sjat/boma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Harden lint setup and clean inventory placeholders

Browse source 
- Pin pre-commit ansible-lint hook to ansible-core==2.17.* (was floating, crashed)
- Add pre-commit to requirements.txt
- Align .yamllint with ansible-lint (comments-indentation off, octal rules on)
- Rewrite inventory placeholders to lint-clean empty-group form

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
This commit is contained in:
sjat 2026-05-30 14:56:16 +02:00
parent 19d93d32dc
commit 2dfa8ca9d6
5 changed files with 18 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.pre-commit-config.yaml
View file

@ -16,11 +16,11 @@ repos:
args: [-c, .yamllint] args: [-c, .yamllint]
- repo: https://github.com/ansible/ansible-lint - repo: https://github.com/ansible/ansible-lint
rev: v24.9.2 rev: v24.12.2 # keep in sync with requirements.txt
hooks: hooks:
- id: ansible-lint - id: ansible-lint
additional_dependencies: additional_dependencies:
- ansible-core>=2.17 - ansible-core==2.17.* # pin (not >=) — keep in sync with requirements.txt
# Secret scanning — catches plaintext credentials before they are committed. # Secret scanning — catches plaintext credentials before they are committed.
# Bump `rev` as new gitleaks releases land. # Bump `rev` as new gitleaks releases land.

6
.yamllint
View file

@ -13,6 +13,12 @@ rules:
braces: braces:
min-spaces-inside: 0 min-spaces-inside: 0
max-spaces-inside: 1 max-spaces-inside: 1
# Aligned with ansible-lint's requirements (it owns comment-indentation via its
# own yaml rule, and forbids octal ambiguity):
comments-indentation: false
octal-values:
forbid-implicit-octal: true
forbid-explicit-octal: true
ignore: | ignore: |
.venv/ .venv/

22
inventories/production/hosts.yml
View file

@ -1,5 +1,4 @@
--- ---
# Production inventory
# Generated from Terraform outputs: make tf-inventory TF_ENV=production # Generated from Terraform outputs: make tf-inventory TF_ENV=production
# Do not edit by hand — add hosts to terraform/environments/production/main.tf. # Do not edit by hand — add hosts to terraform/environments/production/main.tf.
# Exception: the control node is added here manually (see docs/runbooks/new-host.md). # Exception: the control node is added here manually (see docs/runbooks/new-host.md).
@ -7,22 +6,9 @@
all: all:
children: children:
control:
hosts: {}
docker_hosts: docker_hosts:
hosts: hosts: {}
# dns1:
# ansible_host: 10.20.0.10
# dns2:
# ansible_host: 10.20.0.11
# proxy:
# ansible_host: 10.20.0.12
# homeassistant:
# ansible_host: 10.20.0.13
proxmox_hosts: proxmox_hosts:
hosts: hosts: {}
# pve0:
# ansible_host: 10.10.0.200
# pve1:
# ansible_host: 10.10.0.201
# pve2:
# ansible_host: 10.10.0.202

8
inventories/staging/hosts.yml
View file

@ -6,7 +6,9 @@
all: all:
children: children:
control:
hosts: {}
docker_hosts: docker_hosts:
hosts: hosts: {}
# staging01: proxmox_hosts:
# ansible_host: 10.20.0.50 hosts: {}

1
requirements.txt
View file

@ -6,6 +6,7 @@ ansible-lint==24.*
molecule==24.* molecule==24.*
molecule-plugins[docker]==23.* molecule-plugins[docker]==23.*
yamllint==1.35.* yamllint==1.35.*
pre-commit==3.* # Runs lint + secret-scan hooks (.pre-commit-config.yaml)
docker==7.* # Python SDK for Docker (used by Molecule) docker==7.* # Python SDK for Docker (used by Molecule)
pytest==8.* # Required by Molecule test runner pytest==8.* # Required by Molecule test runner
pytest-testinfra==10.* # Optional: infra assertions in verify.yml pytest-testinfra==10.* # Optional: infra assertions in verify.yml