diff --git a/.github/workflows/ansible-lint.yml b/.github/workflows/ansible-lint.yml index 4260388..f8f9722 100644 --- a/.github/workflows/ansible-lint.yml +++ b/.github/workflows/ansible-lint.yml @@ -2,6 +2,13 @@ name: Ansible Lint on: [push, pull_request] +env: + ANSIBLE_GALAXY_SERVER_LIST: ah,galaxy + ANSIBLE_GALAXY_SERVER_AH_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_AH_URL }} + ANSIBLE_GALAXY_SERVER_AH_AUTH_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_AH_AUTH_URL }} + ANSIBLE_GALAXY_SERVER_AH_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_AH_TOKEN }} + ANSIBLE_GALAXY_SERVER_GALAXY_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_GALAXY_URL }} + jobs: build: runs-on: ubuntu-latest @@ -14,9 +21,3 @@ jobs: - name: Run ansible-lint uses: ansible/ansible-lint-action@v6 - env: - ANSIBLE_GALAXY_SERVER_LIST: ah,galaxy - ANSIBLE_GALAXY_SERVER_AH_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_AH_URL }} - ANSIBLE_GALAXY_SERVER_AH_AUTH_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_AH_AUTH_URL }} - ANSIBLE_GALAXY_SERVER_AH_TOKEN: ${{ secrets.ANSIBLE_GALAXY_SERVER_AH_TOKEN }} - ANSIBLE_GALAXY_SERVER_GALAXY_URL: ${{ vars.ANSIBLE_GALAXY_SERVER_GALAXY_URL }} diff --git a/collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml index c067467..882f641 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_network/tasks/main.yml @@ -2,12 +2,13 @@ ansible.builtin.file: path: "{{ file_path }}" state: directory - mode: '0755' + mode: "0755" - name: Create HTML report ansible.builtin.template: src: report.j2 dest: "{{ file_path }}/network.html" + mode: "0644" check_mode: false - name: Copy CSS over @@ -15,6 +16,7 @@ src: "css" dest: "{{ file_path }}" directory_mode: true + mode: "0775" check_mode: false - name: Copy logos over @@ -22,6 +24,7 @@ src: "{{ item }}" dest: "{{ file_path }}" directory_mode: true + mode: "0644" loop: - "webpage_logo.png" - "redhat-ansible-logo.svg" diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml index 50963b4..af7e3f1 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows/tasks/main.yml @@ -2,18 +2,21 @@ ansible.builtin.template: src: report.j2 dest: "{{ file_path }}/windows.html" + mode: "0644" - name: Copy CSS over ansible.builtin.copy: src: "css" dest: "{{ file_path }}" directory_mode: true + mode: "0755" - name: Copy logos over ansible.builtin.copy: src: "{{ item }}" dest: "{{ file_path }}" directory_mode: true + mode: "0644" loop: - "webpage_logo.png" - "redhat-ansible-logo.svg" diff --git a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml index 4605962..a7b7233 100644 --- a/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/build_report_windows_patch/tasks/main.yml @@ -2,6 +2,7 @@ ansible.builtin.template: src: report.j2 dest: "{{ file_path }}/windowspatch.html" + mode: "0644" check_mode: false - name: Copy CSS over @@ -9,6 +10,7 @@ src: "css" dest: "{{ file_path }}" directory_mode: true + mode: "0775" check_mode: false - name: Copy logo over @@ -16,23 +18,9 @@ src: "webpage_logo.png" dest: "{{ file_path }}" directory_mode: true + mode: "0644" check_mode: false - name: Display link to Patch report ansible.builtin.debug: msg: "Please go to http://{{ ansible_host }}/windowspatch.html" - -- name: Send Report via E-mail - community.general.mail: - host: "{{ EMAIL_HOST }}" - username: "{{ EMAIL_USERNAME }}" - password: "{{ EMAIL_PASSWORD }}" - port: "{{ EMAIL_PORT }}" - subject: "Windows Patching Report" - body: "{{ lookup('template', 'report.j2') }}" - from: "{{ EMAIL_FROM }}" - to: "{{ EMAIL_TO }}" - subtype: html - delegate_to: localhost - become: false - check_mode: false diff --git a/collections/ansible_collections/demo/patching/roles/patch_linux/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/patch_linux/tasks/main.yml index 4cd6063..127b214 100644 --- a/collections/ansible_collections/demo/patching/roles/patch_linux/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/patch_linux/tasks/main.yml @@ -34,4 +34,4 @@ ansible.builtin.reboot: when: - result.rc == 1 - - allow_reboot == true + - allow_reboot diff --git a/collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml index 0615c85..cc07816 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux/tasks/main.yml @@ -2,6 +2,7 @@ ansible.builtin.template: src: report.j2 dest: "{{ file_path }}/linux.html" + mode: "0644" check_mode: false - name: Copy CSS over @@ -9,6 +10,7 @@ src: "css" dest: "{{ file_path }}" directory_mode: true + mode: "0775" check_mode: false - name: Copy logos over @@ -16,6 +18,7 @@ src: "{{ item }}" dest: "{{ file_path }}" directory_mode: true + mode: "0644" loop: - "webpage_logo.png" - "redhat-ansible-logo.svg" diff --git a/collections/ansible_collections/demo/patching/roles/report_linux_patching/tasks/main.yml b/collections/ansible_collections/demo/patching/roles/report_linux_patching/tasks/main.yml index 1b1fcbd..a0d145f 100644 --- a/collections/ansible_collections/demo/patching/roles/report_linux_patching/tasks/main.yml +++ b/collections/ansible_collections/demo/patching/roles/report_linux_patching/tasks/main.yml @@ -2,6 +2,7 @@ ansible.builtin.template: src: report.j2 dest: "{{ file_path }}/linuxpatch.html" + mode: "0644" check_mode: false - name: Copy CSS over @@ -9,6 +10,7 @@ src: "css" dest: "{{ file_path }}" directory_mode: true + mode: "0775" check_mode: false - name: Copy logo over @@ -16,6 +18,7 @@ src: "webpage_logo.png" dest: "{{ file_path }}" directory_mode: true + mode: "0644" check_mode: false - name: Display link to Linux patch report diff --git a/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml b/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml index 51b7a4f..a69a45d 100644 --- a/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml +++ b/collections/ansible_collections/demo/patching/roles/report_server/tasks/apache.yml @@ -12,12 +12,14 @@ ansible.builtin.file: path: "{{ doc_root }}/{{ reports_dir }}" state: directory + mode: "0775" check_mode: false - name: Copy .htaccess ansible.builtin.copy: dest: "{{ doc_root }}/{{ reports_dir }}/.htaccess" content: Options +Indexes + mode: "0644" check_mode: false - name: Install httpd service diff --git a/collections/ansible_collections/demo/patching/roles/report_server/tasks/linux_landing_page.yml b/collections/ansible_collections/demo/patching/roles/report_server/tasks/linux_landing_page.yml index 6757f96..668609e 100644 --- a/collections/ansible_collections/demo/patching/roles/report_server/tasks/linux_landing_page.yml +++ b/collections/ansible_collections/demo/patching/roles/report_server/tasks/linux_landing_page.yml @@ -13,6 +13,7 @@ ansible.builtin.template: src: linux_report.j2 dest: "{{ doc_root }}/index.html" + mode: "0644" check_mode: false - name: Copy CSS @@ -20,6 +21,7 @@ src: "css" dest: "{{ doc_root }}" directory_mode: true + mode: "0775" check_mode: false - name: Copy logos @@ -27,6 +29,7 @@ src: "{{ item }}" dest: "{{ doc_root }}" directory_mode: true + mode: "0775" loop: - "webpage_logo.png" - "redhat-ansible-logo.svg" diff --git a/linux/deploy_application.yml b/linux/deploy_application.yml index eca3563..712d031 100644 --- a/linux/deploy_application.yml +++ b/linux/deploy_application.yml @@ -19,13 +19,15 @@ name: "{{ application }}" allow_downgrade: true register: result + notify: Printing to terminal application information + - name: Printing to terminal application information # noqa: no-handler + ansible.builtin.debug: + msg: "The application: {{ application }} was already installed" + when: not result.changed | bool + + handlers: - name: Printing to terminal application information ansible.builtin.debug: msg: "The application: {{ application }} has been installed" when: result.changed | bool - - - name: Printing to terminal application information - ansible.builtin.debug: - msg: "The application: {{ application }} was already installed" - when: not result.changed | bool diff --git a/linux/podman.yml b/linux/podman.yml index fe8f673..db3f319 100644 --- a/linux/podman.yml +++ b/linux/podman.yml @@ -16,11 +16,14 @@ ansible.builtin.file: path: "{{ volume_path }}" state: directory + mode: "0775" - name: Create index.html ansible.builtin.copy: dest: "{{ volume_path }}/index.html" content: "{{ message }}" + mode: "0664" + - name: Run httpd container containers.podman.podman_container: @@ -30,11 +33,11 @@ volume: - "./{{ volume_path }}/:/usr/local/apache2/htdocs:z" ports: - - "8080:80" + - "8081:80" - name: Check Web Page ansible.builtin.uri: - url: http://127.0.0.1:8080 + url: http://127.0.0.1:8081 return_content: true register: web_output changed_when: false diff --git a/satellite/server_openscap.yml b/satellite/server_openscap.yml index d62e5b7..71edabe 100644 --- a/satellite/server_openscap.yml +++ b/satellite/server_openscap.yml @@ -9,9 +9,10 @@ tasks: - name: Randomized startup delay... - ansible.builtin.pause: seconds="{{ 5 | random }}" + ansible.builtin.pause: + seconds: "{{ 5 | random }}" - - name: Run SCAP Scan + - name: Run SCAP Scan # noqa: no-changed-when - purpose is to run everytime ansible.builtin.command: "/usr/bin/foreman_scap_client {{ item.id }}" loop: "{{ policy }}" when: policy_scan == 'all' or item.name in policy_scan