From 2fe34b6444502079dc0b84365ce82dbc92de308e Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sat, 13 Apr 2024 14:06:49 +0200
Subject: Adding upstream version 6.17.2.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../playbooks/rule-risky-file-permissions-fail.yml | 91 ++++++++++++++++++++++
 1 file changed, 91 insertions(+)
 create mode 100644 examples/playbooks/rule-risky-file-permissions-fail.yml

(limited to 'examples/playbooks/rule-risky-file-permissions-fail.yml')

diff --git a/examples/playbooks/rule-risky-file-permissions-fail.yml b/examples/playbooks/rule-risky-file-permissions-fail.yml
new file mode 100644
index 0000000..643f598
--- /dev/null
+++ b/examples/playbooks/rule-risky-file-permissions-fail.yml
@@ -0,0 +1,91 @@
+# Fixture for RiskyFilePermissionsRule should return 11 occurrences
+---
+- name: FAIL_INI_PRESERVE
+  hosts: all
+  tasks:
+    - name: Ini_file does not accept preserve mode
+      community.general.ini_file:
+        path: foo
+        create: true
+        mode: preserve
+        section: bar
+
+- name: FAIL_INI_PERMISSION
+  hosts: all
+  tasks:
+    - name: Permissions needed if create is used
+      community.general.ini_file:
+        path: foo
+        create: true
+        section: bar
+
+- name: FAIL_PRESERVE_MODE
+  hosts: all
+  tasks:
+    - name: File does not allow preserve value for mode
+      ansible.builtin.file:
+        path: foo
+        mode: preserve
+
+- name: FAIL_MISSING_PERMISSIONS_TOUCH
+  hosts: all
+  tasks:
+    - name: Permissions missing and might create file # noqa: fqcn[action-core]
+      file:
+        path: foo
+        state: touch
+    - name: Permissions missing and might create file (fqcn)
+      ansible.builtin.file:
+        path: foo
+        state: touch
+
+- name: FAIL_MISSING_PERMISSIONS_DIRECTORY
+  hosts: all
+  tasks:
+    - name: Permissions missing and might create directory # noqa: fqcn[action-core]
+      file:
+        path: foo
+        state: directory
+    - name: Lineinfile when create is true (fqcn)
+      ansible.builtin.lineinfile:
+        path: foo
+        create: true
+        line: some content here
+
+- name: FAIL_MISSING_PERMISSIONS_GET_URL
+  hosts: all
+  tasks:
+    - name: Permissions missing
+      # noqa: fqcn[action-core]
+      get_url:
+        url: http://foo
+        dest: foo
+
+- name: FAIL_LINEINFILE_CREATE
+  hosts: all
+  tasks:
+    - name: Lineinfile when create is true
+      ansible.builtin.lineinfile:
+        path: foo
+        create: true
+        line: some content here
+
+- name: FAIL_REPLACE_PRESERVE
+  hosts: all
+  tasks:
+    - name: Replace does not allow preserve mode # noqa: fqcn[action-core]
+      replace:
+        path: foo
+        mode: preserve
+        regexp: foo
+
+- name: FAIL_PERMISSION_COMMENT
+  hosts: all
+  tasks:
+    - name: Permissions is only a comment # noqa: fqcn[action-core]
+      file:
+        path: foo
+        owner: root
+        group: root
+        state: directory
+        # mode: 0755
-- 
cgit v1.2.3