Merge pull request #157 from LikhithaEda/local

CVP-1871 Enable more checks for ansible linting in upstream playbooks

Author: wheelerlaw

.ansible-lint

@@ -2,11 +2,10 @@
 exclude_paths:
   - .cache/  # implicit unless exclude_paths is defined in config
   - .github/
-  - roles/
   - Dockerfiles
-  - ./*.yml
+  - yamllint.yml
 
-warn_list: [] # or 'skip_list' to silence them completely
+warn_list: []  # or 'skip_list' to silence them completely
 
 skip_list:
   - deprecated-command-syntax  # Using command rather than an argument to e.g. file
@@ -17,4 +16,14 @@ skip_list:
   - command-instead-of-shell  # Use shell only when shell functionality is required
   # - yaml  # Violations reported by yamllint
   - line-length
-  - comments
+  - '102'   # No Jinja2
+  - '206'   # Variables should have spaces before and after: {{ var_name}}
+  - '301'   # All tasks should be named
+  - '302'   # Include should has tags
+  - '303'   # Use ":" YAML syntax when arguments are over 4
+  - '305'   # Variable should has space "{{ foo }}"
+  - '306'   # Shells that use pipes should set the pipefail option
+  - '403'   # Package installs should not use latest
+  - '502'   # Use chown module
+  - '601'   # trailing whitespace
+  - '602'   # line too long

ansible-lint.yml

@@ -1,5 +1,8 @@
 ---
-- name: Deploy the operator on an OCP cluster with OLM as part of the operator testing pipeline
+- name: >
+    Deploy the operator on an OCP
+    cluster with OLM as part of the
+    operator testing pipeline
   hosts: all
   become: false
   gather_facts: false
@@ -15,27 +18,28 @@
     quay_token: "{{ quay_token }}"
     quay_namespace: "cvpops"
     oc_bin_path: "{{ 'kubectl' if run_upstream else 'oc' }}"
-    jq_bin_path : "/usr/bin/jq"
+    jq_bin_path: "/usr/bin/jq"
     yq_bin_path: "/usr/local/bin/yq"
     testing_bin_path: "/usr/local/bin"
     scorecard_first_cr: true
     run_scorecard: true
-    current_channel: '' # Added to avoid a bug with undefined variables
-
+    current_channel: ''    # Added to avoid a bug with undefined variables
 
 
   tasks:
     - name: "Login to the testing OpenShift instance"
-      shell: "{{ oc_bin_path }} login {{ openshift_url }} -u system:admin --insecure-skip-tls-verify"
+      shell: >
+        "{{ oc_bin_path }} login {{ openshift_url }}
+        -u system:admin --insecure-skip-tls-verify"
       register: login_result
       retries: 20
       delay: 10
       until: login_result.rc == 0
       environment:
         KUBECONFIG: "{{ kubeconfig_path }}"
       when:
-      - openshift_url is defined
-      - not run_upstream|bool
+        - openshift_url is defined
+        - not run_upstream|bool
 
     - name: "Parse operator metadata needed to run the tests"
       include_role:
@@ -52,8 +56,15 @@
           include_role:
             name: deploy_olm_operator
       always:
-        - name: "Remove the quay release of the test operator in the testing namespace"
-          shell: "curl -s -H \"Authorization: basic {{ quay_token }}\" -X DELETE https://quay.io/cnr/api/v1/packages/{{ quay_namespace }}/{{ package_name }}-test/{{ quay_release }}/helm"
+        - name: >
+            "Remove the quay release of the
+             test operator in the testing namespace"
+          shell: >
+            "curl -s -H \"Authorization: basic
+            {{ quay_token }}\" -X DELETE
+            https://quay.io/cnr/api/v1/packages/{{
+            quay_namespace }}/{{ package_name }}-test/{{
+            quay_release }}/helm"
           when:
             - quay_release is defined
             - package_name is defined

deploy-olm-operator.yml

@@ -15,7 +15,9 @@
     umoci_bin_path: "/usr/local/bin/umoci"
 
   tasks:
-    - name: "Extract the operator bundle image into files needed to run the tests"
+    - name: >
+        "Extract the operator bundle
+        image into files needed to run the tests"
       include_role:
         name: extract_operator_bundle
 

extract-operator-bundle.yml

@@ -12,7 +12,9 @@
     run_catalog_init: true
     work_dir: "/tmp/operator-test"
     testing_bin_path: "{{ work_dir }}/bin"
-    current_channel: '' # Added to avoid a potential bug with undefined variables
+    current_channel: >
+      ''    # Added to avoid a potential
+      bug with undefined variables
     olm_ver: 0.14.1
 
   tasks:
@@ -24,7 +26,9 @@
         umoci_bin_path: "{{ testing_bin_path }}/umoci"
         opm_bin_path: "{{ testing_bin_path }}/opm"
         operator_sdk_bin_path: "{{ testing_bin_path }}/operator-sdk"
-        oc_bin_path: '{{ ''kubectl'' if run_upstream else "{{ testing_bin_path }}/oc" }}'
+        oc_bin_path: >
+          '{{ ''kubectl'' if run_upstream
+          else "{{ testing_bin_path }}/oc" }}'
 
 
     - name: "Install operator testing prerequisites"
@@ -37,7 +41,9 @@
         name: build_image_bundle
       when: run_upstream|bool
 
-    - name: "Extract the operator bundle image into files needed to run the tests"
+    - name: >
+        "Extract the operator bundle image
+        into files needed to run the tests"
       include_role:
         name: extract_operator_bundle
 
@@ -64,10 +70,14 @@
         - name: "Install OLM"
           block:
             - name: "Installing OLM"
-              shell: "{{ operator_sdk_bin_path }} olm install --version {{ olm_ver }}"
+              shell: >
+                "{{ operator_sdk_bin_path }} olm
+                install --version {{ olm_ver }}"
 
             - name: "Delete catalogsource"
-              shell: "{{ oc_bin_path }} delete catalogsource operatorhubio-catalog -n olm"
+              shell: >
+                "{{ oc_bin_path }} delete catalogsource
+                operatorhubio-catalog -n olm"
               ignore_errors: true
           when:
             - olm_needed.stdout != "operatorgroup"

local-test-operator-bundle.yml

@@ -19,7 +19,9 @@
     openshift_namespace: "test-operator"
     work_dir: "/tmp/operator-test"
     testing_bin_path: "{{ work_dir }}/bin"
-    current_channel: '' # Added to avoid a potential bug with undefined variables
+    current_channel: >
+      ''    # Added to avoid a potential
+      bug with undefined variables
     olm_ver: 0.14.1
     events_file_path: "{{ work_dir }}/events.json"
 
@@ -39,7 +41,9 @@
         scorecard_cr_dir: "{{ work_dir }}/scorecard-cr-files"
         kube_objects_dir: "{{ work_dir }}/kube_objects"
         testing_bin_path: "{{ work_dir }}/bin"
-        oc_bin_path: '{{ ''kubectl'' if run_upstream else "{{ testing_bin_path }}/oc" }}'
+        oc_bin_path: >
+          '{{ ''kubectl'' if run_upstream else
+          "{{ testing_bin_path }}/oc" }}'
         jq_bin_path: "{{ testing_bin_path }}/jq"
         yq_bin_path: "{{ testing_bin_path }}/yq"
         go_bin_path: "{{ testing_bin_path }}/go/bin/go"
@@ -82,10 +86,14 @@
         - name: "Install OLM"
           block:
             - name: "Installing OLM"
-              shell: "{{ operator_sdk_bin_path }} olm install --version {{ olm_ver }}"
+              shell: >
+                "{{ operator_sdk_bin_path }}
+                olm install --version {{ olm_ver }}"
 
             - name: "Delete catalogsource"
-              shell: "{{ oc_bin_path }} delete catalogsource operatorhubio-catalog -n olm"
+              shell: >
+                "{{ oc_bin_path }} delete catalogsource
+                operatorhubio-catalog -n olm"
               ignore_errors: true
           when:
             - olm_needed.stdout != "operatorgroup"
@@ -96,23 +104,27 @@
         name: build_catalog_upstream
       when: run_upstream|bool
 
-    - name: "Run operator-courier nest to copy the operator metadata in nested format to the work dir"
+    - name: >
+        "Run operator-courier nest to copy the
+        operator metadata in nested format to the work dir"
       shell: "operator-courier nest {{ operator_dir }} {{ operator_work_dir }}"
       when: not run_upstream|bool
 
     - name: Copy the operator metadata in nested format to the work dir
       copy:
         src: "{{ operator_dir }}/"
         dest: "{{ operator_work_dir }}"
-        remote_src: yes
+        remote_src: true
         mode: 0644
       when: run_upstream|bool
 
     - name: "Parse operator metadata needed to run the tests (Openshift)"
       include_role:
         name: parse_operator_metadata
 
-    - name: "Run linting tests with operator-courier verify on the deployed operator"
+    - name: >
+        "Run linting tests with operator-courier
+        verify on the deployed operator"
       include_role:
         name: operator_courier_verify
       when: run_lint|bool
@@ -133,24 +145,37 @@
             - run_scorecard|bool
             - not run_upstream|bool
 
-        - name: "Get all registry images on the OpenShift cluster before deploying the operator"
-          shell: "{{ oc_bin_path }} get is --all-namespaces -o json | jq '.items[].spec.tags[] | select(.from.kind == \"DockerImage\") | .from.name' --raw-output | sort -u"
+        - name: >
+            "Get all registry images on the OpenShift
+            cluster before deploying the operator"
+          shell: >
+            "{{ oc_bin_path }} get is --all-namespaces
+            -o json | jq '.items[].spec.tags[] |
+            select(.from.kind == \"DockerImage\") |
+            .from.name' --raw-output | sort -u"
           register: os_registry_is_result_before
           environment:
             KUBECONFIG: "{{ kubeconfig_path }}"
           no_log: true
           when: not run_upstream|bool
 
-        - name: "Get all pod images on the OpenShift cluster before deploying the operator"
-          shell: "{{ oc_bin_path }} get pods --all-namespaces -o json | jq '.items[].spec.containers[].image' --raw-output | sort -u"
+        - name: >
+            "Get all pod images on the OpenShift
+            cluster before deploying the operator"
+          shell: >
+            "{{ oc_bin_path }} get pods --all-namespaces
+            -o json | jq '.items[].spec.containers[].image'
+            --raw-output | sort -u"
           register: os_pod_is_result_before
           environment:
             KUBECONFIG: "{{ kubeconfig_path }}"
           no_log: true
           when: not run_upstream|bool
 
         - set_fact:
-            openshift_images_before: " {{ os_registry_is_result_before.stdout_lines }} + {{ os_pod_is_result_before.stdout_lines }}"
+            openshift_images_before: >
+              " {{ os_registry_is_result_before.stdout_lines
+              }} + {{ os_pod_is_result_before.stdout_lines }}"
           when: not run_upstream|bool
 
         - name: "Set the deployment start time"
@@ -186,29 +211,40 @@
             - run_upstream|bool
 
         - name: "Get all openshift registry images"
-          shell: "{{ oc_bin_path }} get is --all-namespaces -o json | jq '.items[].spec.tags[] | select(.from.kind == \"DockerImage\") | .from.name' --raw-output | sort -u"
+          shell: >
+            "{{ oc_bin_path }} get is --all-namespaces
+            -o json | jq '.items[].spec.tags[] |
+            select(.from.kind == \"DockerImage\") |
+            .from.name' --raw-output | sort -u"
           register: os_registry_is_result_after
           environment:
             KUBECONFIG: "{{ kubeconfig_path }}"
           no_log: true
           when: not run_upstream|bool
 
         - name: "Get all OpenShift pod images"
-          shell: "{{ oc_bin_path }} get pods --all-namespaces -o json | jq '.items[].spec.containers[].image' --raw-output | sort -u"
+          shell: >
+            "{{ oc_bin_path }} get pods --all-namespaces
+            -o json | jq '.items[].spec.containers[].image'
+            --raw-output | sort -u"
           register: os_pod_is_result_after
           environment:
             KUBECONFIG: "{{ kubeconfig_path }}"
           no_log: true
           when: not run_upstream|bool
 
         - set_fact:
-            openshift_images_after: "{{ os_registry_is_result_after.stdout_lines }} + {{ os_pod_is_result_after.stdout_lines }}"
+            openshift_images_after: >
+              "{{ os_registry_is_result_after.stdout_lines }}
+              + {{ os_pod_is_result_after.stdout_lines }}"
           when: not run_upstream|bool
 
         - name: "Scorecard test"
           block:
             - name: "Find all extracted CRs from alm-examples"
-              shell: "find \"{{ scorecard_cr_dir }}\" -name \"*.cr.yaml\" -print"
+              shell: >
+                "find \"{{ scorecard_cr_dir }}\"
+                -name \"*.cr.yaml\" -print"
               register: scorecard_cr_files_result
               when:
                 - run_scorecard|bool
@@ -224,8 +260,14 @@
                 - run_scorecard|bool
                 - run_deploy|bool
           always:
-            - name: "Get the pod container logs of the operator after running scorecard tests"
-              shell: "{{ oc_bin_path }} get --output=name pods | grep {{ operator_pod_name }} | xargs -I{} {{ oc_bin_path }} logs {} -c {{ operator_container_name }}"
+            - name: >
+                "Get the pod container logs of the
+                operator after running scorecard tests"
+              shell: >
+                "{{ oc_bin_path }} get --output=name pods
+                | grep {{ operator_pod_name }} | xargs -I{}
+                {{ oc_bin_path }} logs {} -c {{
+                operator_container_name }}"
               register: operator_container_result
               ignore_errors: true
               environment:
@@ -241,11 +283,15 @@
 
           when: not run_upstream|bool
 
-        - name: "Test image sources of containers introduced with the testing operator"
+        - name: >
+            "Test image sources of containers
+            introduced with the testing operator"
           include_role:
             name: operator_imagesource_test
           vars:
-            operator_images: "{{ openshift_images_after | difference(openshift_images_before) | list }}"
+            operator_images: >
+              "{{ openshift_images_after |
+              difference(openshift_images_before) | list }}"
           when:
             - run_imagesource|bool
             - run_deploy|bool
@@ -262,8 +308,14 @@
             - run_cleanup|bool
             - run_deploy|bool
 
-        - name: "Remove the quay release of the test operator in the testing namespace"
-          shell: "curl -s -H \"Authorization: basic {{ quay_token }}\" -X DELETE https://quay.io/cnr/api/v1/packages/{{ quay_namespace }}/{{ package_name }}-test/{{ quay_release }}/helm"
+        - name: >
+            "Remove the quay release of the
+            test operator in the testing namespace"
+          shell: >
+            "curl -s -H \"Authorization: basic {{ quay_token }}\"
+            -X DELETE https://quay.io/cnr/api/v1/packages/{{
+            quay_namespace }}/{{ package_name }}-test/{{
+            quay_release }}/helm"
           when:
             - quay_release is defined
             - package_name is defined