From f70f0ca1f1088fc43208a5a08394bdc4f6a63b2f Mon Sep 17 00:00:00 2001 From: Robert Kaussow Date: Sun, 31 Jan 2021 14:22:48 +0100 Subject: [PATCH] feat: add rule CheckWhenFormat --- ansiblelater/rules/CheckWhenFormat.py | 29 +++++++++++++++++++++++++++ docs/content/included_rules/_index.md | 3 ++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 ansiblelater/rules/CheckWhenFormat.py diff --git a/ansiblelater/rules/CheckWhenFormat.py b/ansiblelater/rules/CheckWhenFormat.py new file mode 100644 index 0000000..175ca00 --- /dev/null +++ b/ansiblelater/rules/CheckWhenFormat.py @@ -0,0 +1,29 @@ +from ansiblelater.standard import StandardBase + + +class CheckWhenFormat(StandardBase): + + sid = "ANSIBLE0022" + description = "Don't use Jinja2 in when" + helptext = ( + "`when` is a raw Jinja2 expression, redundant {{ }} " + "should be removed from variable(s)" + ) + version = "0.2" + types = ["playbook", "task", "handler"] + + def check(self, candidate, settings): + tasks, errors = self.get_normalized_tasks(candidate, settings) + + if not errors: + for task in tasks: + if 'when' in task and not self._is_valid(task['when']): + errors.append(self.Error(task["__line__"], self.helptext)) + + return self.Result(candidate.path, errors) + + @staticmethod + def _is_valid(when): + if not isinstance(when, str): + return True + return when.find('{{') == -1 and when.find('}}') == -1 diff --git a/docs/content/included_rules/_index.md b/docs/content/included_rules/_index.md index 551312d..5c74e05 100644 --- a/docs/content/included_rules/_index.md +++ b/docs/content/included_rules/_index.md @@ -29,10 +29,11 @@ Reviews are nothing without some rules or standards against which to review. ans | CheckCompareToEmptyString | ANSIBLE0012 | Don't compare to "" - use `when: var` or `when: not var`. | | | CheckCompareToLiteralBool | ANSIBLE0013 | Don't compare to True/False - use `when: var` or `when: not var`. | | | CheckLiteralBoolFormat | ANSIBLE0014 | Literal bools should be written as `True/False` or `yes/no`. | forbidden values are `true false TRUE FALSE Yes No YES NO` | -| CheckBecomeUser | ANSIBLE0015 | `become` should be always used combined with `become_user`. | | +| CheckBecomeUser | ANSIBLE0015 | Become should be combined with become_user. | | | CheckFilterSeparation | ANSIBLE0016 | Jinja2 filters should be separated with spaces. | | | CheckCommandInsteadOfArgument | ANSIBLE0017 | Commands should not be used in place of module arguments. | | | CheckFilePermissionMissing | ANSIBLE0018 | File permissions unset or incorrect. | | | CheckFilePermissionOctal | ANSIBLE0019 | Octal file permissions must contain leading zero or be a string. | | | CheckGitHasVersion | ANSIBLE0020 | Git checkouts should use explicit version. | | | CheckMetaChangeFromDefault | ANSIBLE0021 | Roles meta/main.yml default values should be changed. | | +| CheckWhenFormat | ANSIBLE0022 | Don't use Jinja2 in `when`. | |