From cb73fba36942c9264a0290c57654315d18ee0b65 Mon Sep 17 00:00:00 2001 From: Sam Doran Date: Wed, 21 Feb 2018 09:12:09 -0500 Subject: [PATCH] Add note to use script module rather than inline here documents (#32863) * Add example on how to use a here document with shell module * Remove here doc example and add note to use script module instead (cherry picked from commit 5e7ee9df0aaa73f9deb7ecc93fe3570e671fab01) --- lib/ansible/modules/commands/shell.py | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/lib/ansible/modules/commands/shell.py b/lib/ansible/modules/commands/shell.py index cfc195f7436..4e3174587ca 100644 --- a/lib/ansible/modules/commands/shell.py +++ b/lib/ansible/modules/commands/shell.py @@ -67,14 +67,16 @@ options: required: false default: null notes: - - If you want to execute a command securely and predictably, it may be - better to use the M(command) module instead. Best practices when writing - playbooks will follow the trend of using M(command) unless the C(shell) - module is explicitly required. When running ad-hoc commands, use your best - judgement. - - To sanitize any variables passed to the shell module, you should use - "{{ var | quote }}" instead of just "{{ var }}" to make sure they don't include evil things like semicolons. - - For Windows targets, use the M(win_shell) module instead. + - If you want to execute a command securely and predictably, it may be + better to use the M(command) module instead. Best practices when writing + playbooks will follow the trend of using M(command) unless the C(shell) + module is explicitly required. When running ad-hoc commands, use your best + judgement. + - To sanitize any variables passed to the shell module, you should use + "{{ var | quote }}" instead of just "{{ var }}" to make sure they don't include evil things like semicolons. + - For Windows targets, use the M(win_shell) module instead. + - Rather than using here documents to create multi-line scripts inside playbooks, + use the M(script) module instead. requirements: [ ] author: - Ansible Core Team