doc: additional tests planned

.planned/rules/ADFINIS0002RegisterPrefixRule.py

@@ -0,0 +1,51 @@
+#!/usr/bin/env python
+# -*- coding: UTF-8 -*-
+
+# Copyright (c) 2017, Adfinis SyGroup AG
+# All rights reserved.
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+# src-repo: https://github.com/adfinis-sygroup/ansible-lint-rules/blob/master/RegisterPrefixRule.py
+
+from ansiblelint import AnsibleLintRule
+
+
+class RegisterPrefixRule(AnsibleLintRule):
+    id = 'ADFINIS0002'
+    shortdesc = "Registered variable must always have a prefix " \
+                "\"$ROLENAME_register_\""
+    description = """
+    Each registered variable name must have a prefix "$ROLENAME_register_",
+    because each variable should be unique.
+    """
+    tags = ['formatting']
+
+    def matchtask(self, file, task):
+        if 'register' in task:
+            register = task['register']
+            try:
+                role = self.rolename(file['path'])
+                prefix = '{0}_register_'.format(role)
+            except BaseException:
+                prefix = 'register_'
+            return not register.startswith(prefix)
+        return False
+
+    def rolename(self, file):
+        elements = file.split('/')
+        if 'tasks' in elements:
+            idx = elements.index('tasks') - 1
+            return elements[idx]
+        raise IndexError('tasks not in path')

.planned/rules/TWSH101PlaybookExtension.py

@@ -0,0 +1,21 @@
+from ansiblelint import AnsibleLintRule
+
+import os
+
+class PlaybookExtension(AnsibleLintRule):
+    id = 'TWSH101'
+    shortdesc = 'Playbooks should have the ".yml" extension'
+    description = ''
+    tags = ['playbook']
+    done = []  # already noticed path list
+
+    def match(self, file, text):
+        if file['type'] != 'playbook':
+            return False
+
+        path = file['path']
+        ext = os.path.splitext(path)
+        if ext[1] != ".yml" and path not in self.done:
+            self.done.append(path)
+            return True
+        return False

.planned/rules/TWSH201RoleRelativePath.py

@@ -0,0 +1,42 @@
+from ansiblelint import AnsibleLintRule
+
+
+format = "{}"
+
+class RoleRelativePath(AnsibleLintRule):
+    id = 'TWSH201'
+    shortdesc = "Doesn't need a relative path in role"
+    description = ''
+    tags = ['role']
+
+    def matchplay(self, file, play):
+        # assume if 'roles' in path, inside a role.
+        if 'roles' not in file['path']:
+            return []
+        if 'template' in play:
+            if not isinstance(play['template'], dict):
+                return False
+            if "../templates" in play['template']['src']:
+                return [({'': play['template']},
+                                self.shortdesc)]
+        if 'win_template' in play:
+            if not isinstance(play['win_template'], dict):
+                return False
+            if "../win_templates" in play['win_template']['src']:
+                return ({'win_template': play['win_template']},
+                                self.shortdesc)
+        if 'copy' in play:
+            if not isinstance(play['copy'], dict):
+                return False
+            if 'src' in play['copy']:
+                if "../files" in play['copy']['src']:
+                    return ({'sudo': play['copy']},
+                                self.shortdesc)
+        if 'win_copy' in play:
+            if not isinstance(play['win_copy'], dict):
+                return False
+            if "../files" in play['win_copy']['src']:
+                return ({'sudo': play['win_copy']},
+                                self.shortdesc)
+        return []
+

.planned/rules/TWSH301TaskShouldHaveName.py

@@ -0,0 +1,32 @@
+# Copyright (c) 2016 Will Thames <[email protected]>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+from ansiblelint import AnsibleLintRule
+
+
+class TaskShouldHaveName(AnsibleLintRule):
+    id = 'TWSH301'
+    shortdesc = 'All tasks should be named'
+    description = 'All tasks should have a distinct name for readability ' + \
+                  'and for --start-at-task to work'
+    tags = ['task']
+
+    def matchtask(self, file, task):
+        return task.get('name', '') == ''

.planned/rules/TWSH302TaskIncludeShouldHaveTags.py

@@ -0,0 +1,17 @@
+from ansiblelint import AnsibleLintRule
+
+# FIXME: how to get include task?
+class TaskIncludeShouldHaveTags(AnsibleLintRule):
+    id = 'TWSH302'
+    shortdesc = 'Include should have tags'
+    description = ''
+    tags = ['task']
+
+    def matchplay(self, file, play):
+        ret = []
+
+        if isinstance(play, dict) and 'tasks' in play:
+            for item in play['tasks']:
+                if 'include' in item and 'tags' not in item:
+                    ret.append((file, self.shortdesc))
+        return ret

.planned/rules/TWSH303TaskManyArgs.py

@@ -0,0 +1,18 @@
+from ansiblelint import AnsibleLintRule
+
+class TaskManyArgs(AnsibleLintRule):
+    id = 'TWSH303'
+    shortdesc = 'Use ":" YAML format when arguments are over 4'
+    description = ''
+    tags = ['task']
+
+    def match(self, file, text):
+        count = 0
+        for action in text.split(" "):
+            if "=" in action:
+                count += 1
+
+        if count > 4:
+            return True
+
+        return False

.planned/rules/TWSH304TaskNoLocalAction.py

@@ -0,0 +1,12 @@
+from ansiblelint import AnsibleLintRule
+
+class TaskNoLocalAction(AnsibleLintRule):
+    id = 'TWSH304'
+    shortdesc = 'Do not use local_action. use delegate_to: localhost instead'
+    description = ''
+    tags = ['task']
+
+    def match(self, file, text):
+        if 'local_action' in text:
+            return True
+        return False

.planned/rules/TWSH305TaskVariableHasSpace.py

@@ -0,0 +1,19 @@
+from ansiblelint import AnsibleLintRule
+
+import re
+
+class TaskVariableHasSpace(AnsibleLintRule):
+    id = 'TWSH305'
+    shortdesc = 'Variables should be enclosed by spaces "{{ foo }}"'
+    description = ''
+    tags = ['task']
+
+    compiled = re.compile(ur'{{(\w*)}}')
+
+    def match(self, file, text):
+        m = self.compiled.search(text)
+        if m:
+            return True
+        return False
+
+

.planned/rules/TWSH401ModuleOctalPermissions.py

@@ -0,0 +1,59 @@
+# Copyright (c) 2013-2014 Will Thames <[email protected]>
+#
+# Permission is hereby granted, free of charge, to any person obtaining a copy
+# of this software and associated documentation files (the "Software"), to deal
+# in the Software without restriction, including without limitation the rights
+# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+# copies of the Software, and to permit persons to whom the Software is
+# furnished to do so, subject to the following conditions:
+#
+# The above copyright notice and this permission notice shall be included in
+# all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+# THE SOFTWARE.
+
+from ansiblelint import AnsibleLintRule
+import re
+
+
+class ModuleOctalPermissions(AnsibleLintRule):
+    id = 'TWSH401'
+    shortdesc = 'Octal file permissions must contain leading zero'
+    description = 'Numeric file permissions without leading zero can behave' + \
+        'in unexpected ways. See ' + \
+        'http://docs.ansible.com/ansible/file_module.html'
+    tags = ['module']
+
+    _modules = {'assemble', 'copy', 'file', 'ini_file', 'lineinfile',
+                'replace', 'synchronize', 'template', 'unarchive'}
+
+    mode_regex = re.compile(r'^\s*[0-9]+\s*$')
+    valid_mode_regex = re.compile(r'^\s*0[0-7]{3,4}\s*$')
+
+    def matchtask(self, file, task):
+        if task["action"]["__ansible_module__"] in self._modules:
+            mode = task['action'].get('mode', None)
+            if isinstance(mode, basestring) and self.mode_regex.match(mode):
+                return not self.valid_mode_regex.match(mode)
+            if isinstance(mode, int):
+                # sensible file permission modes don't
+                # have write or execute bit set when read bit is
+                # not set
+                # also, user permissions are more generous than
+                # group permissions and user and group permissions
+                # are more generous than world permissions
+
+                result = (mode % 8 and mode % 8 < 4 or
+                          (mode >> 3) % 8 and (mode >> 3) % 8 < 4 or
+                          (mode >> 6) % 8 and (mode >> 6) % 8 < 4 or
+                          mode & 8 < (mode << 3) & 8 or
+                          mode & 8 < (mode << 6) & 8 or
+                          (mode << 3) & 8 < (mode << 6) & 8)
+
+                return result

.planned/rules/TWSH402ModuleTemplateExt.py

@@ -0,0 +1,16 @@
+from ansiblelint import AnsibleLintRule
+import os
+
+class ModuleTemplateExt(AnsibleLintRule):
+    id = 'TWSH402'
+    shortdesc = "Template files should have the extension '.j2' "
+    description = ''
+    tags = ['module']
+
+    def matchtask(self, file, task):
+        if task['action']['__ansible_module__'] != 'template':
+            return False
+        ext = os.path.splitext(task['action']['src'])
+        if ext[1] != ".j2":
+            return True
+        return False

.planned/rules/TWSH501ShellAltChmod.py

@@ -0,0 +1,14 @@
+from ansiblelint import AnsibleLintRule
+
+class ShellAltChmod(AnsibleLintRule):
+    id = 'TWSH501'
+    shortdesc = 'Use chmod module'
+    description = ''
+    tags = ['shell']
+
+    def matchtask(self, file, task):
+        if task['action']['__ansible_module__'] not in ['shell', 'command']:
+            return False
+        if 'chmod' in task['action']['__ansible_arguments__']:
+            return True
+        return False

.planned/rules/TWSH502ShellAltChown.py

@@ -0,0 +1,14 @@
+from ansiblelint import AnsibleLintRule
+
+class ShellAltChown(AnsibleLintRule):
+    id = 'TWSH502'
+    shortdesc = 'Use chown module'
+    description = ''
+    tags = ['shell']
+
+    def matchtask(self, file, task):
+        if task['action']['__ansible_module__'] not in ['shell', 'command']:
+            return False
+        if 'chown' in task['action']['__ansible_arguments__']:
+            return True
+        return False

.planned/rules/TWSH503ShellAltHostname.py

@@ -0,0 +1,15 @@
+from ansiblelint import AnsibleLintRule
+
+class ShellAltHostname(AnsibleLintRule):
+    id = 'TWSH503'
+    shortdesc = 'Use hostname module'
+    description = ''
+    tags = ['shell']
+
+    def matchtask(self, file, task):
+        if task['action']['__ansible_module__'] not in ['shell', 'command']:
+            return False
+        if ('hostname' in task['action']['__ansible_arguments__'] and
+            'register' not in task):
+            return True
+        return False

.planned/rules/TWSH504ShellAltMount.py

@@ -0,0 +1,15 @@
+from ansiblelint import AnsibleLintRule
+
+class ShellAltMount(AnsibleLintRule):
+    id = 'TWSH504'
+    shortdesc = 'Use mount module'
+    description = ''
+    tags = ['shell']
+
+    def matchtask(self, file, task):
+        if task['action']['__ansible_module__'] not in ['shell', 'command']:
+            return False
+        if ('mount' in task['action']['__ansible_arguments__'] and
+            'register' not in task):
+            return True
+        return False

.planned/rules/TWSH505ShellAltNmcli.py

@@ -0,0 +1,14 @@
+from ansiblelint import AnsibleLintRule
+
+class ShellAltNmcli(AnsibleLintRule):
+    id = 'TWSH505'
+    shortdesc = 'Use nmcli module'
+    description = ''
+    tags = ['shell']
+
+    def matchtask(self, file, task):
+        if task['action']['__ansible_module__'] not in ['shell', 'command']:
+            return False
+        if 'nmcli' in task['action']['__ansible_arguments__']:
+            return True
+        return False

.planned/rules/TWSH506ShellAltRpm.py

@@ -0,0 +1,14 @@
+from ansiblelint import AnsibleLintRule
+
+class ShellAltRpm(AnsibleLintRule):
+    id = 'TWSH506'
+    shortdesc = 'Use yum module with file path'
+    description = ''
+    tags = ['shell']
+
+    def matchtask(self, file, task):
+        if task['action']['__ansible_module__'] not in ['shell', 'command']:
+            return False
+        if 'rpm' in task['action']['__ansible_arguments__']:
+            return True
+        return False