- Home
- Skills
- Akin Ozer
- Cc Devops Skills
- Ansible Validator
ansible-validator_skill
- HCL
83
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill akin-ozer/cc-devops-skills --skill ansible-validator- .gitignore248 B
- SKILL.md33.1 KB
Overview
This skill is a comprehensive toolkit for validating, linting, testing, and automating Ansible playbooks, roles, and collections. It streamlines YAML and Ansible syntax checks, ansible-lint rules, security scanning with Checkov, dry-run check mode analysis, and automated Molecule testing for roles. The skill also performs version-aware lookups for custom modules and collection documentation to provide actionable remediation.
How this skill works
The skill scans the target scope (playbooks, roles, collections, inventories) and runs a defined validation workflow: YAML syntax checks (yamllint, ansible-playbook --syntax-check), ansible-lint for best practices, security scans (Checkov and a secrets scan), and dry-run testing with check mode. If a role contains a molecule/ directory, Molecule tests are executed automatically; any environment blockers are documented and the workflow continues with remaining validations. Reference guidance is consulted for detected errors and warnings to produce concrete remediation steps.
When to use it
- Validating .yml/.yaml playbooks, roles, inventories, or vars
- Before merging or deploying Ansible changes to staging or production
- When auditing for security, compliance, or hardcoded secrets
- When migrating modules or ensuring FQCN usage across roles
- When testing roles locally or in CI using Molecule scenarios
Best practices
- Run yamllint before ansible-lint to fix YAML issues first
- Use FQCN (ansible.builtin.module) instead of short module names and run the FQCN check script
- Run both ansible-lint and Checkov for code quality and security coverage
- Always run ansible-playbook --check (dry-run) and review diffs before executing changes
- Keep Molecule scenarios and drivers up to date; expect automatic Molecule execution when molecule/ is present
Example use cases
- Pre-merge CI job that runs syntax, lint, security scans, and check mode on changed playbooks
- Validating a role: automatic Molecule tests plus linting and security checks produce a single remediation report
- Investigating a failing playbook run: identify syntax errors, deprecated modules, or missing variables
- Preparing a compliance review by scanning for insecure get_url or package installations and extracting remediation guidance
FAQ
Yes. If a role contains a molecule/ directory, Molecule scenarios are executed automatically as part of validation. This is mandatory and does not prompt for permission.
What if Molecule or Docker cannot run in my environment?
The skill documents the environmental blocker (Docker, driver, version mismatch) and continues other validation steps; the report highlights the issue and next steps for resolving the blocker.