The Pitfalls of Ansible’s Variable and Template Expression Semantics
Ansible is a widely-used Infrastructure-as-Code (IaC) lan- guage for managing the configuration of machines in a digital infrastructure. The reliability of configuration definition files, which Ansible calls “playbooks”, is of the upmost importance. However, Ansible employs semantics unlike those found in traditional programming languages, the unexpected behaviour of which could surprise developers. Next to forming a steep learning curve for newcomers, this semantics also hinders both manual and mechanical verification. In this presentation, we will show a number of potential pitfalls caused by a combination of unconventional semantic properties of Ansible variables and template expressions. The purpose of this talk is three-fold:
- To spread awareness of the unconventional semantics of Ansible and possible pitfalls to practitioners.
- To entice tool builders to work on code analysers and bug detectors related to these pitfalls.
- To stimulate language designers to address these pitfalls with safer alternatives.
Mon 18 OctDisplayed time zone: Central Time (US & Canada) change
09:00 - 10:20
|A Language for Configuring Security Policies|
Gilad Bracha email@example.comMedia Attached
|Provenance of Configuration Programming Language muPuppet|
Weili Fu University of Freiburg, Germany, Paul Anderson University of Edinburgh, James Cheney University of Edinburgh; Alan Turing InstituteMedia Attached
|The Pitfalls of Ansible’s Variable and Template Expression Semantics|
|Typing in Nickel and elsewhere|
Yann Hamdaoui TweagMedia Attached
|Languages: Q&A and discussion|