From 4e7e57add226f75ac59726bc3c12088be4d26b2e Mon Sep 17 00:00:00 2001 From: Major Hayden Date: Wed, 5 Oct 2016 14:47:49 -0500 Subject: [PATCH] Skip some test assertions for RHEL7 STIG This patch skips the assertions on the test tasks that run after the security role is applied. These should only run on the RHEL6 STIG content for now. Change-Id: Ibee89def31fea8263f92666e593f7d44bd21cbc6 --- tests/test.yml | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) diff --git a/tests/test.yml b/tests/test.yml index bb4b83c6..fa212848 100644 --- a/tests/test.yml +++ b/tests/test.yml @@ -31,26 +31,36 @@ stat: path: /etc/apt/apt.conf.d/20auto-upgrades register: auto_upgrades_file - when: ansible_pkg_mgr == 'apt' + when: + - stig_version == 'rhel6' + - ansible_pkg_mgr == 'apt' - name: Slurp contents of 50unattended-upgrades file slurp: src: /etc/apt/apt.conf.d/50unattended-upgrades register: unattended_upgrades_file_encoded - when: ansible_pkg_mgr == 'apt' + when: + - stig_version == 'rhel6' + - ansible_pkg_mgr == 'apt' - name: Decode slurp'd 50-unattended-upgrades file set_fact: unattended_upgrades_file: "{{ unattended_upgrades_file_encoded.content | b64decode }}" - when: ansible_pkg_mgr == 'apt' + when: + - stig_version == 'rhel6' + - ansible_pkg_mgr == 'apt' - name: Ensure auto updates has been enabled assert: that: - auto_upgrades_file.stat.exists - when: ansible_pkg_mgr == 'apt' + when: + - stig_version == 'rhel6' + - ansible_pkg_mgr == 'apt' - name: Ensure that auto update notifications has been enabled assert: that: - "'\nUnattended-Upgrade::Mail \"root\";\n' in unattended_upgrades_file" - when: ansible_pkg_mgr == 'apt' + when: + - stig_version == 'rhel6' + - ansible_pkg_mgr == 'apt' roles: - role: "openstack-ansible-security" vars: