foreman
foreman copied to clipboard
Fixes #35530 - Make save_to_file macro safer
End to end example:
Use this job template
<%#
name: eof
snippet: false
template_inputs:
- name: script
required: false
input_type: user
advanced: false
value_type: plain
resource_type: AnsibleRole
hidden_value: false
model: JobTemplate
job_category: Miscellaneous
provider_type: script
kind: job_template
organizations:
- Default Organization
locations:
- Default Location
%>
<%= save_to_file('/tmp/test', input('script')) %>
cat /tmp/test
echo
echo "====="
chmod +x /tmp/test
/tmp/test
Run it on a host with script input using a heredoc
cat <<EOF
hello heredoc
EOF
Actual job output:
1: /var/tmp/foreman-ssh-cmd-c252e59a-05dd-4247-96d6-8473e2a9c872/script: line 5: EOF: not found
2: cat <<EOF
3: hello heredoc
4:
5: =====
6: hello heredoc
7: »Exit status: 0«
Expected job output:
1: cat <<EOF
2: hello heredoc
3: EOF
4:
5: =====
6: hello heredoc
7: »Exit status: 0«
Issues: #35530
I'm not the smartest guy in the family, but.. do we actually add empty spaces just to remove them later as a solution?
I'm not proud of this one, but it does the trick. Alternatively we could check if the terminator save_to_file
wants to use is already present in $content
and if yes, pick a different one (and repeat until we find one that's available).
ok to test