Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug using os_hardening "tags" #567

Closed
DonEstefan opened this issue Aug 24, 2022 · 0 comments · Fixed by #569
Closed

Bug using os_hardening "tags" #567

DonEstefan opened this issue Aug 24, 2022 · 0 comments · Fixed by #569

Comments

@DonEstefan
Copy link
Contributor

Describe the bug

Tags in roles/os_hardening/tasks/*.yml do not work.

additional info

0476a5e introduced nesting of "include_tasks" over multiple files.

  1. main.yml includes the file hardening.yml.
  2. hardening.yml includes several other yml files.

This nesting of "include_tasks" introduces difficulties when using tags (see here).

Expected behavior
running ansible playbook site.yml --tags user_accounts should run all tasks tagged as "always" or "user_accounts"

example playbook "site.yml"

  - name: linux os hardening
    import_role:
      name: devsec.hardening.os_hardening

Actual behavior

Ansible does not run any task.

PLAY [all] ***************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] ***************************************************************************************************************************************************************************************************************
ok: [testhost]

PLAY RECAP ***************************************************************************************************************************************************************************************************************************
testhost : ok=1    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

OS / Environment
RHEL8

Ansible Version

ansible [core 2.12.2]
  config file = /home/sela/ansible-proxy/ansible.cfg
  configured module search path = ['/home/sela/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/lib/python3.8/site-packages/ansible
  ansible collection location = /home/sela/.ansible/collections:/usr/share/ansible/collections
  executable location = /usr/bin/ansible
  python version = 3.8.12 (default, Apr 21 2022, 07:55:08) [GCC 8.5.0 20210514 (Red Hat 8.5.0-10)]
  jinja version = 2.10.3
  libyaml = True

Role Version

7.14.3

Proposed change

Please add "tags: always" to the roles/os_hardening/tasks/main.yml. This makes tags from nested yml files usable again.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

add always-tag to include so other tags can be used dev-sec/ansible-collection-hardening
1 participant
@DonEstefan