---
# .ansible-lint - Architecture Enforcement Configuration
# This ensures idempotency, security, and best practices.

# Use the 'safety' profile to enforce strict security and reliability rules
profile: safety

# Stop the build if these rules are violated
strict: true

# Rules to explicitly enforce or ignore
warn_list:
  - experimental           # Notify me of experimental features but don't fail
  - name[casing]           # Warning only for task name capitalization

skip_list:
  - yaml[line-length]      # Homelab scripts often have long strings/URLs

# Exclude these paths from linting
exclude_paths:
  - .cache/
  - .git/
  - roles/external/        # Don't lint roles downloaded from Galaxy

# Enforce specific tagging for organization
require_status:
  - shared
  - production

# Custom configurations for specific rules
# Ensures we always use Fully Qualified Collection Names (FQCN)
# e.g., ansible.builtin.copy instead of just 'copy'
fqcn:
  - ansible.builtin