fetch audit and compliance facts added

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2025-03-31 14:50:40 +01:00 · 2025-03-31 14:50:40 +01:00 · 576531e986
commit 576531e986
parent 82904557c7
4 changed files with 134 additions and 0 deletions
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -209,11 +209,43 @@

 - name: "Run post_remediation audit"
  when: run_audit
+  tags: always
  ansible.builtin.import_tasks:
    file: post_remediation_audit.yml

+- name: Add ansible file showing Benchmark and levels applied
+  when: Create_benchmark_facts
+  tags:
+  - always
+  - benchmark
+  block:
+    - name: Create ansible facts directory
+      ansible.builtin.file:
+        path: "{{ ansible_facts_path }}"
+        state: directory
+        owner: root
+        group: root
+        mode: 'u=rwx,go=rx'
+
+    - name: Create ansible facts file
+      ansible.builtin.template:
+        src: etc/ansible/compliance_facts.j2
+        dest: "{{ ansible_facts_path }}/compliance_facts.fact"
+        owner: root
+        group: root
+        mode: "u-x,go-wx"
+
+- name: Fetch audit files
+  when:
+    - fetch_audit_output
+    - run_audit
+  tags: always
+  ansible.builtin.import_tasks:
+    file: fetch_audit_output.yml
+
 - name: "Show Audit Summary"
  when: run_audit
+  tags: always
  ansible.builtin.debug:
    msg: "{{ audit_results.split('\n') }}"