DanK
Moderator
Moderator
  • 2,195 Views

Any ideas for Ansible linting?

If you begin down the road of Infrastructure-As-Code, eventually it is important to incorporate coding best practices into your Infrastructure-As-Code process.  Linting software is great for automating the identify of code that does not comply with team-agreed coding standards - It shortens the feedback loop between developers and "QA". 

Ansible has several best practices- but it is difficult to always keep those in mind when writing a playbook/role - especially when you are learning Ansible.  Do you have any process in place to improve Ansible playbook roles/playbooks?

I began playing with pre-commit (https://pre-commit.com) to manage my git pre-commit hooks - specifically for my ansible playbooks and roles.  I installed ansible-lint ( https://github.com/willthames/ansible-lint ) as a pre-commit plugin to check my ansible playbooks for common errors (Did you use the shell module to run "yum install" - when you should have used the "yum" module)? 

Curious what other tradecraft and tools are being used to help ensure and improve the quality of ansible playbooks and roles.

 

0 Kudos
3 Replies
jlozadad
Mission Specialist
Mission Specialist
  • 2,079 Views

I just use molecule and have rules that role's need to have molecule and either a jenkinsfile/gitlab-ci/travis. That way the checks are done automatically.

DanK
Moderator
Moderator
  • 2,057 Views

Have any example projects (GitHub, etc.)  where you have used this to test roles against RHEL-based systems?

0 Kudos
bonnevil
Starfighter Starfighter
Starfighter
  • 2,010 Views

The Ansible Galaxy talk at AnsibleFest a couple weeks ago indicated that they're moving toward a suggested workflow to use molecule to initialize and test roles and then ansible-galaxy (possibly to be replaced by a tool they're testing called mazer) to deploy the roles to Galaxy.  They're also talking about using the results of ansible-lint runs or other testing as another "quality score" to apply to the roles.

But the general workflow that the Galaxy developers were talking about would be like the one that @jlozadad is talking about: push role to source control, automatic testing with molecule by CI, stage to Galaxy.

Geerlingguy had this blog entry about some of this from his perspective: https://www.jeffgeerling.com/blog/2018/things-i-learned-ansiblefest-austin-2018-contributors-summit.  He says he'll do some posts on molecule soonish. 

Also, here's an older blog entry of his of how he's done role testing with travis and docker: https://www.jeffgeerling.com/blog/2018/how-i-test-ansible-configuration-on-7-different-oses-docker.

0 Kudos
Join the discussion
You must log in to join this conversation.