exclude molecule idempotency test (not applicable to this role)

lucab85 · Dec 23, 2021 · 7586b74 · 7586b74
1 parent 06340fd
commit 7586b74
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -8,6 +8,11 @@ Ansible playbook to verify target Linux hosts using the official Red Hat Log4j d
 
 [Red Hat version 1.2 detector 2021-12-20](https://access.redhat.com/security/vulnerabilities/RHSB-2021-009).
 
+Ansible Playbook
+------------
+
+Code also available as Ansible Playbook [lucab85/log4j-cve-2021-44228](https://github.com/lucab85/log4j-cve-2021-44228)
+
 Requirements
 ------------
 

diff --git a/meta/main.yml b/meta/main.yml
@@ -7,7 +7,7 @@ galaxy_info:
     Log4j detector script RHSB-2021-009 for Log4Shell (CVE-2021-44228).
   company: Luca Berton
   license: "license (BSD, MIT)"
-  min_ansible_version: 2.7
+  min_ansible_version: 2.9
   platforms:
     - name: EL
       versions:

diff --git a/tasks/main.yml b/tasks/main.yml
@@ -14,6 +14,8 @@
     path: '{{ detector_dir }}'
     state: directory
     mode: '0644'
+  tags:
+    - molecule-idempotence-notest
 
 - name: download detector file
   ansible.builtin.get_url:
@@ -22,6 +24,8 @@
     mode: '0755'
     owner: root
     group: root
+  tags:
+    - molecule-idempotence-notest
 
 - name: download detector signature
   ansible.builtin.get_url:
@@ -31,6 +35,8 @@
     owner: root
     group: root
   when: verify_gpg
+  tags:
+    - molecule-idempotence-notest
 
 - name: gpg public key
   ansible.builtin.command: '{{ gpg_public_key }}'
@@ -49,12 +55,16 @@
     path: '{{ detector_dir }}{{ detector_run_dir }}'
     state: absent
   when: clean_run_before
+  tags:
+    - molecule-idempotence-notest
 
 - name: create detector run directory
   ansible.builtin.file:
     path: '{{ detector_dir }}{{ detector_run_dir }}'
     state: directory
     mode: '0644'
+  tags:
+    - molecule-idempotence-notest
 
 - name: run detector/scanner
   ansible.builtin.command: '{{ detector_cmd }}'
@@ -65,13 +75,19 @@
   ansible.builtin.find:
     paths: '{{ detector_dir }}{{ detector_run_dir }}'
   register: vulnerable
+  tags:
+    - molecule-idempotence-notest
 
 - name: print vulnerable path(s) found
   ansible.builtin.debug:
     var: vulnerable
+  tags:
+    - molecule-idempotence-notest
 
 - name: remove detector directory
   ansible.builtin.file:
     path: '{{ detector_dir }}'
     state: absent
   when: delete_after
+  tags:
+    - molecule-idempotence-notest
diff --git a/vars/main.yml b/vars/main.yml
@@ -1,8 +1,8 @@
 ---
 gpg_public_key: 'gpg --keyserver pgp.mit.edu --recv {{ gpg_keyid }}'
-gpg_verify: >
+gpg_verify: >-
   gpg --verify {{ detector_dir }}{{ sh_signature }}
   {{ detector_dir }}{{ sh_detector }}
-detector_cmd: >
+detector_cmd: >-
   {{ detector_dir }}{{ sh_detector }} {{ detector_options }}
   --tmp {{ detector_dir }}{{ detector_run_dir }}