a/examples/yamllint/.github/workflows/ci.yml b/examples/yamllint/.github/workflows/ci.yml new file mode 100644 index 0000000..fac4072 --- /dev/null +++ b/examples/yamllint/.github/workflows/ci.yml @@ -0,0 +1,9 @@ +--- +name: ack +on: # <-- this is invalid by YAML 1.2 spec as it loads as true boolean. + pull_request_target: + types: [opened, labeled, unlabeled, synchronize] + +jobs: + ack: + uses: ansible/team-devtools/.github/workflows/ack.yml@main diff --git a/examples/yamllint/incompatible-config/.yamllint b/examples/yamllint/incompatible-config/.yamllint new file mode 100644 index 0000000..7639dd5 --- /dev/null +++ b/examples/yamllint/incompatible-config/.yamllint @@ -0,0 +1,14 @@ +# This config file is full of yamllint configuration settings that are +# incompatible with ansible-lint. It used for testing their detection. +rules: + comments: + min-spaces-from-content: 2 + comments-indentation: false + braces: + min-spaces-inside: 1 + max-spaces-inside: 2 + key-duplicates: + forbid-duplicated-merge-keys: false + octal-values: + forbid-implicit-octal: false + forbid-explicit-octal: false |