search

ansible-lockdown / RHEL7-CIS

Ansible role for Red Hat 7 CIS Baseline
https://ansible-lockdown.readthedocs.io/en/latest/
MIT License
472 stars 303 forks source link

Summary is not generated #330

Closed mcascone closed 5 months ago

mcascone commented 7 months ago

Describe the Issue When running an Audit, the summary file is not created. I'm pretty sure this happens during a remediation as well.

Expected Behavior A Summary file(s) is created and saved on the target machine.

Actual Behavior All of the summary steps are skipped:

TASK [/home/jenkins/workspace/peline_VZWAN-55977-add-cis-audit/audit/RHEL7-CIS : Post Audit | ensure audit files readable by users] ***
 skipping: [1.2.3.4] => (item=/opt/WELKTX08LAB-mnbbkhb-4140-RHEL7-CIS_post_scan_1706303543.json) 
 skipping: [1.2.3.4] => (item=/opt/WELKTX08LAB-mnbbkhb-4140-RHEL7-CIS_pre_scan_1706303543.json) 
 skipping: [1.2.3.4]

 TASK [/home/jenkins/workspace/peline_VZWAN-55977-add-cis-audit/audit/RHEL7-CIS : capture data /opt/WELKTX08LAB-mnbbkhb-4140-RHEL7-CIS_post_scan_1706303543.json] ***
 skipping: [1.2.3.4]

 TASK [/home/jenkins/workspace/peline_VZWAN-55977-add-cis-audit/audit/RHEL7-CIS : Capture post-audit result] ***
 skipping: [1.2.3.4]

 TASK [/home/jenkins/workspace/peline_VZWAN-55977-add-cis-audit/audit/RHEL7-CIS : Post Audit | capture data /opt/WELKTX08LAB-mnbbkhb-4140-RHEL7-CIS_post_scan_1706303543.json] ***
 skipping: [1.2.3.4]

 TASK [/home/jenkins/workspace/peline_VZWAN-55977-add-cis-audit/audit/RHEL7-CIS : Post Audit | Capture post-audit result] ***
 skipping: [1.2.3.4]

 TASK [/home/jenkins/workspace/peline_VZWAN-55977-add-cis-audit/audit/RHEL7-CIS : Show Audit Summary] ***
 skipping: [1.2.3.4]

 PLAY RECAP *********************************************************************
 1.2.3.4             : ok=17   changed=0    unreachable=0    failed=0    skipped=35   rescued=0    ignored=0

Control(s) Affected Audits and Summary

Environment (please complete the following information):

mcascone commented 7 months ago

@uk-bolly I would really appreciate your input on this! Thanks!

uk-bolly commented 6 months ago

hi @mcascone

Apologies for the delay, could you let me know what command you are using to run the playbook, as it appears the audit is not set to run at all. e.g.

-e "{'run_audit': true }" -e "{'setup_audit': true }"

Kind regards

uk-bolly

uk-bolly commented 5 months ago

hi @mcascone

We have cut a new release in the main branch and the devel is updated. This works through as expected.

https://github.com/ansible-lockdown/RHEL7-CIS/releases/tag/1.3.0

I will therefore close this issue, please feel free to feedback if you are still seeing problems.

many thanks

uk-bolly