Merge pull request redhat-cop#77 from mshriver/add-pre-commit2

Add and apply pre-commit

.github/CONTRIBUTING.md

@@ -6,6 +6,21 @@ We welcome contributions from the community. Here are a few ways you can help us
 
 If you see something you'd like changed, but aren't sure how to change it, submit an issue describing what you'd like to see.
 
+## Working Locally
+Ensure you install the awx collections, so that roles and playbooks can be properly linted:
+`ansible-galaxy collection install awx.awx -p collections/`
+
+Python's pre-commit tool can be installed, and hooks installed, to cleanup whitespace, newlines, and run yamllint and ansible-lint against your local changes before committing. This will help you avoid failures in the github workflows.
+
+1. Create a local virtual environment for tower_configurations (suggested, its your system!)
+2. Use pip to install pre-commit in your environment of choice: `pip install pre-commit`
+3. Install pre-commit hooks with `pre-commit install --install-hooks -c .github/workflow-config/.pre-commit-config.yml`
+4. With hooks installed, they will be run automatically when you call `git commit`, blocking commit if any hooks fail.
+5. [Optional] If you want to ignore hook failures and commit anyway, use `git commit -n`
+6. [Optional] Run pre-commit checks at any time with `pre-commit run --all -c .github/workflow-config/.pre-commit-config.yml`.
+
+Please see pre-commit documentation for further explanation: [Pre-commit](https://pre-commit.com/)
+
 ## Submit a Pull Request
 
 If you feel like getting your hands dirty, feel free to make the change yourself. Here's how:

.github/requirements.txt

@@ -1,4 +1,4 @@
 ansible
 docker
 docker-compose
-jmespath
+jmespath

.github/workflow-config/.ansiblelint.yml

@@ -1,8 +1,13 @@
-exclude_paths:
-  - ./roles/master_role_example
+# The exclude_paths does not appear to be working in pre-commit
+# this issue describes similar behavior but suggested fix doesn't work
+# https://github.com/ansible/ansible-lint/issues/371
+#exclude_paths:
+#  - roles/master_role_example/
 parseable: true
 use_default_rules: true
-verbosity: 1
+#https://github.com/ansible/ansible-lint/issues/808
+# with verbosity set to 1, its dumping 'unknown file type messages'
+#verbosity: 1
 skip_list:
   # [E204]: "Lines should be no longer than 160 chars"
   # (Disabled in June 2020)

.github/workflow-config/.pre-commit-config.yml

@@ -0,0 +1,23 @@
+repos:
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v3.2.0
+  hooks:
+    - id: end-of-file-fixer
+    - id: trailing-whitespace
+- repo: https://github.com/adrienverge/yamllint.git
+  rev: v1.24.2
+  hooks:
+    - id: yamllint
+      entry: yamllint -c .github/workflow-config/.yamllint.yml
+      types: [yaml]
+- repo: https://github.com/ansible/ansible-lint.git
+  rev: v4.3.3
+  hooks:
+    # see discussions here about what arguments are used, and behavior
+    # https://github.com/ansible/ansible-lint/issues/649
+    # Roles will trigger an "unknown file type"
+    # https://github.com/ansible/ansible-lint/issues/808
+    - id: ansible-lint
+      pass_filenames: false
+      always_run: true
+      entry: "ansible-lint -c .github/workflow-config/.ansiblelint.yml --exclude=roles/master_role_example"

.github/workflow-config/.yamllint.yml

@@ -13,4 +13,4 @@ rules:
     - 'True'
     - 'False'
     - 'true'
-    - 'false'    
+    - 'false'

.github/workflows/pre-commit.yml

@@ -0,0 +1,23 @@
+# This workflow action will run pre-commit, which will execute ansible and yaml linting
+# See .github/workflow-config/.pre-commit-config.yml for what hooks are executed
+name: Yaml and Ansible Lint
+
+on: [push, pull_request]
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - uses: actions/setup-python@v2
+    - name: Install Collections
+      run: |
+        sudo apt install software-properties-common
+        sudo apt-add-repository --yes --update ppa:ansible/ansible
+        sudo apt install ansible
+        ansible-galaxy collection install -f -r .github/collections/requirements.yml
+    - name: Hack pre-commit
+      # https://github.com/pre-commit/action/issues/44
+      run: |
+        sudo cp .github/workflow-config/.pre-commit-config.yml .pre-commit-config.yaml
+    - uses: pre-commit/action@v2.0.0

.github/workflows/testing_playbooks.yml

@@ -48,4 +48,4 @@ jobs:
         run: ansible-playbook playbooks/configure_tower.yml -e tower_hostname=http://localhost -e tower_username=admin -e tower_password=password
 
       - name: "Perform export model playbook tests"
-        run: ansible-playbook playbooks/configure_tower_export_model.yml -e tower_hostname=http://localhost -e tower_username=admin -e tower_password=password        
+        run: ansible-playbook playbooks/configure_tower_export_model.yml -e tower_hostname=http://localhost -e tower_username=admin -e tower_password=password

.gitignore

@@ -1,2 +1,2 @@
 collections/*
-!collections/requirements.yml
+!collections/requirements.yml

README.md

@@ -35,7 +35,7 @@ You can also specify authentication by a combination of either:
  - tower_hostname, tower_username, tower_password
  - tower_hostname, tower_oauthtoken
 
-The OAuth2 token is the preferred method. You can obtain the token through the prefered tower_token module, or throuhg the 
+The OAuth2 token is the preferred method. You can obtain the token through the prefered tower_token module, or through the
 AWX CLI [login](https://docs.ansible.com/ansible-tower/latest/html/towercli/reference.html#awx-login)
 command.
 

STANDARDS.md

@@ -10,4 +10,4 @@
 - Paths - When defining paths, do not include trailing slashes (e.g. my_path: /foo not my_path: /foo/). When concatenating paths, follow the same convention (e.g. {{ my_path }}/bar not {{ my_path }}bar)
 - Indentation - Use 2 spaces for each indent
 - `vars/` vs `defaults/` - if you have variables that don't need to change or be overridden by user, put those in `vars/` and those that a user would likely override, put those under `defaults/` directory.
-- All playbooks/roles should be focused on compatibility with Ansible Tower
+- All playbooks/roles should be focused on compatibility with Ansible Tower

galaxy.yml.j2

@@ -25,4 +25,4 @@ tags:
     - collection
     - tower_configuration
 dependencies:
-    awx.awx: "*"
+    awx.awx: "*"

roles/credential_input_sources/tests/test.yml

@@ -29,10 +29,6 @@
       set_fact:
         tower_oauthtoken: "{{ user_token.json.token }}"
 
-    - name: Import vars
-      include_vars:
-        file: "vars/extra_vars.yml"
-
     - name: Import JSON
       include_vars:
         file: "json/cred_input_src.json"

roles/credential_types/README.md

@@ -2,10 +2,10 @@
 ## Description
 An Ansible Role to create Credential Types in Ansible Tower.
 
-## Requirements 
-ansible-galaxy collection install -r tests/collections/requirements.yml to be installed 
+## Requirements
+ansible-galaxy collection install -r tests/collections/requirements.yml to be installed
 
-| Required collections | 
+| Required collections |
 |:---:|
 |awx.awx|
 
@@ -22,12 +22,11 @@ ansible-galaxy collection install -r tests/collections/requirements.yml to be in
 |`tower_credential_types`|`see below`|yes|Data structure describing your orgainzation or orgainzations Described below.||
 
 ### Secure Logging Variables
-The following Variables compliment each other. 
-If Both variables are not set, secure logging defaults to false.  
-The role defaults to False as normally the add credential type task does not include sensitive information.  
-tower_configuration_credential_types_secure_logging defaults to the value of tower_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it.  
+The following Variables compliment each other.
+If Both variables are not set, secure logging defaults to false.
+The role defaults to False as normally the add credential type task does not include sensitive information.
+tower_configuration_credential_types_secure_logging defaults to the value of tower_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it.
 
-|Variable Name|Default Value|Required|Description|
 |:---:|:---:|:---:|:---:|
 |`tower_configuration_credential_types_secure_logging`|`False`|no|Whether or not to include the sensitive Credential Type role tasks in the log.  Set this value to `True` if you will be providing your sensitive values from elsewhere.|
 |`tower_configuration_secure_logging`|`False`|no|This variable enables secure logging as well, but is shared accross multiple roles, see above.|
@@ -47,18 +46,18 @@ tower_configuration_credential_types_secure_logging defaults to the value of tow
 ### Formating Injectors
 Injectors use a standard Jinja templating format to describe the resource.
 
-Example: 
-```json 
-{{ variable }} 
+Example:
+```json
+{{ variable }}
 ```
 
-Because of this it is difficult to provide tower with the required format for these fields. 
+Because of this it is difficult to provide tower with the required format for these fields.
 
 The workaround is to use the following format:
-```json 
+```json
 {  { variable }}
 ```
-The role will strip the double space between the curly bracket in order to provide tower with the correct format for the Injectors. 
+The role will strip the double space between the curly bracket in order to provide tower with the correct format for the Injectors.
 
 ### Input and Injector Schema
 The following detais the data format to use for inputs and injectors. These can be in either YAML or JSON For the most up to date information and more details see [Custom Credential Types - Ansible Tower Documentation](https://docs.ansible.com/ansible-tower/latest/html/userguide/credential_types.html)
@@ -199,7 +198,7 @@ tower_credential_types:
         name: credential_types_json
 
     - name: Add Credential Types
-      include_role: 
+      include_role:
         name: redhat_cop.tower_configuration.credential_types
       vars:
         tower_credential_types: "{{ credential_types_json.tower_credential_types }}"

roles/credentials/README.md

@@ -2,10 +2,10 @@
 ## Description
 An Ansible Role to create Credentials in Ansible Tower.
 
-## Requirements 
-ansible-galaxy collection install -r tests/collections/requirements.yml to be installed 
+## Requirements
+ansible-galaxy collection install -r tests/collections/requirements.yml to be installed
 
-| Requiremed collections | 
+| Requiremed collections |
 |:---:|
 |awx.awx|
 
@@ -22,10 +22,10 @@ ansible-galaxy collection install -r tests/collections/requirements.yml to be in
 |`tower_credentials`|`see below`|yes|Data structure describing your orgainzation or orgainzations Described below.||
 
 ### Secure Logging Variables
-The following Variables compliment each other. 
-If Both variables are not set, secure logging defaults to false.  
-The role defaults to False as normally the add credentials task does not include sensitive information.  
-tower_configuration_credentials_secure_logging defaults to the value of tower_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it.  
+The following Variables compliment each other.
+If Both variables are not set, secure logging defaults to false.
+The role defaults to False as normally the add credentials task does not include sensitive information.
+tower_configuration_credentials_secure_logging defaults to the value of tower_configuration_secure_logging if it is not explicitly called. This allows for secure logging to be toggled for the entire suite of configuration roles with a single variable, or for the user to selectively use it.
 
 |Variable Name|Default Value|Required|Description|
 |:---:|:---:|:---:|:---:|
@@ -81,7 +81,7 @@ tower_configuration_credentials_secure_logging defaults to the value of tower_co
         "inputs": {
           "username": "person",
           "password": "password"
-        }       
+        }
       }
     ]
 }
@@ -136,7 +136,7 @@ tower_credentials:
         name: credentials_json
 
     - name: Add Credentials
-      include_role: 
+      include_role:
         name: redhat_cop.tower_configuration.credentials
       vars:
         tower_credentials: "{{ credentials_json.tower_credentials }}"
@@ -145,5 +145,5 @@ tower_credentials:
 [MIT](LICENSE)
 
 ## Author
-[Andrew J. Huffman](https://github.com/ahuffman) 
+[Andrew J. Huffman](https://github.com/ahuffman)
 [Sean Sullivan](https://github.com/Wilk42)

roles/credentials/tests/json/credentials.json

@@ -8,8 +8,7 @@
         "inputs": {
           "username": "person",
           "password": "password"
-        }       
+        }
       }
     ]
 }
-