use loop for including CIS-1 tasks (avoid recursion limit)

[mpaf]

the include statement was creating issues for us with 'recursion limit reached'. This seems to be a bug in ansible, but in any case this change seems to bypass that issue.

[chandanchowdhury]

The idea sounds good but will not allow us to rearrange the execution of the tasks.

For example, below is the sequence of tasks we use for Firewall (3.6)

− include: "level-1/3.6.1.yml" when: "'3.6.1' not in cis_level_1_exclusions" − include: "level-1/3.6.3.yml" when: "'3.6.3' not in cis_level_1_exclusions" − include: "level-1/3.6.4.yml" when: "'3.6.4' not in cis_level_1_exclusions" − include: "level-1/3.6.5.yml" when: "'3.6.5' not in cis_level_1_exclusions" # Drop anything not allowed should be last thing in firewall rule − include: "level-1/3.6.2.yml" when: "'3.6.2' not in cis_level_1_exclusions"

The issue with all task failing after 3.6.2 run reappeared when tried using loop to include tasks.

Hope I have been able to explain why we may not want to merge this PR.