openstack/openstack-ansible
Code Issues Proposed changes

Bump ansible-lint version

Browse Source 
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-os_sahara/+/792241
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/792242
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-memcached_server/+/793400
Change-Id: I73cd3ef5a8c63be66f1a68e9e2de34421e27e6fd
This commit is contained in:
Dmitriy Rabotyagov 2021-05-19 17:15:09 +03:00 committed by Dmitriy Rabotyagov
parent c6f2263849
commit 82e3d013fe
10 changed files with 38 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
.ansible-lint
View File

@ -1,13 +1,9 @@
skip_list: skip_list:
- '106' # Role name {} does not match ``^[a-z][a-z0-9_]+$`` pattern - metadata
- '208' # File permissions unset or incorrect
warn_list: warn_list:
- '204' # Lines should be no longer than 160 chars - risky-file-permissions
- '303' # Using command rather than module - risky-shell-pipe
- '305' # Use shell only when shell functionality is required - unnamed-task
- '306' # Shells that use pipes should set the pipefail option - no-handler
- '502' # All tasks should be named - var-naming
- '602' # Don't compare to empty string
- '701' # meta/main.yml should contain relevant info
- '702' # Tags must contain lowercase letters and digits only

12
playbooks/healthcheck-infrastructure.yml
View File

@ -243,10 +243,10 @@
- name: Grant access to the DB on "{{ groups['galera_all'][-1] }}" - name: Grant access to the DB on "{{ groups['galera_all'][-1] }}"
community.mysql.mysql_user: community.mysql.mysql_user:
login_user: "{{ galera_root_user | default('root') }}" login_user: "{{ galera_root_user | default('root') }}"
login_password: "{{ galera_root_password }}" login_password: "{{ galera_root_password }}" # noqa no-log-password
login_host: "{{ ansible_host }}" login_host: "{{ ansible_host }}"
name: "osa-tester" name: "osa-tester"
password: "tester-secrete" password: "tester-secrete" # noqa no-log-password
host: "{{ item }}" host: "{{ item }}"
state: "present" state: "present"
priv: "OSA-test.*:ALL" priv: "OSA-test.*:ALL"
@ -268,7 +268,7 @@
- name: Remove created user - name: Remove created user
community.mysql.mysql_user: community.mysql.mysql_user:
login_user: "{{ galera_root_user | default('root') }}" login_user: "{{ galera_root_user | default('root') }}"
login_password: "{{ galera_root_password }}" login_password: "{{ galera_root_password }}" # noqa no-log-password
login_host: "{{ ansible_host }}" login_host: "{{ ansible_host }}"
name: "osa-tester" name: "osa-tester"
state: "absent" state: "absent"
@ -281,7 +281,7 @@
- name: Remove created DB - name: Remove created DB
community.mysql.mysql_db: community.mysql.mysql_db:
login_user: "{{ galera_root_user | default('root') }}" login_user: "{{ galera_root_user | default('root') }}"
login_password: "{{ galera_root_password }}" login_password: "{{ galera_root_password }}" # noqa no-log-password
login_host: "{{ ansible_host }}" login_host: "{{ ansible_host }}"
name: "OSA-test" name: "OSA-test"
state: "absent" state: "absent"
@ -303,13 +303,12 @@
- name: Configure Rabbitmq user - name: Configure Rabbitmq user
community.rabbitmq.rabbitmq_user: community.rabbitmq.rabbitmq_user:
user: "testguest" user: "testguest"
password: "secrete" password: "secrete" # noqa no-log-password
vhost: "/testvhost" vhost: "/testvhost"
configure_priv: ".*" configure_priv: ".*"
read_priv: ".*" read_priv: ".*"
write_priv: ".*" write_priv: ".*"
state: "present" state: "present"
no_log: True
tags: tags:
- healthcheck - healthcheck
@ -337,6 +336,7 @@
mode: 0755 mode: 0755
- name: Connect to rabbitmq - name: Connect to rabbitmq
command: "{{ venv_path }}/bin/python {{ venv_path }}/rabbitmq-test.py {{ hostvars[groups['rabbitmq_all'][0]]['container_address'] }}" command: "{{ venv_path }}/bin/python {{ venv_path }}/rabbitmq-test.py {{ hostvars[groups['rabbitmq_all'][0]]['container_address'] }}"
changed_when: false
tags: tags:
- healthcheck - healthcheck
- healthcheck-rabbitmq-install - healthcheck-rabbitmq-install

6
playbooks/healthcheck-openstack.yml
View File

@ -149,7 +149,7 @@
- "not 'is in use' in item.msg" - "not 'is in use' in item.msg"
- name: Store facts to see if everything is ok - name: Store facts to see if everything is ok
openstack.cloud.os_networks_facts: openstack.cloud.networks_info:
cloud: default cloud: default
interface: internal interface: internal
verify: no verify: no
@ -234,7 +234,7 @@
tasks: tasks:
- block: - block:
- name: Create keypair for nova - name: Create keypair for nova
shell: "ssh-keygen -b 2048 -t rsa -f {{ ssh_key }} -q -N ''" command: "ssh-keygen -b 2048 -t rsa -f {{ ssh_key }} -q -N ''" # noqa no-changed-when
args: args:
creates: "{{ ssh_key }}" creates: "{{ ssh_key }}"
@ -313,7 +313,7 @@
volume: "{{ cinder_volumes[0]['name'] }}" volume: "{{ cinder_volumes[0]['name'] }}"
- name: Get server facts - name: Get server facts
openstack.cloud.os_server_facts: openstack.cloud.server_info:
cloud: default cloud: default
interface: internal interface: internal
verify: "{{ keystone_service_internaluri_insecure | ternary(false, true) }}" verify: "{{ keystone_service_internaluri_insecure | ternary(false, true) }}"

1
playbooks/listening-port-report.yml
View File

@ -19,6 +19,7 @@
- name: Gather listening ports - name: Gather listening ports
command: netstat -ln --inet --program command: netstat -ln --inet --program
register: listening_ports register: listening_ports
changed_when: false
- name: create report - name: create report
copy: copy:

25
scripts/gate-check-commit.sh
View File

@ -104,7 +104,7 @@ if which iptables; then
fi fi
# Bootstrap an AIO # Bootstrap an AIO
if [[ -z "${SKIP_OSA_BOOTSTRAP_AIO+defined}" ]]; then if [[ -z "${SKIP_OSA_BOOTSTRAP_AIO+defined}" && "${ACTION}" != "linters" ]]; then
source "${OSA_CLONE_DIR}/scripts/bootstrap-aio.sh" source "${OSA_CLONE_DIR}/scripts/bootstrap-aio.sh"
fi fi
@ -113,7 +113,7 @@ if [[ "${ACTION}" == "varstest" ]]; then
openstack-ansible test-vars-overrides.yml openstack-ansible test-vars-overrides.yml
popd popd
elif [[ "${ACTION}" == "linters" ]]; then elif [[ "${ACTION}" == "linters" ]]; then
pushd "${OSA_CLONE_DIR}/playbooks" pushd "${OSA_CLONE_DIR}"
# Install linter tools # Install linter tools
${PIP_COMMAND} install --isolated ${PIP_OPTS} -r ${OSA_CLONE_DIR}/test-requirements.txt ${PIP_COMMAND} install --isolated ${PIP_OPTS} -r ${OSA_CLONE_DIR}/test-requirements.txt
# Disable Ansible color output # Disable Ansible color output
@ -126,16 +126,21 @@ elif [[ "${ACTION}" == "linters" ]]; then
# defining working directories # defining working directories
VENV_BIN_DIR=$(dirname ${PIP_COMMAND}) VENV_BIN_DIR=$(dirname ${PIP_COMMAND})
ROLE_DIR="/etc/ansible/roles/${SCENARIO}"
ANSIBLE_LINT_WARNINGS="-w 204 -w 208 -w 306 -w metadata" # Due to ansible-lint bug, it can't run from venv without sourcing it
# https://github.com/ansible-community/ansible-lint/issues/1507
source ${VENV_BIN_DIR}/activate
source /usr/local/bin/openstack-ansible.rc
# Check if we have test playbook and running checks # Check if we have test playbook and running checks
if [[ -f "${ROLE_DIR}/examples/playbook.yml" ]]; then if [[ -f "/etc/ansible/roles/${SCENARIO}/examples/playbook.yml" ]]; then
${VENV_BIN_DIR}/ansible-lint ${ROLE_DIR}/examples/playbook.yml ${ANSIBLE_LINT_WARNINGS} ROLE_DIR="/etc/ansible/roles/${SCENARIO}"
${VENV_BIN_DIR}/ansible-playbook --syntax-check --list-tasks ${ROLE_DIR}/examples/playbook.yml ${VENV_BIN_DIR}/ansible-lint ${ROLE_DIR}/examples/playbook.yml -c ${OSA_CLONE_DIR}/.ansible-lint
ansible-playbook --syntax-check --list-tasks ${ROLE_DIR}/examples/playbook.yml
# If we don't have test playbook we assume that we're testing integrated repo
else else
${VENV_BIN_DIR}/ansible-lint ${ROLE_DIR} ${ANSIBLE_LINT_WARNINGS} ROLE_DIR="${OSA_CLONE_DIR}"
${VENV_BIN_DIR}/ansible-playbook --syntax-check --list-tasks setup-everything.yml ${VENV_BIN_DIR}/ansible-lint playbooks/ --exclude /etc/ansible/roles
ansible-playbook --syntax-check --list-tasks playbooks/setup-everything.yml
fi fi
# Run bashate # Run bashate
@ -154,6 +159,8 @@ elif [[ "${ACTION}" == "linters" ]]; then
--exclude-dir *.egg-info \ --exclude-dir *.egg-info \
--exclude-dir doc \ --exclude-dir doc \
"${ROLE_DIR}" | xargs -r ${VENV_BIN_DIR}/flake8 --verbose "${ROLE_DIR}" | xargs -r ${VENV_BIN_DIR}/flake8 --verbose
deactivate
popd popd
else else
pushd "${OSA_CLONE_DIR}/playbooks" pushd "${OSA_CLONE_DIR}/playbooks"

2
test-requirements.txt
View File

@ -11,4 +11,4 @@ virtualenv>=14.0.6 # MIT
# once we stop doing linters check for the integrated repo with # once we stop doing linters check for the integrated repo with
# openstack-ansible-tests/test-ansible-lint.sh # openstack-ansible-tests/test-ansible-lint.sh
flake8==3.8.3 # MIT flake8==3.8.3 # MIT
ansible-lint==4.3.5 # MIT ansible-lint==5.0.10 # MIT

2
tests/roles/bootstrap-host/tasks/prepare_aio_config.yml
View File

@ -121,7 +121,7 @@
- ansible_facts['selinux']['status'] == "enabled" - ansible_facts['selinux']['status'] == "enabled"
- name: Get systemd version - name: Get systemd version
command: "rpm -q systemd" command: "rpm -q systemd" # noqa command-instead-of-module
changed_when: false changed_when: false
register: systemd_version register: systemd_version
when: ansible_facts['os_family'] | lower == 'redhat' when: ansible_facts['os_family'] | lower == 'redhat'

4
zuul.d/playbooks/pre-osa-aio.yml
View File

@ -48,4 +48,6 @@
SCENARIO: "{{ scenario }}" SCENARIO: "{{ scenario }}"
ACTION: "{{ action }}" ACTION: "{{ action }}"
INSTALL_METHOD: "{{ install_method }}" INSTALL_METHOD: "{{ install_method }}"
when: action != 'upgrade' when:
- action != 'upgrade'
- action != 'linters'

2
zuul.d/project-templates.yaml
View File

@ -16,12 +16,10 @@
name: openstack-ansible-deploy-base-jobs name: openstack-ansible-deploy-base-jobs
check: check:
jobs: jobs:
- openstack-ansible-linters
- openstack-ansible-varstest-aio - openstack-ansible-varstest-aio
- openstack-tox-docs - openstack-tox-docs
gate: gate:
jobs: jobs:
- openstack-ansible-linters
- openstack-ansible-varstest-aio - openstack-ansible-varstest-aio
- openstack-tox-docs - openstack-tox-docs
periodic: periodic:

1
zuul.d/project.yaml
View File

@ -14,6 +14,7 @@
- project: - project:
templates: templates:
- openstack-ansible-linters-jobs
- openstack-ansible-deploy-guide-jobs - openstack-ansible-deploy-guide-jobs
- openstack-ansible-deploy-base-jobs - openstack-ansible-deploy-base-jobs
- openstack-ansible-deploy-aio_lxc-jobs - openstack-ansible-deploy-aio_lxc-jobs