ConditionalRubyShellout
The department is: ConditionalRubyShellout
The full name of the cop is: Chef/Correctness/ConditionalRubyShellout
| Enabled by default | Supports autocorrection | Target Chef Version |
|---|---|---|
| Enabled | Yes | All Versions |
do not use Ruby to shellout in a only_if / not_if conditional. Any string value used in an only_if / not_if is executed in your system’s shell and the return code of the command is the result for the not_if / only_if determination.
Examples
incorrect
cookbook_file '/logs/foo/error.log' do
source 'error.log'
only_if { system('wget https://www.bar.com/foobar.txt -O /dev/null') }
end
cookbook_file '/logs/foo/error.log' do
source 'error.log'
only_if { shell_out('wget https://www.bar.com/foobar.txt -O /dev/null').exitstatus == 0 }
end
correct
cookbook_file '/logs/foo/error.log' do
source 'error.log'
only_if 'wget https://www.bar.com/foobar.txt -O /dev/null'
end
Configurable attributes
| Name | Default value | Configurable values |
|---|---|---|
| Version Added | 6.1.0 | String |
| Include | Array |
Was this page helpful?