123 lines
3.4 KiB
YAML
123 lines
3.4 KiB
YAML
---
|
|
driver:
|
|
name: docker
|
|
use_sudo: false
|
|
privileged: true
|
|
http_proxy: <%= ENV['http_proxy'] || nil %>
|
|
https_proxy: <%= ENV['https_proxy'] || nil %>
|
|
|
|
transport:
|
|
max_ssh_sessions: 1
|
|
|
|
provisioner:
|
|
name: ansible_playbook
|
|
hosts: all
|
|
require_ansible_repo: false
|
|
require_chef_for_busser: false
|
|
require_ruby_for_busser: false
|
|
ansible_verbose: true
|
|
ansible_diff: true
|
|
|
|
roles_path: ../ansible-os-hardening/
|
|
http_proxy: <%= ENV['http_proxy'] || nil %>
|
|
https_proxy: <%= ENV['https_proxy'] || nil %>
|
|
playbook: tests/test.yml
|
|
|
|
platforms:
|
|
- name: centos6-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-centos6-ansible:latest
|
|
platform: centos
|
|
- name: centos7-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-centos7-ansible:latest
|
|
platform: centos
|
|
run_command: /sbin/init
|
|
provision_command:
|
|
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
|
|
- systemctl enable sshd.service
|
|
- name: centos8-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-centos8-ansible:latest
|
|
platform: centos
|
|
run_command: /sbin/init
|
|
provision_command:
|
|
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
|
|
- systemctl enable sshd.service
|
|
- name: oracle6-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-oracle6-ansible:latest
|
|
platform: centos
|
|
- name: oracle7-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-oracle7-ansible:latest
|
|
run_command: /sbin/init
|
|
platform: centos
|
|
provision_command:
|
|
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
|
|
- systemctl enable sshd.service
|
|
- name: ubuntu1604-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-ubuntu1604-ansible:latest
|
|
platform: ubuntu
|
|
run_command: /sbin/init
|
|
provision_command:
|
|
- systemctl enable ssh.service
|
|
- name: ubuntu1804-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-ubuntu1804-ansible:latest
|
|
platform: ubuntu
|
|
run_command: /sbin/init
|
|
provision_command:
|
|
- systemctl enable ssh.service
|
|
- name: debian9-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-debian9-ansible:latest
|
|
platform: debian
|
|
run_command: /sbin/init
|
|
provision_command:
|
|
- apt install -y systemd-sysv
|
|
- systemctl enable ssh.service
|
|
- name: debian10-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-debian10-ansible:latest
|
|
platform: debian
|
|
run_command: /sbin/init
|
|
provision_command:
|
|
- apt install -y systemd-sysv
|
|
- systemctl enable ssh.service
|
|
- name: amazon-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-amazon-ansible:latest
|
|
platform: centos
|
|
run_command: /sbin/init
|
|
provision_command:
|
|
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
|
|
- systemctl enable sshd.service
|
|
- name: fedora-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-fedora-ansible:latest
|
|
platform: centos
|
|
run_command: /sbin/init
|
|
provision_command:
|
|
- dnf install -y python
|
|
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
|
|
- systemctl enable sshd.service
|
|
- name: opensuse_tumbleweed-ansible-latest
|
|
driver:
|
|
image: rndmh3ro/docker-opensuse_tumbleweed-ansible
|
|
platform: opensuse
|
|
provision_command:
|
|
- zypper -n install python-xml rpm-python
|
|
- sed -i 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config
|
|
- systemctl enable sshd.service
|
|
|
|
verifier:
|
|
name: inspec
|
|
sudo: true
|
|
inspec_tests:
|
|
- https://github.com/dev-sec/tests-os-hardening
|
|
|
|
suites:
|
|
- name: os
|