Improvements (#5)

* container standards Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on handlers Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * initial container ignore Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and containder discovery Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic on auditd task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tags and crypto logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * distro update for rocky Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * system_is_container updates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * ssh pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logrotate pkg check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * logic in container check Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * add pkg fact and audit conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * tidy up crypto step Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added missing tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * container vars file now a variable Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added uid discovery and usage Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Updated OS checks and conditionals Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed empty become Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * change audit to include task Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added OS_specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated import/include Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * OS Specific vars Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated tags Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated changed_when Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * fixed UID logic Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * added github templates Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * updated layout Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com> * Added .github ignore again Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
2022-02-02 11:34:50 +00:00 · 2022-02-02 11:34:50 +00:00 · 9db4b7fd81
commit 9db4b7fd81
parent 02a36f7f8d
7 changed files with 168 additions and 0 deletions
--- a/.github/workflows/communitytodevel.yml
+++ b/.github/workflows/communitytodevel.yml
@ -0,0 +1,39 @@
+---
+# This is a basic workflow to help you get started with Actions
+
+name: CommunityToDevel
+
+# Controls when the action will run. Triggers the workflow on push or pull request
+# events but only for the devel branch
+on:
+    pull_request:
+        branches: [ devel ]
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+jobs:
+    # This workflow contains a single job called "build"
+    build:
+        # The type of runner that the job will run on
+        runs-on: ubuntu-latest
+
+        # Steps represent a sequence of tasks that will be executed as part of the job
+        steps:
+            # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+            - uses: actions/checkout@v2
+
+            # Refactr pipeline for devel pull request/merge
+            - name: Refactr - Run Pipeline (to devel)
+              # You may pin to the exact commit or the version.
+              # uses: refactr/action-run-pipeline@be91e2796aa225268e4685c0e01a26d5f800cd53
+              uses: refactr/action-run-pipeline@v0.1.2
+              with:
+                  # API token
+                  api_token: '${{ secrets.REFACTR_KEY }}'
+                  # Project ID
+                  project_id: 5f47f0c4a13c7b18373e5556
+                  # Job ID
+                  job_id: 5f933cbcf9c74e86b1609c00
+                  # Variables
+                  variables: '{ "gitrepo": "https://github.com/ansible-lockdown/RHEL9-CIS.git", "image": "ami-04483b15b4268d18d", "githubBranch": "${{ github.head_ref }}", "username": "centos" }'
+                  # Refactr API base URL
+                  api_url:  # optional
--- a/.github/workflows/develtomain.yml
+++ b/.github/workflows/develtomain.yml
@ -0,0 +1,40 @@
+---
+# This is a basic workflow to help you get started with Actions
+
+name: DevelToMain
+
+# Controls when the action will run. Triggers the workflow on push or pull request
+# events but only for the devel branch
+on:
+    pull_request:
+        branches: [ main ]
+
+# A workflow run is made up of one or more jobs that can run sequentially or in parallel
+
+jobs:
+    # This workflow contains a single job called "build"
+    build:
+        # The type of runner that the job will run on
+        runs-on: ubuntu-latest
+
+        # Steps represent a sequence of tasks that will be executed as part of the job
+        steps:
+            # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
+            - uses: actions/checkout@v2
+
+            # Refactr pipeline for devel pull request/merge
+            - name: Refactr - Run Pipeline (to main)
+              # You may pin to the exact commit or the version.
+              # uses: refactr/action-run-pipeline@be91e2796aa225268e4685c0e01a26d5f800cd53
+              uses: refactr/action-run-pipeline@v0.1.2
+              with:
+                  # API token
+                  api_token: '${{ secrets.REFACTR_KEY }}'
+                  # Project ID
+                  project_id: 5f47f0c4a13c7b18373e5556
+                  # Job ID
+                  job_id: 5f90ad90f9c74e6d1e606e33
+                  # Variables
+                  variables: '{ "gitrepo": "https://github.com/ansible-lockdown/RHEL9-CIS.git", "image": "ami-04483b15b4268d18d", "username": "centos" }'
+                  # Refactr API base URL
+                  api_url:  # optional