6f354a7a4b
We aim to decrease usage of the tests repo as much as we can, so we are switching roles to the tests completed by integrated repo. Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/792639 Change-Id: Ice89ada6e009d3aaaff5fa261c7b9cf23216f159
18 lines
472 B
YAML
18 lines
472 B
YAML
---
|
|
- name: Gather security hardening facts
|
|
hosts: "{{ security_host_group|default('hosts') }}"
|
|
gather_facts: True
|
|
tags:
|
|
- always
|
|
|
|
- name: Apply security hardening configurations
|
|
hosts: "{{ security_host_group|default('hosts') }}"
|
|
gather_facts: false
|
|
user: root
|
|
roles:
|
|
- role: "ansible-hardening"
|
|
when: apply_security_hardening | default(True) | bool
|
|
environment: "{{ deployment_environment_variables | default({}) }}"
|
|
tags:
|
|
- security
|