From 1ab0a36784d84b7121a295bba9ca9445223fc103 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Mon, 7 Oct 2024 17:36:47 +0200
Subject: [PATCH] Modify rule S4830: add Ansible (APPSEC-2162) (#4365)

* Add ansible to rule S4830

* Add Ansible section

---------

Co-authored-by: egon-okerman-sonarsource <egon-okerman-sonarsource@users.noreply.github.com>
Co-authored-by: Egon Okerman <egon.okerman@sonarsource.com>
---
 rules/S4830/ansible/metadata.json |  1 +
 rules/S4830/ansible/rule.adoc     | 66 +++++++++++++++++++++++++++++++
 2 files changed, 67 insertions(+)
 create mode 100644 rules/S4830/ansible/metadata.json
 create mode 100644 rules/S4830/ansible/rule.adoc

diff --git a/rules/S4830/ansible/metadata.json b/rules/S4830/ansible/metadata.json
new file mode 100644
index 00000000000..9e26dfeeb6e
--- /dev/null
+++ b/rules/S4830/ansible/metadata.json
@@ -0,0 +1 @@
+{}
\ No newline at end of file
diff --git a/rules/S4830/ansible/rule.adoc b/rules/S4830/ansible/rule.adoc
new file mode 100644
index 00000000000..2e2107790c4
--- /dev/null
+++ b/rules/S4830/ansible/rule.adoc
@@ -0,0 +1,66 @@
+include::../summary.adoc[]
+
+== Why is this an issue?
+
+include::../rationale.adoc[]
+
+include::../impact.adoc[]
+
+== How to fix it
+
+=== Code examples
+
+include::../common/fix/code-rationale.adoc[]
+
+==== Noncompliant code example
+
+[source,yaml,diff-id=1,diff-type=noncompliant]
+----
+- name: Example playbook
+  hosts: server
+  tasks:
+    - name: Retrieve a web page
+      ansible.builtin.uri:
+        url: https://www.example.com
+        validate_certs: false  # Noncompliant
+        return_content: true
+----
+
+==== Compliant solution
+
+[source,yaml,diff-id=1,diff-type=compliant]
+----
+- name: Example playbook
+  hosts: server
+  tasks:
+    - name: Retrieve a web page
+      ansible.builtin.uri:
+        url: https://www.example.com
+        return_content: true
+----
+
+=== How does this work?
+
+include::../common/fix/validation.adoc[]
+
+
+== Resources
+
+include::../common/resources/standards.adoc[]
+
+ifdef::env-github,rspecator-view[]
+
+'''
+== Implementation Specification
+(visible only on this page)
+
+include::../message.adoc[]
+
+'''
+== Comments And Links
+(visible only on this page)
+
+include::../comments-and-links.adoc[]
+
+endif::env-github,rspecator-view[]
+