From 068bc01cd5394038dfd199b5b30240ec91bc0c17 Mon Sep 17 00:00:00 2001 From: Ali Date: Fri, 22 Sep 2023 09:49:11 -0400 Subject: [PATCH] Sanity rule changes and updates --- .../tests/sanity/ignore-2.13.txt | 1 + .../tests/sanity/ignore-2.15.txt | 1 + .../tests/sanity/ignore-2.9.txt | 2 + src/ansiblelint/rules/sanity.md | 11 ++- src/ansiblelint/rules/sanity.py | 76 ++++++++++++------- 5 files changed, 56 insertions(+), 35 deletions(-) diff --git a/examples/sanity_ignores/tests/sanity/ignore-2.13.txt b/examples/sanity_ignores/tests/sanity/ignore-2.13.txt index 2b95cf50b8..fedd39ec02 100644 --- a/examples/sanity_ignores/tests/sanity/ignore-2.13.txt +++ b/examples/sanity_ignores/tests/sanity/ignore-2.13.txt @@ -1 +1,2 @@ plugins/module_utils/ansible_example_module.py validate-modules:deprecation-mismatch # comment +tests/unit/file.py import-3.6!skip diff --git a/examples/sanity_ignores/tests/sanity/ignore-2.15.txt b/examples/sanity_ignores/tests/sanity/ignore-2.15.txt index 069ef15fef..08d21a24fa 100644 --- a/examples/sanity_ignores/tests/sanity/ignore-2.15.txt +++ b/examples/sanity_ignores/tests/sanity/ignore-2.15.txt @@ -1,2 +1,3 @@ plugins/module_utils/ansible_example_module.incorrect-3.6!skip #plugins/module_utils/ansible_example_module.py import-3.6!skip +other_dir/module_utils/ansible_example_module incorrect-3.6!skip diff --git a/examples/sanity_ignores/tests/sanity/ignore-2.9.txt b/examples/sanity_ignores/tests/sanity/ignore-2.9.txt index bfee509358..4727a66955 100644 --- a/examples/sanity_ignores/tests/sanity/ignore-2.9.txt +++ b/examples/sanity_ignores/tests/sanity/ignore-2.9.txt @@ -1,2 +1,4 @@ +# Should be fully skipped plugins/module_utils/ansible_example_module.py validate-modules:deprecation-mismatch plugins/module_utils/ansible_example_module.py import-2.6!skip +plugins/module_utils/ansible_example_module.py validate-modules diff --git a/src/ansiblelint/rules/sanity.md b/src/ansiblelint/rules/sanity.md index 5b4f3a456f..f17cdafe3a 100644 --- a/src/ansiblelint/rules/sanity.md +++ b/src/ansiblelint/rules/sanity.md @@ -1,10 +1,10 @@ # sanity This rule checks the `tests/sanity/ignore-x.x.txt` file for disallowed ignores. -This rule is extremely opinionated and enforced by Partner Engineering. The +This rule is extremely opinionated and enforced by Partner Engineering as a requirement for Red Hat Certification. The currently allowed ruleset is subject to change, but is starting at a minimal number of allowed ignores for maximum test enforcement. Any commented-out ignore -entries are not evaluated. +entries are not evaluated, and ignore files for unsupported versions of ansible-core are not evaluated. This rule can produce messages like: @@ -29,10 +29,9 @@ Currently allowed ignores for all Ansible versions are: - `compile-2.7!skip` - `compile-3.5` - `compile-3.5!skip` - -Additionally allowed ignores for Ansible 2.9 are: -- `validate-modules:deprecation-mismatch` -- `validate-modules:invalid-documentation` +- `shellcheck` +- `shebang` +- `pylint:used-before-assignment` ## Problematic code diff --git a/src/ansiblelint/rules/sanity.py b/src/ansiblelint/rules/sanity.py index 09fe7cc45a..632f8768b4 100644 --- a/src/ansiblelint/rules/sanity.py +++ b/src/ansiblelint/rules/sanity.py @@ -1,6 +1,7 @@ """Implementation of sanity rule.""" from __future__ import annotations +import re import sys from typing import TYPE_CHECKING @@ -27,12 +28,7 @@ class CheckSanityIgnoreFiles(AnsibleLintRule): # Partner Engineering defines this list. Please contact PE for changes. - allowed_ignores_v2_9 = [ - "validate-modules:deprecation-mismatch", # Note: 2.9 expects a deprecated key in the METADATA. It was removed in later versions. - "validate-modules:invalid-documentation", # Note: The removed_at_date key in the deprecated section is invalid for 2.9. - ] - - allowed_ignores_all = [ + allowed_ignores = [ "validate-modules:missing-gplv3-license", "action-plugin-docs", # Added for Networking Collections "import-2.6", @@ -47,7 +43,18 @@ class CheckSanityIgnoreFiles(AnsibleLintRule): "compile-2.7!skip", "compile-3.5", "compile-3.5!skip", + "shebang", # Unreliable test + "shellcheck", # Unreliable test + "pylint:used-before-assignment", # Unreliable test + ] + + no_check_ignore_files = [ + "ignore-2.9", + "ignore-2.10", + "ignore-2.11", + "ignore-2.12", ] + _ids = { "sanity[cannot-ignore]": "Ignore file contains ... at line ..., which is not a permitted ignore.", "sanity[bad-ignore]": "Ignore file entry at ... is formatted incorrectly. Please review.", @@ -62,44 +69,55 @@ def matchyaml(self, file: Lintable) -> list[MatchError]: results: list[MatchError] = [] test = "" + check_dirs = { + "plugins", + "roles", + } + if file.kind != "sanity-ignore-file": return [] with file.path.open(encoding="utf-8") as ignore_file: entries = ignore_file.read().splitlines() - ignores = self.allowed_ignores_all - - # If there is a ignore-2.9.txt file, add the v2_9 list of allowed ignores - if "ignore-2.9.txt" in str(file.abspath): - ignores = self.allowed_ignores_all + self.allowed_ignores_v2_9 + if any(name in str(file.abspath) for name in self.no_check_ignore_files): + return [] for line_num, entry in enumerate(entries, 1): - if entry and entry[0] != "#": - try: - if "#" in entry: - entry, _ = entry.split("#") - (_, test) = entry.split() - if test not in ignores: + base_ignore_dir = "" + + if entry: + # match up to the first "/" + regex = re.match("[^/]*", entry) + + if regex: + base_ignore_dir = regex.group(0) + + if base_ignore_dir in check_dirs: + try: + if "#" in entry: + entry, _ = entry.split("#") + (_, test) = entry.split() + if test not in self.allowed_ignores: + results.append( + self.create_matcherror( + message=f"Ignore file contains {test} at line {line_num}, which is not a permitted ignore.", + tag="sanity[cannot-ignore]", + lineno=line_num, + filename=file, + ), + ) + + except ValueError: results.append( self.create_matcherror( - message=f"Ignore file contains {test} at line {line_num}, which is not a permitted ignore.", - tag="sanity[cannot-ignore]", + message=f"Ignore file entry at {line_num} is formatted incorrectly. Please review.", + tag="sanity[bad-ignore]", lineno=line_num, filename=file, ), ) - except ValueError: - results.append( - self.create_matcherror( - message=f"Ignore file entry at {line_num} is formatted incorrectly. Please review.", - tag="sanity[bad-ignore]", - lineno=line_num, - filename=file, - ), - ) - return results