From 466e88613e5e1abcd45081840409ebcaf9c512d6 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Wed, 25 Jan 2023 09:49:43 +0000
Subject: [PATCH] with_items to loop

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/parse_etc_password.yml    | 2 +-
 tasks/section_1/cis_1.1.2.x.yml | 3 +--
 tasks/section_1/cis_1.1.3.x.yml | 3 +--
 tasks/section_1/cis_1.1.4.x.yml | 3 +--
 tasks/section_1/cis_1.1.5.x.yml | 3 +--
 tasks/section_1/cis_1.1.6.x.yml | 3 +--
 tasks/section_1/cis_1.1.7.x.yml | 3 +--
 tasks/section_1/cis_1.8.x.yml   | 4 ++--
 8 files changed, 9 insertions(+), 15 deletions(-)

diff --git a/tasks/parse_etc_password.yml b/tasks/parse_etc_password.yml
index 76cb085..8ff13fd 100644
--- a/tasks/parse_etc_password.yml
+++ b/tasks/parse_etc_password.yml
@@ -11,7 +11,7 @@
       - name: "PRELIM | 5.5.2 | 6.2.7 | 6.2.8 | 6.2.20 | Split passwd entries"
         ansible.builtin.set_fact:
             rhel9cis_passwd: "{{ rhel9cis_passwd_file_audit.stdout_lines | map('regex_replace', ld_passwd_regex, ld_passwd_yaml) | map('from_yaml') | list }}"
-        with_items: "{{ rhel9cis_passwd_file_audit.stdout_lines }}"
+        loop: "{{ rhel9cis_passwd_file_audit.stdout_lines }}"
         vars:
             ld_passwd_regex: >-
                 ^(?P<id>[^:]*):(?P<password>[^:]*):(?P<uid>[^:]*):(?P<gid>[^:]*):(?P<gecos>[^:]*):(?P<dir>[^:]*):(?P<shell>[^:]*)
diff --git a/tasks/section_1/cis_1.1.2.x.yml b/tasks/section_1/cis_1.1.2.x.yml
index d55f5ec..b4e1888 100644
--- a/tasks/section_1/cis_1.1.2.x.yml
+++ b/tasks/section_1/cis_1.1.2.x.yml
@@ -33,8 +33,7 @@
       state: present
       opts: defaults,{% if rhel9cis_rule_1_1_2_2 %}nodev,{% endif %}{% if rhel9cis_rule_1_1_2_3 %}noexec,{% endif %}{% if rhel9cis_rule_1_1_2_4 %}nosuid{% endif %}
   notify: Remount tmp
-  with_items:
-      - "{{ ansible_mounts }}"
+  loop: "{{ ansible_mounts }}"
   loop_control:
       label: "{{ item.device }}"
   when:
diff --git a/tasks/section_1/cis_1.1.3.x.yml b/tasks/section_1/cis_1.1.3.x.yml
index 84135ae..d873c51 100644
--- a/tasks/section_1/cis_1.1.3.x.yml
+++ b/tasks/section_1/cis_1.1.3.x.yml
@@ -31,8 +31,7 @@
       fstype: "{{ item.fstype }}"
       state: present
       opts: defaults,{% if rhel9cis_rule_1_1_3_2 %}nodev,{% endif %}{% if rhel9cis_rule_1_1_3_3 %}nosuid,{% endif %}
-  with_items:
-      - "{{ ansible_mounts }}"
+  loop: "{{ ansible_mounts }}"
   loop_control:
       label: "{{ item.device }}"
   notify: Change_requires_reboot
diff --git a/tasks/section_1/cis_1.1.4.x.yml b/tasks/section_1/cis_1.1.4.x.yml
index b8ae48d..f063fbd 100644
--- a/tasks/section_1/cis_1.1.4.x.yml
+++ b/tasks/section_1/cis_1.1.4.x.yml
@@ -33,8 +33,7 @@
       fstype: "{{ item.fstype }}"
       state: present
       opts: defaults,{% if rhel9cis_rule_1_1_4_2 %}noexec,{% endif %}{% if rhel9cis_rule_1_1_4_3 %}nosuid,{% endif %}{% if rhel9cis_rule_1_1_4_4 %}nodev{% endif %}
-  with_items:
-      - "{{ ansible_mounts }}"
+  loop: "{{ ansible_mounts }}"
   loop_control:
       label: "{{ item.device }}"
   notify: Change_requires_reboot
diff --git a/tasks/section_1/cis_1.1.5.x.yml b/tasks/section_1/cis_1.1.5.x.yml
index 9f556ba..1707f30 100644
--- a/tasks/section_1/cis_1.1.5.x.yml
+++ b/tasks/section_1/cis_1.1.5.x.yml
@@ -33,8 +33,7 @@
       fstype: "{{ item.fstype }}"
       state: present
       opts: defaults,{% if rhel9cis_rule_1_1_5_2 %}nodev,{% endif %}{% if rhel9cis_rule_1_1_5_3 %}noexec,{% endif %}{% if rhel9cis_rule_1_1_5_4 %}nosuid{% endif %}
-  with_items:
-      - "{{ ansible_mounts }}"
+  loop: "{{ ansible_mounts }}"
   loop_control:
       label: "{{ item.device }}"
   notify: Change_requires_reboot
diff --git a/tasks/section_1/cis_1.1.6.x.yml b/tasks/section_1/cis_1.1.6.x.yml
index fcfa92b..274f668 100644
--- a/tasks/section_1/cis_1.1.6.x.yml
+++ b/tasks/section_1/cis_1.1.6.x.yml
@@ -32,8 +32,7 @@
       fstype: "{{ item.fstype }}"
       state: present
       opts: defaults,{% if rhel9cis_rule_1_1_6_2 %}noexec,{% endif %}{% if rhel9cis_rule_1_1_6_3 %}nodev,{% endif %}{% if rhel9cis_rule_1_1_6_4 %}nosuid{% endif %}
-  with_items:
-      - "{{ ansible_mounts }}"
+  loop: "{{ ansible_mounts }}"
   loop_control:
       label: "{{ item.device }}"
   notify: Change_requires_reboot
diff --git a/tasks/section_1/cis_1.1.7.x.yml b/tasks/section_1/cis_1.1.7.x.yml
index 54da358..7f16610 100644
--- a/tasks/section_1/cis_1.1.7.x.yml
+++ b/tasks/section_1/cis_1.1.7.x.yml
@@ -32,8 +32,7 @@
       fstype: "{{ item.fstype }}"
       state: present
       opts: defaults,{% if rhel9cis_rule_1_1_7_2 %}nodev,{% endif %}{% if rhel9cis_rule_1_1_7_3 %}nosuid,{% endif %}
-  with_items:
-      - "{{ ansible_mounts }}"
+  loop: "{{ ansible_mounts }}"
   loop_control:
       label: "{{ item.device }}"
   notify: Change_requires_reboot
diff --git a/tasks/section_1/cis_1.8.x.yml b/tasks/section_1/cis_1.8.x.yml
index dff2930..6ebe4ae 100644
--- a/tasks/section_1/cis_1.8.x.yml
+++ b/tasks/section_1/cis_1.8.x.yml
@@ -27,7 +27,7 @@
             group: root
             mode: 0644
         notify: Reload dconf
-        with_items:
+        loop:
             - { regexp: 'user-db', line: 'user-db:user' }
             - { regexp: 'system-db', line: 'system-db:gdm' }
             - { regexp: 'file-db', line: 'file-db:/usr/share/gdm/greeter-dconf-defaults' }
@@ -62,7 +62,7 @@
       group: root
       mode: 0644
   notify: Reload dconf
-  with_items:
+  loop:
       - { file: '/etc/dconf/profile/gdm', regexp: 'user-db', line: 'user-db:user' }
       - { file: '/etc/dconf/profile/gdm', regexp: 'system-db', line: 'system-db:gdm' }
       - { file: '/etc/dconf/profile/gdm', regexp: 'file-db', line: 'file-db:/usr/share/gdm/greeter-dconf-defaults'}