cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Update lookup.rst (#73716)

Browse source 
Document that users must pass `allow_unsafe=True` as an option in the lookup to allow templating, with a note about security implications.

Co-authored-by: Alicia Cozine <879121+acozine@users.noreply.github.com>
Co-authored-by: Sandra McCann <samccann@redhat.com>
This commit is contained in:
sry9681 2021-04-20 12:54:54 -05:00 committed by GitHub
parent c9c84594d8
commit c0cc574e65
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
docs/docsite/rst/plugins/lookup.rst
View file

@ -13,6 +13,7 @@ Lookup plugins are an Ansible-specific extension to the Jinja2 templating langua
- Lookups are executed with a working directory relative to the role or play, - Lookups are executed with a working directory relative to the role or play,
as opposed to local tasks, which are executed relative the executed script. as opposed to local tasks, which are executed relative the executed script.
- Pass ``wantlist=True`` to lookups to use in Jinja2 template "for" loops. - Pass ``wantlist=True`` to lookups to use in Jinja2 template "for" loops.
- By default, lookup return values are marked as unsafe for security reasons. If you trust the outside source your lookup accesses, pass ``allow_unsafe=True`` to allow Jinja2 templates to evaluate lookup values.
.. warning:: .. warning::
- Some lookups pass arguments to a shell. When using variables from a remote/untrusted source, use the `|quote` filter to ensure safe usage. - Some lookups pass arguments to a shell. When using variables from a remote/untrusted source, use the `|quote` filter to ensure safe usage.