Added storage (STRG-1846) test

pyllyukko · Dec 18, 2024 · 28f12e1 · 28f12e1
1 parent 63246c8
commit 28f12e1
Showing 1 changed file with 22 additions and 0 deletions.
diff --git a/.github/workflows/ansible-playbook.yml b/.github/workflows/ansible-playbook.yml
@@ -245,3 +245,25 @@ jobs:
         with:
           name: lynis-file_integrity.log
           path: /var/log/lynis.log
+  storage:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Install Lynis
+        run: |
+          ansible-playbook harden.yml --tags lynis --skip-tags slackware,centos
+          echo 'skip-upgrade-test=yes' | sudo tee -a /etc/lynis/custom.prf
+      - name: Run Lynis (pre-harden)
+        run: sudo lynis audit system --skip-plugins --tests-from-group storage
+      - name: Run Ansible playbook for kernel
+        run: ansible-playbook harden.yml --tags kernel
+      - name: Run Lynis
+        run: sudo lynis audit system --skip-plugins --tests-from-group storage
+      - name: chmod Lynis log
+        run: sudo chmod -c 644 /var/log/lynis.log
+      - name: Archive Lynis log
+        uses: actions/upload-artifact@v4
+        with:
+          name: lynis-storage.log
+          path: /var/log/lynis.log