matchvar
method for AnsibleLintRule
class
#354
Replies: 4 comments
-
ansible-review can do this already (not necessarily the tests you're after but it's capable of it) However, there's no real reason not to add this into ansible-lint other than a lack of time! One other reason to make it part of ansible-lint capable of being used by ansible-review is that otherwise you have to redo all the parsing engine stuff (e.g. https://github.com/willthames/ansible-review/blob/master/lib/ansiblereview/vars.py, which is probably now pretty out of date compared with how the ansible-lint uses the latest ansible parsing routines) We'd need to handle things like |
Beta Was this translation helpful? Give feedback.
-
Thanks for the reply, @willthames. Although I am able to code in Python, I didn't manage to implement I was unaware of ansible-review project, I will take a look at it. Do I get it right that I can run ansible-lint from ansible-review, so this makes only one line of code e. g. in Travis script? |
Beta Was this translation helpful? Give feedback.
-
If this is implemented, consider supporting a comment to ignore linting a particular line, like |
Beta Was this translation helpful? Give feedback.
-
@inponomarev Any progress on this? I'm currently hooking into a Rule that uses a class that transverse vars/defaults/README when it matches Some example rules are role name prefixing of variables, port/number things like your examples above, ensuring they're documented in the README, etc. |
Beta Was this translation helpful? Give feedback.
-
Issue Type
Desired Behaviour
Hello,
I like the idea of easy custom extention of ansible-lint rules.
However I found out that although ansible-lint traverse tasks, it does not traverse variables being set in
vars
sections and vars files.Variable checks are necessary for me to write project-specific checks for configuration errors, e. g. the following:
p(ass(word)?|wd)
variables are vaulted,url$
variables are valid URLs,port$
variables are integers in a given range,Is it hard to add
matchvar
method forAnsibleLintRule
class?Now I am doing this checks myself using
pytest
and traversing yaml files manually. E.g. this is how I look for unvaulted passwords:It would be great to have these checks as part of custom AnsibleLint rule sets.
Besides that, it might open new extention opportunities for ansible-lint itself.
Beta Was this translation helpful? Give feedback.
All reactions