---
depends_on:
  - gitleaks

steps:
  ansible-lint:
    image: quay.io/ansible/creator-ee:v24.2.0
    commands:
      # Secrets
      - echo $${SSHKEY} | base64 -d > ./id_ed25519 # woodpecker verschluckt linebreakes, daher mit base64 -w0 "kodiert"
      - echo $${VAULTPASS} | base64 -d > ./vault-pass.yml # Name des Secrets in Großschreibung
      - chmod 0400 ./id_ed25519
      # Abhängigkeiten
      - pip install pykeepass Jinja2 markupsafe jmespath --user
      - ansible-galaxy install -r requirements.yaml
      # Doing
      - ansible-lint --version
      - ansible-lint --force-color --format pep8
    # https://woodpecker-ci.org/docs/usage/secrets#use-secrets-in-commands
    secrets: [vaultpass]
    when:
      - event: [push, pull_request, cron, pull_request_closed, tag, release, manual]
        evaluate: 'CI_COMMIT_AUTHOR_EMAIL != "renovate@mgrote.net"'
...