configure_bashrc_*_tmux: escape braces within regex in Ansible

[vojtapolasek]

Description:

• modify Ansible remediations so that braces are escaped when they are used as part of "contains" statement

Rationale:

• this was causing problems when run with Ansible because it reported about unmatched braces and it refused to process the statement

Review Hints:

1. clone the master before the fix
2. build the rhel8 content
3. on RHEL 8.9 system, try running OSPP playbook, you can choose the rule configure_bashrc_exec_tmux only with --tags parameter
4. observe the warning
5. build this branch and retest
6. warning should be gone

[github-actions]

Start a new ephemeral environment with changes proposed in this pull request:

rhel8 (from CTF) Environment (using Fedora as testing environment)

Fedora Testing Environment

Oracle Linux 8 Environment

[github-actions]

This datastream diff is auto generated by the check Compare DS/Generate Diff

Click here to see the full diff

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_configure_bashrc_exec_tmux' differs.
--- xccdf_org.ssgproject.content_rule_configure_bashrc_exec_tmux
+++ xccdf_org.ssgproject.content_rule_configure_bashrc_exec_tmux
@@ -15,7 +15,7 @@
   ansible.builtin.find:
     paths: /etc
     patterns: bashrc
-    contains: .*case "$name" in sshd|login) exec tmux ;; esac.*
+    contains: .*case "$name" in sshd|login\) exec tmux ;; esac.*
   register: tmux_in_bashrc
   when:
   - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
@@ -34,7 +34,7 @@
   ansible.builtin.find:
     paths: /etc/profile.d
     patterns: '*.sh'
-    contains: .*case "$name" in sshd|login) exec tmux ;; esac.*
+    contains: .*case "$name" in sshd|login\) exec tmux ;; esac.*
   register: tmux_in_profile_d
   when:
   - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_configure_bashrc_tmux' differs.
--- xccdf_org.ssgproject.content_rule_configure_bashrc_tmux
+++ xccdf_org.ssgproject.content_rule_configure_bashrc_tmux
@@ -16,7 +16,7 @@
   ansible.builtin.find:
     paths: /etc
     patterns: bashrc
-    contains: .*case "$name" in (sshd|login) tmux ;; esac.*
+    contains: .*case "$name" in \(sshd|login\) tmux ;; esac.*
   register: tmux_in_bashrc
   when:
   - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]
@@ -36,7 +36,7 @@
   ansible.builtin.find:
     paths: /etc/profile.d
     patterns: '*.sh'
-    contains: .*case "$name" in (sshd|login) tmux ;; esac.*
+    contains: .*case "$name" in \(sshd|login\) tmux ;; esac.*
   register: tmux_in_profile_d
   when:
   - ansible_virtualization_type not in ["docker", "lxc", "openvz", "podman", "container"]

[codeclimate]

Code Climate has analyzed commit d5b3765 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 58.5% (0.0% change).

View more on Code Climate.

[jan-cerny]

I have reserved a RHEL 8.9 machine in our local facility and I have successfully reproduced the warning with current upstream master and I have built the content from this PR's branch and the warning is gone.