New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
syntax-check isn't skippable #1350
Comments
Yes, syntax-check is not skippable and will remain like this. That is because we rely on having parseable ansible code before we run our own rules. That was a decision not easy to take as we knew it may upset some users but it was the only way to make the linter maintenance possible. If we would allow processing of junk input, we would endup having to implement parsers that are more complex the Ansible own ones and that is effectively impossible considering that the linter does not have a full-type development team, as opposed to ansible core. If ansible fails to pass syntax check on a file you have two directions:
When you correctly setup ansible, it will also be able to access decrypt files. If you do not want to allow the linter to be able to decrypt your vaults or have other requirements, you should look for having two sets of variables: ones encrypted inside a vault, and one set of unencrypted ones, that you would use for linting or even testing. PS. If we would allow syntax-check to be ignored, we would endup with exceptions inside the linter own code. In fact for some time I went towards this approach while doing development but i realised that the dangers were far to great. If that was left enable, you may endup executing the linter on some code base, where you added internal-error or syntax-check to the exclude list but almost nothing else run on those files because we never ended up running the rules on the same files. |
Hi @ssbarnea That make perfect sense. Our CI doesn't have access to the vault or dynamic inventory, so I'm just gonna "patch" the $ sed "s/,hcloud_inventory.py//" -i ansible.cfg
$ sed "/^vault_password_file/d" -i ansible.cfg |
Usually I am against making changes that get |
|
We already use an advanced wcmatch glob library in another place, so it should be easy to swap the limited glob used by ignore to that. |
Summary
The
syntax-check
rule isn't skippable.Issue Type
Ansible and Ansible Lint details
OS / ENVIRONMENT
OS: Arch Linux
STEPS TO REPRODUCE
Desired Behaviour
ansible-linit
should skip thesyntax-check
ruleActual Behaviour
The
syntax-check
rule isn't skipped:The text was updated successfully, but these errors were encountered: