Using Github Action to Lint Ansible
Lint Ansible playbooks using Github actions.
We'll cover the following
Remembering to run ansible-lint before you push code won’t happen. That’s why you have the computer do it for you, which means using a Github action to lint your playbooks every time you push code.
Github actions automate, customize, and execute software development work from right in our repository. You can create actions yourself, or you can leverage open-source actions created by others.
Github workflows are how you link actions together into a series of tasks. Both actions and workflows are defined by YAML files and stored in the .github directory within your repository.
Create a lint workflow
Ansible (the company) has an open-source action called Ansible Lint for GitHub Action that you will use within a workflow to lint all your Ansible code.
We have created the workflows directory using the command below:
mkdir -p .github/workflow
We have created the lint workflow file.
touch .github/workflows/lint.yml
We have defined the actions as shown below:
name: Ansible Linton: [push, pull_request]jobs:build:runs-on: ubuntu-lateststeps:- name: checkout repouses: actions/checkout@v2- name: Lint Ansible Playbookuses: ansible/ansible-lint-action@masterwith:targets: ""
Github actions have three main parts:
name: provides a human-readable name to the action. Review Line-1.on: determines when the action is run by specifying triggers. Review Line-3.jobs: lists all the build steps within the workflow. Review Line-5 onwards.
Let’s breakdown the jobs further below:
jobs:build:runs-on: ubuntu-lateststeps:- name: checkout repouses: actions/checkout@v2- name: Lint Ansible Playbookuses: ansible/ansible-lint-action@masterwith:targets: ""
- Line-2: represents the job within the workflow.
- Line-4: represents the operating system of the hosted build agent.
- Line-7: specifies the Github action to use.
- Line-10: defines the properties of the action.
There is a single job in the workflow, build. Build defines the operating system of the host build agent and the steps that the workflow executes. Steps sequentially list all the actions within the job.
steps:- name: checkout repouses: actions/checkout@v2- name: Lint Ansible Playbookuses: ansible/ansible-lint-action@masterwith:targets: ""
The workflow has two actions.
-
Build job: runs the checkout repo action. This action checks out the repository and downloads it into the workspace. It’s how you get the code onto the hosted build agent.
-
Lint Ansible playbooks: the second action to run. The
usesstatement calls theansible/ansible-lint-actionaction and specifies the branch of the action to use. The branch is being used in place of a version number.- The
withproperty of theansible-lint actionspecifies which playbooks will be targeted. Using""will target all files with.ymlor.yaml.
- The
Source Code
We have provided all the Ansible code that was created in the previous chapters in the/usercodedirectory.
You need to clone the ansible GitHub repository created earlier in the course and configure the user name and email using the following commands:
# Replace the <GitHub clone URL> with the repository's URL.git clone <Github clone URL># Configure user.email# Replace <Your email> with the actual emailgit config --global user.email "<YourEmail>"# Configure user.name# Replace <Your name> with the actual namegit config --global user.name "<YourName>"
Copy the contents from the /usercode directory to the cloned ansible repository.
# copy the code from the /usercode directory to the /ansible directorycp -rT /usercode /ansible# Change into ansible directorycd /ansible
Let’s add, commit, and push the changes.
# Stage the changesgit add .# Commit the changesgit commit -m 'added ansible lint action'# push the committed changesgit push
name: Ansible Lint
on: [push, pull_request]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: checkout repo
uses: actions/checkout@v2
- name: Lint Ansible Playbook
uses: ansible/ansible-lint-action@master
with:
targets: ""
override-deps: |
ansible-lint==4.2.0Click the Run button and wait for the environment to set up. Once set up, Update the <Password> with the password created using the ansible-vault command in the group_vars/linux.yml and group_vars/windows.yml files using the nano editor and execute the following summarized commands one by one in the widget’s terminal:
# Replace the <GitHub clone URL> with the repository's URL.git clone <Github clone URL># Configure user.email# Replace <Your email> with the actual emailgit config --global user.email "<YourEmail>"# Configure user.name# Replace <Your name> with the actual namegit config --global user.name "<YourName>"# copy the code from the /usercode directory to the /ansible directorycp -rT /usercode /ansible# Change into ansible directorycd /ansible## Update the <Password> with the password created using the ansible-vault## command in the group_vars/linux.yml and group_vars/windows.yml files## using the nano editor.# Stage the changesgit add .# Commit the changesgit commit -m 'added ansible lint action'# push the committed changesgit push
Log into Github, open your ansible repository, and click Actions. It will look like the one below:
You have been successful in incorporating Github actions in your repository.
Try it now
Some playbooks were left untested before pushing the linting action.
Fix all Ansible lint flags
Review the build output of the lint action and correct all the flags it calls out.
Update Docker image
Open the Dockerfile and add
pip3 install ansible-lintto an existing RUN line.
In this lesson, we introduced Github Actions and you created your first action workflow to lint your Ansible code.
Get hands-on with 1300+ tech skills courses.