From d8f31e0a5ef28dcc2325fd5951657e211c39a465 Mon Sep 17 00:00:00 2001
From: Michal Nasiadka <mnasiadka@gmail.com>
Date: Mon, 18 Nov 2019 14:04:40 +0000
Subject: [PATCH] CI: Add ansible-lint to tox
* Reworked tox pep8 into linters job, that runs:
- pep8
- bandit
- bashate
- doc8
- yamllint
- ansible-lint (validate-all-files.py + ansible-lint)
* Skip E701 - missing galaxy_info in meta and E602 see [1].
* Skip E301 and E503 - followup later in a separate change
* Added ansible-role-jobs to zuul.d/project.yaml which will run
openstack-tox-linters job in check queue
* Fixed remaining style issue
* Made tox and docs reference the new env for linters
* Dropped pype environment (not supported)
[1]: https://github.com/ansible/ansible-lint/issues/457
Change-Id: I494b4b151804aac8173120e6c6e42bc2fdb00234
---
.ansible-lint | 12 +++
ansible/roles/prometheus/tasks/config.yml | 2 +-
doc/source/contributor/running-tests.rst | 10 ++-
test-requirements.txt | 2 +
tox.ini | 96 +++++++++++++++--------
zuul.d/project.yaml | 1 +
6 files changed, 88 insertions(+), 35 deletions(-)
create mode 100644 .ansible-lint
diff --git a/.ansible-lint b/.ansible-lint
new file mode 100644
index 0000000000..f10b027c81
--- /dev/null
+++ b/.ansible-lint
@@ -0,0 +1,12 @@
+use_default_rules: true
+skip_list:
+# [E701] galaxy_info missing in metadata
+ - '701'
+# [E602] https://github.com/ansible/ansible-lint/issues/457
+ - '602'
+# [E301] Commands should not change things if nothing needs doing
+# TODO(mnasiadka): Fix tasks that fail this check in a later iteration
+ - '301'
+# [E503] Tasks that run when changed should likely be handlers
+# TODO(mnasiadka): Rework baremetal role to do handlers instead of when: *.changed
+ - '503'
\ No newline at end of file
diff --git a/ansible/roles/prometheus/tasks/config.yml b/ansible/roles/prometheus/tasks/config.yml
index a8d7dded6f..eee74466cd 100644
--- a/ansible/roles/prometheus/tasks/config.yml
+++ b/ansible/roles/prometheus/tasks/config.yml
@@ -197,7 +197,7 @@
- Restart prometheus-server container
vars:
base: "{{ node_custom_config }}/prometheus/"
- service: "{{ prometheus_services['prometheus-server']}}"
+ service: "{{ prometheus_services['prometheus-server'] }}"
when:
- inventory_hostname in groups[service.group]
- service.enabled | bool
diff --git a/doc/source/contributor/running-tests.rst b/doc/source/contributor/running-tests.rst
index 16c55a3cb2..9c889194fc 100644
--- a/doc/source/contributor/running-tests.rst
+++ b/doc/source/contributor/running-tests.rst
@@ -28,6 +28,12 @@ so the only package you install is ``tox`` itself:
For more information, see `the unit testing section of the Testing wiki page
<https://wiki.openstack.org/wiki/Testing#Unit_Tests>`_. For example:
+To run the default set of tests:
+
+.. code-block:: console
+
+ tox
+
To run the Python 3.7 tests:
.. code-block:: console
@@ -38,13 +44,13 @@ To run the style tests:
.. code-block:: console
- tox -e pep8
+ tox -e linters
To run multiple tests separate items by commas:
.. code-block:: console
- tox -e py37,pep8
+ tox -e py37,linters
Running a subset of tests
-------------------------
diff --git a/test-requirements.txt b/test-requirements.txt
index 657117adf5..ee9d561e30 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -1,8 +1,10 @@
# linting
+ansible-lint>=4.2.0 # MIT
bandit>=1.1.0 # Apache-2.0
bashate>=0.5.1 # Apache-2.0
doc8>=0.6.0 # Apache-2.0
hacking>=3.0.1,<3.1.0 # Apache-2.0
+yamllint>=1.22.0 #GPL3
# coverage testing
coverage!=4.4,>=4.0 # Apache-2.0
diff --git a/tox.ini b/tox.ini
index 38a521b4ea..1840788235 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,12 +1,12 @@
[tox]
minversion = 3.1
skipsdist = True
-envlist = py37,pep8,pypy
+envlist = py37,linters
ignore_basepython_conflict = True
[testenv]
basepython = python3
-usedevelop=True
+usedevelop = True
whitelist_externals = find
rm
deps = -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
@@ -31,29 +31,10 @@ setenv = VIRTUAL_ENV={envdir}
NOSE_COVER_HTML_DIR={toxinidir}/cover
PYTHON=coverage run --source kolla_ansible,ansible/action_plugins,ansible/library,ansible/roles/keystone/files/ --parallel-mode
commands =
- stestr run {posargs}
- coverage combine
- coverage html -d cover
- coverage xml -o cover/coverage.xml
-
-[testenv:pep8]
-# sphinx needs to be installed to make doc8 work properly
-deps =
- {[testenv]deps}
- -r{toxinidir}/doc/requirements.txt
- yamllint
-commands =
- {toxinidir}/tools/run-bashate.sh
- flake8 {posargs}
- doc8 doc/source
- doc8 -e '.yaml' releasenotes/notes/
- python {toxinidir}/tools/validate-all-file.py
- bandit --skip B303 -r ansible kolla_ansible tests tools
- yamllint -s .
-
-[testenv:bandit]
-# B303: Use of insecure MD2, MD4, MD5, or SHA1 hash function.
-commands = bandit --skip B303 -r ansible kolla_ansible tests tools
+ stestr run {posargs}
+ coverage combine
+ coverage html -d cover
+ coverage xml -o cover/coverage.xml
[testenv:venv]
deps =
@@ -74,7 +55,6 @@ commands =
deps =
-c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
-r{toxinidir}/doc/requirements.txt
-
commands =
rm -rf deploy-guide/build
sphinx-build -a -E -W -d deploy-guide/build/doctrees --keep-going -b html deploy-guide/source deploy-guide/build/html
@@ -95,6 +75,36 @@ commands =
rm -rf releasenotes/build
sphinx-build -a -E -W -d releasenotes/build/doctrees --keep-going -b html releasenotes/source releasenotes/build/html
+[testenv:lower-constraints]
+deps =
+ -c{toxinidir}/lower-constraints.txt
+ -r{toxinidir}/test-requirements.txt
+ -r{toxinidir}/requirements.txt
+
+[testenv:linters]
+# Env vars and deps need to be defined in top level tox env
+setenv =
+ ANSIBLE_LIBRARY = {toxinidir}/ansible/library
+ ANSIBLE_ACTION_PLUGINS = {toxinidir}/ansible/action_plugins
+ ANSIBLE_FILTER_PLUGINS = {toxinidir}/ansible/filter_plugins
+deps =
+ -c{env:UPPER_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
+ -r{toxinidir}/test-requirements.txt
+ -r{toxinidir}/doc/requirements.txt
+whitelist_externals = bash
+commands =
+ {[testenv:pep8]commands}
+ {[testenv:doc8]commands}
+ {[testenv:bandit]commands}
+ {[testenv:bashate]commands}
+ {[testenv:yamllint]commands}
+ {[testenv:ansible-lint]commands}
+
+[testenv:pep8]
+deps = {[testenv:linters]deps}
+commands =
+ flake8 {posargs}
+
[flake8]
show-source = True
# NOTE: Default ignore list is *not* empty!
@@ -102,10 +112,32 @@ show-source = True
# (W503 and W504 are incompatible and we need to choose one of them.
# Existing codes follows W503, so we disable W504.):
ignore = W504
-exclude=.eggs,.git,.tox,doc
+exclude = .eggs,.git,.tox,doc
-[testenv:lower-constraints]
-deps =
- -c{toxinidir}/lower-constraints.txt
- -r{toxinidir}/test-requirements.txt
- -r{toxinidir}/requirements.txt
+[testenv:doc8]
+deps = {[testenv:linters]deps}
+commands =
+ doc8 doc/source
+ doc8 -e '.yaml' releasenotes/notes/
+
+[testenv:bashate]
+deps = {[testenv:linters]deps}
+commands =
+ bash -c "{toxinidir}/tools/run-bashate.sh"
+
+[testenv:bandit]
+# B303: Use of insecure MD2, MD4, MD5, or SHA1 hash function.
+deps = {[testenv:linters]deps}
+commands = bandit --skip B303 -r ansible kolla_ansible tests tools
+
+[testenv:ansible-lint]
+# Lint only code in ansible/* - ignore tests/ and roles/ used by CI
+setenv = {[testenv:linters]setenv}
+deps = {[testenv:linters]deps}
+commands =
+ python {toxinidir}/tools/validate-all-file.py
+ ansible-lint -p --exclude {toxinidir}/tests --exclude {toxinidir}/roles
+
+[testenv:yamllint]
+deps = {[testenv:linters]deps}
+commands = yamllint -s .
diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index 32c290a29c..eed64af2c8 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@@ -5,6 +5,7 @@
- openstack-cover-jobs
- openstack-lower-constraints-jobs
- openstack-python3-ussuri-jobs
+ - ansible-role-jobs
- publish-openstack-docs-pti
- release-notes-jobs-python3
- periodic-stable-jobs