From a67a484971bd41ab53bbee286fec5cce32790bae Mon Sep 17 00:00:00 2001
From: Mark Bolwell <mark.bollyuk@gmail.com>
Date: Thu, 21 Sep 2023 14:55:55 +0100
Subject: [PATCH] import_tasks file added

Signed-off-by: Mark Bolwell <mark.bollyuk@gmail.com>
---
 tasks/section_1/main.yml | 54 ++++++++++++++++++++++++++--------------
 tasks/section_2/main.yml | 12 ++++++---
 tasks/section_3/main.yml | 15 +++++++----
 tasks/section_4/main.yml | 24 ++++++++++++------
 tasks/section_5/main.yml | 21 ++++++++++------
 tasks/section_6/main.yml |  6 +++--
 6 files changed, 88 insertions(+), 44 deletions(-)

diff --git a/tasks/section_1/main.yml b/tasks/section_1/main.yml
index d9bc3b5..ccc1e04 100644
--- a/tasks/section_1/main.yml
+++ b/tasks/section_1/main.yml
@@ -1,59 +1,77 @@
 ---
 
 - name: "SECTION | 1.1.1.x | Disable unused filesystems"
-  ansible.builtin.import_tasks: cis_1.1.1.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.1.1.x.yml
 
 - name: "SECTION | 1.1.2.x | Configure /tmp"
-  ansible.builtin.import_tasks: cis_1.1.2.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.1.2.x.yml
 
 - name: "SECTION | 1.1.3.x | Configure /var"
-  ansible.builtin.import_tasks: cis_1.1.3.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.1.3.x.yml
 
 - name: "SECTION | 1.1.4.x | Configure /var/tmp"
-  ansible.builtin.import_tasks: cis_1.1.4.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.1.4.x.yml
 
 - name: "SECTION | 1.1.5.x | Configure /var/log"
-  ansible.builtin.import_tasks: cis_1.1.5.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.1.5.x.yml
 
 - name: "SECTION | 1.1.6.x | Configure /var/log/audit"
-  ansible.builtin.import_tasks: cis_1.1.6.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.1.6.x.yml
 
 - name: "SECTION | 1.1.7.x | Configure /home"
-  ansible.builtin.import_tasks: cis_1.1.7.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.1.7.x.yml
 
 - name: "SECTION | 1.1.8.x | Configure /dev/shm"
-  ansible.builtin.import_tasks: cis_1.1.8.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.1.8.x.yml
 
 - name: "SECTION | 1.1.x | Disable various mounting"
-  ansible.builtin.import_tasks: cis_1.1.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.1.x.yml
 
 - name: "SECTION | 1.2 | Configure Software Updates"
-  ansible.builtin.import_tasks: cis_1.2.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.2.x.yml
 
 - name: "SECTION | 1.3 | Filesystem Integrity Checking"
-  ansible.builtin.import_tasks: cis_1.3.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.3.x.yml
   when: rhel9cis_config_aide
 
 - name: "SECTION | 1.4 | Secure Boot Settings"
-  ansible.builtin.import_tasks: cis_1.4.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.4.x.yml
 
 - name: "SECTION | 1.5 | Additional Process Hardening"
-  ansible.builtin.import_tasks: cis_1.5.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.5.x.yml
 
 - name: "SECTION | 1.6 | Mandatory Access Control"
-  include_tasks: cis_1.6.1.x.yml
+  ansible.builtin.include_tasks:
+      file: cis_1.6.1.x.yml
   when: not rhel9cis_selinux_disable
 
 - name: "SECTION | 1.7 | Command Line Warning Banners"
-  ansible.builtin.import_tasks: cis_1.7.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.7.x.yml
 
 - name: "SECTION | 1.8 | Gnome Display Manager"
-  ansible.builtin.import_tasks: cis_1.8.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.8.x.yml
 
 - name: "SECTION | 1.9 | Updates and Patches"
-  ansible.builtin.import_tasks: cis_1.9.yml
+  ansible.builtin.import_tasks:
+      file: cis_1.9.yml
 
 - name: "SECTION | 1.10 | Crypto policies"
-  include_tasks: cis_1.10.yml
+  ansible.builtin.include_tasks:
+      file: cis_1.10.yml
   when:
   - not system_is_ec2
diff --git a/tasks/section_2/main.yml b/tasks/section_2/main.yml
index 39b912d..3e8996a 100644
--- a/tasks/section_2/main.yml
+++ b/tasks/section_2/main.yml
@@ -1,13 +1,17 @@
 ---
 
 - name: "SECTION | 2.1 | Time Synchronization"
-  ansible.builtin.import_tasks: cis_2.1.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_2.1.x.yml
 
 - name: "SECTION | 2.2 | Special Purpose Services"
-  ansible.builtin.import_tasks: cis_2.2.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_2.2.x.yml
 
 - name: "SECTION | 2.3 | Service Clients"
-  ansible.builtin.import_tasks: cis_2.3.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_2.3.x.yml
 
 - name: "SECTION | 2.4 | Nonessential services removed"
-  ansible.builtin.import_tasks: cis_2.4.yml
+  ansible.builtin.import_tasks:
+      file: cis_2.4.yml
diff --git a/tasks/section_3/main.yml b/tasks/section_3/main.yml
index 535aba9..34553d7 100644
--- a/tasks/section_3/main.yml
+++ b/tasks/section_3/main.yml
@@ -1,16 +1,21 @@
 ---
 
 - name: "SECTION | 3.1.x | Disable unused network protocols and devices"
-  ansible.builtin.import_tasks: cis_3.1.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_3.1.x.yml
 
 - name: "SECTION | 3.2.x | Network Parameters (Host Only)"
-  ansible.builtin.import_tasks: cis_3.2.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_3.2.x.yml
 
 - name: "SECTION | 3.3.x | Network Parameters (host and Router)"
-  ansible.builtin.import_tasks: cis_3.3.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_3.3.x.yml
 
 - name: "SECTION | 3.4.1.x | Firewall configuration"
-  ansible.builtin.import_tasks: cis_3.4.1.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_3.4.1.x.yml
 
 - name: "SECTION | 3.4.2.x | Configure firewall"
-  ansible.builtin.import_tasks: cis_3.4.2.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_3.4.2.x.yml
diff --git a/tasks/section_4/main.yml b/tasks/section_4/main.yml
index 285a2f3..db729af 100644
--- a/tasks/section_4/main.yml
+++ b/tasks/section_4/main.yml
@@ -1,29 +1,37 @@
 ---
 
 - name: "SECTION | 4.1 | Configure System Accounting (auditd)"
-  ansible.builtin.import_tasks: cis_4.1.1.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_4.1.1.x.yml
   when:
       - not system_is_container
 
 - name: "SECTION | 4.1.2 | Configure Data Retention"
-  ansible.builtin.import_tasks: cis_4.1.2.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_4.1.2.x.yml
 
 - name: "SECTION | 4.1.3 | Configure Auditd rules"
-  ansible.builtin.import_tasks: cis_4.1.3.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_4.1.3.x.yml
 
 - name: "SECTION | 4.1.4 | Configure Audit files"
-  ansible.builtin.import_tasks: cis_4.1.4.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_4.1.4.x.yml
 
 - name: "SECTION | 4.2 | Configure Logging"
-  ansible.builtin.import_tasks: cis_4.2.1.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_4.2.1.x.yml
   when: rhel9cis_syslog == 'rsyslog'
 
 - name: "SECTION | 4.2.2 | Configure journald"
-  ansible.builtin.import_tasks: cis_4.2.2.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_4.2.2.x.yml
   when: rhel9cis_syslog == 'journald'
 
 - name: "SECTION | 4.2.3 | Configure logile perms"
-  ansible.builtin.import_tasks: cis_4.2.3.yml
+  ansible.builtin.import_tasks:
+      file: cis_4.2.3.yml
 
 - name: "SECTION | 4.3 | Configure logrotate"
-  ansible.builtin.import_tasks: cis_4.3.yml
+  ansible.builtin.import_tasks:
+      file: cis_4.3.yml
diff --git a/tasks/section_5/main.yml b/tasks/section_5/main.yml
index 5aed1c1..ed06b5a 100644
--- a/tasks/section_5/main.yml
+++ b/tasks/section_5/main.yml
@@ -3,24 +3,31 @@
 # Access, Authentication, and Authorization
 
 - name: "SECTION | 5.1 | Configure time-based job schedulers"
-  ansible.builtin.import_tasks: cis_5.1.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_5.1.x.yml
 
 - name: "SECTION | 5.2 | Configure SSH Server"
-  ansible.builtin.import_tasks: cis_5.2.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_5.2.x.yml
   when:
       - "'openssh-server' in ansible_facts.packages"
 
 - name: "SECTION | 5.3 | Configure privilege escalation"
-  ansible.builtin.import_tasks: cis_5.3.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_5.3.x.yml
 
 - name: "SECTION | 5.4 | Configure authselect"
-  ansible.builtin.import_tasks: cis_5.4.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_5.4.x.yml
 
 - name: "SECTION | 5.5 | Configure PAM "
-  ansible.builtin.import_tasks: cis_5.5.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_5.5.x.yml
 
 - name: "SECTION | 5.6.1.x | Shadow Password Suite Parameters"
-  ansible.builtin.import_tasks: cis_5.6.1.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_5.6.1.x.yml
 
 - name: "SECTION | 5.6.x | Misc. User Account Settings"
-  ansible.builtin.import_tasks: cis_5.6.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_5.6.x.yml
diff --git a/tasks/section_6/main.yml b/tasks/section_6/main.yml
index 35328e5..b194fdc 100644
--- a/tasks/section_6/main.yml
+++ b/tasks/section_6/main.yml
@@ -1,7 +1,9 @@
 ---
 
 - name: "SECTION | 6.1 | System File Permissions"
-  ansible.builtin.import_tasks: cis_6.1.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_6.1.x.yml
 
 - name: "SECTION | 6.2 | User and Group Settings"
-  ansible.builtin.import_tasks: cis_6.2.x.yml
+  ansible.builtin.import_tasks:
+      file: cis_6.2.x.yml