syncing two demos

2020-02-25 15:52:33 -05:00
parent 97c2a07ff3
commit bdea0894aa
5 changed files with 103 additions and 37 deletions
--- a/choose_demo.yml
+++ b/choose_demo.yml
@@ -1,3 +1,8 @@
 ---
 ## chose demo or choose all
-demo: deploy_application
+
+#example that installs just the deploy_application job template
+#demo: deploy_application
+
+#example that installs all demos
+demo: all
--- a/playbooks/10_openscap.yml
+++ b/playbooks/10_openscap.yml
@@ -0,0 +1,45 @@
+---
+- name: build openscap report for rhel7
+  hosts: all
+  gather_facts: false
+
+  vars:
+    file_path: "/var/www/html/openscap/"
+    ssg_schema: "/usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml"
+
+  tasks:
+    - name: make sure openscap-scanner and scap-security guide are installed
+      yum:
+        name:
+          - openscap-scanner
+          - scap-security-guide
+        state: present
+
+    - name: Check if  SCAP Security Guide (SSG) profile is available
+      stat:
+        path: "{{ssg_schema}}"
+
+    - name: create HTML report
+      command: "oscap xccdf eval --fetch-remote-resources --profile xccdf_org.ssgproject.content_profile_standard --results report.xml --report index.html {{ssg_schema}}"
+      register: command_result
+      failed_when: "'Error' in command_result.stderr"
+
+    - name: Create directory if it does not exist
+      become: yes
+      file:
+        path: "{{file_path}}"
+        state: directory
+
+    - name: move files into httpd
+      become: yes
+      copy:
+        src: ./{{item}}
+        dest: "{{file_path}}/{{item}}"
+        remote_src: yes
+      loop:
+        - report.xml
+        - index.html
+
+    - name: DISPLAY LINK TO INVENTORY REPORT
+      debug:
+        msg: "Please go to http://{{ansible_host}}/openscap"
--- a/playbooks/group_vars/all/all.yml
+++ b/playbooks/group_vars/all/all.yml
@@ -6,9 +6,20 @@ demos:
    inventory: "Workshop Inventory"
    project: "Ansible official demo project"
    playbook: "playbooks/01_deploy_application.yml"
-    credential: "Demo Credential"
+    credential: "Workshop Credential"
    survey_enabled: yes
    survey_spec: "{{survey_deploy_application}}"
    workshop_type:
      - f5
      - rhel
+  openscap:
+    name: "Create Openscap Report"
+    job_type: "run"
+    inventory: "Workshop Inventory"
+    project: "Ansible official demo project"
+    playbook: "playbooks/10_openscap.yml"
+    credential: "Workshop Credential"
+    survey_enabled: no
+    workshop_type:
+      - f5
+      - rhel
--- a/roles/install_demo/tasks/add_job_template.yml
+++ b/roles/install_demo/tasks/add_job_template.yml
@@ -0,0 +1,32 @@
+- name: add deploy application job template
+  tower_job_template:
+    name: "{{demos[demo].name}}"
+    job_type: "{{demos[demo].job_type}}"
+    inventory: "{{demos[demo].inventory}}"
+    project: "{{demos[demo].project}}"
+    playbook: "{{demos[demo].playbook}}"
+    credential: "{{demos[demo].credential}}"
+    survey_enabled: "{{demos[demo].survey_enabled}}"
+    tower_username: "{{my_tower_username}}"
+    tower_password: "{{my_tower_password}}"
+    tower_host: "{{my_tower_host}}"
+    validate_certs: no
+  when:
+    - not demos[demo].survey_enabled
+
+- name: add deploy application job template
+  tower_job_template:
+    name: "{{demos[demo].name}}"
+    job_type: "{{demos[demo].job_type}}"
+    inventory: "{{demos[demo].inventory}}"
+    project: "{{demos[demo].project}}"
+    playbook: "{{demos[demo].playbook}}"
+    credential: "{{demos[demo].credential}}"
+    survey_enabled: "{{demos[demo].survey_enabled}}"
+    survey_spec: "{{demos[demo].survey_spec}}"
+    tower_username: "{{my_tower_username}}"
+    tower_password: "{{my_tower_password}}"
+    tower_host: "{{my_tower_host}}"
+    validate_certs: no
+  when:
+    - demos[demo].survey_enabled
--- a/roles/install_demo/tasks/main.yml
+++ b/roles/install_demo/tasks/main.yml
@@ -11,39 +11,12 @@
    tower_host: "{{my_tower_host}}"
    validate_certs: no

- name: print out
-  debug:
-    msg: "{{demos[demo].survey_enabled}}"
+- name: install job template
+  include: add_job_template.yml
+  when: demo != "all"

- name: add deploy application job template
-  tower_job_template:
-    name: "{{demos[demo].name}}"
-    job_type: "{{demos[demo].job_type}}"
-    inventory: "{{demos[demo].inventory}}"
-    project: "{{demos[demo].project}}"
-    playbook: "{{demos[demo].playbook}}"
-    credential: "{{demos[demo].credential}}"
-    survey_enabled: "{{demos[demo].survey_enabled}}"
-    tower_username: "{{my_tower_username}}"
-    tower_password: "{{my_tower_password}}"
-    tower_host: "{{my_tower_host}}"
-    validate_certs: no
-  when:
-    - not demos[demo].survey_enabled
-
- name: add deploy application job template
-  tower_job_template:
-    name: "{{demos[demo].name}}"
-    job_type: "{{demos[demo].job_type}}"
-    inventory: "{{demos[demo].inventory}}"
-    project: "{{demos[demo].project}}"
-    playbook: "{{demos[demo].playbook}}"
-    credential: "{{demos[demo].credential}}"
-    survey_enabled: "{{demos[demo].survey_enabled}}"
-    survey_spec: "{{demos[demo].survey_spec}}"
-    tower_username: "{{my_tower_username}}"
-    tower_password: "{{my_tower_password}}"
-    tower_host: "{{my_tower_host}}"
-    validate_certs: no
-  when:
-    - demos[demo].survey_enabled
+- name: install job template
+  include: add_job_template.yml
+  when: demo == "all"
+  with_items:
+    - demos