diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..c0c3429 --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,3 @@ +--- +exclude_paths: + - mkdocs.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 5b32d4c..f50de49 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,9 +1,9 @@ --- version: 2 updates: - - package-ecosystem: "github-actions" - directory: "/" + - package-ecosystem: github-actions + directory: / schedule: interval: daily labels: - - "skip-changelog" + - skip-changelog diff --git a/.github/release-drafter.yml b/.github/release-drafter.yml index 6253a1b..10ef3bf 100644 --- a/.github/release-drafter.yml +++ b/.github/release-drafter.yml @@ -1,69 +1,68 @@ +--- # Format and labels used by Ansible DevTools projects -name-template: "v$RESOLVED_VERSION" -tag-template: "v$RESOLVED_VERSION" +name-template: v$RESOLVED_VERSION +tag-template: v$RESOLVED_VERSION # Use '-' instead of '*' for unordered list to match prettier behavior change-template: "- $TITLE (#$NUMBER) @$AUTHOR" categories: - - title: "Enhancements" + - title: Enhancements labels: - - "major" # c6476b - - "minor" - - "feature" # 006b75 - - "enhancement" # ededed - - "refactoring" - - title: "Bugfixes" + - major # c6476b + - minor + - feature # 006b75 + - enhancement # ededed + - refactoring + - title: Bugfixes labels: - - "bug" # fbca04 - - title: Other - - "patch" - - "deprecated" # fef2c0 + - bug # fbca04 + - title: Other - "patch" - "deprecated" # fef2c0 exclude-labels: - - "bot:chronographer:skip" - - "skip-changelog" + - bot:chronographer:skip + - skip-changelog replacers: # https://github.com/release-drafter/release-drafter/issues/569#issuecomment-645942909 - - search: '/(?:and )?@(pre-commit-ci|dependabot)(?:\[bot\])?,?/g' + - search: /(?:and )?@(pre-commit-ci|dependabot)(?:\[bot\])?,?/g replace: "" version-resolver: # major: # labels: minor: labels: - - "major" - - "minor" - - "feature" - - "enhancement" - - "refactoring" + - major + - minor + - feature + - enhancement + - refactoring patch: labels: - - "patch" - - "bug" - - "deprecated" + - patch + - bug + - deprecated default: patch exclude-contributors: - - "dependabot" - - "pre-commit-ci" + - dependabot + - pre-commit-ci autolabeler: - - label: "skip-changelog" + - label: skip-changelog title: - - "/pre-commit autoupdate/" + - /pre-commit autoupdate/ body: - "/type: chore/i" branch: - - "/^chore/i" - - label: "bug" + - /^chore/i + - label: bug branch: - - "/^fix/i" + - /^fix/i body: - "/type: fix/i" - - label: "feature" + - label: feature title: - - "/^(feat|feature)/i" + - /^(feat|feature)/i body: - "/type: feature/i" - - label: "deprecated" + - label: deprecated title: - - "/^deprecat(ed|ion)/i" + - /^deprecat(ed|ion)/i body: - "/type: deprecat(ed|ion)/i" template: | diff --git a/.github/workflows/ack.yml b/.github/workflows/ack.yml index 0479b6f..b1b37d9 100644 --- a/.github/workflows/ack.yml +++ b/.github/workflows/ack.yml @@ -1,3 +1,4 @@ +--- # ack workflow runs on any change made to a pull-request and aims to verify # that is following our practices. Initial version is checking correct label # presence. diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 1408be3..f548d22 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -1,3 +1,4 @@ +--- # push workflow is shared and expected to perform actions after a merge happens # on a maintenance branch (default or release). For example updating the # draft release-notes. @@ -8,8 +9,8 @@ on: # branches to consider in the event; optional, defaults to all branches: - main - - "releases/**" - - "stable/**" + - releases/** + - stable/** workflow_call: # allows reuse of this workflow from other devtools repos jobs: diff --git a/.github/workflows/push_network.yml b/.github/workflows/push_network.yml index 47b1f0b..8473933 100644 --- a/.github/workflows/push_network.yml +++ b/.github/workflows/push_network.yml @@ -1,3 +1,4 @@ +--- # push workflow is shared and expected to perform actions after a merge happens # on a maintenance branch (default or release). For example updating the # draft release-notes. @@ -58,9 +59,9 @@ jobs: - name: Get previous tag id: previoustag - uses: "WyriHaximus/github-action-get-previous-tag@master" + uses: WyriHaximus/github-action-get-previous-tag@master env: - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} ## this part is commented out to check push workflow ## ref - https://github.com/ansible-collections/cisco.nxos/pull/765 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cc459e0..70fadc6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,3 +1,4 @@ +--- name: release on: @@ -11,16 +12,16 @@ on: type: boolean secrets: pypi_password: - description: "API token for pypi.org" + description: API token for pypi.org required: true testpypi_password: - description: "API token for test.pypi.org" + description: API token for test.pypi.org required: true jobs: pypi: name: Publish to PyPI registry - if: "${{ inputs.pypi }}" + if: ${{ inputs.pypi }} environment: release runs-on: ubuntu-20.04 diff --git a/.github/workflows/release_ah.yml b/.github/workflows/release_ah.yml index 0077f20..d27d5b2 100644 --- a/.github/workflows/release_ah.yml +++ b/.github/workflows/release_ah.yml @@ -22,11 +22,11 @@ jobs: steps: - uses: actions/checkout@v4 - - name: "Build the collection" + - name: Build the collection run: | ansible-galaxy collection build -v --force - - name: "Publish the collection on Automation Hub" + - name: Publish the collection on Automation Hub if: ${{ inputs.ah_publish }} run: | [[ "${{ secrets.ah_token != '' }}" ]] || { echo "ah_token is required to publish on automation hub" ; exit 1; } diff --git a/.github/workflows/release_galaxy.yml b/.github/workflows/release_galaxy.yml index 7e83322..f62159f 100644 --- a/.github/workflows/release_galaxy.yml +++ b/.github/workflows/release_galaxy.yml @@ -22,11 +22,11 @@ jobs: steps: - uses: actions/checkout@v4 - - name: "Build the collection" + - name: Build the collection run: | ansible-galaxy collection build -v --force - - name: "Publish the collection on Galaxy" + - name: Publish the collection on Galaxy if: ${{ inputs.galaxy_publish }} run: | [[ "${{ secrets.ansible_galaxy_api_key != '' }}" ]] || { echo "ansible_galaxy_api_key is required to publish on galaxy" ; exit 1; } diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c157181..d399e13 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,3 +1,4 @@ +--- name: test on: pull_request: diff --git a/.github/workflows/tox.yml b/.github/workflows/tox.yml index 8e633ac..772e379 100644 --- a/.github/workflows/tox.yml +++ b/.github/workflows/tox.yml @@ -121,7 +121,7 @@ jobs: printf '### Failed as git reported modified and/or untracked files\n```\n%s\n```\n' "$(git status -s)" | tee -a "$GITHUB_STEP_SUMMARY" exit 99 fi - # https://github.com/actions/toolkit/issues/193 + # https://github.com/actions/toolkit/issues/193 check: if: always() diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 6cad4b3..9fcdc1e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -30,3 +30,8 @@ repos: files: \.(yaml|yml)$ types: [file, yaml] entry: yamllint --strict + - repo: https://github.com/ansible/ansible-lint + rev: v24.6.1 + hooks: + - id: ansible-lint + args: [--fix] diff --git a/.yamllint b/.yamllint index 7ad879c..e0bfb4e 100644 --- a/.yamllint +++ b/.yamllint @@ -1,5 +1,8 @@ +--- extends: default rules: + braces: + max-spaces-inside: 1 comments: # prettier compatibility min-spaces-from-content: 1 @@ -10,6 +13,9 @@ rules: document-start: disable # we need to decide if we want to impose one or not line-length: disable + octal-values: + forbid-implicit-octal: true + forbid-explicit-octal: true truthy: # "on:" is perfectly valid key on github actions: check-keys: false diff --git a/config/devtools.yml b/config/devtools.yml index 1d1d5c6..13e43e9 100644 --- a/config/devtools.yml +++ b/config/devtools.yml @@ -1,3 +1,4 @@ +--- # TODO: allow layered loading from other repos like dependabot config # Symlink this as ~/pre.yml and use https://github.com/pycontribs/gh-pre # This file documents repositories that are nurtured by Ansible DevTools team. @@ -14,11 +15,14 @@ repos: group: primary ansible-collections/community.molecule: section: community - ansible-community/molecule-plugins: - section: community + # ansible-community/molecule-plugins: + # section: community ansible/ansible-backstage-plugins: section: experimental ansible/ansible-compat: {} + ansible/ansible-content-actions: + section: experimental + # https://github.com/marketplace/actions/ansible-content-actions ansible/ansible-creator: section: experimental ansible/ansible-dev-environment: @@ -28,9 +32,6 @@ repos: ansible/ansible-navigator: {} ansible/ansible-workspace-env-reference-image: section: community - ansible/community-ansible-dev-tools-image: {} - ansible/creator-ee: - section: deprecated ansible/mkdocs-ansible: section: community ansible/molecule: {} @@ -40,19 +41,23 @@ repos: ansible/tox-ansible: section: experimental ansible/vscode-ansible: {} + coactions/dynamic-matrix: + section: community pycontribs/enrich: section: community pycontribs/subprocess-tee: section: community sections: - community: null - deprecated: null - experimental: null - primary: null - # unmaintained, obsoleted or archived: - # - ansible-community/protogen # deprecated? - # - ansible-community/role2collection - # - ansible/ansible-language-server (now part vscode-ansible) - # - ansible/ansible-lint-action (now part of ansible-lint) - # - pycontribs/selinux - # - pytest-molecule# + community: + deprecated: + experimental: + primary: +# unmaintained, obsoleted or archived: +# ansible-community/protogen +# ansible-community/role2collection +# ansible/ansible-language-server (now part vscode-ansible) +# ansible/ansible-lint-action (now part of ansible-lint) +# ansible/community-ansible-dev-tools-image (now part of ansible-dev-tools) +# ansible/creator-ee (now part of ansible-dev-tools) +# pycontribs/selinux +# pytest-molecule# diff --git a/mkdocs.yml b/mkdocs.yml index 377d753..933847a 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -1,3 +1,4 @@ +--- site_name: Ansible DevTools site_url: https://ansible.readthedocs.io/projects/team-devtools/ repo_url: https://github.com/ansible/team-devtools @@ -34,8 +35,8 @@ nav: - Release: guides/vscode/release.md - stats: - Molecule Plugins: stats/molecule-plugins.md - # - ansible-language-server: '!import https://github.com/ansible/ansible-language-server?branch=main&multi_docs=False' - # - projects: "*include .cache/*/mkdocs.yml" +# - ansible-language-server: '!import https://github.com/ansible/ansible-language-server?branch=main&multi_docs=False' +# - projects: "*include .cache/*/mkdocs.yml" plugins: - autorefs - material/search diff --git a/playbooks/deploy-bot-pat.yml b/playbooks/deploy-bot-pat.yml index 747187d..d46a36b 100644 --- a/playbooks/deploy-bot-pat.yml +++ b/playbooks/deploy-bot-pat.yml @@ -1,3 +1,4 @@ +--- - name: Deploy BOT_PAT secret hosts: localhost gather_facts: false @@ -7,7 +8,8 @@ file: ../config/devtools.yml name: devtools - - debug: + - name: Display info + ansible.builtin.debug: msg: "{{ item }}" loop: "{{ env_secrets | dict2items(key_name='env_name', value_name='env_secrets') }}" diff --git a/playbooks/host_vars/localhost.yml b/playbooks/host_vars/localhost.yml index e133bdc..0bbaa37 100644 --- a/playbooks/host_vars/localhost.yml +++ b/playbooks/host_vars/localhost.yml @@ -1,3 +1,4 @@ +--- env_secrets: ack: # github environment name BOT_PAT: !vault | diff --git a/playbooks/sync.yml b/playbooks/sync.yml index 964b3fe..14044c1 100644 --- a/playbooks/sync.yml +++ b/playbooks/sync.yml @@ -1,3 +1,4 @@ +--- - name: Checkout and Update DevTools project source code hosts: localhost connection: local diff --git a/playbooks/tasks/gh-set-env-secrets.yml b/playbooks/tasks/gh-set-env-secrets.yml index b220587..0432ea3 100644 --- a/playbooks/tasks/gh-set-env-secrets.yml +++ b/playbooks/tasks/gh-set-env-secrets.yml @@ -1,6 +1,8 @@ +--- - name: Create github environment ansible.builtin.shell: > gh api --method PUT -H "Accept: application/vnd.github+json" repos/{{ repo }}/environments/{{ env.env_name }} + changed_when: true loop: "{{ env_secrets | dict2items(key_name='env_name', value_name='env_secrets') }}" loop_control: loop_var: env diff --git a/playbooks/tasks/gh-set-secret.yml b/playbooks/tasks/gh-set-secret.yml index b8eb879..2c1f95f 100644 --- a/playbooks/tasks/gh-set-secret.yml +++ b/playbooks/tasks/gh-set-secret.yml @@ -1,5 +1,7 @@ +--- - name: Configure secret ansible.builtin.shell: > gh secret --repo {{ repo }} set --env {{ env.env_name }} {{ item.gh_secret_name }} --body {{ item.gh_secret_value }} + changed_when: true no_log: false loop: "{{ env.env_secrets | dict2items('gh_secret_name', 'gh_secret_value') }}" diff --git a/readthedocs.yml b/readthedocs.yml index 3abedf1..e76ad54 100644 --- a/readthedocs.yml +++ b/readthedocs.yml @@ -1,3 +1,4 @@ +--- version: 2 submodules: