Multi-profile compliance (#87)

Co-authored-by: willtome <wtome@redhat.com>
2023-09-25 15:13:15 -04:00
parent 44585bf1b9
commit a5aa9564f5
7 changed files with 255 additions and 3 deletions
--- a/linux/setup.yml
+++ b/linux/setup.yml
@@ -359,6 +359,84 @@ controller_templates:
          variable: _hosts
          required: true

+  - name: "LINUX / Multi-profile Compliance"
+    job_type: run
+    inventory: "Demo Inventory"
+    project: "Ansible official demo project"
+    playbook: "linux/compliance-enforce.yml"
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    credentials:
+      - "Demo Credential"
+    extra_vars:
+      # used by CIS profile role
+      sudo_require_authentication: false
+      # used by STIG profile role
+      sudo_remove_nopasswd: false
+      sudo_remove_no_authenticate: false
+      # used by CIS and STIG profile role
+      accounts_password_set_max_life_existing: false
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: Server Name or Pattern
+          type: text
+          variable: _hosts
+          required: true
+        - question_name: Compliance Profile
+          type: multiplechoice
+          variable: compliance_profile
+          required: true
+          choices:
+            - cis
+            - cui
+            - hipaa
+            - ospp
+            - pci_dss
+            - stig
+
+  - name: "LINUX / Multi-profile Compliance Report"
+    job_type: run
+    inventory: "Demo Inventory"
+    project: "Ansible official demo project"
+    playbook: "linux/compliance-report.yml"
+    notification_templates_started: Telemetry
+    notification_templates_success: Telemetry
+    notification_templates_error: Telemetry
+    credentials:
+      - "Demo Credential"
+    survey_enabled: true
+    survey:
+      name: ''
+      description: ''
+      spec:
+        - question_name: Server Name or Pattern
+          type: text
+          variable: _hosts
+          required: true
+        - question_name: Compliance Profile
+          type: multiplechoice
+          variable: compliance_profile
+          required: true
+          choices:
+            - cis
+            - cui
+            - hipaa
+            - ospp
+            - pci_dss
+            - stig
+        - question_name: Use httpd on the target host(s) to access reports locally?
+          type: multiplechoice
+          variable: use_httpd
+          required: true
+          choices:
+            - "true"
+            - "false"
+          default: "true"
+
  - name: "LINUX / Insights Compliance Scan"
    job_type: run
    inventory: "Demo Inventory"
@@ -408,3 +486,5 @@ controller_templates:
          type: text
          variable: application
          required: true
+
+...