The default Netfilter configuration file under Debian is stored at
/etc/nftables.conf. The file is a plain-text configuration file with a clever
shebang line. This means you can execute the configuration file to load
its contents. Nifty, right.
Recently, I’ve been working with a tool that reads YAML files as input. A standard task entails several invocations of the tool with the same YAML input but different command-line arguments. Wouldn’t it be nice to encode the invocation logic also in the YAML file? My first effort was to add a self-describing comment with the sequence of commands one should invoke.
Since the tool ignores superfluous entries in the YAML files, we can employ a quick-and-dirty solution and create a YAML-Bash-Hybrid file. Consider the following example.
#!/bin/bash
test :
echo "This is a bash command"
echo "This should be the sequence of commands to perform a default task"
echo "Once you're done, ignore the rest"
exit 0
standard-yaml:
- what follows now
- is just plain old yaml
Is it a bash script? Is it a YAML configuration file? Well, it’s both. The
shebang line turns the file into a script; however from the YAML parser’s
perspective, this is just a comment. The third line is where it gets tricky. For
bash, this is the test command with the argument of a single colon :,
and therefore a no-op. The following lines comprise the payload of the script and
are regular bash commands. Leading whitespace is ignored. The exit 0 protects
bash from seeing the rest of the YAML file’s content, which would not be valid bash
code.
From the point of the YAML parser, the line test : adds a new mapping entry
named test to the document. Since the tool in question ignores additional
entries, this is a “no-op” also here. The lines that follow are interpreted
as the string-value mapped to the key test. Therefore these lines are ignored.
The arbitrary YAML payload follows and defines the configuration in this case.
Is this good practice? Certainly not. We mix two different domains in a rather obscure way. Would I recommend this? Depends.
This might also interest you