Ansible-lint warn [301] Commands should not change things if nothing needs doing

Question

Ansible-lint warn [301] Commands should not change things if nothing needs doing

edouard-lopez opened this issue 4 years ago · 2 comments

I have a task:

- name: Create Certificate for webapps
  command: "{{ certbot_create_command }}"
  notify: Reload Apache
  tags: [web, ssl]

But ansible-lint complains

  WARNING  Listing 1 violation(s) that are fatal                                                                                                                                                                                         
  [301] Commands should not change things if nothing needs doing

What conditional do you recommend?`

Answer 1 · 2021-05-09T14:43:10.000Z

Hey! You just need to add this:
changed_when: false

Answer 2 · 2022-12-15T14:05:10.000Z

Just for context: doing changed_when: false will make a task show as unchanged, even though it has caused changes. To me, accepting a false positive (a noop command showing up as changed) would be better than a false negative (a command that makes changes shows up as ok). Especially in situations like this, that deal with creating certificates. A reasonable condition would be: does the certificate file exists?