From 676d5746233d066e5a50b9f147dfe983040f12aa Mon Sep 17 00:00:00 2001
From: Kevin Carter <kevin.carter@rackspace.com>
Date: Wed, 25 Oct 2017 10:47:48 -0500
Subject: [PATCH] Run security hardening when leaping a deployment

The security hardening playbook was not being executed. This change adds
the security hardning playbook to the defeault re-deployment process. If
a deployer wishes to opt-out of the default security hardening they can
disable it using the `apply_security_hardening` option.

Change-Id: I69baa1d2cb209cf3686ca2da00e698ed5dbf92f9
Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
---
 leap-upgrades/re-deploy.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/leap-upgrades/re-deploy.sh b/leap-upgrades/re-deploy.sh
index 29bccd66..0711e3e2 100755
--- a/leap-upgrades/re-deploy.sh
+++ b/leap-upgrades/re-deploy.sh
@@ -51,6 +51,10 @@ fi
 
 # Setup Hosts
 RUN_TASKS+=("openstack-hosts-setup.yml -e redeploy_rerun=true")
+
+# Run the security-hardening playbook in redeployment
+RUN_TASKS+=("security-hardening.yml")
+
 # Ensure the same pip everywhere, even if requirement met or above
 RUN_TASKS+=("${UPGRADE_UTILS}/pip-unify.yml -e release_version=\"${NEWTON_RELEASE}\"")