Code development platform for open source projects from the European Union institutions :large_blue_circle: EU Login authentication by SMS has been phased out. To see alternatives please check here

Skip to content
Snippets Groups Projects
Commit 49d22dbf authored by Bart DRESSELAERS's avatar Bart DRESSELAERS Committed by Jean-François HOVINNE
Browse files

feat: Add installation of security patches (fixes #9)

parent d5294027
Branches
Tags 0.4.0
1 merge request!10feat: Add installation of security patches
......@@ -13,7 +13,8 @@ Requirements
Role Variables
--------------
aws_workspace_tweaks_user: the name of the user on the target machine under which this role is going to perform its operations. If left empty, the user establishing the connection with the target is going to be selected.
- aws_workspace_tweaks_install_security_patches: boolean which can be set to true or false to define if ALAS2/CVS security patches needs to be installed.(default false)
- aws_workspace_tweaks_user: the name of the user on the target machine under which this role is going to perform its operations. If left empty, the user establishing the connection with the target is going to be selected.
See ./defaults/main.yml for additional vars.
......
......@@ -6,3 +6,4 @@ aws_ssm_agent_agent_self_update: true
# the workspace end user
aws_workspace_tweaks_user: ""
aws_workspace_tweaks_install_security_patches: false
......@@ -3,6 +3,7 @@
hosts: all
vars:
aws_workspace_tweaks_user: ansible
aws_workspace_tweaks_install_security_patches: true
tasks:
- name: Include aws_workspace_tweaks
ansible.builtin.include_role:
......
......@@ -2,5 +2,8 @@
- name: Include ssm agent tasks.
ansible.builtin.include_tasks: ssm-agent.yml
- name: Include tasks to install security patches.
ansible.builtin.include_tasks: security-patches.yml
- name: Include tasks to import CommisSign root certificate.
ansible.builtin.include_tasks: commissign-certificate.yml
---
- name: Install security patches
become: true
ansible.builtin.yum:
name: '*'
state: latest
bugfix: false
security: true
update_only: true
when:
- aws_workspace_tweaks_install_security_patches|bool
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment