added check_mode logic

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

tasks/section_6/cis_6.1.x.yml

@@ -58,6 +58,10 @@
             dest: /var/lib/aide/aide.db.gz
             remote_src: true
             mode: 'ug-wx,o-rwx'
+          register: aide_db_cp
+          failed_when:
+            - not ansible_check_mode
+            - aide_db_cp.failed
 
 - name: "6.1.2 | PATCH | Ensure filesystem integrity is regularly checked"
   when:
@@ -119,4 +123,7 @@
       /usr/sbin/aureport p+i+n+u+g+s+b+acl+xattrs+sha512
       /usr/sbin/ausearch p+i+n+u+g+s+b+acl+xattrs+sha512
       /usr/sbin/autrace p+i+n+u+g+s+b+acl+xattrs+sha512
-    validate: aide -D --config %s
+  register: aide_file_integrity_check
+  failed_when:
+    - not ansible_check_mode
+    - aide_file_integrity_check.failed