Testing ansible-playbook test action

pyllyukko · Dec 17, 2024 · 6dffa41 · 6dffa41
1 parent a5b1b13
commit 6dffa41
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/.github/workflows/banners.yml b/.github/workflows/banners.yml
@@ -0,0 +1,13 @@
+name: ansible-playbook
+on: [push, pull_request]
+
+jobs:
+  banners:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Install Lynis
+        run: ansible-playbook -v harden.yml --tags lynis
+      - name: Run Ansible playbook for banners
+        run: ansible-playbook -v harden.yml --tags banners --extra-vars run_lynis_after_hardening=true
diff --git a/harden.yml b/harden.yml
@@ -5,13 +5,14 @@
     - vars.yml
   tasks:
     # Bunch of checks first, so the playbook doesn't fail in the middle.
+    # Ubuntu is only for the GitHub Actions runner
     - name: Check OS version
       ansible.builtin.assert:
         that: >
           (ansible_distribution == "Slackware" and ansible_distribution_major_version | int >= 15) or
           (ansible_distribution == "Debian" and ansible_distribution_major_version | int >= 12) or
           (ansible_distribution == "CentOS" and ansible_distribution_major_version == "7") or
-          ansible_distribution == "Kali"
+          ansible_distribution == "Kali" or ansible_distribution == "Ubuntu"
         msg: "Unsupported operating system"
       tags: check
     - name: Sudo checks