ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2025-12-24 22:23:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Update name and conditionals

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2025-04-15 11:07:15 +01:00
parent 52f5f23b00
commit 3d4bc2ab3d
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
1 changed files with 10 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

20
tasks/fetch_audit_output.yml
View file

@ -2,7 +2,7 @@
# Stage to copy audit output to a centralised location # Stage to copy audit output to a centralised location
- name: "FETCH_AUDIT_FILES | Fetch files and copy to controller" - name: "POST | FETCH | Fetch files and copy to controller"
when: audit_output_collection_method == "fetch" when: audit_output_collection_method == "fetch"
ansible.builtin.fetch: ansible.builtin.fetch:
src: "{{ item }}" src: "{{ item }}"
@ -17,7 +17,7 @@
# Added this option for continuity but could be changed by adjusting the variable audit_conf_dest # Added this option for continuity but could be changed by adjusting the variable audit_conf_dest
# Allowing backup to one location # Allowing backup to one location
- name: "FETCH_AUDIT_FILES | Copy files to location available to managed node" - name: "POST | FETCH | Copy files to location available to managed node"
when: audit_output_collection_method == "copy" when: audit_output_collection_method == "copy"
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ item }}" src: "{{ item }}"
@ -25,21 +25,21 @@
mode: 'u-x,go-wx' mode: 'u-x,go-wx'
flat: true flat: true
failed_when: false failed_when: false
register: discovered_audit_fetch_copy_state register: discovered_audit_copy_state
loop: loop:
- pre_audit_outfile - "{{ pre_audit_outfile }}"
- post_audit_outfile - "{{ post_audit_outfile }}"
- name: "FETCH_AUDIT_FILES | Fetch files and copy to controller | Warning if issues with fetch_audit_files" - name: "POST | FETCH | Fetch files and copy to controller | Warning if issues with fetch_audit_files"
when: when:
- (discovered_audit_fetch_state is defined and not discovered_audit_fetch_state.changed) or - (audit_output_collection_method == "fetch" and not discovered_audit_fetch_state.changed) or
(discovered_audit_copy_state is defined and not discovered_audit_copy_state.changed) (audit_output_collection_method == "copy" and not discovered_audit_copy_state.changed)
block: block:
- name: "FETCH_AUDIT_FILES | Fetch files and copy to controller | Warning if issues with fetch_audit_files" - name: "POST | FETCH | Fetch files and copy to controller | Warning if issues with fetch_audit_files"
ansible.builtin.debug: ansible.builtin.debug:
msg: "Warning!! Unable to write to localhost {{ audit_output_destination }} for audit file copy" msg: "Warning!! Unable to write to localhost {{ audit_output_destination }} for audit file copy"
- name: "FETCH_AUDIT_FILES | Fetch files and copy to controller | Warning if issues with fetch_audit_files" - name: "POST | FETCH | Fetch files and copy to controller | Warning if issues with fetch_audit_files"
vars: vars:
warn_control_id: "FETCH_AUDIT_FILES" warn_control_id: "FETCH_AUDIT_FILES"
ansible.builtin.import_tasks: ansible.builtin.import_tasks: