Merge pull request #101 from ansible-lockdown/devel

updated to import_tasks module

Author: uk-bolly

tasks/main.yml

@@ -81,20 +81,23 @@
       - always
 
 - name: Import preliminary tasks
-  ansible.builtin.import_tasks: prelim.yml
+  ansible.builtin.import_tasks:
+      file: prelim.yml
   tags:
       - prelim_tasks
       - run_audit
 
 - name: Run pre remediation audit tasks
-  ansible.builtin.import_tasks: pre_remediation_audit.yml
+  ansible.builtin.import_tasks:
+      file: pre_remediation_audit.yml
   when:
       - run_audit
   tags:
       - run_audit
 
 - name: Run parse /etc/passwd
-  ansible.builtin.import_tasks: parse_etc_password.yml
+  ansible.builtin.import_tasks:
+      file: parse_etc_password.yml
   when:
       - ubtu20cis_section5_patch or
         ubtu20cis_section6_patch
@@ -106,42 +109,48 @@
       - always
 
 - name: Include section 1 patches
-  ansible.builtin.import_tasks: section_1/main.yml
+  ansible.builtin.import_tasks:
+      file: section_1/main.yml
   when:
       - ubtu20cis_section1_patch
   tags:
       - section1
 
 - name: Include section 2 patches
-  ansible.builtin.import_tasks: section_2/main.yml
+  ansible.builtin.import_tasks:
+      file: section_2/main.yml
   when:
       - ubtu20cis_section2_patch
   tags:
       - section2
 
 - name: Include section 3 patches
-  ansible.builtin.import_tasks: section_3/main.yml
+  ansible.builtin.import_tasks:
+      file: section_3/main.yml
   when:
       - ubtu20cis_section3_patch
   tags:
       - section3
 
 - name: Include section 4 patches
-  ansible.builtin.import_tasks: section_4/main.yml
+  ansible.builtin.import_tasks:
+      file: section_4/main.yml
   when:
       - ubtu20cis_section4_patch
   tags:
       - section4
 
 - name: Include section 5 patches
-  ansible.builtin.import_tasks: section_5/main.yml
+  ansible.builtin.import_tasks:
+      file: section_5/main.yml
   when:
       - ubtu20cis_section5_patch
   tags:
       - section5
 
 - name: Include section 6 patches
-  ansible.builtin.import_tasks: section_6/main.yml
+  ansible.builtin.import_tasks:
+      file: section_6/main.yml
   when:
       - ubtu20cis_section6_patch
   tags:
@@ -151,13 +160,15 @@
   ansible.builtin.meta: flush_handlers
 
 - name: run post remediation tasks
-  ansible.builtin.import_tasks: post.yml
+  ansible.builtin.import_tasks:
+      file: post.yml
   tags:
       - post_tasks
       - always
 
 - name: Run post audit
-  ansible.builtin.import_tasks: post_remediation_audit.yml
+  ansible.builtin.import_tasks:
+      file: post_remediation_audit.yml
   when:
       - run_audit
 

tasks/post.yml

@@ -21,7 +21,8 @@
             - skip_reboot
 
       - name: "POST | Warning a reboot required but skip option set | warning count"
-        ansible.builtin.import_tasks: warning_facts.yml
+        ansible.builtin.import_tasks:
+            file: warning_facts.yml
         when:
             - change_requires_reboot
             - skip_reboot

tasks/pre_remediation_audit.yml

@@ -1,7 +1,8 @@
 ---
 
 - name: Audit Binary Setup | Setup the LE audit
-  ansible.builtin.import_tasks: LE_audit_setup.yml
+  ansible.builtin.import_tasks:
+      file: LE_audit_setup.yml
   when:
       - setup_audit
   tags:

tasks/section_1/cis_1.1.2.x.yml

@@ -7,7 +7,8 @@
             msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
 
       - name: "1.1.2.1 | WARN | Ensure /tmp is a separate partition | warn_count"
-        ansible.builtin.import_tasks: warning_facts.yml
+        ansible.builtin.import_tasks:
+            file: warning_facts.yml
   vars:
       warn_control_id: '1.1.2.1'
       required_mount: '/tmp'

tasks/section_1/cis_1.1.3.x.yml

@@ -7,7 +7,8 @@
             msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
 
       - name: "1.1.3.1 | WARN | Ensure separate partition exists for /var | warn_count"
-        ansible.builtin.import_tasks: warning_facts.yml
+        ansible.builtin.import_tasks:
+            file: warning_facts.yml
   vars:
       warn_control_id: '1.1.3.1'
       required_mount: '/var'

tasks/section_1/cis_1.1.4.x.yml

@@ -7,7 +7,8 @@
             msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
 
       - name: "1.1.4.1 | WARN | Ensure separate partition exists for /var/tmp  | warn_count"
-        ansible.builtin.import_tasks: warning_facts.yml
+        ansible.builtin.import_tasks:
+            file: warning_facts.yml
   vars:
       warn_control_id: '1.1.4.1'
       required_mount: '/var/tmp'

tasks/section_1/cis_1.1.5.x.yml

@@ -7,7 +7,8 @@
             msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
 
       - name: "1.1.5.1 | WARN | Ensure separate partition exists for /var/log | warn_count"
-        ansible.builtin.import_tasks: warning_facts.yml
+        ansible.builtin.import_tasks:
+            file: warning_facts.yml
   vars:
       warn_control_id: '1.1.5.1'
       required_mount: '/var/log'

tasks/section_1/cis_1.1.6.x.yml

@@ -7,7 +7,8 @@
             msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
 
       - name: "1.1.6.1 | WARN | Ensure separate partition exists for /var/log/audit | warn_count"
-        ansible.builtin.import_tasks: warning_facts.yml
+        ansible.builtin.import_tasks:
+            file: warning_facts.yml
   vars:
       warn_control_id: '1.1.6.1'
       required_mount: '/var/log/audit'

tasks/section_1/cis_1.1.7.x.yml

@@ -7,7 +7,8 @@
             msg: "Warning!! {{ required_mount }} doesn't exist. This is a manual task"
 
       - name: "1.1.7.1 | WARN | Ensure separate partition exists for /home | warn_count"
-        ansible.builtin.import_tasks: warning_facts.yml
+        ansible.builtin.import_tasks:
+            file: warning_facts.yml
   vars:
       warn_control_id: '1.1.7.1'
       required_mount: '/home'

tasks/section_1/cis_1.3.x.yml

@@ -31,7 +31,8 @@
                 - "{{ ubtu20cis_1_3_2_apt_policy.stdout_lines }}"
 
       - name: "1.3.2 | AUDIT | Ensure package manager repositories are configured | Warn Count"
-        ansible.builtin.import_tasks: warning_facts.yml
+        ansible.builtin.import_tasks:
+            file: warning_facts.yml
   vars:
       warn_control_id: '1.3.2'
   when:
@@ -62,7 +63,8 @@
                 - "{{ ubtu20cis_1_3_3_apt_gpgkeys.stdout_lines }}"
 
       - name: "1.3.3 | AUDIT | Ensure GPG keys are configured | Warn Count"
-        ansible.builtin.import_tasks: warning_facts.yml
+        ansible.builtin.import_tasks:
+            file: warning_facts.yml
   vars:
       warn_control_id: '1.3.3'
   when: