X-Git-Url: https://git.realraum.at/?a=blobdiff_plain;f=ansible%2FREADME.md;h=a8b88a4b186e032db5e507f1c6272fba7788caa2;hb=HEAD;hp=cb0104bd8e52ea46bce969d9d807feecd76d859b;hpb=73014f720150e96632d7524e77b0aa3abb05278e;p=noc.git

diff --git a/ansible/README.md b/ansible/README.md
index cb0104b..a8b88a4 100644
--- a/ansible/README.md
+++ b/ansible/README.md
@@ -40,6 +40,25 @@ ansible-playbook foo.yml
 ./apply-role.sh servers base -C -D
 ```
 
+ansible-lint
+------------
+
+We use ansible-lint to check all roles when changes are pushed to Github.
+Some rules have been globally disabled. See [.ansible-lint](/ansible/.ansible-lint)
+for a list of all disabled rules. If ansible-lint produces a false positive for
+a specific task you can disable it by adding the following to the task:
+
+```
+  tags:
+  - skip_ansible_lint
+```
+
+For now only roles and no playbooks are checked. Every role must be manually added
+to the generic playbook [_lint_roles.yml](/ansible/_lint_roles.yml) in order to be
+included.
+If an entire role should be skipped please add it to the playbook commented out
+and supply a reason why this role must be skipped.
+
 
 Local ssh config
 ----------------
@@ -85,7 +104,7 @@ Of course the latter file needs to be created using `ansible-vault`.
 
 If you want to store secrets that by default shouldn't be automatically
 exposed to hosts and groups as variables please put the vault files into
-`secrets` directory and should be name <some-name>.vault.yml.
+`secrets` directory and name them <some-name>.vault.yml.
 
 r3 NOC uses [ansible-vault-tools](https://github.com/building5/ansible-vault-tools)
 to manage/diff/merge changes in vaults.