ansible-lint
ansible-lint documentation
- Version in MegaLinter: 6.17.2
- Visit Official Web Site
- See How to configure ansible-lint rules
- See How to disable ansible-lint rules in files
- See Index of problems detected by ansible-lint
Configuration in MegaLinter
- Enable ansible-lint by adding
ANSIBLE_ANSIBLE_LINT
in ENABLE_LINTERS variable - Disable ansible-lint by adding
ANSIBLE_ANSIBLE_LINT
in DISABLE_LINTERS variable
Variable | Description | Default value |
---|---|---|
ANSIBLE_ANSIBLE_LINT_ARGUMENTS | User custom arguments to add in linter CLI call Ex: -s --foo "bar" |
|
ANSIBLE_ANSIBLE_LINT_FILE_EXTENSIONS | Allowed file extensions. "*" matches any extension, "" matches empty extension. Empty list excludes all filesEx: [".py", ""] |
[".yml", ".yaml"] |
ANSIBLE_ANSIBLE_LINT_FILE_NAMES_REGEX | File name regex filters. Regular expression list for filtering files by their base names using regex full match. Empty list includes all files Ex: ["Dockerfile(-.+)?", "Jenkinsfile"] |
Include every file |
ANSIBLE_ANSIBLE_LINT_PRE_COMMANDS | List of bash commands to run before the linter | None |
ANSIBLE_ANSIBLE_LINT_POST_COMMANDS | List of bash commands to run after the linter | None |
ANSIBLE_ANSIBLE_LINT_UNSECURED_ENV_VARIABLES | List of env variables explicitly not filtered before calling ANSIBLE_ANSIBLE_LINT and its pre/post commands | None |
ANSIBLE_ANSIBLE_LINT_CONFIG_FILE | ansible-lint configuration file nameUse LINTER_DEFAULT to let the linter find it |
.ansible-lint |
ANSIBLE_ANSIBLE_LINT_RULES_PATH | Path where to find linter configuration file | Workspace folder, then MegaLinter default rules |
ANSIBLE_ANSIBLE_LINT_DISABLE_ERRORS | Run linter but consider errors as warnings | false |
ANSIBLE_ANSIBLE_LINT_DISABLE_ERRORS_IF_LESS_THAN | Maximum number of errors allowed | 0 |
ANSIBLE_ANSIBLE_LINT_CLI_EXECUTABLE | Override CLI executable | ['ansible-lint'] |
ANSIBLE_DIRECTORY | Directory containing ANSIBLE files | ansible |
MegaLinter Flavours
This linter is available in the following flavours
Flavor | Description | Embedded linters | Info | |
---|---|---|---|---|
all | Default MegaLinter Flavor | 117 | ||
cupcake | MegaLinter for the most commonly used languages | 85 | ||
documentation | MegaLinter for documentation projects | 51 | ||
dotnet | Optimized for C, C++, C# or VB based projects | 63 | ||
dotnetweb | Optimized for C, C++, C# or VB based projects with JS/TS | 72 | ||
go | Optimized for GO based projects | 53 | ||
java | Optimized for JAVA based projects | 55 | ||
javascript | Optimized for JAVASCRIPT or TYPESCRIPT based projects | 60 | ||
php | Optimized for PHP based projects | 54 | ||
python | Optimized for PYTHON based projects | 62 | ||
ruby | Optimized for RUBY based projects | 51 | ||
rust | Optimized for RUST based projects | 51 | ||
salesforce | Optimized for Salesforce based projects | 54 | ||
security | Optimized for security | 24 | ||
swift | Optimized for SWIFT based projects | 51 | ||
terraform | Optimized for TERRAFORM based projects | 55 |
Behind the scenes
How are identified applicable files
- Activated only if sub-directory
ansible
is found. (directory name can be overridden withANSIBLE_DIRECTORY
) - File extensions:
.yml
,.yaml
- File name don't ends with:
vault.yml
,vault.yaml
,galaxy.yml
,galaxy.yaml
How the linting is performed
ansible-lint is called once on the whole project directory (project
CLI lint mode)
- filtering can not be done using MegaLinter configuration variables,it must be done using ansible-lint configuration or ignore file (if existing)
VALIDATE_ALL_CODEBASE: false
doesn't make ansible-lint analyze only updated files
Example calls
ansible-lint -v
ansible-lint -v -c .ansible-lint
Help content
WARNING: PATH altered to expand ~ in it. Read https://stackoverflow.com/a/44704799/99834 and correct your system configuration.
usage: ansible-lint [-h] [-P | -L | -T]
[-f {brief,full,md,json,codeclimate,quiet,pep8,sarif}]
[--sarif-file SARIF_FILE] [-q]
[--profile {min,basic,moderate,safety,shared,production}]
[-p] [--project-dir PROJECT_DIR] [-r RULESDIR] [-R] [-s]
[--write [WRITE_LIST]] [--show-relpath] [-t TAGS] [-v]
[-x SKIP_LIST] [--generate-ignore] [-w WARN_LIST]
[--enable-list ENABLE_LIST] [--nocolor] [--force-color]
[--exclude EXCLUDE_PATHS [EXCLUDE_PATHS ...]]
[-c CONFIG_FILE] [-i IGNORE_FILE] [--offline] [--version]
[lintables ...]
positional arguments:
lintables One or more files or paths. When missing it will
enable auto-detection mode.
options:
-h, --help show this help message and exit
-P, --list-profiles List all profiles, no formatting options available.
-L, --list-rules List all the rules. For listing rules only the
following formats for argument -f are supported:
{brief, full, md} with 'brief' as default.
-T, --list-tags List all the tags and the rules they cover. Increase
the verbosity level with `-v` to include 'opt-in' tag
and its rules.
-f {brief,full,md,json,codeclimate,quiet,pep8,sarif}, --format {brief,full,md,json,codeclimate,quiet,pep8,sarif}
stdout formatting, json being an alias for
codeclimate. (default: None)
--sarif-file SARIF_FILE
SARIF output file
-q quieter, reduce verbosity, can be specified twice.
--profile {min,basic,moderate,safety,shared,production}
Specify which rules profile to be used.
-p, --parseable parseable output, same as '-f pep8'
--project-dir PROJECT_DIR
Location of project/repository, autodetected based on
location of configuration file.
-r RULESDIR, --rules-dir RULESDIR
Specify custom rule directories. Add -R to keep using
embedded rules from /venvs/ansible-
lint/lib/python3.11/site-packages/ansiblelint/rules
-R Keep default rules when using -r
-s, --strict Return non-zero exit code on warnings as well as
errors
--write [WRITE_LIST] Allow ansible-lint to reformat YAML files and run rule
transforms (Reformatting YAML files standardizes
spacing, quotes, etc. A rule transform can fix or
simplify fixing issues identified by that rule). You
can limit the effective rule transforms (the
'write_list') by passing a keywords 'all' or 'none' or
a comma separated list of rule ids or rule tags. YAML
reformatting happens whenever '--write' or '--write='
is used. '--write' and '--write=all' are equivalent:
they allow all transforms to run. The effective list
of transforms comes from 'write_list' in the config
file, followed whatever '--write' args are provided on
the commandline. '--write=none' resets the list of
transforms to allow reformatting YAML without running
any of the transforms (ie '--write=none,rule-id' will
ignore write_list in the config file and only run the
rule-id transform).
--show-relpath Display path relative to CWD
-t TAGS, --tags TAGS only check rules whose id/tags match these values
-v Increase verbosity level (-vv for more)
-x SKIP_LIST, --skip-list SKIP_LIST
only check rules whose id/tags do not match these
values. e.g: --skip-list=name,run-once
--generate-ignore Generate a text file '.ansible-lint-ignore' that
ignores all found violations. Each line contains
filename and rule id separated by a space.
-w WARN_LIST, --warn-list WARN_LIST
only warn about these rules, unless overridden in
config file. Current version default value is:
experimental, jinja[spacing], fqcn[deep]
--enable-list ENABLE_LIST
activate optional rules by their tag name
--nocolor disable colored output, same as NO_COLOR=1
--force-color Force colored output, same as FORCE_COLOR=1
--exclude EXCLUDE_PATHS [EXCLUDE_PATHS ...]
path to directories or files to skip. This option is
repeatable.
-c CONFIG_FILE, --config-file CONFIG_FILE
Specify configuration file to use. By default it will
look for '.ansible-lint', '.config/ansible-lint.yml',
or '.config/ansible-lint.yaml'
-i IGNORE_FILE, --ignore-file IGNORE_FILE
Specify ignore file to use. By default it will look
for '.ansible-lint-ignore' or '.config/ansible-lint-
ignore.txt'
--offline Disable installation of requirements.yml and schema
refreshing
--version
Installation on mega-linter Docker image
- PIP packages (Python):