From e65340cb567ac778a75e961da14e93a270726d5b Mon Sep 17 00:00:00 2001
From: Jeremy Lecour <jlecour@evolix.fr>
Date: Thu, 13 May 2021 15:34:27 +0200
Subject: [PATCH] Add pipefail option to shell invocations

---
 apt/tasks/hold_packages.yml      | 4 ++--
 elasticsearch/tasks/logs.yml     | 2 +-
 etc-git/tasks/main.yml           | 2 +-
 evocheck/tasks/cron.yml          | 2 +-
 evolinux-base/tasks/hardware.yml | 2 +-
 evolinux-base/tasks/postfix.yml  | 2 +-
 evolinux-base/tasks/system.yml   | 2 +-
 logstash/tasks/logs.yml          | 2 +-
 percona/tasks/main.yml           | 2 +-
 postfix/tasks/packmail.yml       | 2 +-
 spamassasin/tasks/main.yml       | 2 +-
 ssl/tasks/main.yml               | 2 +-
 12 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/apt/tasks/hold_packages.yml b/apt/tasks/hold_packages.yml
index 63643409..12774942 100644
--- a/apt/tasks/hold_packages.yml
+++ b/apt/tasks/hold_packages.yml
@@ -1,7 +1,7 @@
 ---
 
 - name: "hold packages (apt)"
-  shell: "(dpkg -l {{ item }} 2>/dev/null | grep -q -E '^(i|h)i') && ((apt-mark showhold | grep --quiet {{ item }}) || apt-mark hold {{ item }})"
+  shell: "set -o pipefail && (dpkg -l {{ item }} 2>/dev/null | grep -q -E '^(i|h)i') && ((apt-mark showhold | grep --quiet {{ item }}) || apt-mark hold {{ item }})"
   register: apt_mark
   changed_when: "item + ' set on hold.' in apt_mark.stdout"
   failed_when:
@@ -30,7 +30,7 @@
     - apt
 
 - name: "unhold packages (apt)"
-  shell: "(dpkg -l {{ item }} 2>/dev/null | grep -q -E '^(i|h)i') && ((apt-mark showhold | grep --quiet {{ item }}) && apt-mark unhold {{ item }})"
+  shell: "set -o pipefail && (dpkg -l {{ item }} 2>/dev/null | grep -q -E '^(i|h)i') && ((apt-mark showhold | grep --quiet {{ item }}) && apt-mark unhold {{ item }})"
   register: apt_mark
   changed_when: "'Canceled hold on' + item in apt_mark.stdout"
   failed_when: apt_mark.rc != 0 and not apt_mark.stdout = ''
diff --git a/elasticsearch/tasks/logs.yml b/elasticsearch/tasks/logs.yml
index 16bbe5d6..b48e9373 100644
--- a/elasticsearch/tasks/logs.yml
+++ b/elasticsearch/tasks/logs.yml
@@ -1,7 +1,7 @@
 ---
 
 - name: Check if cron is installed
-  shell: "dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
+  shell: "set -o pipefail && dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
   failed_when: False
   changed_when: False
   register: is_cron_installed
diff --git a/etc-git/tasks/main.yml b/etc-git/tasks/main.yml
index 8d16b79f..f707dab4 100644
--- a/etc-git/tasks/main.yml
+++ b/etc-git/tasks/main.yml
@@ -33,7 +33,7 @@
     - ansible_distribution_major_version is version('10', '>=')
 
 - name: Check if cron is installed
-  shell: "dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
+  shell: "set -o pipefail && dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
   failed_when: False
   changed_when: False
   check_mode: no
diff --git a/evocheck/tasks/cron.yml b/evocheck/tasks/cron.yml
index 4ef10b05..4557ef2a 100644
--- a/evocheck/tasks/cron.yml
+++ b/evocheck/tasks/cron.yml
@@ -1,7 +1,7 @@
 ---
 
 - name: Check if cron is installed
-  shell: "dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
+  shell: "set -o pipefail && dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
   failed_when: False
   changed_when: False
   check_mode: no
diff --git a/evolinux-base/tasks/hardware.yml b/evolinux-base/tasks/hardware.yml
index 08f7dd33..478e5015 100644
--- a/evolinux-base/tasks/hardware.yml
+++ b/evolinux-base/tasks/hardware.yml
@@ -29,7 +29,7 @@
 # HP gen <10: Hewlett-Packard Company Smart Array
 # HP gen >=10: Adaptec Smart Storage PQI
 - name: Detect if RAID is installed
-  shell: lspci -q | grep -e "RAID bus controller" -e "Serial Attached SCSI controller"
+  shell: "set -o pipefila && lspci -q | grep -e 'RAID bus controller' -e 'Serial Attached SCSI controller'"
   check_mode: no
   register: raidmodel
   changed_when: "'FAILED' in raidmodel.stdout"
diff --git a/evolinux-base/tasks/postfix.yml b/evolinux-base/tasks/postfix.yml
index 5ae33aa7..6c1d8532 100644
--- a/evolinux-base/tasks/postfix.yml
+++ b/evolinux-base/tasks/postfix.yml
@@ -32,7 +32,7 @@
     - postfix
 
 - name: fetch users list
-  shell: getent passwd | cut -d":" -f 1 | grep -v root
+  shell: "set -o pipefail && getent passwd | cut -d':' -f 1 | grep -v root"
   check_mode: no
 
   register: non_root_users_list
diff --git a/evolinux-base/tasks/system.yml b/evolinux-base/tasks/system.yml
index 6504655b..2e57b1e2 100644
--- a/evolinux-base/tasks/system.yml
+++ b/evolinux-base/tasks/system.yml
@@ -85,7 +85,7 @@
 #- name: Customizing /etc/fstab
 
 - name: Check if cron is installed
-  shell: "dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
+  shell: "set -o pipefail && dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
   failed_when: False
   changed_when: False
   check_mode: no
diff --git a/logstash/tasks/logs.yml b/logstash/tasks/logs.yml
index bfeb1a1b..8ea07ddd 100644
--- a/logstash/tasks/logs.yml
+++ b/logstash/tasks/logs.yml
@@ -1,6 +1,6 @@
 ---
 - name: Check if cron is installed
-  shell: "dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
+  shell: "set -o pipefail && dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
   failed_when: False
   changed_when: False
   register: is_cron_installed
diff --git a/percona/tasks/main.yml b/percona/tasks/main.yml
index 8740f758..28278e49 100644
--- a/percona/tasks/main.yml
+++ b/percona/tasks/main.yml
@@ -17,7 +17,7 @@
     mode: "0644"
 
 - name: Check if percona-release is installed
-  command: "dpkg -l percona-release"
+  command: "set -o pipefail && dpkg -l percona-release 2> /dev/null | grep -q -E '^(i|h)i'"
   failed_when: False
   changed_when: False
   register: percona__apt_config_package_installed
diff --git a/postfix/tasks/packmail.yml b/postfix/tasks/packmail.yml
index 2ba8eba9..b2bdff22 100644
--- a/postfix/tasks/packmail.yml
+++ b/postfix/tasks/packmail.yml
@@ -98,7 +98,7 @@
   - postfix
 
 - name: Check if cron is installed
-  shell: "dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
+  shell: "set -o pipefail && dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
   failed_when: False
   changed_when: False
   register: is_cron_installed
diff --git a/spamassasin/tasks/main.yml b/spamassasin/tasks/main.yml
index fa4ab928..df331af4 100644
--- a/spamassasin/tasks/main.yml
+++ b/spamassasin/tasks/main.yml
@@ -66,7 +66,7 @@
     - spamassassin
 
 - name: Check if cron is installed
-  shell: "dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
+  shell: "set -o pipefail && dpkg -l cron 2> /dev/null | grep -q -E '^(i|h)i'"
   failed_when: False
   changed_when: False
   register: is_cron_installed
diff --git a/ssl/tasks/main.yml b/ssl/tasks/main.yml
index c6594265..a21c15ff 100644
--- a/ssl/tasks/main.yml
+++ b/ssl/tasks/main.yml
@@ -29,7 +29,7 @@
     - ssl
 
 - name: Check if Haproxy is installed
-  command: dpkg -l haproxy
+  command: "set -o pipefail && dpkg -l haproxy 2> /dev/null | grep -q -E '^(i|h)i'"
   register: haproxy_check
   check_mode: False
   changed_when: False