Ansible-lint: how to exclude .gitlab-ci.yml with tag !reference

Hello,

I have an Ansible workspace folder for AWX with playbooks of this type:

<main folder>

     <.git folder>
     <collections folder>
     .gitlab-ci.yml
     <many playbook files>.yml

.gitlab-ci.yml contains a !reference tag, which passes yamllint tests and the pipeline syntax check too:

parallel: !reference [.parallel-hidden-job, parallel]

When I run ansible-lint in the main folder I see:

$ cd main folder
$ ansible-lint

WARNING  Listing 1 violation(s) that are fatal
load-failure[runtimeerror]: Failed to load YAML file: .gitlab-ci.yml
.gitlab-ci.yml:1 could not determine a constructor for the tag '!reference'
  in "<unicode string>", line 63, column 13

This file is not a playbook. I read here that it should not get an error from the linter.

# ansible-lint --version
ansible-lint 24.9.2 using ansible-core:2.16.11 ansible-compat:24.9.1 ruamel-yaml:0.18.6 ruamel-yaml-clib:0.2.8

Now I adopt these workarounds:

run ansible-lint --exclude .gitlab-ci.yml

or

# cat .ansible-lint-ignore
.gitlab-ci.yml  load-failure[runtimeerror]

which produces a warning.

Maybe there are better solutions.

Thank you very much for every hints.
Kind Regards
Marco

Hi.
The tag load-failure is not skippable.
If you don’t want to lint a file; add it to exclude_paths in your ansible-lint configuration file.

$ cat .config/ansible-lint.yml
---
exclude_paths:
  - ".gitlab-ci.yml"
2 Likes

Thank you for this solution, it’s good for me.

I just have some doubts that ansible-lint must check a “special” file named .gitlab-ci.yml by default.

Anyway I skip the file :slight_smile:

Kind Regards
Marco

The file is special to GitLab, but to everything else it is a regular YAML file. So why shouldn’t ansible-lint / yamllint it check it?

Yes, I explain: my doubt arises just from .git/ folder.

ansible-lint seems to ignore it, if I don’t run it explicitly on the folder:

# cd project_dir_with_git_folder
# ansible-lint

Passed: 0 failure(s), 0 warning(s) on 19 files. Last profile that met the validation criteria was 'production'.


# ansible-lint .git/*

WARNING  Listing 1 violation(s) that are fatal
load-failure: Failed to load or parse file.
.git/pippo.yml:1

             Rule Violation Summary
 count tag          profile rule associated tags
     1 load-failure min     core, unskippable

Failed: 1 failure(s), 0 warning(s) on 13 files.

Why is .git folder skipped then? :sweat_smile:

It seems that .git folder is a special folder for ansible-lint. But .gitlab-ci.yml is not a special file.

Not very important really, just to understand :wink:
Thank you very much
Kind Regards
Marco

.git is special for Git, which is explicitly supported by ansible-lint (it ignores all files ignored by Git, including Git’s own housekeeping, which is in .git).

The reason why ansible-lint explicitly supports Git is that it’s the most common VCS used for Ansible roles and collections. That doesn’t mean it supports GitHub, GitLab, Gitea etc. specific files/directories though.

(There are some tools in the Ansible ecosystem which automatically handle Git repositories differently than regular directories, and some who do not. I’ve spent some time wondering whether this is a good idea, and what’s the best way to handle this. For antsibull-changelog I made this configurable. I’m not sure that’s the best solution, but :person_shrugging:.)

1 Like

Now I understand, thank you for this kind clarification.

Kind Regards
Marco

1 Like