Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Removed multiple blank lines #48

Merged
merged 6 commits into from
Mar 21, 2023
Merged
Show file tree
Hide file tree
Changes from 4 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 0 additions & 1 deletion .github/workflows/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,6 @@ provider "aws" {

// Create a security group with access to port 22 and port 80 open to serve HTTP traffic


resource "random_id" "server" {
keepers = {
# Generate a new id each time we switch to a new AMI id
Expand Down
46 changes: 17 additions & 29 deletions .yamllint
Original file line number Diff line number Diff line change
@@ -1,33 +1,21 @@
---
# Based on ansible-lint config
extends: default

ignore: |
tests/
molecule/
.github/
.gitlab-ci.yml
*molecule.yml

rules:
indentation:
# Requiring 4 space indentation
spaces: 4
# Requiring consistent indentation within a file, either indented or not
indent-sequences: consistent
braces:
max-spaces-inside: 1
level: error
brackets:
max-spaces-inside: 1
level: error
empty-lines:
max: 1
line-length: disable
key-duplicates: enable
new-line-at-end-of-file: enable
new-lines:
type: unix
trailing-spaces: enable
truthy:
allowed-values: ['true', 'false']
check-keys: false
braces: {max-spaces-inside: 1, level: error}
brackets: {max-spaces-inside: 1, level: error}
colons: {max-spaces-after: -1, level: error}
commas: {max-spaces-after: -1, level: error}
comments: disable
comments-indentation: disable
document-start: disable
empty-lines: {max: 3, level: error}
hyphens: {level: error}
indentation: disable
key-duplicates: enable
line-length: disable
new-line-at-end-of-file: disable
new-lines: {type: unix}
trailing-spaces: disable
truthy: disable
1 change: 0 additions & 1 deletion CONTRIBUTING.rst
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,6 @@ following text in your contribution commit message:

::


This message can be entered manually, or if you have configured git
with the correct `user.name` and `user.email`, you can use the `-s`
option to `git commit` to automatically include the signoff message.
5 changes: 5 additions & 0 deletions Changelog.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
# Changes to rhel9CIS

## 1.0.6

updated ymlalint as galaxy doenst honouyr local settings
removed empty lines in files

## 1.0.5

updated yamllint
Expand Down
3 changes: 0 additions & 3 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
.PHONY: all help galaxy-install ansible-list yamllint pip-requirements


GALAXY=ansible-galaxy
ANSIBLE_LINT='/usr/local/bin/ansible-lint'
ANSIBLE_FILE=site.yml
Expand All @@ -15,7 +14,6 @@ help:
@echo " yamllint to lint playbook files"
@echo " pip-requirements add pip required file"


galaxy-install:
$(GALAXY) install -r ./collections/requirements.yml

Expand All @@ -29,4 +27,3 @@ pip-requirements:
@echo 'Python dependencies:'
@cat requirements.txt
pip3 install -r requirements.txt

1 change: 0 additions & 1 deletion ansible.cfg
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@ stdout_callback = yaml
# Use the stdout_callback when running ad-hoc commands.
bin_ansible_callbacks = True


[privilege_escalation]

[paramiko_connection]
Expand Down
1 change: 0 additions & 1 deletion molecule/default/molecule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,4 +31,3 @@ lint: |

verifier:
name: ansible

1 change: 0 additions & 1 deletion molecule/localhost/converge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,4 +15,3 @@
- name: "Include tasks"
ansible.builtin.include_role:
name: "{{ role_name }}"

1 change: 0 additions & 1 deletion molecule/localhost/molecule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,4 +27,3 @@ lint: |

verifier:
name: ansible

1 change: 0 additions & 1 deletion molecule/wsl/converge.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,3 @@
- name: "Include tasks"
ansible.builtin.include_role:
name: "{{ role_name }}"

1 change: 0 additions & 1 deletion molecule/wsl/molecule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,4 +26,3 @@ lint: |

verifier:
name: ansible

6 changes: 0 additions & 6 deletions templates/ansible_vars_goss.yml.j2
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ benchmark_version: '1.0.0'
# If run via script this is discovered and set
host_os_distribution: {{ ansible_distribution | lower }}


# timeout for each command to run where set - default = 10seconds/10000ms
timeout_ms: 60000

Expand Down Expand Up @@ -127,7 +126,6 @@ rhel9cis_rule_1_9: {{ rhel9cis_rule_1_9 }}
# Ensure system-wide crypto policy is not legacy
rhel9cis_rule_1_10: {{ rhel9cis_rule_1_10 }}


# section 2
# Services
# 2.1 Time Synchronization
Expand Down Expand Up @@ -191,7 +189,6 @@ rhel9cis_rule_3_4_2_5: {{ rhel9cis_rule_3_4_2_5 }}
rhel9cis_rule_3_4_2_6: {{ rhel9cis_rule_3_4_2_6 }}
rhel9cis_rule_3_4_2_7: {{ rhel9cis_rule_3_4_2_7 }}


# Section 4 rules
# 4.1 Configure System Accounting
rhel9cis_rule_4_1_1_1: {{ rhel9cis_rule_4_1_1_1 }}
Expand Down Expand Up @@ -265,7 +262,6 @@ rhel9cis_rule_4_2_3: {{ rhel9cis_rule_4_2_3 }}
# 4.3 Logrotate
rhel9cis_rule_4_3: {{ rhel9cis_rule_4_3 }}


# Section 5
# Authentication and Authorization
# 5.1 Configure time-based job schedulers
Expand Down Expand Up @@ -450,7 +446,6 @@ rhel9cis_nft_tables_autonewtable: {{ rhel9cis_nft_tables_autonewtable }}
rhel9cis_nft_tables_tablename: {{ rhel9cis_nft_tables_tablename }}
rhel9cis_nft_tables_autochaincreate: {{ rhel9cis_nft_tables_autochaincreate }}


# Section 4

## Set if host is a logserver
Expand Down Expand Up @@ -486,7 +481,6 @@ rhel9cis_authselect:
custom_profile_name: {{ rhel9cis_authselect['custom_profile_name'] }}
default_file_to_copy: {{ rhel9cis_authselect['default_file_to_copy'] }}


## 5.4.1 Enable automation to create custom profile settings, using the setings above
rhel9cis_authselect_custom_profile_create: {{ rhel9cis_authselect_custom_profile_create }}

Expand Down
1 change: 0 additions & 1 deletion templates/etc/dconf/db/00-screensaver.j2
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@
# Added as part of ansible-lockdown CIS baseline
# provided by MindPointGroup LLC


# Specify the dconf path
[org/gnome/desktop/session]

Expand Down
3 changes: 1 addition & 2 deletions templates/etc/sysctl.d/60-kernel_sysctl.conf.j2
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
## This file is managed by Ansible, YOUR CHANGES WILL BE LOST!


{% if rhel9cis_rule_1_5_3 %}
# Kernel sysctl
# CIS 1.5.3
kernel.randomize_va_space = 2
{% endif %}
{% endif %}