Python
JavaScript
Java
Go
C#
Ansible
AWS CloudFormation Linter
C & C++
Dart Analyze
Docker
Kotlin
KubeLinter
PHP
Ruby
Rust
Scala
Secrets
Shell
Slither
Solhint
SQL
Swift
Terraform
Test coverageFailed to parse the YAML fileANS-E9001Package installs should not use `latest`ANS-E4003`become_user` requires `become` to work as expectedANS-E5001Shells that use pipes should set the `pipefail` optionANS-E3006Use `command` instead of `shell`ANS-E3005Commands should not change things if nothing needs to be doneANS-E3001Should not use `command` instead of arguments to modulesANS-E3002Environment variables don't work as part of commandANS-E3004Use `module` instead of `command`ANS-E3003Relative path is not needed in roleANS-E4004Mercurial checkouts should have explicit revisionANS-E4002Git checkouts must contain explicit versionANS-E4001Found key duplicationANS-E9002Replace `local_action` with `delegate_to: localhost`ANS-E5004All tasks should be named uniquelyANS-E5002Referenced files must existANS-E5005Tasks that run when changed should likely be handlersANS-E5003
Shells that use pipes should set the `pipefail` optionANS-E3006
Major
Bug RiskWithout the pipefail option set, a shell command that implements a pipeline can fail and still return 0.
If any part of the pipeline other than the terminal command fails, the whole pipeline will still return 0, which may be considered a success by Ansible. Pipefail is available in the bash shell.
Bad practice
- name: Example task
shell: ls -ld /tmp | tr -d tmp
args:
executable: /usr/bin/bash
Recommended
It is recommended to use pipefail with shell commands that use pipes.
- name: Example task
shell: set -o pipefail && ls -ld /tmp | tr -d tmp
args:
executable: /usr/bin/bash