ConditionalRubyShellout
The department is: ConditionalRubyShellout
The full name of the cop is: Chef/Correctness/ConditionalRubyShellout
Enabled by default | Supports autocorrection | Target Chef Version |
---|---|---|
Enabled | Yes | All Versions |
Don’t use Ruby to shellout in a only_if
/ not_if
conditional. Any string value used in an only_if
/ not_if
is executed in your system’s shell and the return code of the command is the result for the not_if
/ only_if
determination.
Examples
incorrect
cookbook_file '/logs/foo/error.log' do
source 'error.log'
only_if { system('wget https://www.bar.com/foobar.txt -O /dev/null') }
end
cookbook_file '/logs/foo/error.log' do
source 'error.log'
only_if { shell_out('wget https://www.bar.com/foobar.txt -O /dev/null').exitstatus == 0 }
end
correct
cookbook_file '/logs/foo/error.log' do
source 'error.log'
only_if 'wget https://www.bar.com/foobar.txt -O /dev/null'
end
Configurable attributes
Name | Default value | Configurable values |
---|---|---|
Version Added | 6.1.0 | String |
Include | Array |