---
# ansible-lint configuration
#
# We exclude inventory host/group vars because many contain vault-encrypted content
# that cannot be parsed without vault secrets in CI/dev environments.
exclude_paths:
  - inventories/production/host_vars/
  - inventories/production/group_vars/all/vault.yml
  - inventories/production/group_vars/all/vault.example.yml

# Exclude patterns
  - .cache/
  - .github/
  - .gitea/
  - .ansible/

# Skip specific rules
skip_list:
  - yaml[line-length]  # Allow longer lines in some cases
  - yaml[document-start]  # Allow missing document start in vault files
  - yaml[truthy]  # Allow different truthy values in workflow files
  - name[casing]       # Allow mixed case in task names
  - args[module]       # Skip args rule that causes "file name too long" issues
  - var-naming[no-role-prefix]  # Allow shorter variable names for readability
  - risky-shell-pipe  # Allow shell pipes in maintenance scripts
  - run-once[play]  # Allow strategy: free for parallel execution

# Warn instead of error for these
warn_list:
  - experimental  # Allow experimental features
  - jinja[spacing]  # Allow flexible jinja spacing

# Don't try to decrypt vault files during linting
offline: true

# Verbosity level (0-2)
verbosity: 1