diff options
author | Matt Clay <matt@mystile.com> | 2019-05-23 09:38:27 -0700 |
---|---|---|
committer | Toshio Kuratomi <a.badger@gmail.com> | 2019-05-23 09:38:27 -0700 |
commit | 5cbc6b05661496ce8130866c60b2f76db7800c9c (patch) | |
tree | 4a55c2d44caef0962e5f9b395492747a79663528 | |
parent | 45e9ff7eb42d897214a932b48070a6eba5a55162 (diff) | |
download | ansible-5cbc6b05661496ce8130866c60b2f76db7800c9c.tar.gz |
[stable-2.6] win_get_url: ignore defender false positive in tests (#56826)
* [stable-2.6] win_get_url: ignore defender false positive in tests (#56812)
(cherry picked from commit 124400f319e7dab576b0c1417afbabde5fa44331)
Co-authored-by: Jordan Borean <jborean93@gmail.com>
* Adapt tests to work without remote_tmp_dir.
-rw-r--r-- | test/integration/targets/win_get_url/library/win_defender_exclusion.ps1 | 40 | ||||
-rw-r--r-- | test/integration/targets/win_get_url/tasks/main.yml | 12 |
2 files changed, 52 insertions, 0 deletions
diff --git a/test/integration/targets/win_get_url/library/win_defender_exclusion.ps1 b/test/integration/targets/win_get_url/library/win_defender_exclusion.ps1 new file mode 100644 index 0000000000..c6f8744a45 --- /dev/null +++ b/test/integration/targets/win_get_url/library/win_defender_exclusion.ps1 @@ -0,0 +1,40 @@ +#!powershell + +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +#Requires -Module Ansible.ModuleUtils.Legacy + +$params = Parse-Args $args -supports_check_mode $true + +$path = Get-AnsibleParam -obj $params -name "path" -type "path" -failifempty $true +$state = Get-AnsibleParam -obj $params -name "state" -type "str" -default "present" -validateset "absent", "present" + +$result = @{ + changed = $false +} + +# This is a test module, just skip instead of erroring out if we cannot set the rule +if ($null -eq (Get-Command -Name Get-MpPreference -ErrorAction SilentlyContinue)) { + $result.skipped = $true + $result.msg = "Skip as cannot set exclusion rule" + Exit-Json -obj $result +} + +$exclusions = (Get-MpPreference).ExclusionPath +if ($null -eq $exclusions) { + $exclusions = @() +} + +if ($state -eq "absent") { + if ($path -in $exclusions) { + Remove-MpPreference -ExclusionPath $path + $result.changed = $true + } +} else { + if ($path -notin $exclusions) { + Add-MpPreference -ExclusionPath $path + $result.changed = $true + } +} + +Exit-Json -obj $result diff --git a/test/integration/targets/win_get_url/tasks/main.yml b/test/integration/targets/win_get_url/tasks/main.yml index 8ba5cc4533..accb28ce0e 100644 --- a/test/integration/targets/win_get_url/tasks/main.yml +++ b/test/integration/targets/win_get_url/tasks/main.yml @@ -9,6 +9,13 @@ src: files/ dest: '{{test_win_get_url_path}}\' +# False positive in Windows Defender is flagging the file as a virus and removing it. We need to add an exclusion so +# the tests continue to work +- name: add exclusion for the SlimFTPd binary + win_defender_exclusion: + path: '{{ test_win_get_url_path | win_dirname }}' + state: present + - name: download SlimFTPd binary win_get_url: url: https://s3.amazonaws.com/ansible-ci-files/test/integration/roles/test_win_get_url/SlimFTPd.exe @@ -57,3 +64,8 @@ win_file: path: '{{test_win_get_url_path}}' state: absent + + - name: remove exclusion for the SlimFTPd binary + win_defender_exclusion: + path: '{{ test_win_get_url_path | win_dirname }}' + state: absent |