From 3e2d7afa05013ce48582cabfd18b617c0c89e64a Mon Sep 17 00:00:00 2001 From: Dmitriy Rabotyagov Date: Wed, 27 Mar 2024 11:41:54 +0100 Subject: [PATCH] Remove Jinja from conditions Due to CVE-2023-5764 conditional statements should not include jinja2 templating anymore and result in warnings/failures This patch replaces Jinja tags with slightly different format that leads to the same result/logic. Change-Id: I049ac770b32152866194190e54f5947fe7589b39 --- playbooks/healthcheck-hosts.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/playbooks/healthcheck-hosts.yml b/playbooks/healthcheck-hosts.yml index d8bae2acd6..28ca772088 100644 --- a/playbooks/healthcheck-hosts.yml +++ b/playbooks/healthcheck-hosts.yml @@ -120,8 +120,8 @@ - "'dm_multipath' in modules_content" - "'ebtables' in modules_content" - "'vm.swappiness' in sysctl_content" - - "'172.29.236.100 {{ ansible_facts['fqdn'] }} {{ ansible_facts['hostname'] }}' in hosts_content" - - "'{{ hostvars[groups['galera_all'][0]]['management_address'] }} {{ hostvars[groups['galera_all'][0]]['ansible_facts']['hostname'] }}.openstack.local {{ hostvars[groups['galera_all'][0]]['ansible_facts']['hostname'] ~ ((hostvars[groups['galera_all'][0]]['ansible_facts']['hostname'] != groups['galera_all'][0]) | ternary(' ' ~ groups['galera_all'][0], '')) }}' in hosts_content" # noqa: yaml[line-length] + - "('172.29.236.100 ' ~ ansible_facts['fqdn'] ~ ' ' ~ ansible_facts['hostname']) in hosts_content" + - "(hostvars[groups['galera_all'][0]]['management_address'] ~ ' ' ~ hostvars[groups['galera_all'][0]]['ansible_facts']['hostname'] ~ '.openstack.local ' ~ hostvars[groups['galera_all'][0]]['ansible_facts']['hostname'] ~ ((hostvars[groups['galera_all'][0]]['ansible_facts']['hostname'] != groups['galera_all'][0]) | ternary(' ' ~ groups['galera_all'][0], ''))) in hosts_content" # noqa: yaml[line-length] - "release_file.stat.exists" - "systat_file.stat.exists" - "'PATH=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin' in environment_content"