From 5fe702bcc284286f41b6443f68590c7785cd657a Mon Sep 17 00:00:00 2001 From: Takashi Kajinami Date: Sun, 14 Apr 2024 15:40:20 +0900 Subject: [PATCH] Fix unsafe interpolations in exec ... to resolve the following warning detected by puppet-lint. WARNING: unsafe interpolation of variable 'foo' in exec command Note that the lint rule is currently disabled[1]. [1] 56cf30b7e26d2c1a440a83f67ec4d7041dcf5cdb Change-Id: I5576174e964a9a181603e1f06145415c8ce27344 --- manifests/dpdk.pp | 2 +- manifests/ovs.pp | 2 +- manifests/pki/cacert.pp | 2 +- manifests/pki/cert.pp | 2 +- spec/classes/vswitch_dpdk_spec.rb | 2 +- spec/classes/vswitch_ovs_spec.rb | 2 +- spec/classes/vswitch_pki_cacert_spec.rb | 2 +- spec/defines/vswitch_pki_cert_spec.rb | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/manifests/dpdk.pp b/manifests/dpdk.pp index 11ef2bb7..e691662f 100644 --- a/manifests/dpdk.pp +++ b/manifests/dpdk.pp @@ -292,7 +292,7 @@ class vswitch::dpdk ( # when any vs_config resource with restart => true is enabled. exec { 'restart openvswitch': path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], - command => "systemctl -q restart ${service_name}.service", + command => ['systemctl', '-q', 'restart', "${service_name}.service"], refreshonly => true, } diff --git a/manifests/ovs.pp b/manifests/ovs.pp index c32a3384..ee16c3f2 100644 --- a/manifests/ovs.pp +++ b/manifests/ovs.pp @@ -99,7 +99,7 @@ class vswitch::ovs( # when any vs_config resource with restart => true is enabled. exec { 'restart openvswitch': path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], - command => "systemctl -q restart ${service_name}.service", + command => ['systemctl', '-q', 'restart', "${service_name}.service"], refreshonly => true, } diff --git a/manifests/pki/cacert.pp b/manifests/pki/cacert.pp index 1de02e02..53b207af 100644 --- a/manifests/pki/cacert.pp +++ b/manifests/pki/cacert.pp @@ -5,7 +5,7 @@ class vswitch::pki::cacert { exec { 'ovs-pki-init-ca-authority': - command => 'ovs-pki init --force', + command => ['ovs-pki', 'init', '--force'], creates => '/var/lib/openvswitch/pki/switchca', path => ['/usr/sbin', '/sbin', '/usr/bin', '/bin'], } diff --git a/manifests/pki/cert.pp b/manifests/pki/cert.pp index 6ad0cbe8..6463a6f1 100644 --- a/manifests/pki/cert.pp +++ b/manifests/pki/cert.pp @@ -13,7 +13,7 @@ define vswitch::pki::cert( ) { exec { "ovs-req-and-sign-cert-${name}": - command => "ovs-pki req+sign ${name}", + command => ['ovs-pki', 'req+sign', $name], cwd => $cert_dir, creates => "${cert_dir}/${name}-cert.pem", path => ['/usr/sbin', '/sbin', '/usr/bin', '/bin'], diff --git a/spec/classes/vswitch_dpdk_spec.rb b/spec/classes/vswitch_dpdk_spec.rb index ea7c1c01..d6ef1ac5 100644 --- a/spec/classes/vswitch_dpdk_spec.rb +++ b/spec/classes/vswitch_dpdk_spec.rb @@ -73,7 +73,7 @@ describe 'vswitch::dpdk' do it 'restarts the service when needed' do is_expected.to contain_exec('restart openvswitch').with( :path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], - :command => "systemctl -q restart %s.service" % platform_params[:ovs_service_name], + :command => ['systemctl', '-q', 'restart', "#{platform_params[:ovs_service_name]}.service"], :refreshonly => true ) end diff --git a/spec/classes/vswitch_ovs_spec.rb b/spec/classes/vswitch_ovs_spec.rb index e21561ca..430e9d10 100644 --- a/spec/classes/vswitch_ovs_spec.rb +++ b/spec/classes/vswitch_ovs_spec.rb @@ -48,7 +48,7 @@ describe 'vswitch::ovs' do it 'restarts the service when needed' do is_expected.to contain_exec('restart openvswitch').with( :path => ['/sbin', '/usr/sbin', '/bin', '/usr/bin'], - :command => "systemctl -q restart %s.service" % platform_params[:ovs_service_name], + :command => ['systemctl', '-q', 'restart', "#{platform_params[:ovs_service_name]}.service"], :refreshonly => true ) end diff --git a/spec/classes/vswitch_pki_cacert_spec.rb b/spec/classes/vswitch_pki_cacert_spec.rb index fac0d374..11ad7160 100644 --- a/spec/classes/vswitch_pki_cacert_spec.rb +++ b/spec/classes/vswitch_pki_cacert_spec.rb @@ -5,7 +5,7 @@ describe 'vswitch::pki::cacert' do shared_examples_for 'vswitch::pki::cacert' do it 'shoud initialize ca authority' do is_expected.to contain_exec('ovs-pki-init-ca-authority').with( - :command => 'ovs-pki init --force', + :command => ['ovs-pki', 'init', '--force'], :creates => '/var/lib/openvswitch/pki/switchca', :path => ['/usr/sbin', '/sbin', '/usr/bin', '/bin'], ) diff --git a/spec/defines/vswitch_pki_cert_spec.rb b/spec/defines/vswitch_pki_cert_spec.rb index 948b70d6..1681aee1 100644 --- a/spec/defines/vswitch_pki_cert_spec.rb +++ b/spec/defines/vswitch_pki_cert_spec.rb @@ -7,7 +7,7 @@ describe 'vswitch::pki::cert' do shared_examples_for 'vswitch::pki::cert' do it 'shoud generate a certificate' do is_expected.to contain_exec('ovs-req-and-sign-cert-foo').with( - :command => 'ovs-pki req+sign foo', + :command => ['ovs-pki', 'req+sign', 'foo'], :cwd => '/etc/openvswitch', :creates => '/etc/openvswitch/foo-cert.pem', :path => ['/usr/sbin', '/sbin', '/usr/bin', '/bin'],