puppet-lint icon indicating copy to clipboard operation
puppet-lint copied to clipboard

Published 20 hours ago verified publisher icon rodjek

Linter: ${} inside single quote strings

Open arrdem opened this issue 8 years ago • 9 comments
trafficstars

This is a little janky and will work better given #584 which makes splicing in lots of tokens possible, but it would be nice if '${foo}' raised a warning and could be rewritten automagically since it's just wrong.

arrdem avatar Dec 19 '16 18:12 arrdem

It is not just wrong, it might be a snippet of shell code single quoted on purpose.

taladar avatar Dec 21 '16 09:12 taladar

Yeah this is an issue, our module sets settings that call an internal environment variable, I don't mind it as a warning, but the thing is literal, even escaping the $ it still flags it because of the brackets {}. It's intentional that we're putting it in single quotes because its not a puppet variable and we don't want Puppet parsing it as a variable.

digital-shokunin avatar Jan 18 '17 18:01 digital-shokunin

Can one of you provide a reproduction, what you expect, and the actual results you received? I want to make sure we are clear on the problem and expectation.

rnelson0 avatar Jan 18 '17 22:01 rnelson0

You can see where it's spitting an error for a variable, even when I escape the $ sign. I have my git pre-commit hook check it through Puppet Lint before it commits, and if it throws an error, it will not commit, so I end up having to take the linter check out of the pre-commit just to get it to pass, or turning off the variable check entirely. I don't mind a warning, as a "are you sure you meant to do this?", but it doesn't mean it should fail or that it's not intentional/good code.

image image

digital-shokunin avatar Jan 18 '17 22:01 digital-shokunin

Ah. It sounds like you are asking for two things then:

  • The check single_quote_string_with_variables to be dropped from error to warning level
  • The check single_quote_string_with_variables to parse \$ as not a variable

Is that correct?

rnelson0 avatar Jan 18 '17 22:01 rnelson0

Yes, at least the second one or add a flag to demote it to a warning, and keep as error by default, for those of us who have those rare cases we need to put $variable in a single quoted string because we need it to be literally that.

Ex:

  puppet-lint --warning-single_quote_string_with_variables-check

or something like that to have it be a warning condition instead of an error.

If I do $ORACLE_JDBC_DRIVER_PATH it doesn't flag, but if it has brackets, it ignores the fact the $ is escaped.

image

You see line 157 disappeared from the report, so it respects the escaped $ if there are no brackets.

To be clear, if I run a puppet parser validate on the same file, it passes. It's only Puppet Lint flagging it as an error that prevents me from committing it. I want Puppet Lint to check my files for all the other things it catches and there might be cases where I did accidentally put a Puppet variable in a single quoted string so it'd be good to be notified, which is why I don't want to turn off the check entirely.

digital-shokunin avatar Jan 18 '17 22:01 digital-shokunin

@digital-shokunin thanks for the great detail! We can definitely work off that information.

In the meantime, can you try this flag with warning for the value? It's not perfect, but I think this may help you until this is patched. --error-level LEVEL The level of error to return (warning, error or all).

rnelson0 avatar Jan 18 '17 23:01 rnelson0

Was this issue resolved?

DS198411 avatar Feb 19 '21 19:02 DS198411

If I'm reading the old examples correctly, the behavior hasn't changed.

No error is reported if the variable name is not within curly braces -- regardless whether the $ sign is escaped:

$ cat gh/manifests/issue598_unescaped_without_curly.pp 
## https://github.com/rodjek/puppet-lint/issues/598
class gh::issue598_unescaped_without_curly {
  file { '/tmp/issue598':
    ensure  => present,
    content => 'echo $HOME',
  }
}
$ puppet-lint gh/manifests/issue598_unescaped_without_curly.pp; echo $?
0
$ cat gh/manifests/issue598_escaped_without_curly.pp
## https://github.com/rodjek/puppet-lint/issues/598
class gh::issue598_escaped_without_curly {
  file { '/tmp/issue598':
    ensure  => present,
    content => 'echo \$HOME',
  }
}
$ puppet-lint gh/manifests/issue598_escaped_without_curly.pp; eho $?
0
$

But an error is reported if the variable name is within curly braces -- again regardless whether the $ sign is escaped:

$ cat gh/manifests/issue598_unescaped_with_curly.pp
## https://github.com/rodjek/puppet-lint/issues/598
class gh::issue598_unescaped_with_curly {
  file { '/tmp/issue598':
    ensure  => present,
    content => 'echo ${HOME}',
  }
}
$ puppet-lint gh/manifests/issue598_unescaped_with_curly.pp; echo $?
ERROR: single quoted string containing a variable found on line 5
1
$ cat gh/manifests/issue598_escaped_with_curly.pp
## https://github.com/rodjek/puppet-lint/issues/598
class gh::issue598_escaped_with_curly {
  file { '/tmp/issue598':
    ensure  => present,
    content => 'echo \${HOME}',
  }
}
$ puppet-lint gh/manifests/issue598_escaped_with_curly.pp; echo $?
ERROR: single quoted string containing a variable found on line 5
1

usev6 avatar Feb 21 '21 09:02 usev6