feat(ansible): Added ansible validation job for linting

Migrated from: URL: https://gitlab.com/nofusscomputing/infrastructure/ansible-roles commit: a5a6d3d71e7112a195925f6f1ee79ec1ee40fda6 Updated for use in central gitlab-ci repo. Changes to be committed: new file: ansible/.gitlab-ci.yml new file: ansible/README.md new file: ansible/requirements.txt issue #1
2021-08-03 15:07:47 +09:30
parent 247264e36b
commit 2413daefb1
3 changed files with 97 additions and 0 deletions
--- a/ansible/.gitlab-ci.yml
+++ b/ansible/.gitlab-ci.yml
@ -0,0 +1,38 @@
+
+.ansible_linter_defaults:
+    stage: validation
+    before_script:
+        - if [ "0$JOB_ROOT_DIR" == "0" ]; then ROOT_DIR=$DEFAULT_ROOT_DIR; else ROOT_DIR=$JOB_ROOT_DIR ; fi
+        - echo "[DEBUG] ROOT_DIR[$ROOT_DIR]"
+        - mkdir -p "$CI_PROJECT_DIR/artifacts/$CI_JOB_STAGE/$CI_JOB_NAME"
+        - mkdir -p "$CI_PROJECT_DIR/artifacts/$CI_JOB_STAGE/tests"
+        - export PYTHON_VERSION=`python -c 'import sys; version=sys.version_info[:3]; print("{0}.{1}.{2}".format(*version))'`
+        - apt update
+        - apt install --no-install-recommends -y git
+        - python3 -m venv env
+        - . env/bin/activate
+        - pip install --upgrade pip
+        - pip install -r $ROOT_DIR/ansible/requirements.txt
+        - mkdir $PYTHON_VERSION
+    script:
+        - ansible-lint -p --nocolor --parseable-severity "$ANSIBLE_LINT_PATH" > "$CI_PROJECT_DIR/artifacts/$CI_JOB_STAGE/$CI_JOB_NAME/$PYTHON_VERSION-ansible-lint.log" 1>&1 || ANSIBLE_LINT=$?
+        - cat "$CI_PROJECT_DIR/artifacts/$CI_JOB_STAGE/$CI_JOB_NAME/$PYTHON_VERSION-ansible-lint.log" | ansible-lint-to-junit-xml > "$CI_PROJECT_DIR/artifacts/$CI_JOB_STAGE/tests/$PYTHON_VERSION-ansible-lint.junit.xml"
+        - ls -la $PYTHON_VERSION
+        - if [ $ANSIBLE_LINT > 0 ]; then echo "ansible lint failed with $ANSIBLE_LINT"; exit $ANSIBLE_LINT; fi
+    after_script:
+        - echo deactivate
+    artifacts:
+      expire_in: 3 days
+      when: always
+      paths:
+          - "artifacts/*"
+      reports:
+          junit:
+              - "$CI_PROJECT_DIR/artifacts/$CI_JOB_STAGE/tests/*.junit.xml"
+    rules:
+        - if: '$CI_COMMIT_BRANCH == "master"'
+          when: never
+        - if: '$CI_COMMIT_BRANCH'
+          when: always
+        - when: never
+
--- a/ansible/README.md
+++ b/ansible/README.md
@ -0,0 +1,50 @@
+# Ansible
+This job does ansible role/playbook linting when any commit is pushed to any branch.
+
+
+This job provides the following badge:
+
+- None
+
+## Dependencies
+
+- None
+
+## your .gitlab-ci.yml changes
+To use this job add the following to your `.gitlab-ci.yml` file
+
+``` yaml
+stages:
+    - validation
+
+include:
+    - remote: https://gitlab.com/nofusscomputing/projects/gitlab-ci/-/raw/development/ansible/.gitlab-ci.yml
+
+Ansible Lint (python 3.6):
+    variables:
+        ANSIBLE_LINT_PATH: "roles/"
+    extends:
+        - .ansible_linter_defaults
+    image: python:3.6-slim
+```
+> You can use any python version you wish.
+
+## CI/CD Variables required
+
+| var name | Description |
+|:----:|:----|
+| ANSIBLE_LINT_PATH | *The path you wish the linter to search for ansible roles/playbooks* |
+
+
+## Job Workflow
+
+ - This job will lint any yml file in the specified directory using ansible rules.
+
+## Artifacts
+
+ - `$CI_PROJECT_DIR/artifacts` - Root artifact directory
+ - `$CI_PROJECT_DIR/artifacts/$CI_JOB_STAGE/tests/$PYTHON_VERSION-ansible-lint.junit.xml` - JUnit Test report
+ - `$CI_PROJECT_DIR/artifacts/$CI_JOB_STAGE/$CI_JOB_NAME/$PYTHON_VERSION-ansible-lint.log` - Linter log
+
+## License
+To view the license for this folder and any sub-folders, refer [here](https://gitlab.com/nofusscomputing/projects/gitlab-ci)
--- a/ansible/requirements.txt
+++ b/ansible/requirements.txt
@ -0,0 +1,9 @@
+wheel 
+ansible
+setuptools_rust 
+Rust 
+ansible-lint
+yamllint
+lxml
+ansible-lint-junit
+ansible-lint-to-junit-xml