ansible-later/ansiblelater/rules/CheckShellInsteadCommand.py

from ansiblelater.rule import RuleBase


class CheckShellInsteadCommand(RuleBase):
    rid = "ANS110"
    description = "Shell should only be used when essential"
    helptext = "shell should only be used when piping, redirecting or chaining commands"
    types = ["playbook", "task", "handler"]

    def check(self, candidate, settings):
        tasks, errors = self.get_normalized_tasks(candidate, settings)

        if not errors:
            for task in tasks:
                if task["action"]["__ansible_module__"] == "shell":
                    # skip processing if args.executable is used as this
                    # parameter is no longer support by command module
                    if "executable" in task["action"]:
                        continue

                    cmd = self.get_safe_cmd(task)
                    if not any(ch in cmd for ch in self.SHELL_PIPE_CHARS):
                        errors.append(self.Error(task["__line__"], self.helptext))

        return self.Result(candidate.path, errors)
refactor: drop default standards version and rename to rules (#752) BREAKING CHANGE: The option to define a `Standards` version has been removed. Every new rule that is added on upcoming releases is activated by default and will also create errors if triggered. The behavior of rules can be controlled by the existing `rules.exclude_filter` or `rules.warning_filter` options. BREAKING CHANGE: The option `rules.buildin` has been renamed to `rules.builtin`. BREAKING CHANGE: The option `rules.standards` has been renamed to `rules.dir`. BREAKING CHANGE: The option `rules.filter` has been renamed to `rules.include_filter`. 2024-01-25 20:40:15 +00:00			`from ansiblelater.rule import RuleBase`
refactor plugin system to use a class-based approach (#68) * refactor plugin system to use a class-based approach * disable some docstring linter errors and fix imports * cleanup * fix docs * add metavars to cli arguments for better helptext * add option to disable buildin rules * remove print * remove dead code 2021-01-30 15:52:48 +00:00

refactor: drop default standards version and rename to rules (#752) BREAKING CHANGE: The option to define a `Standards` version has been removed. Every new rule that is added on upcoming releases is activated by default and will also create errors if triggered. The behavior of rules can be controlled by the existing `rules.exclude_filter` or `rules.warning_filter` options. BREAKING CHANGE: The option `rules.buildin` has been renamed to `rules.builtin`. BREAKING CHANGE: The option `rules.standards` has been renamed to `rules.dir`. BREAKING CHANGE: The option `rules.filter` has been renamed to `rules.include_filter`. 2024-01-25 20:40:15 +00:00			`class CheckShellInsteadCommand(RuleBase):`
refactor: use lint-like rule identifier (#757) 2024-01-27 18:56:35 +00:00			`rid = "ANS110"`
refactor plugin system to use a class-based approach (#68) * refactor plugin system to use a class-based approach * disable some docstring linter errors and fix imports * cleanup * fix docs * add metavars to cli arguments for better helptext * add option to disable buildin rules * remove print * remove dead code 2021-01-30 15:52:48 +00:00			`description = "Shell should only be used when essential"`
			`helptext = "shell should only be used when piping, redirecting or chaining commands"`
			`types = ["playbook", "task", "handler"]`

			`def check(self, candidate, settings):`
			`tasks, errors = self.get_normalized_tasks(candidate, settings)`

			`if not errors:`
			`for task in tasks:`
			`if task["action"]["__ansible_module__"] == "shell":`
			`# skip processing if args.executable is used as this`
			`# parameter is no longer support by command module`
			`if "executable" in task["action"]:`
			`continue`

fix: improve url and jinja string escapes (#585) 2023-04-20 06:23:12 +00:00			`cmd = self.get_safe_cmd(task)`
			`if not any(ch in cmd for ch in self.SHELL_PIPE_CHARS):`
refactor plugin system to use a class-based approach (#68) * refactor plugin system to use a class-based approach * disable some docstring linter errors and fix imports * cleanup * fix docs * add metavars to cli arguments for better helptext * add option to disable buildin rules * remove print * remove dead code 2021-01-30 15:52:48 +00:00			`errors.append(self.Error(task["__line__"], self.helptext))`

			`return self.Result(candidate.path, errors)`