Skip to content

Add when conditional to Ansible remediation of sssd_enable_pam_services#11982

Merged
jan-cerny merged 1 commit into
ComplianceAsCode:masterfrom
vojtapolasek:fix_ansible_sssd_enable_pam_services_master
May 10, 2024
Merged

Add when conditional to Ansible remediation of sssd_enable_pam_services#11982
jan-cerny merged 1 commit into
ComplianceAsCode:masterfrom
vojtapolasek:fix_ansible_sssd_enable_pam_services_master

Conversation

@vojtapolasek
Copy link
Copy Markdown
Collaborator

@vojtapolasek vojtapolasek commented May 9, 2024

port of #11979 into master branch

@vojtapolasek
add when conditional to remediation of sssd_enable_pam_service
98cd93e 
older Ansible versions might terminate prematurely if there are no config files found in /etc/sssd/conf.d directory
@vojtapolasek vojtapolasek added bugfix Fixes to reported bugs. Ansible Ansible remediation update. RHEL7 Red Hat Enterprise Linux 7 product related. labels May 9, 2024
@vojtapolasek vojtapolasek added this to the 0.1.74 milestone May 9, 2024
@vojtapolasek vojtapolasek mentioned this pull request May 9, 2024
Merged
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 9, 2024

Start a new ephemeral environment with changes proposed in this pull request:

rhel8 (from CTF) Environment (using Fedora as testing environment)
Open in Gitpod

Fedora Testing Environment
Open in Gitpod

Oracle Linux 8 Environment
Open in Gitpod

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 9, 2024

This datastream diff is auto generated by the check Compare DS/Generate Diff

Click here to see the full diff 
ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sssd_enable_pam_services' differs.
--- xccdf_org.ssgproject.content_rule_sssd_enable_pam_services
+++ xccdf_org.ssgproject.content_rule_sssd_enable_pam_services
@@ -39,7 +39,9 @@
     replace: \1,pam
   with_items: '{{ sssd_conf_d_files.files | map(attribute=''path'') }}'
   register: modify_lines_sssd_conf_d_files
-  when: '"sssd-common" in ansible_facts.packages'
+  when:
+  - '"sssd-common" in ansible_facts.packages'
+  - sssd_conf_d_files.matched is defined and sssd_conf_d_files.matched >= 1
   tags:
   - CCE-82446-6
   - NIST-800-53-CM-6(a)

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 9, 2024

🤖 A k8s content image for this PR is available at:
ghcr.io/complianceascode/k8scontent:11982
This image was built from commit: 98cd93e

Click here to see how to deploy it

If you alread have Compliance Operator deployed:
utils/build_ds_container.py -i ghcr.io/complianceascode/k8scontent:11982

Otherwise deploy the content and operator together by checking out ComplianceAsCode/compliance-operator and:
CONTENT_IMAGE=ghcr.io/complianceascode/k8scontent:11982 make deploy-local

@jan-cerny jan-cerny self-assigned this May 9, 2024
@qlty-cloud-legacy
Copy link
Copy Markdown

qlty-cloud-legacy Bot commented May 9, 2024

Code Climate has analyzed commit 98cd93e and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 59.4% (0.0% change).

View more on Code Climate.

@jan-cerny
Copy link
Copy Markdown
Collaborator

jan-cerny commented May 10, 2024

/packit build

@jan-cerny jan-cerny merged commit 5a9dce4 into ComplianceAsCode:master May 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jan-cerny jan-cerny jan-cerny approved these changes

Assignees

@jan-cerny jan-cerny

Labels

Ansible Ansible remediation update. bugfix Fixes to reported bugs. RHEL7 Red Hat Enterprise Linux 7 product related.

Projects

None yet

Milestone

0.1.74

Development

Successfully merging this pull request may close these issues.

2 participants

@vojtapolasek @jan-cerny