diff --git a/.github/workflows/ansible-playbook.yml b/.github/workflows/ansible-playbook.yml index eeb48075..985ffd96 100644 --- a/.github/workflows/ansible-playbook.yml +++ b/.github/workflows/ansible-playbook.yml @@ -295,25 +295,25 @@ jobs: # with: # name: lynis-firewalls.log # path: /var/log/lynis.log - almost-whole-playbook: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - name: Install Lynis - run: | - ansible-playbook harden.yml --tags lynis --skip-tags slackware,centos - echo 'skip-upgrade-test=yes' | sudo tee -a /etc/lynis/custom.prf - - name: Run Lynis (pre-harden) - run: sudo lynis audit system --skip-plugins - - name: Run Ansible playbook - run: ansible-playbook harden.yml --skip-tags slackware,centos,lynis,firewall,yara,sudo - - name: Run Lynis - run: sudo lynis audit system --skip-plugins - - name: chmod Lynis log - run: sudo chmod -c 644 /var/log/lynis.log - - name: Archive Lynis log - uses: actions/upload-artifact@v4 - with: - name: lynis.log - path: /var/log/lynis.log + #almost-whole-playbook: + # runs-on: ubuntu-latest + # steps: + # - name: Checkout + # uses: actions/checkout@v3 + # - name: Install Lynis + # run: | + # ansible-playbook harden.yml --tags lynis --skip-tags slackware,centos + # echo 'skip-upgrade-test=yes' | sudo tee -a /etc/lynis/custom.prf + # - name: Run Lynis (pre-harden) + # run: sudo lynis audit system --skip-plugins + # - name: Run Ansible playbook + # run: ansible-playbook harden.yml --skip-tags slackware,centos,lynis,firewall,yara,sudo + # - name: Run Lynis + # run: sudo lynis audit system --skip-plugins + # - name: chmod Lynis log + # run: sudo chmod -c 644 /var/log/lynis.log + # - name: Archive Lynis log + # uses: actions/upload-artifact@v4 + # with: + # name: lynis.log + # path: /var/log/lynis.log