mirror of
https://github.com/ansible-lockdown/RHEL9-CIS.git
synced 2025-12-24 14:23:05 +00:00
9db4b7fd81
* container standards Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on handlers Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * initial container ignore Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and containder discovery Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on auditd task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and crypto logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * distro update for rocky Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * system_is_container updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * ssh pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logrotate pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic in container check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * add pkg fact and audit conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tidy up crypto step Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added missing tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * container vars file now a variable Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added uid discovery and usage Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Updated OS checks and conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed empty become Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * change audit to include task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added OS_specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated import/include Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * OS Specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated changed_when Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed UID logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added github templates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated layout Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added .github ignore again Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
40 lines
1.6 KiB
YAML
40 lines
1.6 KiB
YAML
---
|
|
# This is a basic workflow to help you get started with Actions
|
|
|
|
name: DevelToMain
|
|
|
|
# Controls when the action will run. Triggers the workflow on push or pull request
|
|
# events but only for the devel branch
|
|
on:
|
|
pull_request:
|
|
branches: [ main ]
|
|
|
|
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
|
|
|
|
jobs:
|
|
# This workflow contains a single job called "build"
|
|
build:
|
|
# The type of runner that the job will run on
|
|
runs-on: ubuntu-latest
|
|
|
|
# Steps represent a sequence of tasks that will be executed as part of the job
|
|
steps:
|
|
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
|
|
- uses: actions/checkout@v2
|
|
|
|
# Refactr pipeline for devel pull request/merge
|
|
- name: Refactr - Run Pipeline (to main)
|
|
# You may pin to the exact commit or the version.
|
|
# uses: refactr/action-run-pipeline@be91e2796aa225268e4685c0e01a26d5f800cd53
|
|
uses: refactr/action-run-pipeline@v0.1.2
|
|
with:
|
|
# API token
|
|
api_token: '${{ secrets.REFACTR_KEY }}'
|
|
# Project ID
|
|
project_id: 5f47f0c4a13c7b18373e5556
|
|
# Job ID
|
|
job_id: 5f90ad90f9c74e6d1e606e33
|
|
# Variables
|
|
variables: '{ "gitrepo": "https://github.com/ansible-lockdown/RHEL9-CIS.git", "image": "ami-04483b15b4268d18d", "username": "centos" }'
|
|
# Refactr API base URL
|
|
api_url: # optional
|