Created
February 3, 2019 13:00
-
-
Save cinek810/29530b3b732cf01746b5cfbc2dbaf46e to your computer and use it in GitHub Desktop.
ansible-review standard making sure that template is validate for specific destination file names
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#Author: Marcin Stolarek (stolarek.marcin@gmail.com/funinit.wordpress.com) | |
############################### | |
from jinja2 import Environment | |
def template_of_known_type_should_be_verified(candidate,setting): | |
result = Result(candidate.path) | |
with codecs.open(candidate.path, mode='rb', encoding='utf-8') as f: | |
tasks = parse_yaml_linenumbers(f.read(), candidate.path) | |
for task in tasks: | |
if "template" in task.keys() : | |
subtasks=[] | |
if "with_items" in task.keys(): | |
for itemValue in task["with_items"]: | |
subtask={} | |
for key in task["template"].keys(): | |
if isinstance(task["template"][key],basestring): | |
subtask[key] = Environment().from_string(task["template"][key]).render(item=itemValue) | |
else: | |
subtask[key]=task["template"][key] | |
subtasks.append(subtask) | |
else: | |
subtasks=[ task["template"] ] | |
for subtask in subtasks: | |
try: | |
if subtask["dest"].endswith(".sh") and ("validate" not in subtask.keys() or not subtask["validate"].startswith("shellcheck")): | |
result.errors.append(Error(task["__line__"], "Shell script has to be validated by: shellcheck "+subtask["dest"])) | |
elif str(subtask["dest"]).endswith(".repo") and ("validate" not in subtask.keys() or not subtask["validate"].startswith("yum verify --verify-filenames ")): | |
result.errors.append(Error(task["__line__"], "Yum repository should be validated with yum verify --verify-filenames "+subtask["dest"])) | |
except TypeError as e: | |
if str(e) == "string indices must be integers": | |
pass | |
else: | |
raise e | |
# result.errors.append(Error(task["__line__"],"LOG:"+str(subtask))) | |
return result | |
template_verify = Standard(dict( | |
name = "Templates with know verification method should use verify", | |
check = template_of_known_type_should_be_verified, | |
version = "0.1", | |
types = [ "task" ] | |
)) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment