From 6f354a7a4b1e44f5aaa0e4860896e3cb8bbb88e1 Mon Sep 17 00:00:00 2001
From: Dmitriy Rabotyagov <noonedeadpunk@ya.ru>
Date: Fri, 21 May 2021 17:28:39 +0300
Subject: [PATCH] Switch hardening to integrated tests

We aim to decrease usage of the tests repo as much as we can, so we
are switching roles to the tests completed by integrated repo.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/792639
Change-Id: Ice89ada6e009d3aaaff5fa261c7b9cf23216f159
---
 examples/playbook.yml | 17 +++++++++++++++++
 zuul.d/project.yaml   |  3 ++-
 2 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 examples/playbook.yml

diff --git a/examples/playbook.yml b/examples/playbook.yml
new file mode 100644
index 00000000..0a8c6d0d
--- /dev/null
+++ b/examples/playbook.yml
@@ -0,0 +1,17 @@
+---
+- name: Gather security hardening facts
+  hosts: "{{ security_host_group|default('hosts') }}"
+  gather_facts: True
+  tags:
+    - always
+
+- name: Apply security hardening configurations
+  hosts: "{{ security_host_group|default('hosts') }}"
+  gather_facts: false
+  user: root
+  roles:
+    - role: "ansible-hardening"
+      when: apply_security_hardening | default(True) | bool
+  environment: "{{ deployment_environment_variables | default({}) }}"
+  tags:
+    - security
diff --git a/zuul.d/project.yaml b/zuul.d/project.yaml
index e4b83578..d5164665 100644
--- a/zuul.d/project.yaml
+++ b/zuul.d/project.yaml
@@ -14,7 +14,8 @@
 
 - project:
     templates:
-      - openstack-ansible-role-jobs
+      - openstack-ansible-linters-jobs
+      - openstack-ansible-deploy-hosts_metal-jobs
       - check-requirements
       - publish-openstack-docs-pti
       - release-notes-jobs-python3