fix: skip CheckFilePermissionMissing if state uses jinja2

This commit is contained in:
Robert Kaussow 2021-02-06 15:44:23 +01:00
parent bd6a7c576f
commit f41d046f1d
No known key found for this signature in database
GPG Key ID: 65362AE74AF98B61

View File

@ -17,6 +17,8 @@
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
# THE SOFTWARE. # THE SOFTWARE.
import re
from ansiblelater.standard import StandardBase from ansiblelater.standard import StandardBase
@ -70,6 +72,7 @@ class CheckFilePermissionMissing(StandardBase):
def _check_mode(self, task): def _check_mode(self, task):
module = task["action"]["__ansible_module__"] module = task["action"]["__ansible_module__"]
mode = task["action"].get("mode", None) mode = task["action"].get("mode", None)
state = task["action"].get("state", "file")
if module not in self._modules and \ if module not in self._modules and \
module not in self._create_modules: module not in self._create_modules:
@ -82,12 +85,17 @@ class CheckFilePermissionMissing(StandardBase):
create = task["action"].get("create", self._create_modules[module]) create = task["action"].get("create", self._create_modules[module])
return create and mode is None return create and mode is None
# If Jinja syntax is used state can not be validated
jinja = re.compile("{{(.*?)}}")
if jinja.findall(state):
return False
# A file that doesn't exist cannot have a mode # A file that doesn't exist cannot have a mode
if task["action"].get("state", None) == "absent": if state == "absent":
return False return False
# A symlink always has mode 0o777 # A symlink always has mode 0o777
if task["action"].get("state", None) == "link": if state == "link":
return False return False
# Recurse on a directory does not allow for an uniform mode # Recurse on a directory does not allow for an uniform mode
@ -95,7 +103,7 @@ class CheckFilePermissionMissing(StandardBase):
return False return False
# The file module does not create anything when state==file (default) # The file module does not create anything when state==file (default)
if module == "file" and task["action"].get("state", "file") == "file": if module == "file" and state == "file":
return False return False
# replace module is the only one that has a valid default preserve # replace module is the only one that has a valid default preserve