summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMajor Hayden <major@mhtx.net>2018-01-18 10:03:25 -0600
committerMajor Hayden <major@mhtx.net>2018-01-18 10:03:25 -0600
commit74c904247fb8ad69848db41408df0c812826915d (patch)
tree31ddb3142a2f1df09636dcf617fd5f04b55f22d6
parent65dce4045a75e4a8533b51ffb2d47e4dcd9114a1 (diff)
Use import/include_tasks
This patch uses the new import_tasks/include_tasks modules from Ansible 2.1+ and removes some deprecation warnings from the beginning of playbook runs. Change-Id: I17d0a9bcb9964d666e140b832b6f2a26ff948d41
Notes
Notes (review): Code-Review+2: Markos Chandras (hwoarang) <mchandras@suse.de> Code-Review+2: Jesse Pretorius (odyssey4me) <jesse.pretorius@rackspace.co.uk> Workflow+1: Jesse Pretorius (odyssey4me) <jesse.pretorius@rackspace.co.uk> Verified+2: Zuul Submitted-by: Zuul Submitted-at: Tue, 23 Jan 2018 22:43:52 +0000 Reviewed-on: https://review.openstack.org/534327 Project: openstack/ansible-hardening Branch: refs/heads/master
-rw-r--r--tasks/main.yml4
-rw-r--r--tasks/rhel7stig/dnf.yml2
-rw-r--r--tasks/rhel7stig/main.yml26
-rw-r--r--tasks/rhel7stig/yum.yml2
4 files changed, 17 insertions, 17 deletions
diff --git a/tasks/main.yml b/tasks/main.yml
index 8ecfede..66495d6 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -52,8 +52,8 @@
52 tags: 52 tags:
53 - always 53 - always
54 54
55 - include: "{{ stig_version }}stig/main.yml" 55 - include_tasks: "{{ stig_version }}stig/main.yml"
56 56
57 - include: contrib/main.yml 57 - include_tasks: contrib/main.yml
58 when: 58 when:
59 - security_contrib_enabled | bool 59 - security_contrib_enabled | bool
diff --git a/tasks/rhel7stig/dnf.yml b/tasks/rhel7stig/dnf.yml
index b4a3746..2787a57 100644
--- a/tasks/rhel7stig/dnf.yml
+++ b/tasks/rhel7stig/dnf.yml
@@ -13,7 +13,7 @@
13# See the License for the specific language governing permissions and 13# See the License for the specific language governing permissions and
14# limitations under the License. 14# limitations under the License.
15 15
16- include: rpm.yml 16- include_tasks: rpm.yml
17 17
18- name: Check if /etc/dnf/automatic.conf exists 18- name: Check if /etc/dnf/automatic.conf exists
19 stat: 19 stat:
diff --git a/tasks/rhel7stig/main.yml b/tasks/rhel7stig/main.yml
index 269c65b..7c4698b 100644
--- a/tasks/rhel7stig/main.yml
+++ b/tasks/rhel7stig/main.yml
@@ -33,7 +33,7 @@
33 33
34# Some of the tasks in the role may take a long time to run. Let's start them 34# Some of the tasks in the role may take a long time to run. Let's start them
35# as early as possible so they have time to finish. 35# as early as possible so they have time to finish.
36- include: async_tasks.yml 36- include_tasks: async_tasks.yml
37 37
38- name: Get user data for all users on the system 38- name: Get user data for all users on the system
39 get_users: 39 get_users:
@@ -66,28 +66,28 @@
66 66
67# Package installations and removals must come first so that configuration 67# Package installations and removals must come first so that configuration
68# changes can be made later. 68# changes can be made later.
69- include: packages.yml 69- include_tasks: packages.yml
70 tags: 70 tags:
71 - always 71 - always
72 72
73# Package managers are managed first since the changes in these tasks will 73# Package managers are managed first since the changes in these tasks will
74# affect the remainder of the tasks in the role. 74# affect the remainder of the tasks in the role.
75- include: "{{ ansible_pkg_mgr }}.yml" 75- include_tasks: "{{ ansible_pkg_mgr }}.yml"
76 76
77# The bulk of the security changes are applied in these tasks. The tasks in 77# The bulk of the security changes are applied in these tasks. The tasks in
78# each file are tagged with the same name (for example, tasks in `auth.yml` 78# each file are tagged with the same name (for example, tasks in `auth.yml`
79# are tagged with `auth`). Also, the tag name matches up with the "STIG 79# are tagged with `auth`). Also, the tag name matches up with the "STIG
80# Controls by Tag" section of the role documentation. 80# Controls by Tag" section of the role documentation.
81- include: accounts.yml 81- include_tasks: accounts.yml
82- include: aide.yml 82- include_tasks: aide.yml
83- include: auditd.yml 83- include_tasks: auditd.yml
84- include: auth.yml 84- include_tasks: auth.yml
85- include: file_perms.yml 85- include_tasks: file_perms.yml
86- include: graphical.yml 86- include_tasks: graphical.yml
87- include: kernel.yml 87- include_tasks: kernel.yml
88- include: lsm.yml 88- include_tasks: lsm.yml
89- include: misc.yml 89- include_tasks: misc.yml
90- include: sshd.yml 90- include_tasks: sshd.yml
91 91
92- name: Remove the temporary directory 92- name: Remove the temporary directory
93 file: 93 file:
diff --git a/tasks/rhel7stig/yum.yml b/tasks/rhel7stig/yum.yml
index 33bdb72..bb5c4f2 100644
--- a/tasks/rhel7stig/yum.yml
+++ b/tasks/rhel7stig/yum.yml
@@ -13,7 +13,7 @@
13# See the License for the specific language governing permissions and 13# See the License for the specific language governing permissions and
14# limitations under the License. 14# limitations under the License.
15 15
16- include: rpm.yml 16- include_tasks: rpm.yml
17 17
18- name: Check if /etc/yum/yum-cron.conf exists 18- name: Check if /etc/yum/yum-cron.conf exists
19 stat: 19 stat: