Add comprehensive ansible-lint configuration for code quality and
security best practices enforcement.
Features:
- Production profile for strict checking
- Proper exclusion of sensitive directories (secrets/, stats/)
- Mock modules for community collections (nmcli, lvol, lvg, virt)
- Comprehensive file type detection (playbooks, roles, tasks, etc.)
- Warn-only rules for experimental and legacy patterns
Configuration highlights:
- Exclude paths: .cache, .git, molecule, secrets, stats, vaults
- Allow package-latest for security updates (automatic patching)
- Warn on: experimental, no-changed-when, command-instead-of-module
- Support for custom playbooks/ and plays/ directories
- Documented usage examples and rule configuration
Benefits:
- Consistent code quality across all roles and playbooks
- Early detection of security issues and best practice violations
- Automated checking in development workflow
- Clear documentation for team members
- Support for auto-fix capability (ansible-lint --fix)
Usage:
ansible-lint # Lint all files
ansible-lint site.yml # Lint specific playbook
ansible-lint roles/role_name/ # Lint specific role
ansible-lint --fix # Auto-fix issues
Integration:
- Ready for CI/CD pipeline integration
- Compatible with pre-commit hooks
- Supports GitHub Actions workflows
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
