From 44b712fdf90f4941d369fdb3ec8b4a72a495c616 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Mon, 11 Nov 2024 16:06:29 +0000
Subject: [PATCH] improved gpg regex

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/section_1/cis_1.2.1.x.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/tasks/section_1/cis_1.2.1.x.yml b/tasks/section_1/cis_1.2.1.x.yml
index d5ea30f..dca12b0 100644
--- a/tasks/section_1/cis_1.2.1.x.yml
+++ b/tasks/section_1/cis_1.2.1.x.yml
@@ -53,7 +53,7 @@
     - name: "1.2.1.2 | PATCH | Ensure gpgcheck is globally activated | Update yum.repos"
       ansible.builtin.replace:
         name: "{{ item.path }}"
-        regexp: "^gpgcheck=0"
+        regexp: ^gpgcheck\s*=\s*0
         replace: "gpgcheck=1"
       loop: "{{ discovered_yum_repos.files }}"
       loop_control:
@@ -87,7 +87,7 @@
     - name: "1.2.1.3 | PATCH | Ensure repo_gpgcheck is globally activated | amend repo files"
       ansible.builtin.replace:
         path: "{{ item.path }}"
-        regexp: '^repo_gpgcheck( |)=( |)0'
+        regexp: ^repo_gpgcheck\s*=s*0
         replace: repo_gpgcheck=1
       loop: "{{ discovered_repo_files.files }}"
       loop_control: