diff --git a/.ansible-lint b/.ansible-lint
new file mode 100644
index 0000000000000000000000000000000000000000..c9b136abf8ed51b78c349ff4664bae24e39ea8ea
--- /dev/null
+++ b/.ansible-lint
@@ -0,0 +1,25 @@
+---
+parseable: true
+skip_list:
+  # see https://docs.ansible.com/ansible-lint/rules/default_rules.html for a list of all default rules
+  # The following rules throw errors.
+  # These either still need to be corrected in the repository and the rules re-enabled or they are skipped on purpose.
+  - '102'
+  - '103'
+  - '104'
+  - '201'
+  - '204'
+  - '206'
+  - '301'
+  - '302'
+  - '303'
+  - '305'
+  - '306'
+  - '403'
+  - '404'
+  - '502'
+  - '503'
+  - '504'
+  - '601'
+  - '602'
+  - '701'
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index e4f84e7762ee2f9839a583921162cd7de7841e75..5c391543d4b5c28b0082fc2b3bf1d11da9515a35 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -731,6 +731,14 @@ yamllint:
     - yamllint .
   except: ['triggers', 'master']
 
+ansible-lint:
+  <<: *job
+  stage: unit-tests
+  # lint every yml/yaml file that looks like it contains Ansible plays
+  script: |-
+    grep -Rl '^- hosts: \|^  hosts: \|^- name: ' --include \*.yml --include \*.yaml . | xargs ansible-lint -v
+  except: ['triggers', 'master']
+
 tox-inventory-builder:
   stage: unit-tests
   <<: *job
diff --git a/roles/download/tasks/main.yml b/roles/download/tasks/main.yml
index 80002fc2bd62bb414e2007f680f08ccf64e19c0d..06ad9505acfea671547aa567153d1cdcf9912cb1 100644
--- a/roles/download/tasks/main.yml
+++ b/roles/download/tasks/main.yml
@@ -4,9 +4,10 @@
     - not skip_downloads|default(false)
 
 - name: "Download items"
-  include_tasks: "download_{% if download.container %}container{% else %}file{% endif %}.yml"
+  include_tasks: "{{ include_file }}"
   vars:
     download: "{{ download_defaults | combine(item.value) }}"
+    include_file: "download_{% if download.container %}container{% else %}file{% endif %}.yml"
   with_dict: "{{ downloads }}"
   when:
     - not skip_downloads|default(false)
diff --git a/tests/requirements.txt b/tests/requirements.txt
index 37067448d8a164939426e7f2d04862c7c0f198bb..9a0a959d30fc5c87d3d50a1e279be21f2cdc6e36 100644
--- a/tests/requirements.txt
+++ b/tests/requirements.txt
@@ -5,3 +5,4 @@ boto==2.9.0
 tox
 dopy
 PyCrypto
+ansible-lint==4.1.0