openstack/openstack-ansible
Code Issues Proposed changes

Bump ansible-lint version

Browse Source 
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-os_sahara/+/792241
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-os_octavia/+/792242
Depends-On: https://review.opendev.org/c/openstack/openstack-ansible-memcached_server/+/793400
Change-Id: I73cd3ef5a8c63be66f1a68e9e2de34421e27e6fd
This commit is contained in:
Dmitriy Rabotyagov 2021-05-19 17:15:09 +03:00 committed by Dmitriy Rabotyagov
parent c6f2263849
commit 82e3d013fe
10 changed files with 38 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
.ansible-lint
View File

@ -1,13 +1,9 @@
skip_list:
- '106' # Role name {} does not match ``^[a-z][a-z0-9_]+$`` pattern
- '208' # File permissions unset or incorrect
- metadata
warn_list:
- '204' # Lines should be no longer than 160 chars
- '303' # Using command rather than module
- '305' # Use shell only when shell functionality is required
- '306' # Shells that use pipes should set the pipefail option
- '502' # All tasks should be named
- '602' # Don't compare to empty string
- '701' # meta/main.yml should contain relevant info
- '702' # Tags must contain lowercase letters and digits only
- risky-file-permissions
- risky-shell-pipe
- unnamed-task
- no-handler
- var-naming

12
playbooks/healthcheck-infrastructure.yml
View File

@ -243,10 +243,10 @@
- name: Grant access to the DB on "{{ groups['galera_all'][-1] }}"
community.mysql.mysql_user:
login_user: "{{ galera_root_user | default('root') }}"
login_password: "{{ galera_root_password }}"
login_password: "{{ galera_root_password }}" # noqa no-log-password
login_host: "{{ ansible_host }}"
name: "osa-tester"
password: "tester-secrete"
password: "tester-secrete" # noqa no-log-password
host: "{{ item }}"
state: "present"
priv: "OSA-test.*:ALL"
@ -268,7 +268,7 @@
- name: Remove created user
community.mysql.mysql_user:
login_user: "{{ galera_root_user | default('root') }}"
login_password: "{{ galera_root_password }}"
login_password: "{{ galera_root_password }}" # noqa no-log-password
login_host: "{{ ansible_host }}"
name: "osa-tester"
state: "absent"
@ -281,7 +281,7 @@
- name: Remove created DB
community.mysql.mysql_db:
login_user: "{{ galera_root_user | default('root') }}"
login_password: "{{ galera_root_password }}"
login_password: "{{ galera_root_password }}" # noqa no-log-password
login_host: "{{ ansible_host }}"
name: "OSA-test"
state: "absent"
@ -303,13 +303,12 @@
- name: Configure Rabbitmq user
community.rabbitmq.rabbitmq_user:
user: "testguest"
password: "secrete"
password: "secrete" # noqa no-log-password
vhost: "/testvhost"
configure_priv: ".*"
read_priv: ".*"
write_priv: ".*"
state: "present"
no_log: True
tags:
- healthcheck
@ -337,6 +336,7 @@
mode: 0755
- name: Connect to rabbitmq
command: "{{ venv_path }}/bin/python {{ venv_path }}/rabbitmq-test.py {{ hostvars[groups['rabbitmq_all'][0]]['container_address'] }}"
changed_when: false
tags:
- healthcheck
- healthcheck-rabbitmq-install

6
playbooks/healthcheck-openstack.yml
View File

@ -149,7 +149,7 @@
- "not 'is in use' in item.msg"
- name: Store facts to see if everything is ok
openstack.cloud.os_networks_facts:
openstack.cloud.networks_info:
cloud: default
interface: internal
verify: no
@ -234,7 +234,7 @@
tasks:
- block:
- name: Create keypair for nova
shell: "ssh-keygen -b 2048 -t rsa -f {{ ssh_key }} -q -N ''"
command: "ssh-keygen -b 2048 -t rsa -f {{ ssh_key }} -q -N ''" # noqa no-changed-when
args:
creates: "{{ ssh_key }}"
@ -313,7 +313,7 @@
volume: "{{ cinder_volumes[0]['name'] }}"
- name: Get server facts
openstack.cloud.os_server_facts:
openstack.cloud.server_info:
cloud: default
interface: internal
verify: "{{ keystone_service_internaluri_insecure | ternary(false, true) }}"

1
playbooks/listening-port-report.yml
View File

@ -19,6 +19,7 @@
- name: Gather listening ports
command: netstat -ln --inet --program
register: listening_ports
changed_when: false
- name: create report
copy:

25
scripts/gate-check-commit.sh
View File

@ -104,7 +104,7 @@ if which iptables; then
fi
# Bootstrap an AIO
if [[ -z "${SKIP_OSA_BOOTSTRAP_AIO+defined}" ]]; then
if [[ -z "${SKIP_OSA_BOOTSTRAP_AIO+defined}" && "${ACTION}" != "linters" ]]; then
source "${OSA_CLONE_DIR}/scripts/bootstrap-aio.sh"
fi
@ -113,7 +113,7 @@ if [[ "${ACTION}" == "varstest" ]]; then
openstack-ansible test-vars-overrides.yml
popd
elif [[ "${ACTION}" == "linters" ]]; then
pushd "${OSA_CLONE_DIR}/playbooks"
pushd "${OSA_CLONE_DIR}"
# Install linter tools
${PIP_COMMAND} install --isolated ${PIP_OPTS} -r ${OSA_CLONE_DIR}/test-requirements.txt
# Disable Ansible color output
@ -126,16 +126,21 @@ elif [[ "${ACTION}" == "linters" ]]; then
# defining working directories
VENV_BIN_DIR=$(dirname ${PIP_COMMAND})
ROLE_DIR="/etc/ansible/roles/${SCENARIO}"
ANSIBLE_LINT_WARNINGS="-w 204 -w 208 -w 306 -w metadata"
# Due to ansible-lint bug, it can't run from venv without sourcing it
# https://github.com/ansible-community/ansible-lint/issues/1507
source ${VENV_BIN_DIR}/activate
source /usr/local/bin/openstack-ansible.rc
# Check if we have test playbook and running checks
if [[ -f "${ROLE_DIR}/examples/playbook.yml" ]]; then
${VENV_BIN_DIR}/ansible-lint ${ROLE_DIR}/examples/playbook.yml ${ANSIBLE_LINT_WARNINGS}
${VENV_BIN_DIR}/ansible-playbook --syntax-check --list-tasks ${ROLE_DIR}/examples/playbook.yml
if [[ -f "/etc/ansible/roles/${SCENARIO}/examples/playbook.yml" ]]; then
ROLE_DIR="/etc/ansible/roles/${SCENARIO}"
${VENV_BIN_DIR}/ansible-lint ${ROLE_DIR}/examples/playbook.yml -c ${OSA_CLONE_DIR}/.ansible-lint
ansible-playbook --syntax-check --list-tasks ${ROLE_DIR}/examples/playbook.yml
# If we don't have test playbook we assume that we're testing integrated repo
else
${VENV_BIN_DIR}/ansible-lint ${ROLE_DIR} ${ANSIBLE_LINT_WARNINGS}
${VENV_BIN_DIR}/ansible-playbook --syntax-check --list-tasks setup-everything.yml
ROLE_DIR="${OSA_CLONE_DIR}"
${VENV_BIN_DIR}/ansible-lint playbooks/ --exclude /etc/ansible/roles
ansible-playbook --syntax-check --list-tasks playbooks/setup-everything.yml
fi
# Run bashate
@ -154,6 +159,8 @@ elif [[ "${ACTION}" == "linters" ]]; then
--exclude-dir *.egg-info \
--exclude-dir doc \
"${ROLE_DIR}" | xargs -r ${VENV_BIN_DIR}/flake8 --verbose
deactivate
popd
else
pushd "${OSA_CLONE_DIR}/playbooks"

2
test-requirements.txt
View File

@ -11,4 +11,4 @@ virtualenv>=14.0.6 # MIT
# once we stop doing linters check for the integrated repo with
# openstack-ansible-tests/test-ansible-lint.sh
flake8==3.8.3 # MIT
ansible-lint==4.3.5 # MIT
ansible-lint==5.0.10 # MIT

2
tests/roles/bootstrap-host/tasks/prepare_aio_config.yml
View File

@ -121,7 +121,7 @@
- ansible_facts['selinux']['status'] == "enabled"
- name: Get systemd version
command: "rpm -q systemd"
command: "rpm -q systemd" # noqa command-instead-of-module
changed_when: false
register: systemd_version
when: ansible_facts['os_family'] | lower == 'redhat'

4
zuul.d/playbooks/pre-osa-aio.yml
View File

@ -48,4 +48,6 @@
SCENARIO: "{{ scenario }}"
ACTION: "{{ action }}"
INSTALL_METHOD: "{{ install_method }}"
when: action != 'upgrade'
when:
- action != 'upgrade'
- action != 'linters'

2
zuul.d/project-templates.yaml
View File

@ -16,12 +16,10 @@
name: openstack-ansible-deploy-base-jobs
check:
jobs:
- openstack-ansible-linters
- openstack-ansible-varstest-aio
- openstack-tox-docs
gate:
jobs:
- openstack-ansible-linters
- openstack-ansible-varstest-aio
- openstack-tox-docs
periodic:

1
zuul.d/project.yaml
View File

@ -14,6 +14,7 @@
- project:
templates:
- openstack-ansible-linters-jobs
- openstack-ansible-deploy-guide-jobs
- openstack-ansible-deploy-base-jobs
- openstack-ansible-deploy-aio_lxc-jobs