forked from dev-sec/ansible-collection-hardening
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.travis.yml
23 lines (20 loc) · 1.04 KB
/
.travis.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
---
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/
language: python
python: "2.7"
env:
- ANSIBLE_VERSION=latest
- ANSIBLE_VERSION=1.9.4
before_install:
- sudo apt-get update -qq
- sudo apt-get install -qq python-apt python-pycurl
install:
- if [ "$ANSIBLE_VERSION" = "latest" ]; then pip install ansible; else pip install ansible==$ANSIBLE_VERSION; fi
- echo -e 'localhost ansible_connection=local' > spec/inventory
- echo -e '[defaults]\nroles_path = ../\nhostfile = ./spec/inventory' > ansible.cfg
script:
- ansible-playbook --syntax-check spec/travis.yml
- ansible-playbook --sudo -v --diff spec/travis.yml --skip-tags "sysctl" --extra-vars "os_security_users_allow=change_user os_security_kernel_enable_core_dump=true os_security_suid_sgid_remove_from_unknown=true"
- ansible-playbook --sudo -v --diff spec/travis.yml --tags "pam" --extra-vars "os_auth_pam_passwdqc_enable=false"
- ansible-playbook --sudo -v --diff spec/travis.yml --skip-tags "sysctl" --extra-vars "os_security_users_allow=change_user"