From 627f6e291d6f4880883d87c6f03d5cbf66029012 Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Tue, 3 May 2022 10:22:00 +0100
Subject: [PATCH] updated environment options

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 defaults/main.yml                | 6 ++++++
 tasks/post_remediation_audit.yml | 3 +++
 tasks/pre_remediation_audit.yml  | 3 +++
 3 files changed, 12 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index 02b0422..b5315a9 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -622,6 +622,12 @@ rhel9cis_passwd_label: "{{ (this_item | default(item)).id }}: {{ (this_item | de
 # 6.2.9
 rhel9cis_dotperm_ansiblemanaged: true
 #### Goss Configuration Settings ####
+# Set correct env for the run_audit.sh script from https://github.com/ansible-lockdown/{{ benchmark }}-Audit.git"
+audit_run_script_environment:
+    AUDIT_BIN: "{{ audit_bin }}"
+    AUDIT_FILE: 'goss.yml'
+    AUDIT_CONTENT_LOCATION: "{{ audit_out_dir }}"
+
 
 ### Goss binary settings ###
 goss_version:
diff --git a/tasks/post_remediation_audit.yml b/tasks/post_remediation_audit.yml
index c1c413f..c36cc3b 100644
--- a/tasks/post_remediation_audit.yml
+++ b/tasks/post_remediation_audit.yml
@@ -2,6 +2,9 @@
 
 - name: "Post Audit | Run post_remediation {{ benchmark }} audit"
   shell: "{{ audit_conf_dir }}/run_audit.sh -v {{ audit_vars_path }} -o {{ post_audit_outfile }} -g {{ group_names }}"
+  Environment: "{{ audit_run_script_environment|default({}) }}"
+  changed_when: audit_run_post_remediation.rc == 0
+  register: audit_run_post_remediation
   args:
       warn: false
 
diff --git a/tasks/pre_remediation_audit.yml b/tasks/pre_remediation_audit.yml
index 4fca3c5..d4d9840 100644
--- a/tasks/pre_remediation_audit.yml
+++ b/tasks/pre_remediation_audit.yml
@@ -86,6 +86,9 @@
 
 - name: "Pre Audit | Run pre_remediation {{ benchmark }} audit"
   shell: "{{ audit_conf_dir }}/run_audit.sh -v {{ audit_vars_path }} -o {{ pre_audit_outfile }} -g {{ group_names }}"
+  Environment: "{{ audit_run_script_environment|default({}) }}"
+  changed_when: audit_run_pre_remediation.rc == 0
+  register: audit_run_pre_remediation
   args:
       warn: false