product-demos/playbooks/10_openscap.yml

---
- name: build openscap report for rhel7
  hosts: web
  gather_facts: false

  vars:
    file_path: "/var/www/html/openscap/"
    ssg_schema: "/usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml"

  tasks:
    - name: make sure openscap-scanner and scap-security guide are installed
      yum:
        name:
          - openscap-scanner
          - scap-security-guide
        state: present

    - name: Check if  SCAP Security Guide (SSG) profile is available
      stat:
        path: "{{ssg_schema}}"

    - name: create HTML report
      command: "oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --results report.xml --report index.html {{ssg_schema}}"
      register: command_result
      failed_when: "'Error' in command_result.stderr"

    - name: Create directory if it does falset exist
      become: true
      file:
        path: "{{file_path}}"
        state: directory

    - name: move files into httpd
      become: true
      copy:
        src: ./{{item}}
        dest: "{{file_path}}/{{item}}"
        remote_src: true
      loop:
        - report.xml
        - index.html

    - name: DISPLAY LINK TO INVENTORY REPORT
      debug:
        msg: "Please go to http://{{ansible_host}}/openscap"