ansible-lockdown/RHEL9-CIS
3
0
Fork 1
mirror of https://github.com/ansible-lockdown/RHEL9-CIS.git synced 2026-05-09 23:33:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Workflow updates

Browse source 
Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
This commit is contained in:
Mark Bolwell 2026-04-08 12:51:49 +01:00
parent eedb2188c3
commit 5783bf4ce4
No known key found for this signature in database
GPG key ID: 997FF7FE93AEB5B9
3 changed files with 259 additions and 263 deletions
Download patch file Download diff file Expand all files Collapse all files

5
.github/workflows/devel_pipeline_validation.yml vendored
View file

@ -65,7 +65,7 @@
steps: steps:
- name: Git clone the lockdown repository to test - name: Git clone the lockdown repository to test
uses: actions/checkout@v4 uses: actions/checkout@v6.0.2
with: with:
ref: ${{ github.event.pull_request.head.sha }} ref: ${{ github.event.pull_request.head.sha }}
@ -81,7 +81,7 @@
# Pull in terraform code for linux servers # Pull in terraform code for linux servers
- name: Clone GitHub IaC plan - name: Clone GitHub IaC plan
uses: actions/checkout@v4 uses: actions/checkout@v6.0.2
with: with:
repository: ansible-lockdown/github_linux_IaC repository: ansible-lockdown/github_linux_IaC
path: .github/workflows/github_linux_IaC path: .github/workflows/github_linux_IaC
@ -128,6 +128,7 @@
env: env:
OSVAR: ${{ vars.OSVAR }} OSVAR: ${{ vars.OSVAR }}
TF_VAR_benchmark_type: ${{ vars.BENCHMARK_TYPE }} TF_VAR_benchmark_type: ${{ vars.BENCHMARK_TYPE }}
TF_VAR_ansible_version: ${{ vars.ANSIBLE_RUNNER_VERSION }}
TF_VAR_privsubnet_id: ${{ secrets.AWS_PRIVSUBNET_ID }} TF_VAR_privsubnet_id: ${{ secrets.AWS_PRIVSUBNET_ID }}
TF_VAR_vpc_secgrp_id: ${{ secrets.AWS_VPC_SECGRP_ID }} TF_VAR_vpc_secgrp_id: ${{ secrets.AWS_VPC_SECGRP_ID }}
run: tofu apply -var-file "${OSVAR}.tfvars" --auto-approve -input=false run: tofu apply -var-file "${OSVAR}.tfvars" --auto-approve -input=false

6
.github/workflows/export_badges_private.yml vendored
View file

@ -2,12 +2,6 @@
name: Export Private Repo Badges name: Export Private Repo Badges
# Use different minute offsets with the same hourly pattern:
# Repo Group Suggested Cron Expression Explanation
# Group A 0 */6 * * * Starts at top of hour
# Group B 10 */6 * * * Starts at 10 after
# And So On
on: on:
push: push:
branches: branches:

5
.github/workflows/main_pipeline_validation.yml vendored
View file

@ -43,7 +43,7 @@
steps: steps:
- name: Git clone the lockdown repository to test - name: Git clone the lockdown repository to test
uses: actions/checkout@v4 uses: actions/checkout@v6.0.2
with: with:
ref: ${{ github.event.pull_request.head.sha }} ref: ${{ github.event.pull_request.head.sha }}
@ -59,7 +59,7 @@
# Pull in terraform code for linux servers # Pull in terraform code for linux servers
- name: Clone GitHub IaC plan - name: Clone GitHub IaC plan
uses: actions/checkout@v4 uses: actions/checkout@v6.0.2
with: with:
repository: ansible-lockdown/github_linux_IaC repository: ansible-lockdown/github_linux_IaC
path: .github/workflows/github_linux_IaC path: .github/workflows/github_linux_IaC
@ -107,6 +107,7 @@
env: env:
OSVAR: ${{ vars.OSVAR }} OSVAR: ${{ vars.OSVAR }}
TF_VAR_benchmark_type: ${{ vars.BENCHMARK_TYPE }} TF_VAR_benchmark_type: ${{ vars.BENCHMARK_TYPE }}
TF_VAR_ansible_version: ${{ vars.ANSIBLE_RUNNER_VERSION }}
TF_VAR_privsubnet_id: ${{ secrets.AWS_PRIVSUBNET_ID }} TF_VAR_privsubnet_id: ${{ secrets.AWS_PRIVSUBNET_ID }}
TF_VAR_vpc_secgrp_id: ${{ secrets.AWS_VPC_SECGRP_ID }} TF_VAR_vpc_secgrp_id: ${{ secrets.AWS_VPC_SECGRP_ID }}
run: tofu apply -var-file "${OSVAR}.tfvars" --auto-approve -input=false run: tofu apply -var-file "${OSVAR}.tfvars" --auto-approve -input=false