Check blocks recursively for loops

Also updates tests for the custom ansible-lint rules.

Adds a simple testsuite so test roles and playbooks that are known to be
faulty or valid can be put in a directory structure like:

<rule id>/valid/playbooks/valid_playbook.yaml
<rule id>/valid/roles/valid_role/tasks/main.yaml
<rule id>/valid/roles/valid_role/handlers/main.yaml

<rule id>/faulty/playbooks/faulty_playbook.yaml
<rule id>/faulty/roles/faulty_role/tasks/main.yaml
<rule id>/faulty/roles/faulty_role/handlers/main.yaml

So they will verify that the rules work as expected.

Change-Id: I29d0766c67e690e35490586f6befb95e4cd31b98

.rules/ZuulJobsNamespaceLoopVar.py

@@ -20,6 +20,25 @@ https://zuul-ci.org/docs/zuul-jobs/policy.html\
         if file.get('type') not in ('tasks', 'handlers'):
             return results
 
+        results.extend(self.handle_play(task))
+        return results
+
+    def handle_play(self, task):
+        results = []
+        if 'block' in task:
+            results.extend(self.handle_playlist(task['block']))
+        else:
+            results.extend(self.handle_task(task))
+        return results
+
+    def handle_playlist(self, playlist):
+        results = []
+        for play in playlist:
+            results.extend(self.handle_play(play))
+        return results
+
+    def handle_task(self, task):
+        results = []
         has_loop = 'loop' in task
         for key in task.keys():
             if key.startswith('with_'):

test-playbooks/ansible-lint-rules/ZUULJOBS0001/faulty/roles/task-block-missing-loopvar-loop/tasks/main.yaml

@@ -0,0 +1,6 @@
+- block:
+    - debug:
+        var: item
+      loop:
+        - 1
+        - 2

test-playbooks/ansible-lint-rules/ZUULJOBS0001/faulty/roles/task-block-missing-loopvar-with/tasks/main.yaml

@@ -0,0 +1,6 @@
+- block:
+    - debug:
+        var: item
+      with_items:
+        - 1
+        - 2

test-playbooks/ansible-lint-rules/ZUULJOBS0001/faulty/roles/task-nested-block-missing-loopvar/tasks/main.yaml

@@ -0,0 +1,7 @@
+- block:
+    - block:
+        - debug:
+            var: item
+          loop:
+            - 1
+            - 2

test-playbooks/ansible-lint-rules/ZUULJOBS0001/valid/roles/task-block-loopvar-loop/tasks/main.yaml

@@ -0,0 +1,8 @@
+- block:
+    - debug:
+        msg: zj_item
+      loop:
+        - 1
+        - 2
+      loop_control:
+        loop_var: zj_item

test-playbooks/ansible-lint-rules/ZUULJOBS0001/valid/roles/task-block-loopvar-with/tasks/main.yaml

@@ -0,0 +1,8 @@
+- block:
+    - debug:
+        msg: zj_item
+      with_items:
+        - 1
+        - 2
+      loop_control:
+        loop_var: zj_item

test-playbooks/ansible-lint-rules/ZUULJOBS0001/valid/roles/task-missing-loopvar-loop-skip/tasks/main.yaml

@@ -0,0 +1,5 @@
+- debug:  # noqa ZUULJOBS0001
+    var: item
+  loop:
+    - 1
+    - 2

test-playbooks/ansible-lint-rules/run.yaml

@@ -15,28 +15,44 @@
     - name: Make sure ansible-lint is installed
       command: "{{ ansible_lint_tempdir.path }}/bin/ansible-lint --version"
 
-    - name: Make sure missing loopvars fail linting
-      command: "{{ ansible_lint_tempdir.path }}/bin/ansible-lint test-playbooks/ansible-lint-rules/roles/{{ item }}"
+    - name: Get faulty playbooks and roles
+      command: >-
+        find test-playbooks/ansible-lint-rules/
+        -mindepth 4
+        -maxdepth 4
+        -wholename '*ZUULJOBS*/faulty/*/*'
+      args:
+        chdir: "{{ ansible_user_dir}}/{{ zuul.project.src_dir }}"
+      register: faulty_ansible_items
+
+    - name: Get valid playbooks and roles
+      command: >-
+        find test-playbooks/ansible-lint-rules/
+        -mindepth 4
+        -maxdepth 4
+        -wholename '*ZUULJOBS*/valid/roles/*'
+      args:
+        chdir: "{{ ansible_user_dir}}/{{ zuul.project.src_dir }}"
+      register: valid_ansible_items
+
+    - name: Make sure faulty roles fail linting
+      command: >-
+        {{ ansible_lint_tempdir.path }}/bin/ansible-lint
+        -t {{ item | regex_replace('.*/(ZUULJOBS.*?)/.*', '\1') }}
+        {{ item }}
+      args:
+        chdir: "{{ ansible_user_dir }}/{{ zuul.project.src_dir }}"
+      register: ansible_lint
+      failed_when: ansible_lint.rc == 0
+      loop: "{{ faulty_ansible_items.stdout_lines }}"
+
+    - name: Make sure valid roles pass linting
+      command: >-
+        {{ ansible_lint_tempdir.path }}/bin/ansible-lint
+        -t {{ item | regex_replace('.*/(ZUULJOBS.*?)/.*', '\1') }}
+        {{ item }}
       args:
         chdir: "{{ansible_user_dir}}/{{ zuul.project.src_dir }}"
       register: ansible_lint
-      failed_when: ansible_lint.rc == 0
-      loop:
-        - tasks-missing-loopvar-with
-        - tasks-missing-loopvar-loop
-        - tasks-include-missing-loopvar-with
-        - tasks-include-missing-loopvar-loop
-        - handlers-missing-loopvar-with
-        - handlers-missing-loopvar-loop
-
-    - name: Make sure valid configuration passes linting
-      command: "{{ ansible_lint_tempdir.path }}/bin/ansible-lint test-playbooks/ansible-lint-rules/roles/{{ item }}"
-      args:
-        chdir: "{{ansible_user_dir}}/{{ zuul.project.src_dir }}"
-      loop:
-        - tasks-loopvar-with
-        - tasks-loopvar-loop
-        - tasks-include-loopvar-with
-        - tasks-include-loopvar-loop
-        - handlers-loopvar-with
-        - handlers-loopvar-loop
+      failed_when: ansible_lint.rc != 0
+      loop: "{{ valid_ansible_items.stdout_lines }}"