Ansible lint is a command-line tool that checks Ansible playbooks for errors and suggests improvements for the code written in the playbooks. This helps the users adhere to certain standards to follow while writing the playbooks to maintain the integrity of their code.
This article demonstrates how to install Ansible lint. We will also explore use cases and how to prevent errors during execution of playbooks and save debugging time.
How to install Ansible lint
The easiest way to install Ansible lint is by using pip as follows:
python3 -m pip install –user ansible-lint
On Red Hat Enterprise Linux (RHEL) systems with a Red Hat Ansible Automation Platform subscription, we can also use dnf to install Ansible lint:
dnf install ansible-lint
We can also install Ansible lint from the source repository on GitHub, but it requires pip>=22.3.1.
pip3 install git+https://github.com/ansible/ansible-lint
Next, we will demonstrate two examples. One use case shows how Ansible lint throws a warning, and the other use case demonstrates a syntax error detected by Ansible lint.
Example 1: Using a built-in module
We will use the following code sample for an Ansible playbook (playbook.yml):
---
- name: Update apt cache
hosts: all
tasks:
- name: Run apt-get update
ansible.builtin.command: apt-get update
To run ansible-lint, run the following command:
ansible-lint playbook.yml
We get the following output:
WARNING Listing 2 violation(s) that are fatal
command-instead-of-module: apt-get used in place of apt-get module
playbook.yml:5 Task/Handler: Run apt-get update
no-changed-when: Commands should not change things if nothing needs doing
playbook.yml:5 Task/Handler: Run apt-get update
Notice that to run an apt-update on our target host, we use the builtin.command instead of the apt module which better serves the purpose. Ansible lint will throw warnings in this case.
Fixed code:
---
- name: Update apt cache
hosts: all
tasks:
- name: Run apt-get update
ansible.builtin.apt:
update_cache: true
This effectively removes the errors.
Example 2: Playbook syntax error
In this example, we will look at a playbook syntax error instead of a warning. Consider a playbook (playbook.yml) where we set an environment variable:
---
- name: Example playbook
hosts: all
tasks:
- name: Set environment variable
ansible.builtin.shell: echo $MY_ENV_VAR
environment:
MY_ENV_VAR: my_value
To run ansible-lint, run the following command:
ansible-lint playbook.yml
We get the following output:
The error appears to be in '/home/tpaul/Repos/lint/playbook2.yml': line 5, column 7, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
tasks:
- name: Set environment variable
^ here
This playbook throws the following error and points us to the file where the error might have occurred after running Ansible lint.
Upon further inspection, we notice there is an indentation error in the environment line. The fixed code is as follows:
---
- name: Example playbook
hosts: all
tasks:
- name: Set environment variable
ansible.builtin.shell: echo $MY_ENV_VAR
environment:
MY_ENV_VAR: my_value
Apart from a couple other warnings, the above code throws no other fatal errors.
Ansible lint configuration file
We can also customize how Ansible lint runs against playbooks according to our specific needs by using the Ansible lint configuration file.
Create a .ansible-lint file in your working directory.
We can take an example of the exclude_paths parameter which makes Ansible lint exclude the given paths in the configuration file.
Populate the configuration file with the following code:
profile: null
exclude_paths:
- test/playbook.yml
Then, create a new playbook.yml file inside a test directory using the following command:
mkdir test && cd test
touch playbook.yml
Populate the contents of the playbook with incorrect code. We will take it from the code in example 2:
---
- name: Example playbook
hosts: all
tasks:
- name: Set environment variable
ansible.builtin.shell: echo $MY_ENV_VAR
environment:
MY_ENV_VAR: my_value
Run ansible-lint in the working directory to see that no errors are thrown:
ansible-lint
You can view the full set of configuration parameters.
Continue your automation journey with Ansible
You can download the latest version of the Ansible Automation Platform at no cost. Get started with the Ansible Automation Platform by exploring interactive labs.
