Using Github Action to Lint Ansible

Remembering to run ansible-lint before you push code won’t happen. That’s why you have the computer do it for you, which means using a Github action to lint your playbooks every time you push code.

Github actions automate, customize, and execute software development work from right in our repository. You can create actions yourself, or you can leverage open-source actions created by others.

Github workflows are how you link actions together into a series of tasks. Both actions and workflows are defined by YAML files and stored in the .github directory within your repository.

Create a lint workflow#

Ansible (the company) has an open-source action called Ansible Lint for GitHub Action that you will use within a workflow to lint all your Ansible code.

We have created the workflows directory using the command below:

We have created the lint workflow file.

We have defined the actions as shown below:

Github actions have three main parts:

• name: provides a human-readable name to the action. Review Line-1.
• on: determines when the action is run by specifying triggers. Review Line-3.
• jobs: lists all the build steps within the workflow. Review Line-5 onwards.

Let’s breakdown the jobs further below:

• Line-2: represents the job within the workflow.
• Line-4: represents the operating system of the hosted build agent.
• Line-7: specifies the Github action to use.
• Line-10: defines the properties of the action.

There is a single job in the workflow, build. Build defines the operating system of the host build agent and the steps that the workflow executes. Steps sequentially list all the actions within the job.

The workflow has two actions.

• Build job: runs the checkout repo action. This action checks out the repository and downloads it into the workspace. It’s how you get the code onto the hosted build agent.

• Lint Ansible playbooks: the second action to run. The uses statement calls the ansible/ansible-lint-action action and specifies the branch of the action to use. The branch is being used in place of a version number.

  • The with property of the ansible-lint action specifies which playbooks will be targeted. Using "" will target all files with .yml or .yaml.

Source Code
We have provided all the Ansible code that was created in the previous chapters in the /usercode directory.

You need to clone the ansible GitHub repository created earlier in the course and configure the user name and email using the following commands:

Copy the contents from the /usercode directory to the cloned ansible repository.

Let’s add, commit, and push the changes.

Click the Run button and wait for the environment to set up. Once set up, Update the <Password> with the password created using the ansible-vault command in the group_vars/linux.yml and group_vars/windows.yml files using the nano editor and execute the following summarized commands one by one in the widget’s terminal:

Log into Github, open your ansible repository, and click Actions. It will look like the one below:

You have been successful in incorporating Github actions in your repository.

Try it now#

Some playbooks were left untested before pushing the linting action.

Fix all Ansible lint flags#

Review the build output of the lint action and correct all the flags it calls out.

Update Docker image#

Open the Dockerfile and add pip3 install ansible-lint to an existing RUN line.

In this lesson, we introduced Github Actions and you created your first action workflow to lint your Ansible code.