Only update apt cache if necessary
Workarounding the upstream ansible apt module bug documented here: https://github.com/ansible/ansible-modules-core/pull/1517 For the next versions of ansible we'll be using, we should check if the apt bug is fixed. When it's fixed, we could abandon this change and use the standard apt module with correct cache handling. Change-Id: I4cb3194b1ddc96abce7ab4cce08371996b661728
This commit is contained in:
parent
575a241eef
commit
5416a07f47
@ -13,6 +13,9 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
## APT Cache Options
|
||||
cache_timeout: 600
|
||||
|
||||
### Default configurations for openstack-ansible-security #####################
|
||||
#
|
||||
# All of the configuration items below are documented in the developer notes
|
||||
|
@ -13,12 +13,27 @@
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
#TODO(evrardjp): Replace the next 2 tasks by a standard apt with cache
|
||||
#when https://github.com/ansible/ansible-modules-core/pull/1517 is merged
|
||||
#in 1.9.x or we move to 2.0 (if tested working)
|
||||
- name: Check apt last update file
|
||||
stat:
|
||||
path: /var/cache/apt
|
||||
register: apt_cache_stat
|
||||
tags:
|
||||
- auditd-apt-packages
|
||||
|
||||
- name: Update apt if needed
|
||||
apt:
|
||||
update_cache: yes
|
||||
when: "ansible_date_time.epoch|float - apt_cache_stat.stat.mtime > {{cache_timeout}}"
|
||||
tags:
|
||||
- auditd-apt-packages
|
||||
|
||||
- name: V-38631/38632 - The operating system must produce audit records (install auditd)
|
||||
apt:
|
||||
name: auditd
|
||||
state: present
|
||||
cache_valid_time: 3600
|
||||
update_cache: yes
|
||||
tags:
|
||||
- auditd
|
||||
- cat2
|
||||
|
Loading…
x
Reference in New Issue
Block a user