File tree 9 files changed +40
-66
lines changed
9 files changed +40
-66
lines changed Original file line number Diff line number Diff line change @@ -60,17 +60,14 @@ jobs:
6060 uses : actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5
6161 with :
6262 python-version : 3.12
63+ cache : ' pip'
6364
6465 - name : Install dependencies
65- run : |
66- sudo apt install git
67- python -m pip install --no-cache-dir --upgrade pip
68- pip install -r requirements.txt
66+ run : pip install -r requirements.txt
6967 working-directory : ansible_collections/devsec/hardening
7068
7169 - name : Downgrade Ansible for Rocky 8 tests
72- run : |
73- pip install "ansible-core<2.17"
70+ run : pip install "ansible-core<2.17"
7471 working-directory : ansible_collections/devsec/hardening
7572 if : matrix.molecule_distro == 'rocky8'
7673
9693 /home/runner/.ansible/roles
9794
9895name : Test with molecule
99- run : |
100- molecule --version
101- molecule test -s mysql_hardening
96+ run : molecule test -s mysql_hardening
10297 env :
10398 MOLECULE_DISTRO : ${{ matrix.molecule_distro }}
10499 working-directory : ansible_collections/devsec/hardening
Original file line number Diff line number Diff line change @@ -59,17 +59,14 @@ jobs:
5959 uses : actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5
6060 with :
6161 python-version : 3.12
62+ cache : ' pip'
6263
6364 - name : Install dependencies
64- run : |
65- sudo apt install git
66- python -m pip install --no-cache-dir --upgrade pip
67- pip install -r requirements.txt
65+ run : pip install -r requirements.txt
6866 working-directory : ansible_collections/devsec/hardening
6967
7068 - name : Downgrade Ansible for Rocky 8 tests
71- run : |
72- pip install "ansible-core<2.17"
69+ run : pip install "ansible-core<2.17"
7370 working-directory : ansible_collections/devsec/hardening
7471 if : matrix.molecule_distro == 'rocky8'
7572
8582 /home/runner/.ansible/roles
8683
8784name : Test with molecule
88- run : |
89- molecule --version
90- molecule test -s nginx_hardening
85+ run : molecule test -s nginx_hardening
9186 env :
9287 MOLECULE_DISTRO : ${{ matrix.molecule_distro }}
9388 working-directory : ansible_collections/devsec/hardening
Original file line number Diff line number Diff line change 3535 strategy :
3636 fail-fast : false
3737 matrix :
38+ include :
39+ - molecule_distro : opensuse_tumbleweed
40+ molecule_docker_command : " /usr/lib/systemd/systemd"
41+ molecule_docker_command :
42+ - " /lib/systemd/systemd"
3843 molecule_distro :
3944 - centosstream9
4045 - rocky8
4752 - debian11
4853 - debian12
4954 - amazon2023
50- - opensuse_tumbleweed
5155 - arch
5256 steps :
5357 - name : Checkout repo
@@ -60,27 +64,20 @@ jobs:
6064 uses : actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5
6165 with :
6266 python-version : 3.12
67+ cache : ' pip'
6368
6469 - name : Install dependencies
65- run : |
66- sudo apt install git
67- python -m pip install --no-cache-dir --upgrade pip
68- pip install -r requirements.txt
70+ run : pip install -r requirements.txt
6971 working-directory : ansible_collections/devsec/hardening
7072
7173 - name : Downgrade Ansible for Rocky 8 tests
72- run : |
73- pip install "ansible-core<2.17"
74+ run : pip install "ansible-core<2.17"
7475 working-directory : ansible_collections/devsec/hardening
7576 if : matrix.molecule_distro == 'rocky8'
7677
7778 - name : Test with molecule
78- run : |
79- if [ "$MOLECULE_DISTRO" = "opensuse_tumbleweed" ]; then
80- export MOLECULE_DOCKER_COMMAND="/usr/lib/systemd/systemd"
81- fi
82- molecule --version
83- molecule test -s os_hardening
79+ run : molecule test -s os_hardening
8480 env :
8581 MOLECULE_DISTRO : ${{ matrix.molecule_distro }}
82+ MOLECULE_DOCKER_COMMAND : ${{ matrix.molecule_docker_command }}
8683 working-directory : ansible_collections/devsec/hardening
Original file line number Diff line number Diff line change 7777name : Test with molecule
7878 run : |
7979 source ~/.venv/ansible-collection-hardening/bin/activate
80- molecule --version
8180 molecule test -s os_hardening_vm
8281env :
8382 MOLECULE_DISTRO : ${{ matrix.molecule_distro }}
Original file line number Diff line number Diff line change @@ -12,6 +12,7 @@ on: # yamllint disable-line rule:truthy
1212 paths :
1313 - ' roles/**/meta/argument_specs.yml'
1414 - ' roles/**/meta/main.yml'
15+ - ' requirements.txt'
1516
1617jobs :
1718 readme :
@@ -32,12 +33,14 @@ jobs:
3233 uses : actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5
3334 with :
3435 python-version : 3.12
36+ cache : ' pip'
3537
36- - name : Install aar_doc
37- run : pip3 install aar_doc
38+ - name : Install dependencies
39+ run : pip install -r requirements.txt
40+ working-directory : ansible_collections/devsec/hardening
3841
39- - name : Run aar_doc
40- run : aar_doc roles/${{ matrix.roles }} markdown
42+ - name : Run aar-doc
43+ run : aar-doc roles/${{ matrix.roles }} markdown
4144
4245 - name : Output diff
4346 run : git diff roles/${{ matrix.roles }}/README.md
Original file line number Diff line number Diff line change @@ -67,24 +67,19 @@ jobs:
6767 uses : actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5
6868 with :
6969 python-version : 3.12
70+ cache : ' pip'
7071
7172 - name : Install dependencies
72- run : |
73- sudo apt install git
74- python -m pip install --no-cache-dir --upgrade pip
75- pip install -r requirements.txt
73+ run : pip install -r requirements.txt
7674 working-directory : ansible_collections/devsec/hardening
7775
7876 - name : Downgrade Ansible for Rocky 8 tests
79- run : |
80- pip install "ansible-core<2.17"
77+ run : pip install "ansible-core<2.17"
8178 working-directory : ansible_collections/devsec/hardening
8279 if : matrix.molecule_distro == 'rocky8'
8380
8481 - name : Test with molecule
85- run : |
86- molecule --version
87- molecule test -s ssh_hardening
82+ run : molecule test -s ssh_hardening
8883 env :
8984 MOLECULE_DISTRO : ${{ matrix.molecule_distro }}
9085 MOLECULE_DOCKER_COMMAND : ${{ matrix.molecule_docker_command }}
Original file line number Diff line number Diff line change @@ -47,13 +47,10 @@ jobs:
4747 submodules : true
4848
4949 - name : Update Vagrant Box
50- run : |
51- vagrant box update --box generic/${{ matrix.molecule_distro }} || true
50+ run : vagrant box update --box generic/${{ matrix.molecule_distro }} || true
5251
5352 - name : Test with molecule
54- run : |
55- molecule --version
56- molecule test -s ssh_hardening_bsd
53+ run : molecule test -s ssh_hardening_bsd
5754 env :
5855 MOLECULE_DISTRO : ${{ matrix.molecule_distro }}
5956 working-directory : ansible_collections/devsec/hardening
Original file line number Diff line number Diff line change @@ -67,24 +67,19 @@ jobs:
6767 uses : actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5
6868 with :
6969 python-version : 3.12
70+ cache : ' pip'
7071
7172 - name : Install dependencies
72- run : |
73- sudo apt install git
74- python -m pip install --no-cache-dir --upgrade pip
75- pip install -r requirements.txt
73+ run : pip install -r requirements.txt
7674 working-directory : ansible_collections/devsec/hardening
7775
7876 - name : Downgrade Ansible for Rocky 8 tests
79- run : |
80- pip install "ansible-core<2.17"
77+ run : pip install "ansible-core<2.17"
8178 working-directory : ansible_collections/devsec/hardening
8279 if : matrix.molecule_distro == 'rocky8'
8380
8481 - name : Test with molecule
85- run : |
86- molecule --version
87- molecule test -s ssh_hardening_custom_tests
82+ run : molecule test -s ssh_hardening_custom_tests
8883 env :
8984 MOLECULE_DISTRO : ${{ matrix.molecule_distro }}
9085 MOLECULE_DOCKER_COMMAND : ${{ matrix.molecule_docker_command }}
Original file line number Diff line number Diff line change 1- molecule
2- molecule-plugins [docker ]
3- yamllint
1+ molecule == 24.9.0
2+ molecule-plugins [docker ]== 23.5.3
43ansible-core == 2.17.5
5- ansible-lint
6- docker
7- flake8
8- jmespath
4+ docker == 7.1.0
5+ jmespath == 1.0.1
6+ aar-doc == 2.0.0
You can’t perform that action at this time.
0 commit comments