CI — Ansible
Runs ansible-lint and an optional syntax check over a directory of Ansible playbooks/roles. Installs Ansible tooling via pip on the selected Python version.
Usage
yaml
jobs:
ci:
uses: KevinDeBenedetti/github-workflows/.github/workflows/ci-ansible.yml@main
with:
ansible-dir: ansible/
run-syntax-check: trueInputs
| Input | Type | Default | Description |
|---|---|---|---|
ansible-dir | string | ansible/ | Directory containing Ansible playbooks/roles |
ansible-lint-version | string | '' | ansible-lint version to install (pip specifier, e.g. >=25.0,<26) |
python-version | string | '3.12' | Python version to use |
fail-on-error | boolean | true | Fail the job on lint violations; false runs in advisory mode (warnings) |
run-syntax-check | boolean | false | Run ansible-playbook --syntax-check on matching playbooks |
playbook-glob | string | '*.yml' | Glob (relative to ansible-dir) for playbooks to syntax-check |
runner | string | '"ubuntu-latest"' | Runner labels as JSON — '"ubuntu-latest"' or a label array |
Steps
- Checkout
- Setup Python
- Install ansible-lint (with
ansible-lint-versionspecifier when set) - Run ansible-lint over
ansible-dir(advisory whenfail-on-error: false) - (if
run-syntax-check) Install ansible and runansible-playbook --syntax-checkon each playbook found
Notes
- The
ansible-lintjob always runs; theansible-syntax-checkjob runs only whenrun-syntax-check: true. - The syntax check searches
ansible-dirat depth 1 for files matchingplaybook-glob; if none are found it logs a warning instead of failing. ansible-lint-versionis a raw pip version specifier appended to the package name (e.g.ansible-lint>=25.0,<26).