Workflow updates

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>

.github/workflows/devel_pipeline_validation.yml

@@ -1,8 +1,8 @@
 ---
 
-  name: Devel pipeline
+name: Devel pipeline
 
-  on: # yamllint disable-line rule:truthy
+on: # yamllint disable-line rule:truthy
   pull_request_target:
     types: [opened, reopened, synchronize]
     branches:
@@ -17,9 +17,9 @@
   # Allow manual running of workflow
   workflow_dispatch:
 
-  # A workflow run is made up of one or more jobs
+# A workflow run is made up of one or more jobs
-  # that can run sequentially or in parallel
+# that can run sequentially or in parallel
-  jobs:
+jobs:
   # This will create messages for first time contributers and direct them to the Discord server
   welcome:
     runs-on: ubuntu-latest
@@ -65,7 +65,7 @@
     steps:
 
       - name: Git clone the lockdown repository to test
-          uses: actions/checkout@v4
+        uses: actions/checkout@v6.0.2
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
@@ -81,7 +81,7 @@
 
       # Pull in terraform code for linux servers
       - name: Clone GitHub IaC plan
-          uses: actions/checkout@v4
+        uses: actions/checkout@v6.0.2
         with:
           repository: ansible-lockdown/github_linux_IaC
           path: .github/workflows/github_linux_IaC
@@ -128,6 +128,7 @@
         env:
           OSVAR: ${{ vars.OSVAR }}
           TF_VAR_benchmark_type: ${{ vars.BENCHMARK_TYPE }}
+          TF_VAR_ansible_version: ${{ vars.ANSIBLE_RUNNER_VERSION }}
           TF_VAR_privsubnet_id: ${{ secrets.AWS_PRIVSUBNET_ID }}
           TF_VAR_vpc_secgrp_id: ${{ secrets.AWS_VPC_SECGRP_ID }}
         run: tofu apply -var-file "${OSVAR}.tfvars" --auto-approve -input=false
@@ -137,7 +138,7 @@
         if: env.ENABLE_DEBUG == 'true'
         run: cat hosts.yml
 
-  # Aws deployments taking a while to come up insert sleep or playbook fails
+# Aws deployments taking a while to come up insert sleep or playbook fails
 
       - name: Sleep to allow system to come up
         run: sleep ${{ vars.BUILD_SLEEPTIME }}

.github/workflows/export_badges_private.yml

@@ -2,12 +2,6 @@
 
 name: Export Private Repo Badges
 
-# Use different minute offsets with the same hourly pattern:
-# Repo Group Suggested Cron Expression Explanation
-# Group A 0 */6 * * * Starts at top of hour
-# Group B 10 */6 * * * Starts at 10 after
-# And So On
-
 on:
   push:
     branches:

.github/workflows/main_pipeline_validation.yml

@@ -1,8 +1,8 @@
 ---
 
-  name: Main pipeline
+name: Main pipeline
 
-  on: # yamllint disable-line rule:truthy
+on: # yamllint disable-line rule:truthy
   pull_request_target:
     types: [opened, reopened, synchronize]
     branches:
@@ -15,15 +15,15 @@
       - '**.ps1'
       - '**.cfg'
 
-  # Allow permissions for AWS auth
+# Allow permissions for AWS auth
-  permissions:
+permissions:
   id-token: write
   contents: read
   pull-requests: read
 
-  # A workflow run is made up of one or more jobs
+# A workflow run is made up of one or more jobs
-  # that can run sequentially or in parallel
+# that can run sequentially or in parallel
-  jobs:
+jobs:
   # This workflow contains a single job that tests the playbook
   playbook-test:
     # The type of runner that the job will run on
@@ -32,7 +32,7 @@
       ENABLE_DEBUG: ${{ vars.ENABLE_DEBUG }}
       # Imported as a variable by terraform
       TF_VAR_repository: ${{ github.event.repository.name }}
-        AWS_REGION : "us-east-1"
+      AWS_REGION: "us-east-1"
       ANSIBLE_VERSION: ${{ vars.ANSIBLE_RUNNER_VERSION }}
     defaults:
       run:
@@ -43,7 +43,7 @@
     steps:
 
       - name: Git clone the lockdown repository to test
-          uses: actions/checkout@v4
+        uses: actions/checkout@v6.0.2
         with:
           ref: ${{ github.event.pull_request.head.sha }}
 
@@ -59,7 +59,7 @@
 
       # Pull in terraform code for linux servers
       - name: Clone GitHub IaC plan
-          uses: actions/checkout@v4
+        uses: actions/checkout@v6.0.2
         with:
           repository: ansible-lockdown/github_linux_IaC
           path: .github/workflows/github_linux_IaC
@@ -107,6 +107,7 @@
         env:
           OSVAR: ${{ vars.OSVAR }}
           TF_VAR_benchmark_type: ${{ vars.BENCHMARK_TYPE }}
+          TF_VAR_ansible_version: ${{ vars.ANSIBLE_RUNNER_VERSION }}
           TF_VAR_privsubnet_id: ${{ secrets.AWS_PRIVSUBNET_ID }}
           TF_VAR_vpc_secgrp_id: ${{ secrets.AWS_VPC_SECGRP_ID }}
         run: tofu apply -var-file "${OSVAR}.tfvars" --auto-approve -input=false
@@ -116,7 +117,7 @@
         if: env.ENABLE_DEBUG == 'true'
         run: cat hosts.yml
 
-  # Aws deployments taking a while to come up insert sleep or playbook fails
+# Aws deployments taking a while to come up insert sleep or playbook fails
 
       - name: Sleep to allow system to come up
         run: sleep ${{ vars.BUILD_SLEEPTIME }}