summaryrefslogtreecommitdiffstats
path: root/examples/playbooks/rule-risky-file-permissions-fail.yml
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 16:04:56 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-28 16:04:56 +0000
commitd964cec5e6aa807b75c7a4e7cdc5f11e54b2eda2 (patch)
tree794bc3738a00b5e599f06d1f2f6d79048d87ff8e /examples/playbooks/rule-risky-file-permissions-fail.yml
parentInitial commit. (diff)
downloadansible-lint-upstream.tar.xz
ansible-lint-upstream.zip
Adding upstream version 6.13.1.upstream/6.13.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'examples/playbooks/rule-risky-file-permissions-fail.yml')
-rw-r--r--examples/playbooks/rule-risky-file-permissions-fail.yml88
1 files changed, 88 insertions, 0 deletions
diff --git a/examples/playbooks/rule-risky-file-permissions-fail.yml b/examples/playbooks/rule-risky-file-permissions-fail.yml
new file mode 100644
index 0000000..02c551b
--- /dev/null
+++ b/examples/playbooks/rule-risky-file-permissions-fail.yml
@@ -0,0 +1,88 @@
+# Fixture for RiskyFilePermissionsRule should return 11 occurrences
+---
+- name: FAIL_INI_PRESERVE
+ hosts: all
+ tasks:
+ - name: Ini_file does not accept preserve mode
+ community.general.ini_file:
+ path: foo
+ create: true
+ mode: preserve
+
+- name: FAIL_INI_PERMISSION
+ hosts: all
+ tasks:
+ - name: Permissions needed if create is used
+ community.general.ini_file:
+ path: foo
+ create: true
+
+- name: FAIL_PRESERVE_MODE
+ hosts: all
+ tasks:
+ - name: File does not allow preserve value for mode
+ ansible.builtin.file:
+ path: foo
+ mode: preserve
+
+- name: FAIL_MISSING_PERMISSIONS_TOUCH
+ hosts: all
+ tasks:
+ - name: Permissions missing and might create file
+ file:
+ path: foo
+ state: touch
+ - name: Permissions missing and might create file (fqcn)
+ ansible.builtin.file:
+ path: foo
+ state: touch
+
+- name: FAIL_MISSING_PERMISSIONS_DIRECTORY
+ hosts: all
+ tasks:
+ - name: Permissions missing and might create directory
+ file:
+ path: foo
+ state: directory
+ - name: Lineinfile when create is true (fqcn)
+ ansible.builtin.lineinfile:
+ path: foo
+ create: true
+ line: some content here
+
+- name: FAIL_MISSING_PERMISSIONS_GET_URL
+ hosts: all
+ tasks:
+ - name: Permissions missing
+ # noqa: fqcn[action-core]
+ get_url:
+ url: http://foo
+ dest: foo
+
+- name: FAIL_LINEINFILE_CREATE
+ hosts: all
+ tasks:
+ - name: Lineinfile when create is true
+ ansible.builtin.lineinfile:
+ path: foo
+ create: true
+ line: some content here
+
+- name: FAIL_REPLACE_PRESERVE
+ hosts: all
+ tasks:
+ - name: Replace does not allow preserve mode
+ replace:
+ path: foo
+ mode: preserve
+
+- name: FAIL_PERMISSION_COMMENT
+ hosts: all
+ tasks:
+ - name: Permissions is only a comment
+ file:
+ path: foo
+ owner: root
+ group: root
+ state: directory
+ # mode: 0755