CI: add block support to validate-all-file.py
This change also refactors code a bit to allow additional checks in the same os.walk loop Change-Id: Ib40af3ee309c773afba4776183d162327a9a0e1c
This commit is contained in:
Michal Nasiadka
parent
e38f5e0c23
commit
49cb1ce4b0
@ -148,16 +148,14 @@ def check_json_j2():
|
|||||||
return return_code
|
return return_code
|
||||||
|
|
||||||
|
|
||||||
def check_docker_become():
|
def check_task_contents():
|
||||||
"""All tasks that use Docker should have 'become: true'."""
|
"""All tasks that use Docker should have 'become: true'."""
|
||||||
includes = r'|'.join([fnmatch.translate(x)
|
includes = r'|'.join([fnmatch.translate(x)
|
||||||
for x in YAML_INCLUDE_PATTERNS])
|
for x in YAML_INCLUDE_PATTERNS])
|
||||||
excludes = r'|'.join([fnmatch.translate(x)
|
excludes = r'|'.join([fnmatch.translate(x)
|
||||||
for x in YAML_EXCLUDE_PATTERNS])
|
for x in YAML_EXCLUDE_PATTERNS])
|
||||||
ce_modules = ('kolla_docker', 'kolla_container_facts', 'kolla_toolbox')
|
|
||||||
cmd_modules = ('command', 'shell')
|
|
||||||
return_code = 0
|
|
||||||
roles_path = os.path.join(PROJECT_ROOT, 'ansible', 'roles')
|
roles_path = os.path.join(PROJECT_ROOT, 'ansible', 'roles')
|
||||||
|
return_code = 0
|
||||||
for root, dirs, files in os.walk(roles_path):
|
for root, dirs, files in os.walk(roles_path):
|
||||||
dirs[:] = [d for d in dirs if not re.match(excludes, d)]
|
dirs[:] = [d for d in dirs if not re.match(excludes, d)]
|
||||||
for filename in files:
|
for filename in files:
|
||||||
@ -168,38 +166,58 @@ def check_docker_become():
|
|||||||
tasks = yaml.safe_load(fp)
|
tasks = yaml.safe_load(fp)
|
||||||
tasks = tasks or []
|
tasks = tasks or []
|
||||||
for task in tasks:
|
for task in tasks:
|
||||||
for module in ce_modules:
|
if task.get('block'):
|
||||||
if module in task and not task.get('become'):
|
block = task
|
||||||
return_code = 1
|
for task in task['block']:
|
||||||
LOG.error("Use of %s module without become in "
|
if check_docker_become(fullpath, task, block):
|
||||||
"task %s in %s",
|
|
||||||
module, task['name'], fullpath)
|
|
||||||
for module in cmd_modules:
|
|
||||||
ce_without_become = False
|
|
||||||
if (module in task and not task.get('become')):
|
|
||||||
if (isinstance(task[module], str) and
|
|
||||||
((task[module]).startswith('docker') or
|
|
||||||
(task[module]).startswith('podman'))):
|
|
||||||
ce_without_become = True
|
|
||||||
if (isinstance(task[module], dict) and
|
|
||||||
(task[module]['cmd'].startswith('docker') or
|
|
||||||
task[module]['cmd'].startswith('podman'))):
|
|
||||||
ce_without_become = True
|
|
||||||
if ce_without_become:
|
|
||||||
return_code = 1
|
return_code = 1
|
||||||
LOG.error("Use of container engine in %s "
|
else:
|
||||||
"module without "
|
if check_docker_become(fullpath, task):
|
||||||
"become in task %s in %s",
|
return_code = 1
|
||||||
module, task['name'], fullpath)
|
|
||||||
|
|
||||||
return return_code
|
return return_code
|
||||||
|
|
||||||
|
|
||||||
|
def check_docker_become(fullpath, task, block=''):
|
||||||
|
|
||||||
|
ce_modules = ('kolla_docker', 'kolla_container_facts', 'kolla_toolbox')
|
||||||
|
cmd_modules = ('command', 'shell')
|
||||||
|
return_code = 0
|
||||||
|
|
||||||
|
for module in ce_modules:
|
||||||
|
if (module in task and not task.get('become') and
|
||||||
|
not block.get('become')):
|
||||||
|
return_code = 1
|
||||||
|
LOG.error("Use of %s module without become in "
|
||||||
|
"task %s in %s",
|
||||||
|
module, task['name'], fullpath)
|
||||||
|
for module in cmd_modules:
|
||||||
|
ce_without_become = False
|
||||||
|
if (module in task and not task.get('become')):
|
||||||
|
if (isinstance(task[module], str) and
|
||||||
|
(task[module].startswith('docker') or
|
||||||
|
task[module].startswith('podman')) and
|
||||||
|
not block.get('become')):
|
||||||
|
ce_without_become = True
|
||||||
|
if (isinstance(task[module], dict) and
|
||||||
|
(task[module]['cmd'].startswith('docker') or
|
||||||
|
task[module]['cmd'].startswith('podman')) and
|
||||||
|
not block.get('become')):
|
||||||
|
ce_without_become = True
|
||||||
|
if ce_without_become:
|
||||||
|
return_code = 1
|
||||||
|
LOG.error("Use of container engine in %s "
|
||||||
|
"module without "
|
||||||
|
"become in task %s in %s block %s",
|
||||||
|
module, task['name'], fullpath, block)
|
||||||
|
return return_code
|
||||||
|
|
||||||
|
|
||||||
def main():
|
def main():
|
||||||
checks = (
|
checks = (
|
||||||
check_newline_eof,
|
check_newline_eof,
|
||||||
check_json_j2,
|
check_json_j2,
|
||||||
check_docker_become,
|
check_task_contents,
|
||||||
)
|
)
|
||||||
return sum([check() for check in checks])
|
return sum([check() for check in checks])
|
||||||
|
|
||||||
|
|||||||
@ -25,6 +25,7 @@
|
|||||||
- ^contrib/
|
- ^contrib/
|
||||||
- ^specs/
|
- ^specs/
|
||||||
- ^kolla_ansible/tests/
|
- ^kolla_ansible/tests/
|
||||||
|
- ^tools/validate-.*$
|
||||||
- ^zuul\.d/
|
- ^zuul\.d/
|
||||||
vars:
|
vars:
|
||||||
previous_release: "2023.1"
|
previous_release: "2023.1"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user