ansible / ansible-lint-action Goto Github PK
View Code? Open in Web Editor NEW❗️Replaced by https://github.com/marketplace/actions/run-ansible-lint
Home Page: https://github.com/marketplace/actions/run-ansible-lint
License: MIT License
❗️Replaced by https://github.com/marketplace/actions/run-ansible-lint
Home Page: https://github.com/marketplace/actions/run-ansible-lint
License: MIT License
Hi,
I have a problem with the ansible-lint action.
When I use it locally in my project:
ansible-lint
everything works correctly. No errors, or issues.
However, when I use it on my GitHub Actions there are errors:
Error: couldn't resolve module/action 'ansible.builtin.aws_s3'. This often indicates a misspelling, missing collection, or incorrect module path.
Error: couldn't resolve module/action 'ansible.builtin.docker_network'. This often indicates a misspelling, missing collection, or incorrect module path.
Error: couldn't resolve module/action 'ansible.builtin.aws_s3'. This often indicates a misspelling, missing collection, or incorrect module path.
Are there missing some modules in ansible-lint-actions
?
I do not use any external modules. All modules are from builtin
.
Please provide an official container image on Docker Hub. This should increase speed in the Github CI and allow people on Gitlab to use it as well.
is it possible to test a playbook with older ansible versions and make sure the playlist is compatible with them or not? for example exit_host
is added to ansible 2.8's meta
module and fails on older ansible versions
Seeing following error since the last 2-3 days. It has been working fine for the past few months. Did something hange?
+ : /github/workspace
+ pushd /github/workspace
+ local opts
++ parse_args '-x skip_ansible_lint'
++ local opts=
++ (( 1 ))
++ case "$1" in
++ echo 'ERROR: Unsupported flag: '\''-x skip_ansible_lint'\'''
ERROR: Unsupported flag: '-x skip_ansible_lint'
My workflow file is follows
name: Ansible Lint # feel free to pick your own name
on:
push:
branches:
- master
paths:
- 'ansible/**'
pull_request:
branches:
- master
paths:
- 'ansible/**'
jobs:
build:
runs-on: ubuntu-18.04
steps:
# Important: This sets up your GITHUB_WORKSPACE environment variable
- uses: actions/checkout@v2
- name: Lint Ansible Playbook
# replace "master" with any valid ref
uses: ansible/ansible-lint-action@vmaster
with:
# [required]
# Paths to ansible files (i.e., playbooks, tasks, handlers etc..)
# or valid Ansible directories according to the Ansible role
# directory structure.
# If you want to lint multiple ansible files, use the following syntax
# targets: |
# playbook_1.yml
# playbook_2.yml
# TO-DO: See if the list can be dynamic ro regexp based
targets: |
ansible/alertmanager.yml
# [optional]
# Arguments to be passed to the ansible-lint
# Options:
# -q quieter, although not silent output
# -p parseable output in the format of pep8
# --parseable-severity parseable output including severity of rule
# -r RULESDIR specify one or more rules directories using one or
# more -r arguments. Any -r flags override the default
# rules in ansiblelint/rules, unless -R is also used.
# -R Use default rules in ansiblelint/rules in addition to
# any extra
# rules directories specified with -r. There is no need
# to specify this if no -r flags are used
# -t TAGS only check rules whose id/tags match these values
# -x SKIP_LIST only check rules whose id/tags do not match these
# values
# --nocolor disable colored output
# --exclude=EXCLUDE_PATHS
# path to directories or files to skip. This option is
# repeatable.
# -c C Specify configuration file to use. Defaults to ".ansible-lint"
# skip_ansible_lint is used right now wherever we have the shell modules. linit complains about the shell
# module use
args: "-x skip_ansible_lint"
As the title suggests, we're running into an issue whereby ansible-lint
is unable to execute because of an import error. I'm unsure if this is an issue in our workflow.yaml
, ansible-lint-action
, or ansible-lint
itself.
We noticed the issue 5 days ago but didn't look into it. Here is the output of the step in our workflow:
Run ansible/ansible-lint-action@master
with:
targets: ansible/playbook.yaml
ansible/participants-setup.yaml
ansible/participants-deploy.yaml
override-deps: ansible==2.9
/usr/bin/docker run --name e5c3525f869eade1344f8bb774ab1a3f111c3_cea4b0 --label 1e5c35 --workdir /github/workspace --rm -e INPUT_TARGETS -e INPUT_OVERRIDE-DEPS -e INPUT_ARGS -e TARGETS -e OVERRIDE -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/gitops-workshop/gitops-workshop":"/github/workspace" 1e5c35:25f869eade1344f8bb774ab1a3f111c3 ""
+ args=("$@")
+ '[' /entrypoint.sh = /entrypoint.sh ']'
+ echo -E '\nRunning Ansible Lint...\n'
\nRunning Ansible Lint...\n
+ ansible::lint ''
+ : 'ansible/playbook.yaml
ansible/participants-setup.yaml
ansible/participants-deploy.yaml
'
+ : /github/workspace
+ pushd /github/workspace
+ override_python_packages
+ [[ -n ansible==2.9 ]]
+ pip install ansible==2.9
/github/workspace /github/workspace
WARNING: The directory '/github/home/.cache/pip' or its parent directory is not owned or is not writable by the current user. The cache has been disabled. Check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
Collecting ansible==2.9
Downloading ansible-2.9.0.tar.gz (14.1 MB)
Requirement already satisfied: jinja2 in /usr/local/lib/python3.8/site-packages (from ansible==2.9) (2.11.2)
Requirement already satisfied: PyYAML in /usr/local/lib/python3.8/site-packages (from ansible==2.9) (5.3.1)
Requirement already satisfied: cryptography in /usr/local/lib/python3.8/site-packages (from ansible==2.9) (3.1.1)
Requirement already satisfied: MarkupSafe>=0.23 in /usr/local/lib/python3.8/site-packages (from jinja2->ansible==2.9) (1.1.1)
Requirement already satisfied: six>=1.4.1 in /usr/local/lib/python3.8/site-packages (from cryptography->ansible==2.9) (1.15.0)
Requirement already satisfied: cffi!=1.11.3,>=1.8 in /usr/local/lib/python3.8/site-packages (from cryptography->ansible==2.9) (1.14.3)
Requirement already satisfied: pycparser in /usr/local/lib/python3.8/site-packages (from cffi!=1.11.3,>=1.8->cryptography->ansible==2.9) (2.20)
Building wheels for collected packages: ansible
Building wheel for ansible (setup.py): started
Building wheel for ansible (setup.py): finished with status 'done'
Created wheel for ansible: filename=ansible-2.9.0-py3-none-any.whl size=16130179 sha256=7ecff50a9b01a2966b8f7add0152a27951566ad9565b0a45f1bd45b3534bd0e8
Stored in directory: /tmp/pip-ephem-wheel-cache-5sfflf9p/wheels/d8/87/fb/65b7fd9034ef5f109d906139de22ea10259f98cbf5c4f73616
Successfully built ansible
Installing collected packages: ansible
Attempting uninstall: ansible
Found existing installation: ansible 2.10.0
Uninstalling ansible-2.10.0:
Successfully uninstalled ansible-2.10.0
Successfully installed ansible-2.9.0
+ pip check
WARNING: The directory '/github/home/.cache/pip' or its parent directory is not owned or is not writable by the current user. The cache has been disabled. Check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
No broken requirements found.
+ echo 'Completed installing override dependencies...'
Completed installing override dependencies...
+ local opts
++ parse_args
++ local opts=
++ (( 0 ))
++ eval set -- ''
+++ set --
++ echo ''
++ return 0
+ opts=
+ shopt -s globstar
+ ansible-lint -v --force-color ansible/playbook.yaml ansible/participants-setup.yaml ansible/participants-deploy.yaml
Traceback (most recent call last):
File "/usr/local/bin/ansible-lint", line 5, in <module>
from ansiblelint.__main__ import main
File "/usr/local/lib/python3.8/site-packages/ansiblelint/__init__.py", line 22, in <module>
from ansiblelint.rules import AnsibleLintRule
File "/usr/local/lib/python3.8/site-packages/ansiblelint/rules/__init__.py", line 12, in <module>
import ansiblelint.utils
File "/usr/local/lib/python3.8/site-packages/ansiblelint/utils.py", line 38, in <module>
from ansible.parsing.mod_args import ModuleArgsParser
File "/usr/local/lib/python3.8/site-packages/ansible/parsing/mod_args.py", line 26, in <module>
from ansible.plugins.loader import module_loader, action_loader
File "/usr/local/lib/python3.8/site-packages/ansible/plugins/loader.py", line 25, in <module>
from ansible.utils.collection_loader import AnsibleCollectionLoader, AnsibleFlatMapLoader, AnsibleCollectionRef
ImportError: cannot import name 'AnsibleCollectionLoader' from 'ansible.utils.collection_loader' (/usr/local/lib/python3.8/site-packages/ansible/utils/collection_loader/__init__.py)
And here is the content of our .github/workflows/ansible-lint.yml
:
name: Ansible Lint
on:
push:
branches: [ master ]
pull_request:
branches: [ master ]
jobs:
build:
runs-on: ubuntu-latest
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- uses: actions/checkout@v2
# Run ansible-lint
- name: ansible-lint
uses: ansible/ansible-lint-action@master
with:
targets: |
ansible/playbook.yaml
ansible/participants-setup.yaml
ansible/participants-deploy.yaml
override-deps: ansible==2.9
args: ""
# args: |
# --exclude=ansible/files
# --exclude=ansible/vars
# --exclude=ansible/templates
# --exclude=ansible/requirements.yaml
When using globing in targets, the linter dosn't work properly.
Exemple workflow:
name: ansible-checks
on: [push]
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v2
- name: Lint .yml Ansible files
uses: ansible/ansible-lint-action@master
if: always()
with:
targets: "ansible/**/*.(yml|yaml)"
override-deps: |
ansible~=2.9.0
ansible-lint~=4.2.0
arg: "-x 204"
Github action logs extract:
[...]
+ ansible-lint -v --force-color 'ansible/**/*.(yml|yaml)'
WARNING: Couldn't open ansible/**/*.(yml|yaml) - No such file or directory
Examining ansible/**/*.(yml|yaml) of type playbook
[...]
When using the same target with ansible-lint CLI directly, it works without trouble.
Also tested with *.{yml,yaml}
, same result.
Lint is failing but not listing any reason why.
Tested with Ansible lint pre-commit hook and it passes. Seems like the container is failing. Saw this issue on multiple repos.
During the Lint Ansible Playbook step of the build it fails with this output.
/usr/bin/docker run --name e87b526347bc7600b44020817b6d7bf28f95d6_7c745d --label e87b52 --workdir /github/workspace --rm -e INPUT_TARGETS -e INPUT_ARGS -e HOME -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/ansible_csv/ansible_csv":"/github/workspace" e87b52:6347bc7600b44020817b6d7bf28f95d6
Allow version lock to specific Ansible Creator Execution Environment
Currently static locked to v0.4.1 (one month ago), while current version is 0.5.0 (days ago):
https://github.com/ansible-community/ansible-lint-action/blob/main/action.yml#L24
https://github.com/ansible/creator-ee/releases
Allowing this to be changed during in the GH workflow file, provides some level of control over the Ansible Core and Ansible Lint versions (as was the case previously, shown below under Legacy heading).
Control over these is required for circumstances where the Ansible Collection/Roles have been written and guarenteed for working with a specific version of Ansible Core and Python, and therefore GH workflow tests should be locked accordingly.
jobs:
jobname:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: ansible-community/ansible-lint-action@c37fb7b4bda2c8cb18f4942716bae9f11b0dc9bc
with:
override-deps: |
ansible==4.8.0
ansible-core==2.11.6
ansible-lint==5.2.1
I've tried various iterations of the below, but all result in the same error ##[warning]Unexpected input(s) 'targets', valid inputs are ['entryPoint', 'args']
:
- name: ansible-lint
uses: ansible/[email protected]
with:
targets: "*.yml" # or "create-aks.yaml"
This appears to be the correct way to reference individual files according to documentation, but I've had a look at several other repos on GitHub who make use of targets
and their builds all appear to fail with the same error.
I have had luck using the following:
- name: ansible-lint
uses: ansible/[email protected]
env:
ACTION_PLAYBOOK_NAME: create-aks.yaml
We use topics to mark what this repository is about and make it better discoverable. In particular, github-action
tag. It used to work like a charm a month ago. Users could click on the specific topic on the repo page and be redirected to the list of all the repos with this topic.
So if you look at https://github.com/topics/github-action now, it only shows 8 repositories with no pagination. Most of those with zero or 1 star, no ranking/sorting.
But if you looked there a few weeks ago, you'd see multiple pages of repos there. They were sorted by the number of stars making it easy to reason about their quality and spread. People could see actions that didn't make it to the Marketplace.
@stoe do you have any idea what's up with GitHub Topics now?
I currently use this with Travis:
language: python
install:
- pip install ansible-lint
- ansible-lint --version
script:
- ansible-lint .
But it seems this action wants a playbook file no matter what. Is there a way to lint a whole folder? In my case, it's a role.
syntax-check couldn't resolve module/action 'community.general.terraform'. This often indicates a misspelling, missing collection, or incorrect module path.
Hello.
Would it be possible to do a proper tagging for this project please?
Maybe good starting point is here: https://github.com/actions/checkout
They are using versions like:
v2
-> v2.0.0
v4
-> v4.1.0
It would be really handy to use something like v4
instead of specifying the exact version only v4.1.0
:
- uses: ansible/ansible-lint-action@v4
Thank you...
Hello there 🙂
I've noticed that ansible-lint is always executed with -vvv
when run with the GH action.
Since verbosity can be controlled by the ansible-lint config file, I'd very much like this to be removed or to have an option to disable verbose output for the action.
Do you think that's possible?
When using the github action without any targets (to auto-detect roles and playbooks), the job aborts with the following error:
+ ansible-lint -v --force-color
Traceback (most recent call last):
File "/usr/local/bin/ansible-lint", line 8, in <module>
sys.exit(main())
File "/usr/local/lib/python3.7/site-packages/ansiblelint/__main__.py", line 153, in main
args = get_playbooks_and_roles(options=options)
File "/usr/local/lib/python3.7/site-packages/ansiblelint/utils.py", line 774, in get_playbooks_and_roles
universal_newlines=True).split()))
File "/usr/local/lib/python3.7/subprocess.py", line 411, in check_output
**kwargs).stdout
File "/usr/local/lib/python3.7/subprocess.py", line 488, in run
with Popen(*popenargs, **kwargs) as process:
File "/usr/local/lib/python3.7/subprocess.py", line 800, in __init__
restore_signals, start_new_session)
File "/usr/local/lib/python3.7/subprocess.py", line 1551, in _execute_child
raise child_exception_type(errno_num, err_msg, err_filename)
FileNotFoundError: [Errno 2] No such file or directory: 'git': 'git'
The related ansible-lint code section is probably https://github.com/ansible/ansible-lint/blob/9b1c30beb517ff33be10119c3b90182b8e56b23a/lib/ansiblelint/utils.py#L770.
I suppose the git
cli needs to be installed as a dependency in the container image.
I tried it with:
name: CI
on: [push, pull_request]
jobs:
validate:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v2
- name: Install dependencies
run: |
sudo apt-get update
sudo apt-get install -y git
- name: Ansible-lint
uses: ansible/ansible-lint-action@master
with:
targets: ""
Hello, after updating I can't get it to work with args
anymore.
Here's what in my current action file:
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: Lint Ansible
uses: ansible/ansible-lint-action@main
with:
args: "-c ./.github/.ansible-lint"
It was working before update (I used to have targets
and override-deps
too).
Here's the error log:
Run ansible/ansible-lint-action@main
with:
args: -c ./.github/.ansible-lint
/usr/bin/docker run --name quayioansiblecreatoreev041_8966ad --label 372a9e --workdir /github/workspace --rm -e INPUT_ARGS -e GITHUB_ACTIONS -e GITHUB_WORKFLOW -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e GITHUB_STEP_SUMMARY -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true --entrypoint "/usr/local/bin/ansible-lint" -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/ansible-role-duossh/ansible-role-duossh":"/github/workspace" quay.io/ansible/creator-ee:v0.4.1 "-vvv" "-c ./.github/.ansible-lint"
WARNING: PATH altered to include /usr/bin
Config file not found '/github/workspace/ ./.github/.ansible-lint'
The config file is in my .github/.ansible-lint
, I don't know why there is a space
after /github/workspace
.
We are currently building an ArchLinux installation with Ansible. In the process, we are using this GitHub action to facilitate collaboration.
We are currently getting an error because we are using an "AUR" module (https://github.com/kewlfft/ansible-aur) for Ansible. How can we add this to the linter in the action?
Error msg: https://github.com/frankenstein91/Arch-Ansible-Install/runs/2428321106#step:4:95
Hi everybody,
while running ansible lint
in a container at GHA I receive error:
+ ansible-lint -v --force-color playbooks/haproxy-api-yc/production/set-config.yml playbooks/haproxy-api-yc/staging/set-config.yml playbooks/haproxy-cdp/set-config.yml playbooks/haproxy-micros/set-config.yml
Traceback (most recent call last):
File "/usr/local/bin/ansible-lint", line 5, in <module>
from ansiblelint.__main__ import main
File "/usr/local/lib/python3.8/site-packages/ansiblelint/__init__.py", line 29, in <module>
import ansiblelint.utils
File "/usr/local/lib/python3.8/site-packages/ansiblelint/utils.py", line 41, in <module>
from ansible.parsing.mod_args import ModuleArgsParser
File "/usr/local/lib/python3.8/site-packages/ansible/parsing/mod_args.py", line 26, in <module>
from ansible.plugins.loader import module_loader, action_loader
File "/usr/local/lib/python3.8/site-packages/ansible/plugins/loader.py", line 26, in <module>
from ansible.utils.collection_loader import AnsibleCollectionLoader, AnsibleFlatMapLoader, AnsibleCollectionRef
ImportError: cannot import name 'AnsibleCollectionLoader' from 'ansible.utils.collection_loader' (/usr/local/lib/python3.8/site-packages/ansible/utils/collection_loader/__init__.py)
Re-runs do not help, the issue appears to be somewhere in docker image.
I am running the linter with this declaration:
- name: run ansible linter
uses: ansible/[email protected]
with:
targets: ${{ github.workspace }}
args: "-x indentation,meta-no-info -r ."
I have tried changing the tag and the targets but nothing seems to work.
Run ansible/ansible-lint-action@master
/usr/bin/docker run --name ea2bfa2ebd86b4ec1bbdc1682b73ab68c_7cafce --label 84217e --workdir /github/workspace --rm -e INPUT_TARGETS -e INPUT_ARGS -e INPUT_OVERRIDE-DEPS -e TARGETS -e OVERRIDE -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/ansible-roles/ansible-roles":"/github/workspace" 84217e:a2bfa2ebd86b4ec1bbdc1682b73ab68c "-x indentation,meta-no-info -r ."
/github/workspace /github/workspace
+ args=("$@")
+ '[' /entrypoint.sh = /entrypoint.sh ']'
+ echo -E '\nRunning Ansible Lint...\n'
\nRunning Ansible Lint...\n
+ ansible::lint '-x indentation,meta-no-info -r .'
+ : ./
+ : /github/workspace
+ pushd /github/workspace
+ override_python_packages
+ [[ -n '' ]]
+ echo 'Completed installing override dependencies...'
Completed installing override dependencies...
+ local opts
++ parse_args -x indentation,meta-no-info -r .
++ local opts=
++ (( 4 ))
++ case "$1" in
++ opts=' -x indentation,meta-no-info'
++ shift 2
++ (( 2 ))
++ case "$1" in
++ opts=' -x indentation,meta-no-info -r .'
++ shift 2
++ (( 0 ))
++ eval set -- ' -x indentation,meta-no-info -r .'
+++ set -- -x indentation,meta-no-info -r .
++ echo '-x indentation,meta-no-info -r .'
++ return 0
+ opts='-x indentation,meta-no-info -r .'
+ shopt -s globstar
+ ansible-lint -v --force-color -x indentation,meta-no-info -r . ./
Traceback (most recent call last):
File "/usr/local/bin/ansible-lint", line 5, in <module>
from ansiblelint.__main__ import main
File "/usr/local/lib/python3.8/site-packages/ansiblelint/__main__.py", line 37, in <module>
from ansiblelint.generate_docs import rules_as_rich, rules_as_rst
File "/usr/local/lib/python3.8/site-packages/ansiblelint/generate_docs.py", line 6, in <module>
from rich.console import render_group
ImportError: cannot import name 'render_group' from 'rich.console' (/usr/local/lib/python3.8/site-packages/rich/console.py)
Any ideas on how to fix this?
Been using this for a while, and now suddenly today getting this error on ansible lint checks during my GitHub action check:
+ ansible-lint -v --force-color '' 'devel/my_yaml_file.yml'
Traceback (most recent call last):
File "/usr/local/bin/ansible-lint", line 8, in <module>
sys.exit(main())
File "/usr/local/lib/python3.8/site-packages/ansiblelint/__main__.py", line 187, in main
matches.extend(runner.run())
File "/usr/local/lib/python3.8/site-packages/ansiblelint/__init__.py", line 263, in run
files.append({'path': ansiblelint.utils.normpath(playbook[0]), 'type': playbook[1]})
File "/usr/local/lib/python3.8/site-packages/ansiblelint/utils.py", line 725, in normpath
return os.path.relpath(str(path))
File "/usr/local/lib/python3.8/posixpath.py", line 453, in relpath
raise ValueError("no path specified")
ValueError: no path specified
One major issue with current action is that if it fails the developer has no idea what he needs to run on his machine in order to reproduce the same error.
We must be sure that the output includes a one liner reproducing command in a visible place, so anyone encountering the issue can do the same locally, helping them to fix the issue, before uploading a new verison of their patch.
There is a lack of releases for this action. I would like to pin the version of the release I'm using of this action within my workflow as to make sure breaking changes within the action do not break my workflow. For instance, action/checkout has versions I can pin to such as v3.0.0.
I am maintaining an operator-sdk project. When running ansible-lint
locally you need to run ansible-galaxy collection install -r requirements.yml
first.
Maybe this is just a documentation issue but I can't see how to do that with this Action.
The result is, missing modules are not resolved when this action is run.
Couldn't parse task at /github/workspace/roles/myrole/tasks/main.yml:2 (couldn't resolve module/action 'operator_sdk.util.k8s_status'. This often indicates a misspelling, missing collection, or incorrect module path.
requirements.yml
---
collections:
- name: community.kubernetes
version: "<1.0.0"
- operator_sdk.util
main.yml
- name: "update resource"
operator_sdk.util.k8s_status:
api_version: "foo"
kind: "bar"
name: "my-foo"
namespace: "foospace"
conditions:
- type: Ready
status: "True"
reason: ReconcileSuccess
lastHeartbeatTime: "{{ ansible_date_time.iso8601 }}"
I have defined the following .ansible-lint
exclude_paths:
- .cache/ # implicit unless exclude_paths is defined in config
- .github/
- templates/
- tests/
However, when the action is executed I get an error for a file that is in the excluded path
+ ansible-lint -v --force-color defaults/main.yml handlers/main.yml meta/main.yml tasks/install_agent_debian.yml tasks/install_agent_rhel.yml tasks/install_agent_tarball.yml tasks/install_bouncers_debian.yml tasks/install_bouncers_rhel.yml tasks/install_bouncers_tarball.yml tasks/main.yml templates/linux_cscli_collections.yml tests/inventory.hcloud.yml tests/test.install.agent.local.yml tests/test.install.both.local.yml tests/test.install.both.yml tests/test.install.bouncers.local.yml vars/main.yml
We were unable to read either as JSON nor YAML, these are the errors we got from each:
JSON: Expecting value: line 1 column 1 (char 0)
Syntax Error while loading YAML.
did not find expected node content
The error appears to be in '/github/workspace/templates/linux_cscli_collections.yml': line 2, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
...
Details can be found in this run
I can't figure out what I am missing here, but I cannot get the linter to see modules from other collections.
.github/workflows/main.yml
name: Ansible Lint # feel free to pick your own name
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Clone Repo
uses: actions/checkout@v2
- name: Install required collections
run: ansible-galaxy collection install -p /usr/share/ansible/collections -f -r collections/requirements.yml
- name: Run ansible-lint
uses: ansible-community/ansible-lint-action@main
with:
path: "playbooks/"
run output
Run ansible-galaxy collection install -p /usr/share/ansible/collections -f -r collections/requirements.yml
ansible-galaxy collection install -p /usr/share/ansible/collections -f -r collections/requirements.yml
shell: /usr/bin/bash -e {0}
Starting galaxy collection install process
Process install dependency map
Starting collection install process
Downloading https://galaxy.ansible.com/download/ansible-posix-1.3.0.tar.gz to /home/runner/.ansible/tmp/ansible-local-1933_dvcsxt6/tmphx8hvx_k/ansible-posix-1.3.0-o[2]ux72p0
Installing 'ansible.posix:1.[3].0' to '/usr/share/ansible/collections/ansible_collections/ansible/posix'
ansible.posix:1.3.0 was installed successfully
Downloading https://galaxy.ansible.com/download/community-general-[4]8.0.tar.gz to /home/runner/.ansible/tmp/ansible-local-1933_dvcsxt6/tmphx8hvx_k/community-general-4.8.0-423behy2
Installing 'community.general:4.8.0' to '/usr/share/ansible/collections/ansible_collections/community/general'
community.general:4.8.0 was installed successfully
2s
Run ansible-community/ansible-lint-action@main
/usr/bin/docker run --name quayioansiblecreatoreev041_1aaab8 --label 084[5]0d --workdir /github/workspace --rm -e INPUT_PATH -e INPUT_ARGS -e GITHUB_ACTIONS -e GITHUB_WORKFLOW -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_RETENTION_DAYS -e GITHUB_RUN_ATTEMPT -e GITHUB_ACTOR -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_REF_NAME -e GITHUB_REF_PROTECTED -e GITHUB_REF_TYPE -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_ACTION_REPOSITORY -e GITHUB_ACTION_REF -e GITHUB_PATH -e GITHUB_ENV -e GITHUB_STEP_SUMMARY -e RUNNER_OS -e RUNNER_ARCH -e RUNNER_NAME -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true --entrypoint "/usr/local/bin/ansible-lint" -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/ansible_challenges/ansible_challenges":"/github/workspace" quay.io/ansible/creator-ee:v0.4.1 "-vvv" "playbooks/"
WARNING: PATH altered to include /usr/bin
DEBUG Logging initialized to level 10
DEBUG Options: Namespace(cache_dir='/github/home/.cache/ansible-compat/21a323', colored=False, config_file=None, configured=True, cwd=PosixPath('/github/workspace'), display_relative_path=True, enable_list=[], exclude_paths=['.cache', '.git', '.hg', '.svn', '.tox'], extra_vars=None, format='rich', kinds=[{'jinja2': '**/*.j2'}, {'jinja2': '**/*.j2.*'}, {'text': '**/templates/**/*.*'}, {'inventory': '**/inventory/**.yml'}, {'requirements': '**/meta/requirements.yml'}, {'galaxy': '**/galaxy.yml'}, {'reno': '**/releasenotes/*/*.{yaml,yml}'}, {'playbook': '**/playbooks/*.{yml,yaml}'}, {'playbook': '**/*playbook*.{yml,yaml}'}, {'role': '**/roles/*/'}, {'tasks': '**/tasks/**/*.{yaml,yml}'}, {'handlers': '**/handlers/*.{yaml,yml}'}, {'vars': '**/{host_vars,group_vars,vars,defaults}/**/*.{yaml,yml}'}, {'meta': '**/meta/main.{yaml,yml}'}, {'yaml': '.config/molecule/config.{yaml,yml}'}, {'requirements': '**/molecule/*/{collections,requirements}.{yaml,yml}'}, {'yaml': '**/molecule/*/{base,molecule}.{yaml,yml}'}, {'requirements': '**/requirements.yml'}, {'playbook': '**/molecule/*/*.{yaml,yml}'}, {'yaml': '**/{.ansible-lint,.yamllint}'}, {'yaml': '**/*.{yaml,yml}'}, {'yaml': '**/.*.{yaml,yml}'}], lintables=['playbooks/'], listrules=False, listtags=False, loop_var_prefix=None, mock_modules=[], mock_roles=[], offline=None, parseable=False, progressive=False, project_dir='.', quiet=0, rules={}, rulesdir=[], rulesdirs=['/usr/local/lib/python3.8/site-packages/ansiblelint/rules'], skip_action_validation=True, skip_list=[], tags=[], use_default_rules=False, var_naming_pattern=None, verbosity=3, version=False, warn_list=['experimental', 'role-name'], write=False)
DEBUG /github/workspace
INFO Set ANSIBLE_LIBRARY=/github/home/.cache/ansible-compat/21a323/modules:/github/home/.ansible/plugins/modules:/usr/share/ansible/plugins/modules
INFO Set ANSIBLE_COLLECTIONS_PATH=/github/home/.cache/ansible-compat/21a323/collections:/github/home/.ansible/collections:/usr/share/ansible/collections
INFO Set ANSIBLE_ROLES_PATH=/github/home/.cache/ansible-compat/21a323/roles:roles:/github/home/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles
DEBUG Loading rules from /usr/local/lib/python3.8/site-packages/ansiblelint/rules
DEBUG Effective yamllint rules used: {'braces': {'level': 'error', 'forbid': False, 'min-spaces-inside': 0, 'max-spaces-inside': 0, 'min-spaces-inside-empty': -1, 'max-spaces-inside-empty': -1}, 'brackets': {'level': 'error', 'forbid': False, 'min-spaces-inside': 0, 'max-spaces-inside': 0, 'min-spaces-inside-empty': -1, 'max-spaces-inside-empty': -1}, 'colons': {'level': 'error', 'max-spaces-before': 0, 'max-spaces-after': 1}, 'commas': {'level': 'error', 'max-spaces-before': 0, 'min-spaces-after': 1, 'max-spaces-after': 1}, 'comments': {'level': 'warning', 'require-starting-space': True, 'ignore-shebangs': True, 'min-spaces-from-content': 1}, 'comments-indentation': False, 'document-end': False, 'document-start': False, 'empty-lines': {'level': 'error', 'max': 2, 'max-start': 0, 'max-end': 0}, 'empty-values': False, 'hyphens': {'level': 'error', 'max-spaces-after': 1}, 'indentation': {'level': 'error', 'spaces': 'consistent', 'indent-sequences': True, 'check-multi-line-strings': False}, 'key-duplicates': {'level': 'error'}, 'key-ordering': False, 'line-length': {'level': 'error', 'max': 1[6]0, 'allow-non-breakable-words': True, 'allow-non-breakable-inline-mappings': False}, 'new-line-at-end-of-file': {'level': 'error'}, 'new-lines': {'level': 'error', 'type': 'unix'}, 'octal-values': False, 'quoted-strings': False, 'trailing-spaces': {'level': 'error'}, 'truthy': {'level': 'warning', 'allowed-values': ['true', 'false'], 'check-keys': True}}
INFO Discovered files to lint using: git ls-files --cached --others --exclude-standard -z
INFO Excluded removed files using: git ls-files --deleted -z
INFO Executing syntax check on playbooks/challenge1.yml (0.[7]
WARNING Listing 1 violation(s) that are fatal
syntax-check: couldn't resolve module/action 'community.general.seport'. This often indicates a misspelling, missing collection, or incorrect module path.
roles/challenge1/tasks/main.yml:35:3 ERROR! couldn't resolve module/action 'community.general.seport'. This often indicates a misspelling, missing collection, or incorrect module path.
The error appears to be in '/github/workspace/roles/challenge1/tasks/main.yml': line 35, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: Allow nginx to listen on tcp port 75[10]
^ here
Error: syntax-check couldn't resolve module/action 'community.general.seport'. This often indicates a misspelling, missing collection, or incorrect module path.
Finished with [1] failure(s), 0 warning(s) on 2 files.
I use this action to lint stand-alone role and respective playbooks. The linting of the playbooks fails, cause it does not find the role. Hence I provide ANSIBLE_ROLES_PATH
which seems not to be considered
jobs:
build:
name: Ansible lint
runs-on: ubuntu-latest
env:
ANSIBLE_ROLES_PATH: ".:.."
steps:
- uses: actions/checkout@v2
- name: Lint Ansible Playbook
uses: ansible/ansible-lint-action@master
with:
targets: "**/*.yml"
override-deps: |
ansible-lint==5.3.1
This still does not work
+ ansible-lint -v --force-color defaults/main.yml handlers/main.yml meta/main.yml playbook.yml tasks/journald.yml tasks/main.yml tasks/tls.yml tasks/vars_debian_rhel.yml tests/logz.io.yml tests/newrelic.com.yml vars/main.yml
INFO Using /github/home/.cache/ansible-lint/70343f/roles/papanito.rsyslog symlink to current repository in order to enable Ansible to find the role using its expected full name.
INFO Added ANSIBLE_ROLES_PATH=.:..:/github/home/.cache/ansible-lint/70343f/roles
INFO Using /github/home/.cache/ansible-lint/70343f/roles/papanito.rsyslog symlink to current repository in order to enable Ansible to find the role using its expected full name.
INFO Added ANSIBLE_ROLES_PATH=.:..:/github/home/.cache/ansible-lint/70343f/roles:/github/home/.cache/ansible-lint/70343f/roles
WARNING Overriding detected file kind 'yaml' with 'playbook' for given positional argument: tests/logz.io.yml
WARNING Overriding detected file kind 'yaml' with 'playbook' for given positional argument: tests/newrelic.com.yml
INFO Executing syntax check on playbook.yml (0.55s)
INFO Executing syntax check on tests/logz.io.yml (0.56s)
INFO Executing syntax check on tests/newrelic.com.yml (0.55s)
WARNING Listing 3 violation(s) that are fatal
internal-error: the role 'ansible-role-rsyslog' was not found in /github/workspace/roles:/github/workspace:/github:/github/home/.cache/ansible-lint/70343f/roles:/github/home/.cache/ansible-lint/70343f/roles:/github/workspace
playbook.yml:14:7 [WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that
the implicit localhost does not match 'all'
ERROR! the role 'ansible-role-rsyslog' was not found in /github/workspace/roles:/github/workspace:/github:/github/home/.cache/ansible-lint/70343f/roles:/github/home/.cache/ansible-lint/70343f/roles:/github/workspace
The error appears to be in '/github/workspace/playbook.yml': line 14, column 7, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
roles:
- ansible-role-rsyslog
^ here
On my local machine - using the same ansible-lint version, I don't have this issue:
ANSIBLE_ROLES_PATH=..:. ansible-lint -v --force-color defaults/main.yml handlers/main.yml meta/main.yml playbook.yml tasks/journald.yml tasks/main.yml tasks/tls.yml tasks/vars_debian_rhel.yml tests/logz.io.yml
INFO Using /home/aedu/.cache/ansible-lint/124697/roles/papanito.rsyslog symlink to current repository in order to enable Ansible to find the role using its expected full name.
INFO Added ANSIBLE_ROLES_PATH=..:.:/home/aedu/.cache/ansible-lint/124697/roles
INFO Using /home/aedu/.cache/ansible-lint/124697/roles/papanito.rsyslog symlink to current repository in order to enable Ansible to find the role using its expected full name.
INFO Added ANSIBLE_ROLES_PATH=..:.:/home/aedu/.cache/ansible-lint/124697/roles:/home/aedu/.cache/ansible-lint/124697/roles
WARNING Overriding detected file kind 'yaml' with 'playbook' for given positional argument: tests/logz.io.yml
INFO Executing syntax check on playbook.yml (2.36s)
INFO Executing syntax check on tests/logz.io.yml (2.41s)
After Updating on the latest version ( at the time of the issue raised ) I am getting some errors
My current action is under https://github.com/stiliajohny/Ansible-Provisioning/blob/master/.github/workflows/ansible-lint.yml
which I am using
- name: Lint Ansible Playbook
uses: ansible/[email protected]
I am getting the following error Raw Log from Action
2021-02-11T19:56:41.3451595Z + ansible-lint -v --force-color -x 204,403,301,305,701,401,303,208,306 ./pull-provisioning-configuration.yml ./pull-provisioning-execution.yml
2021-02-11T19:56:41.5662128Z Traceback (most recent call last):
2021-02-11T19:56:41.5663809Z File "/usr/local/bin/ansible-lint", line 5, in <module>
2021-02-11T19:56:41.5664531Z from ansiblelint.__main__ import _run_cli_entrypoint
2021-02-11T19:56:41.5665475Z File "/usr/local/lib/python3.7/site-packages/ansiblelint/__main__.py", line 34, in <module>
2021-02-11T19:56:41.5666132Z from ansiblelint import cli
2021-02-11T19:56:41.5666962Z File "/usr/local/lib/python3.7/site-packages/ansiblelint/cli.py", line 18, in <module>
2021-02-11T19:56:41.5667692Z from ansiblelint.file_utils import expand_path_vars
2021-02-11T19:56:41.5668626Z File "/usr/local/lib/python3.7/site-packages/ansiblelint/file_utils.py", line 14, in <module>
2021-02-11T19:56:41.5669470Z from ansiblelint.config import options
2021-02-11T19:56:41.5670353Z File "/usr/local/lib/python3.7/site-packages/ansiblelint/config.py", line 103, in <module>
2021-02-11T19:56:41.5671074Z if ansible_collections_path() in os.environ:
2021-02-11T19:56:41.5672197Z File "/usr/local/lib/python3.7/site-packages/ansiblelint/config.py", line 71, in ansible_collections_path
2021-02-11T19:56:41.5673033Z if ansible_version() >= ansible_version("2.10.0.dev0"):
2021-02-11T19:56:41.5673965Z File "/usr/local/lib/python3.7/site-packages/ansiblelint/config.py", line 90, in ansible_version
2021-02-11T19:56:41.5674685Z stderr=subprocess.PIPE,
2021-02-11T19:56:41.5675258Z File "/usr/local/lib/python3.7/subprocess.py", line 488, in run
2021-02-11T19:56:41.5675857Z with Popen(*popenargs, **kwargs) as process:
2021-02-11T19:56:41.5676456Z File "/usr/local/lib/python3.7/subprocess.py", line 800, in __init__
2021-02-11T19:56:41.5677040Z restore_signals, start_new_session)
2021-02-11T19:56:41.5677802Z File "/usr/local/lib/python3.7/subprocess.py", line 1551, in _execute_child
2021-02-11T19:56:41.5678487Z raise child_exception_type(errno_num, err_msg, err_filename)
2021-02-11T19:56:41.5679380Z FileNotFoundError: [Errno 2] No such file or directory: 'ansible': 'ansible'
Any help would be appreciated
release 6 is is breaking override-deps
despite the fact of mentioning the feature in the release notes:
Adding functionality to pin ansible-lint versions through input variable (#17) @xunholy
If the syntax has changed, this is not reflected in the README.
Example actions:
OK: https://github.com/Rosa-Luxemburgstiftung-Berlin/ansible-role-unbound/runs/5623708515?check_suite_focus=true
ERR: https://github.com/Rosa-Luxemburgstiftung-Berlin/ansible-role-unbound/runs/5655073119?check_suite_focus=true
During the last days, the changes here gave me some headache:
override-deps
... (I would appreciate a proper tagging using the major ansible-lint-version) (#23)override-deps
is broken ...bisect result:
f92921ffd076d017d88ad248626a6d3bf0aa1dbb is the first bad commit
commit f92921ffd076d017d88ad248626a6d3bf0aa1dbb
Author: Sorin Sbarnea <[email protected]>
Date: Mon Mar 21 12:28:02 2022 +0000
Stop building the container (#74)
Dockerfile | 15 ---------------
README.md | 44 ++++----------------------------------------
action.yml | 47 +++++++++--------------------------------------
3 files changed, 13 insertions(+), 93 deletions(-)
delete mode 100644 Dockerfile
My workflow:
name: Ansible Lint
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Lint Ansible Playbook
uses: ansible/ansible-lint-action@master
with:
targets: tasks/main.yml
override-deps: |
ansible==2.10.0
ansible-lint==4.2.0
args: ""
Running locally:
# ansible-lint -v --force-color tasks/main.yml
Failed to guess project directory using git: fatal: Not a git repository (or any of the parent directories): .git
WARNING Listing 4 violation(s) that are fatal
risky-file-permissions: File permissions unset or incorrect
tasks/main.yml:27 Task/Handler: Ensure SSL certificate
risky-file-permissions: File permissions unset or incorrect
tasks/main.yml:36 Task/Handler: Ensure SSL key
yaml: truthy value should be one of [false, true] (truthy)
tasks/main.yml:68
yaml: truthy value should be one of [false, true] (truthy)
tasks/main.yml:82
You can skip specific rules or tags by adding them to your configuration file:
# .ansible-lint
warn_list: # or 'skip_list' to silence them completely
- experimental # all rules tagged as experimental
- yaml # Violations reported by yamllint
Finished with 2 failure(s), 2 warning(s) on 1 files.
#
As you can see, warnings are shown (as expected).
But when linting is being run via Github Actions I am not getting these warnings and the checks are succesfull while I expect the same warnings. See (URL):
+ shopt -s globstar
+ ansible-lint -v --force-color tasks/main.yml
Examining tasks/main.yml of type playbook
+ shopt -u globstar
- name: Lint Ansible Playbook "ansible-role-pgcenter". Commit ${{ github.sha }}
uses: ansible/ansible-lint-action@master
with:
targets: "tasks/main.yml"
override-deps: |
ansible==2.9
ansible-lint==4.2.0
args: ""
ERROR: Invalid requirement: 'ansible==2.9\nansible-lint==4.2.0'
Run ansible/ansible-lint-action@master
with:
targets: tasks/main.yml
override-deps: ansible==2.9
ansible-lint==4.2.0
/usr/bin/docker run --name d00b330f87c91b840c44b5820966fbd82f6910_ea039c --label d00b33 --workdir /github/workspace --rm -e INPUT_TARGETS -e INPUT_OVERRIDE-DEPS -e INPUT_ARGS -e TARGETS -e OVERRIDE -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/ansible-role-pgcenter/ansible-role-pgcenter":"/github/workspace" d00b33:0f87c91b840c44b5820966fbd82f6910 ""
/github/workspace /github/workspace
+ args=("$@")
+ '[' /entrypoint.sh = /entrypoint.sh ']'
+ echo -E '\nRunning Ansible Lint...\n'
\nRunning Ansible Lint...\n
+ ansible::lint ''
+ : tasks/main.yml
+ : /github/workspace
+ pushd /github/workspace
+ override_python_packages
+ [[ -n ansible==2.9
ansible-lint==4.2.0
]]
+ pip install 'ansible==2.9
ansible-lint==4.2.0
'
WARNING: The directory '/github/home/.cache/pip' or its parent directory is not owned or is not writable by the current user. The cache has been disabled. Check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
ERROR: Invalid requirement: 'ansible==2.9\nansible-lint==4.2.0'
+ echo 'Completed installing override dependencies...'
Completed installing override dependencies...
+ local opts
++ parse_args
++ local opts=
++ (( 0 ))
++ eval set -- ''
+++ set --
++ echo ''
++ return 0
+ opts=
+ ansible-lint -v --force-color tasks/main.yml
Examining tasks/main.yml of type playbook
Examining tasks/pgcenter.yml of type playbook
Examining tasks/bash_alias.yml of type playbook
Hi there!
I've opened up the discussion in ansible-lint
to have an official Docker image:
However, in the meantime, it looks like the following image is quite maintained and using dependabot
to keep the latest version of the image.
https://github.com/haxorof/docker-ansible-lint
Could we perhaps look into swapping the image to this one? If that's okay, I could make that PR.
Heya,
Currently I have an issue with my ansible-lint action where both pip and ansible galaxy expect the /requirements.yml file to be their requirements file. Is there any documentation for the docker upstream images used to set up python, so I can find a way for both of these requirements files to coexist?
Thanks
My ansible lint file:
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
# Important: This sets up your GITHUB_WORKSPACE environment variable
- uses: actions/checkout@v2
- name: Lint Ansible Playbook
uses: ansible-community/ansible-lint-action@main
with:
path: "playbooks/"
Everything we run through the latest pip release passes? should it be so?
I'm making use of ansible-modules-hashivault
which is installed via pip
, which throws the following error when linting:
2019-10-15T16:13:43.7255270Z ==> Linting /github/workspace/playbook.yml…
2019-10-15T16:13:47.4261052Z Couldn't parse task at /github/workspace/roles/vault-server/tasks/vault-configure-pki-intermediate.yml:2 (no action detected in task. This often indicates a misspelled module name, or incorrect module path.
2019-10-15T16:13:47.4261901Z
2019-10-15T16:13:47.4262646Z The error appears to be in '<unicode string>': line 2, column 3, but may
2019-10-15T16:13:47.4263098Z be elsewhere in the file depending on the exact syntax problem.
2019-10-15T16:13:47.4263369Z
2019-10-15T16:13:47.4263709Z (could not open file to display line))
2019-10-15T16:13:47.4264581Z { 'hashivault_secret_engine': { '__file__': '/github/workspace/roles/vault-server/tasks/vault-configure-pki-intermediate.yml',
2019-10-15T16:13:47.4265398Z '__line__': 3,
2019-10-15T16:13:47.4266015Z 'backend': 'pki',
2019-10-15T16:13:47.4268002Z 'config': { '__file__': '/github/workspace/roles/vault-server/tasks/vault-configure-pki-intermediate.yml',
2019-10-15T16:13:47.4269577Z '__line__': 6,
2019-10-15T16:13:47.4271019Z 'max_lease_ttl': '8760h'},
2019-10-15T16:13:47.4271820Z 'name': 'server-ca',
2019-10-15T16:13:47.4272501Z 'state': 'present'},
2019-10-15T16:13:47.4273173Z 'name': "Configure 'pki' backend for cluster"}
2019-10-15T16:13:47.6796486Z ##[error]Docker run failed with exit code 1
I saw a similar error when first developing with the cluster, since the module wasn't appearing on my Ansible modules path.
I should point out that running ansible-lint
locally on my command line works just fine.
Hi,
how can we use additional modules with this action? For example the community modules.
Currently I get the following error due to missing modules in the docker image:
Error: syntax-check couldn't resolve module/action 'community.general.locale_gen'. This often indicates a misspelling, missing collection, or incorrect module path.
as of ansible/ansible-lint#1316 (merged yesterday?) version https://github.com/ansible-community/ansible-lint/releases/tag/v5.0.0 ( released 3 hours ago) it seems that ansible-lint
now requires ansible to be installed ( see release notes under the v5.0.0 tag)
This completely breaks ansible-lint-action.
Traceback (most recent call last):
31
File "/usr/local/bin/ansible-lint", line 5, in <module>
32
from ansiblelint.__main__ import _run_cli_entrypoint
33
File "/usr/local/lib/python3.8/site-packages/ansiblelint/__main__.py", line 34, in <module>
34
from ansiblelint import cli
35
File "/usr/local/lib/python3.8/site-packages/ansiblelint/cli.py", line 18, in <module>
36
from ansiblelint.file_utils import expand_path_vars
37
File "/usr/local/lib/python3.8/site-packages/ansiblelint/file_utils.py", line 14, in <module>
38
from ansiblelint.config import options
39
File "/usr/local/lib/python3.8/site-packages/ansiblelint/config.py", line 103, in <module>
40
if ansible_collections_path() in os.environ:
41
File "/usr/local/lib/python3.8/site-packages/ansiblelint/config.py", line 71, in ansible_collections_path
42
if ansible_version() >= ansible_version("2.10.0.dev0"):
43
File "/usr/local/lib/python3.8/site-packages/ansiblelint/config.py", line 85, in ansible_version
44
proc = subprocess.run(
45
File "/usr/local/lib/python3.8/subprocess.py", line 489, in run
46
with Popen(*popenargs, **kwargs) as process:
47
File "/usr/local/lib/python3.8/subprocess.py", line 854, in __init__
48
self._execute_child(args, executable, preexec_fn, close_fds,
49
File "/usr/local/lib/python3.8/subprocess.py", line 1702, in _execute_child
50
raise child_exception_type(errno_num, err_msg, err_filename)
51
FileNotFoundError: [Errno 2] No such file or directory: 'ansible'
Lint Markdown
0s
Lint GitHub Actions
Might be good enough to somehow change the Dockerfile to pip install
a pre-5.0 version of ansible-lint
for now… Or just add ansible
to the Dockerfile.
However, in general, it seems like it's not a good idea to just include the 'latest' ansible-lint without any restriction, because breakage like this will happen. We saw build failures from 3 hours ago when 5.0 of ansible-lint dropped.
When running the action from @main branch the action fails with the following error:
Download action repository 'ansible/ansible-lint-action@main' (SHA:78b653f36ce0fb6867286f143fd8fbafb300f3f0) Error: 'quay.io/ansible/creator-ee:v0.3.1' should be either '[path]/Dockerfile' or 'docker://image[:tag]'.
It works fine locally, but FQCN seems to error in this actions.
2022-03-31T15:17:15.5495506Z INFO Discovered files to lint using: git ls-files --cached --others --exclude-standard -z
2022-03-31T15:17:15.5534284Z INFO Excluded removed files using: git ls-files --deleted -z
2022-03-31T15:17:16.4163926Z INFO Executing syntax check on ansible/playbooks_module_examples/timezone.yml (0.82s)
2022-03-31T15:17:16.4531798Z INFO Executing syntax check on ansible/playbooks/test.yml (0.86s)
2022-03-31T15:17:16.4554344Z WARNING Listing 1 violation(s) that are fatal
2022-03-31T15:17:16.4585041Z syntax-check: couldn't resolve module/action 'community.general.timezone'. This often indicates a misspelling, missing collection, or incorrect module path.
2022-03-31T15:17:16.4585757Z ansible/playbooks_module_examples/timezone.yml:9:7 [WARNING]: No inventory was parsed, only implicit localhost is available
2022-03-31T15:17:16.4586146Z [WARNING]: provided hosts list is empty, only localhost is available. Note that
2022-03-31T15:17:16.4586967Z the implicit localhost does not match 'all'
2022-03-31T15:17:16.4587650Z ERROR! couldn't resolve module/action 'community.general.timezone'. This often indicates a misspelling, missing collection, or incorrect module path.
2022-03-31T15:17:16.4587997Z
2022-03-31T15:17:16.4588407Z The error appears to be in '/github/workspace/ansible/playbooks_module_examples/timezone.yml': line 9, column 7, but may
2022-03-31T15:17:16.4588856Z be elsewhere in the file depending on the exact syntax problem.
2022-03-31T15:17:16.4589072Z
2022-03-31T15:17:16.4589197Z The offending line appears to be:
2022-03-31T15:17:16.4589371Z
2022-03-31T15:17:16.4589459Z tasks:
2022-03-31T15:17:16.4590041Z - name: set timezone {{ tz }}
2022-03-31T15:17:16.4590491Z ^ here
2022-03-31T15:17:16.4590763Z We could be wrong, but this one looks like it might be an issue with
2022-03-31T15:17:16.4591088Z missing quotes. Always quote template expression brackets when they
2022-03-31T15:17:16.4591343Z start a value. For instance:
2022-03-31T15:17:16.4591481Z
2022-03-31T15:17:16.4591556Z with_items:
2022-03-31T15:17:16.4591799Z - {{ foo }}
2022-03-31T15:17:16.4591899Z
2022-03-31T15:17:16.4591985Z Should be written as:
2022-03-31T15:17:16.4592111Z
2022-03-31T15:17:16.4592187Z with_items:
2022-03-31T15:17:16.4592415Z - "{{ foo }}"
2022-03-31T15:17:16.4592530Z
2022-03-31T15:17:16.4592535Z
2022-03-31T15:17:16.4632826Z ##[error]syntax-check couldn't resolve module/action 'community.general.timezone'. This often indicates a misspelling, missing collection, or incorrect module path.
2022-03-31T15:17:16.4652505Z
2022-03-31T15:17:16.4682597Z Finished with 1 failure(s), 0 warning(s) on 11 files.
playbooks
$ cat ansible/playbooks_module_examples/timezone.yml
---
- name: timezone
hosts: all
gather_facts: true
vars:
tz: Asia/Tokyo
tasks:
- name: set timezone {{ tz }}
community.general.timezone:
name: "{{ tz }}"
failed_when: false
local run(it's ok)
my-examples-ansible $ ansible-lint -vvv ansible
<ommit>
INFO Discovered files to lint using: git ls-files --cached --others --exclude-standard -z
INFO Excluded removed files using: git ls-files --deleted -z
INFO Executing syntax check on ansible/playbooks/test.yml (4.96s)
INFO Executing syntax check on ansible/playbooks_module_examples/timezone.yml (5.14s)
DEBUG Examining ansible/playbooks_module_examples/timezone.yml of type playbook
DEBUG Examining ansible/playbooks/test.yml of type playbook
DEBUG Examining ansible of type role
DEBUG Examining ansible/.ansible-lint of type yaml
DEBUG Examining ansible/inventories/docker.yml of type yaml
Could you please tell me how to do this? 🙇
I've a repo with ansible-lint action that requires ansible 2.9, using @master breaks the builds to the point that I'm seriously considering removing it.
Using one of the tagged releases ends up in tags being so old that parameters like targets:
are not valid.
0thly, Thanks for this action! 👍
1st, the override-deps from the README don't work anymore.
override-deps: |
ansible==2.9
ansible-lint==4.2.0
produces an error. the workaround is to remove those deps.
failure:
/usr/bin/docker run --name e334689e305fd76304acfbf8761dad0103c5a_ee12aa --label 9e3346 --workdir /github/workspace --rm -e INPUT_TARGETS -e INPUT_OVERRIDE-DEPS -e INPUT_ARGS -e TARGETS -e OVERRIDE -e HOME -e GITHUB_JOB -e GITHUB_REF -e GITHUB_SHA -e GITHUB_REPOSITORY -e GITHUB_REPOSITORY_OWNER -e GITHUB_RUN_ID -e GITHUB_RUN_NUMBER -e GITHUB_ACTOR -e GITHUB_WORKFLOW -e GITHUB_HEAD_REF -e GITHUB_BASE_REF -e GITHUB_EVENT_NAME -e GITHUB_SERVER_URL -e GITHUB_API_URL -e GITHUB_GRAPHQL_URL -e GITHUB_WORKSPACE -e GITHUB_ACTION -e GITHUB_EVENT_PATH -e GITHUB_PATH -e GITHUB_ENV -e RUNNER_OS -e RUNNER_TOOL_CACHE -e RUNNER_TEMP -e RUNNER_WORKSPACE -e ACTIONS_RUNTIME_URL -e ACTIONS_RUNTIME_TOKEN -e ACTIONS_CACHE_URL -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/cldr/cldr":"/github/workspace" 9e3346:89e305fd76304acfbf8761dad0103c5a ""
+ args=("$@")
+ '[' /entrypoint.sh = /entrypoint.sh ']'
+ echo -E '\nRunning Ansible Lint...\n'
\nRunning Ansible Lint...\n
+ ansible::lint ''
+ : 'tools/scripts/ansible/setup-playbook.yml
'
+ : /github/workspace
+ pushd /github/workspace
+ override_python_packages
+ [[ -n ansible==2.9
ansible-lint==4.2.0
]]
+ pip install ansible==2.9 ansible-lint==4.2.0
/github/workspace /github/workspace
WARNING: The directory '/github/home/.cache/pip' or its parent directory is not owned or is not writable by the current user. The cache has been disabled. Check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
Collecting ansible==2.9
Downloading ansible-2.9.0.tar.gz (14.1 MB)
Collecting ansible-lint==4.2.0
Downloading ansible_lint-4.2.0-py2.py3-none-any.whl (57 kB)
…
2020-09-23T00:05:23.1094326Z Successfully built ansible
2020-09-23T00:05:23.2282784Z Installing collected packages: ansible, ansible-lint
2020-09-23T00:05:23.2283751Z Attempting uninstall: ansible
2020-09-23T00:05:23.2285484Z Found existing installation: ansible 2.10.0
2020-09-23T00:05:28.3595731Z Uninstalling ansible-2.10.0:
2020-09-23T00:05:28.9364025Z Successfully uninstalled ansible-2.10.0
2020-09-23T00:05:39.8302418Z Attempting uninstall: ansible-lint
2020-09-23T00:05:39.8303276Z Found existing installation: ansible-lint 4.3.5
2020-09-23T00:05:39.8469732Z Uninstalling ansible-lint-4.3.5:
2020-09-23T00:05:39.8608436Z Successfully uninstalled ansible-lint-4.3.5
2020-09-23T00:05:39.9195639Z Successfully installed ansible-2.9.0 ansible-lint-4.2.0
2020-09-23T00:05:40.7911654Z + pip check
2020-09-23T00:05:40.9423622Z WARNING: The directory '/github/home/.cache/pip' or its parent directory is not owned or is not writable by the current user. The cache has been disabled. Check the permissions and owner of that directory. If executing pip with sudo, you may want sudo's -H flag.
2020-09-23T00:05:41.0484520Z No broken requirements found.
2020-09-23T00:05:41.0695722Z + echo 'Completed installing override dependencies...'
2020-09-23T00:05:41.0699570Z Completed installing override dependencies...
2020-09-23T00:05:41.0700255Z + local opts
2020-09-23T00:05:41.0703959Z ++ parse_args
2020-09-23T00:05:41.0704161Z ++ local opts=
2020-09-23T00:05:41.0704333Z ++ (( 0 ))
2020-09-23T00:05:41.0714682Z ++ eval set -- ''
2020-09-23T00:05:41.0714981Z +++ set --
2020-09-23T00:05:41.0715237Z ++ echo ''
2020-09-23T00:05:41.0715421Z ++ return 0
2020-09-23T00:05:41.0715603Z + opts=
2020-09-23T00:05:41.0715895Z + shopt -s globstar
2020-09-23T00:05:41.0716425Z + ansible-lint -v --force-color tools/scripts/ansible/setup-playbook.yml
2020-09-23T00:05:41.6188952Z Traceback (most recent call last):
2020-09-23T00:05:41.6190281Z File "/usr/local/bin/ansible-lint", line 5, in <module>
2020-09-23T00:05:41.6190877Z from ansiblelint.__main__ import main
2020-09-23T00:05:41.6191696Z File "/usr/local/lib/python3.8/site-packages/ansiblelint/__init__.py", line 29, in <module>
2020-09-23T00:05:41.6192330Z import ansiblelint.utils
2020-09-23T00:05:41.6193105Z File "/usr/local/lib/python3.8/site-packages/ansiblelint/utils.py", line 41, in <module>
2020-09-23T00:05:41.6193842Z from ansible.parsing.mod_args import ModuleArgsParser
2020-09-23T00:05:41.6194719Z File "/usr/local/lib/python3.8/site-packages/ansible/parsing/mod_args.py", line 26, in <module>
2020-09-23T00:05:41.6195465Z from ansible.plugins.loader import module_loader, action_loader
2020-09-23T00:05:41.6196571Z File "/usr/local/lib/python3.8/site-packages/ansible/plugins/loader.py", line 25, in <module>
2020-09-23T00:05:41.6198088Z from ansible.utils.collection_loader import AnsibleCollectionLoader, AnsibleFlatMapLoader, AnsibleCollectionRef
2020-09-23T00:05:41.6201271Z ImportError: cannot import name 'AnsibleCollectionLoader' from 'ansible.utils.collection_loader' (/usr/local/lib/python3.8/site-packages/ansible/utils/collection_loader/__init__.py)
In older versions, this was handled by the 'targets' argument. As of v6, there is no way to provide the 'lintables' positional argument in the workflow (for example, a list of playbooks changed by a PR).
We have several playbooks that rely on external roles, which obviously do not live in the same repository as the repo we are linting using github actions. I do not see any way to ignore the role, instead receive 'internal-error: the role 'xxx' was not found'. There is no intent to make these roles available to the github action in the repository.
It does seem there is any way to indicate to the linter the roles will be present at run time and to ignore the static check.
Sample Playbook:
Hi, thank you for 6.0.1, it addressed all the issues I've hit in the past, great job!
I believe there might be a small issue when parsing the arguments. I was trying to either just warn or skip unpredictability
rules, however -w unpredictability
wouldn't work.
unpredictability: # Warn about code that might not work in a predictable way
- ignore-errors
- partial-become
- risky-file-permissions
I added security
in case you needed a list.
- name: Lint Ansible Playbook
uses: ansible/[email protected]
with:
args: "-w unpredictability,security"
Which in the logs translates to warn_list=[' unpredictability,security']
. That leading space was not letting ansible-lint ignore these rules:
Warning: ignore-errors Use failed_when and specify error conditions instead of using ignore_errors.
Error: risky-file-permissions File permissions unset or incorrect.
I inverted the order, and problem solved.
- name: Lint Ansible Playbook
uses: ansible/[email protected]
with:
args: "-w security,unpredictability"
Logs show warn_list=[' security,unpredictability']
and no more errors. This is the commit: nleiva/ansible-web-server@7428cb0
Hello there !
When using a rule number exclusion as an argument with this action, it looks like it's not applied.
here is my configuration:
name: ansible-checks
on: [push]
jobs:
lint:
runs-on: ubuntu-latest
steps:
- name: checkout
uses: actions/checkout@v2
- name: Lint .yml Ansible files
uses: ansible/ansible-lint-action@master
if: always()
with:
targets: "ansible/**/*.yml"
override-deps: |
ansible~=2.9.0
ansible-lint~=4.2.0
arg: "-x 204"
Here is redacted sample of the output log:
# many similar lines
[204] Lines should be no longer than 160 chars
ansible/redacted/path/file:XX
[redacted key: value]"
As we can see from the logs, rule 204 is still applied even if it is in the skip list.
Maybe related to #20 ?
Hello,
The doc misses an example with multiple playbook linting;
Right now I've tried:
name: CI # feel free to pick your own name
on: pull_request
jobs:
build:
runs-on: ubuntu-latest
steps:
# Important: This sets up your GITHUB_WORKSPACE environment variable
- uses: actions/checkout@v2
- name: Install dependencies
run: ansible-galaxy install -r roles/requirements.yml --force
- name: Lint Ansible Playbook
# replace "master" with any valid ref
uses: ansible/ansible-lint-action@master
with:
# [required]
# Paths to ansible files (i.e., playbooks, tasks, handlers etc..)
# or valid Ansible directories according to the Ansible role
# directory structure.
targets:
- "playbook-example.yml"
- "playbook-provisionning.yml"
But Github says that
### ERRORED 13:29:06Z
- Your workflow file was invalid: The pipeline is not valid. .github/workflows/ci.yml (Line: 26, Col: 11): A sequence was not expected
Ran into this: ansible/ansible-lint#1795
Error in "Lint Ansible Playbook": "ImportError: cannot import name 'render_group' from 'rich.console' (/usr/local/lib/python3.8/site-packages/rich/console.py)"
Trying to workaround with this: unicode-org/cldr#1683
*update Success. I was able to workaround with:
override-deps: |
rich>=9.5.1,<11.0.0
I'm running locally version v4.2.0 however my CI is only running version 4.1.0 - documentation says I can specify tags, and versions, is that from this repository or the upstream ansible-lint repo?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.