Skip to content

Commit

Permalink
new var rhel9cis_rhel_default_repo
Browse files Browse the repository at this point in the history
Signed-off-by: Mark Bolwell <[email protected]>
  • Loading branch information
uk-bolly committed Sep 7, 2023
1 parent 95140d3 commit 43a339c
Show file tree
Hide file tree
Showing 5 changed files with 10 additions and 2 deletions.
1 change: 1 addition & 0 deletions defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -370,6 +370,7 @@ rhel9cis_rhnsd_required: false

# 1.2.4 repo_gpgcheck
rhel9cis_rhel_default_repo: true
rhel9cis_rule_enable_repogpg: true

# 1.4.1 Bootloader password
rhel9cis_bootloader_password_hash: 'grub.pbkdf2.sha512.10000.9306A36764A7BEA3BF492D1784396B27F52A71812E9955A58709F94EE70697F9BD5366F36E07DEC41B52279A056E2862A93E42069D7BBB08F5DFC2679CD43812.6C32ADA5449303AD5E67A4C150558592A05381331DE6B33463469A236871FA8E70738C6F9066091D877EF88A213C86825E093117F30E9E1BF158D0DB75E7581B'
Expand Down
4 changes: 2 additions & 2 deletions tasks/section_1/cis_1.2.x.yml
Original file line number Diff line number Diff line change
Expand Up @@ -111,8 +111,8 @@

when:
- rhel9cis_rule_1_2_4
- not rhel9cis_rhel_default_repo or ansible_facts.distribution != 'RedHat'
- ansible_facts.distribution != 'OracleLinux'
- rhel9cis_rule_enable_repogpg
- not rhel9cis_rhel_default_repo
tags:
- level1-server
- level1-workstation
Expand Down
2 changes: 2 additions & 0 deletions vars/AlmaLinux.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,5 @@

os_gpg_key_pubkey_name: gpg-pubkey-b86b3716-61e69f29
os_gpg_key_pubkey_content: "AlmaLinux OS 9 <[email protected]> b86b3716"
# disable repo_gpgcheck due to OS default repos
rhel9cis_rule_enable_repogpg: false
2 changes: 2 additions & 0 deletions vars/OracleLinux.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,5 @@
# OS Specific Settings
os_gpg_key_pubkey_name: gpg-pubkey-8d8b756f-629e59ec
os_gpg_key_pubkey_content: "Oracle Linux (release key 1) <[email protected]>"
# disable repo_gpgcheck due to OS default repos
rhel9cis_rule_enable_repogpg: false
3 changes: 3 additions & 0 deletions vars/RedHat.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,3 +3,6 @@

os_gpg_key_pubkey_name: gpg-pubkey-fd431d51-4ae0493b
os_gpg_key_pubkey_content: "Red Hat, Inc. (release key 2) <[email protected]> fd431d51"

# disable repo_gpgcheck due to OS default repos
rhel9cis_rule_enable_repogpg: false

0 comments on commit 43a339c

Please sign in to comment.