openstack/openstack-ansible-tests
Code Issues Proposed changes

Add ansible-lint rule for apt_repository

Browse Source 
This rule is designed to prevent the Ansible module `apt_repository`
from being used to update the APT cache. There is a bug [1] in
`apt_repository` that prevents cache updates from being performed
whenever the module is retried. If the cache update fails at the first
attempt, it is skipped on the subsequent attempt of the task causing the
task to always complete successfully. Until this bug is addressed this
rule should prevent it from being introduced into OpenStack-Ansible.

Partial-bug: 1750656

[1] https://github.com/ansible/ansible/issues/36605

Change-Id: If440ce129c31fb4e62a8e0ac5094195f4d4d7167
This commit is contained in:
git-harry 2018-02-23 16:10:20 +00:00
parent 498b43c103
commit 67bfc90703
1 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
ansible-lint/APTRepositoryCacheUpdateRule.py Executable file
View File

@ -0,0 +1,35 @@
#!/usr/bin/env python
# Copyright 2018, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
import ansiblelint
class APTRepositoryCacheUpdateRule(ansiblelint.AnsibleLintRule):
id = "OSA0002"
shortdesc = "apt_repository update_cache should be disabled."
description = (
"apt_repository cache updates silently fail when a task is retried. "
"Disable cache updates by setting `update_cache: no` and use a "
"separate apt task to update the APT cache. This bug is tracked by "
"https://github.com/ansible/ansible/issues/36605."
)
tags = ["bug"]
def matchtask(self, file, task):
module = task["action"]["__ansible_module__"]
update_cache_enabled = task["action"].get("update_cache", True)
return module == "apt_repository" and update_cache_enabled