marcusburghardt.openscap

ansible-role-openscap

==========

This role helps set up the development environment for working on ComplianceAsCode projects. You can skip the long documentation for now and start coding right away! ;)

All the settings you might want to change are in "defaults/main.yml". You can edit that file directly, but it's better to override them in your Playbook.

What this role does:

Optionally sets up additional repositories.
Installs all necessary packages:
- Packages needed for development, testing, and extra tools.
Installs Python Modules:
- Installs additional Python modules required for CMake tests or JSON.
Configures the basic environment:
- Creates the main folder (~/CaC)
- Updates the PATH variable if needed.
- Creates a Forks sub-folder if a forked repository is used.
Configures Git:
- Sets the name and email used for commits in ComplianceAsCode repositories.
Configures Labs:
- Copies Vagrantfiles to ~/CaC/Labs/VMs
- Copies instructions for Labs and Tests related to VMs in Labs/VMs.
- TODO: Copy instructions for Labs and Tests related to Containers in Labs/Containers.
Sets up the environment:
- Clones "fork" repositories if enabled.
- Clones "lab" repositories if enabled.
- Copies general instruction files to ~/CaC.

TODO

Open to constructive ideas.

To install this role

ansible-galaxy role install marcusburghardt.openscap

Requirements

Python 3

Role Variables

You can easily customize your environment by editing some variables in:

defaults/main.yml

However, it's better to override these variables in your Playbook for more elegance and flexibility.

To do this, check out "defaults/main.yml," which is well documented to explain what each variable does. Then, copy the variables you want to change into your Playbook and adjust them as needed. See the Example Playbook section for more info.

In some rare cases, you may need to change local settings in:

vars/*.yml If you find that necessary, consider proposing a PR to improve the role.

Dependencies

None

Example Playbook

This example Playbook will set everything up with the basic variables. You can find a sample at files/Ansible_Samples, named ansible_cac.yml.

For this example, let's name the Playbook file ansible_cac.yml, with the following content:

- hosts: linux
  vars:
    - available_tasks:
      - { enabled: true, name: 'install_packages' }
      - { enabled: true, name: 'install_python_modules' }
      - { enabled: true, name: 'configure_env' }
      - { enabled: true, name: 'configure_labs' }
      - { enabled: true, name: 'populate_env' }

  roles:
    - marcusburghardt.openscap

This role includes a specific set of tasks (available_tasks). You can enable or disable tasks based on what you need. If the inventory file hosts_cac is in the same folder and looks like this:

[linux:children]
install_packages
install_python_modules
configure_env
populate_env
configure_labs

...lines omitted for better reading...

Note: You can also find a sample in files/Ansible_Samples, named hosts_cac.

Now, run this command to execute the role:

ansible-playbook -K ansible_cac.yml

You might want to configure some Ansible settings for your environment. For example, you can set a local folder for downloads. An example of an ansible.cfg file is located in the files/Ansible_Samples folder, named ansible.cfg.