github/ansible-later
0
0
Fork 0
mirror of https://github.com/thegeeklab/ansible-later.git synced 2024-11-22 12:50:42 +00:00
Code Issues Projects Releases Wiki Activity

add new role check_become_user

Browse Source
This commit is contained in:
Robert Kaussow 2019-01-28 12:30:05 +01:00
parent ddc00a2c90
commit e77a651669
3 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -154,6 +154,7 @@ comes with a couple of built-in checks explained in the following table.
| check_empty_string_compare | ANSIBLE0012 | Don't compare to "" - use `when: var` or `when: not var` | | | check_empty_string_compare | ANSIBLE0012 | Don't compare to "" - use `when: var` or `when: not var` | |
| check_compare_to_literal_bool | ANSIBLE0013 | Don't compare to True/False - use `when: var` or `when: not var` | | | check_compare_to_literal_bool | ANSIBLE0013 | Don't compare to True/False - use `when: var` or `when: not var` | |
| check_literal_bool_format | ANSIBLE0014 | Literal bools should be written as `True/False` or `yes/no` | forbidden values are `true false TRUE FALSE Yes No YES NO` | | check_literal_bool_format | ANSIBLE0014 | Literal bools should be written as `True/False` or `yes/no` | forbidden values are `true false TRUE FALSE Yes No YES NO` |
| check_become_user | ANSIBLE0015 | `become` should be always used combined with `become_user` | |
### Build your own ### Build your own

11
ansiblelater/examples/standards.py
View File

@ -22,6 +22,7 @@ from ansiblelater.rules.ansiblefiles import check_command_has_changes
from ansiblelater.rules.ansiblefiles import check_empty_string_compare from ansiblelater.rules.ansiblefiles import check_empty_string_compare
from ansiblelater.rules.ansiblefiles import check_compare_to_literal_bool from ansiblelater.rules.ansiblefiles import check_compare_to_literal_bool
from ansiblelater.rules.ansiblefiles import check_literal_bool_format from ansiblelater.rules.ansiblefiles import check_literal_bool_format
from ansiblelater.rules.ansiblefiles import check_become_user
tasks_should_be_separated = Standard(dict( tasks_should_be_separated = Standard(dict(
@ -132,6 +133,15 @@ literal_bool_should_be_formatted = Standard(dict(
name="Literal bools should start with a capital letter", name="Literal bools should start with a capital letter",
check=check_literal_bool_format, check=check_literal_bool_format,
version="0.1", version="0.1",
types=[["playbook", "task", "handler", "rolevars",
"hostvars", "groupvars"]]
))
use_become_with_become_user = Standard(dict(
id="ANSIBLE0015",
name="become should be combined with become_user",
check=check_become_user,
version="0.1",
types=["playbook", "task", "handler"] types=["playbook", "task", "handler"]
)) ))
@ -225,6 +235,7 @@ standards = [
dont_compare_to_empty_string, dont_compare_to_empty_string,
dont_compare_to_literal_bool, dont_compare_to_literal_bool,
literal_bool_should_be_formatted, literal_bool_should_be_formatted,
use_become_with_become_user,
# Lint # Lint
files_should_not_contain_unnecessarily_empty_lines, files_should_not_contain_unnecessarily_empty_lines,
files_should_be_indented, files_should_be_indented,

14
ansiblelater/rules/ansiblefiles.py
View File

@ -217,3 +217,17 @@ def check_literal_bool_format(candidate, settings):
errors.append(Error(i, description)) errors.append(Error(i, description))
return Result(candidate.path, errors) return Result(candidate.path, errors)
def check_become_user(candidate, settings):
tasks, errors = get_normalized_tasks(candidate, settings)
description = "the task has 'become:' enabled but 'become_user:' is missing"
true_value = [True, 'true', 'True', 'TRUE', 'yes', 'Yes', 'YES']
if not errors:
gen = (task for task in tasks if 'become' in task)
for task in gen:
if task["become"] in true_value and 'become_user' not in task.keys():
errors.append(Error(task["__line__"], description))
return Result(candidate.path, errors)