Ansible lint reports "Package installs should not use latest"

5.4k views Asked by At

I've finally started using Ansible Lint to ensure I'm up to date and not missing things and I've found it reporting a curious error/notice. When I use dnf to install a package, I've been using state: latest as it's for a system bootstrapping process that I may run multiple times on the same instance, particularly during development. I always want the latest package installed in this scenario however Ansible Lint is reporting:

Package installs should not use latest

While I'm confident that in my use case I'm ok, is this simply because in the interest of "idempotency" one would normally not want this behaviour? Or is there another reason? If they're always going to report this, then why even offer the latest status option?

2

There are 2 answers

3
larsks On BEST ANSWER

ansible-lint is opinionated. You may not always agree with those opinions. There are other people who feel that this error from the package module should be removed.

In any case, you can configure the linter to ignore this particular issue. Create a .ansible-lint file in your playbook directory that contains:

skip_list:
  - '403'
0
Floren On

You can use something like:

- name: Upgrade distribution packages
  ansible.builtin.apt:
    state: latest # noqa package-latest
    upgrade: dist
    autoremove: true
    update_cache: true

The # noqa package-latest comment tells ansible-lint to ignore the rule.