ansible-lockdown · uk-bolly · Sep 14, 2023 · Jul 26, 2023 · Jul 26, 2023 · Jul 28, 2023
diff --git a/.ansible-lint b/.ansible-lint
@@ -5,20 +5,20 @@ quiet: true
 skip_list:
     - 'schema'
     - 'no-changed-when'
+    - 'var-spacing'
     - 'fqcn-builtins'
     - 'experimental'
-    - 'fqcn[action-core]'
-    - 'fqcn[action]'
+    - 'name[play]'
     - 'name[casing]'
     - 'name[template]'
-    - 'jinja[spacing]'
-    - 'var-naming'  # Older playbook no new release
+    - 'fqcn[action]'
+    - 'key-order[task]'
     - '204'
-    - '208'
     - '305'
     - '303'
     - '403'
     - '306'
     - '602'
+    - '208'
 use_default_rules: true
 verbosity: 0
diff --git a/.config/.gitleaks-report.json b/.config/.gitleaks-report.json
@@ -0,0 +1 @@
+[]
diff --git a/.config/.secrets.baseline b/.config/.secrets.baseline
@@ -0,0 +1,190 @@
+{
+  "version": "1.4.0",
+  "plugins_used": [
+    {
+      "name": "ArtifactoryDetector"
+    },
+    {
+      "name": "AWSKeyDetector"
+    },
+    {
+      "name": "AzureStorageKeyDetector"
+    },
+    {
+      "name": "Base64HighEntropyString",
+      "limit": 4.5
+    },
+    {
+      "name": "BasicAuthDetector"
+    },
+    {
+      "name": "CloudantDetector"
+    },
+    {
+      "name": "DiscordBotTokenDetector"
+    },
+    {
+      "name": "GitHubTokenDetector"
+    },
+    {
+      "name": "HexHighEntropyString",
+      "limit": 3.0
+    },
+    {
+      "name": "IbmCloudIamDetector"
+    },
+    {
+      "name": "IbmCosHmacDetector"
+    },
+    {
+      "name": "JwtTokenDetector"
+    },
+    {
+      "name": "KeywordDetector",
+      "keyword_exclude": ""
+    },
+    {
+      "name": "MailchimpDetector"
+    },
+    {
+      "name": "NpmDetector"
+    },
+    {
+      "name": "PrivateKeyDetector"
+    },
+    {
+      "name": "SendGridDetector"
+    },
+    {
+      "name": "SlackDetector"
+    },
+    {
+      "name": "SoftlayerDetector"
+    },
+    {
+      "name": "SquareOAuthDetector"
+    },
+    {
+      "name": "StripeDetector"
+    },
+    {
+      "name": "TwilioKeyDetector"
+    }
+  ],
+  "filters_used": [
+    {
+      "path": "detect_secrets.filters.allowlist.is_line_allowlisted"
+    },
+    {
+      "path": "detect_secrets.filters.common.is_baseline_file",
+      "filename": ".config/.secrets.baseline"
+    },
+    {
+      "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies",
+      "min_level": 2
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_indirect_reference"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_likely_id_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_lock_file"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_potential_uuid"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_sequential_string"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_swagger_file"
+    },
+    {
+      "path": "detect_secrets.filters.heuristic.is_templated_secret"
+    },
+    {
+      "path": "detect_secrets.filters.regex.should_exclude_file",
+      "pattern": [
+        ".config/.gitleaks-report.json"
+      ]
+    }
+  ],
+  "results": {
+    "defaults/main.yml": [
+      {
+        "type": "Secret Keyword",
+        "filename": "defaults/main.yml",
+        "hashed_secret": "64411efd0f0561fe4852c6e414071345c9c6432a",
+        "is_verified": false,
+        "line_number": 467,
+        "is_secret": false
+      }
+    ],
+    "tasks/fix-cat2.yml": [
+      {
+        "type": "Secret Keyword",
+        "filename": "tasks/fix-cat2.yml",
+        "hashed_secret": "673504d3db128a01a93d32de2b104a05dc2e6859",
+        "is_verified": false,
+        "line_number": 1449,
+        "is_secret": false
+      }
+    ],
+    "tasks/main.yml": [
+      {
+        "type": "Secret Keyword",
+        "filename": "tasks/main.yml",
+        "hashed_secret": "2784977b09b611a32db88f631d88a5806605967e",
+        "is_verified": false,
+        "line_number": 39,
+        "is_secret": false
+      },
+      {
+        "type": "Secret Keyword",
+        "filename": "tasks/main.yml",
+        "hashed_secret": "64411efd0f0561fe4852c6e414071345c9c6432a",
+        "is_verified": false,
+        "line_number": 56,
+        "is_secret": false
+      }
+    ],
+    "tasks/parse_etc_passwd.yml": [
+      {
+        "type": "Secret Keyword",
+        "filename": "tasks/parse_etc_passwd.yml",
+        "hashed_secret": "2aaf9f2a51d8fe89e48cb9cc7d04a991ceb7f360",
+        "is_verified": false,
+        "line_number": 18
+      }
+    ],
+    "tasks/prelim.yml": [
+      {
+        "type": "Secret Keyword",
+        "filename": "tasks/prelim.yml",
+        "hashed_secret": "fd917ab33fb6bd01e799f4b72da0586589cd909a",
+        "is_verified": false,
+        "line_number": 228,
+        "is_secret": false
+      }
+    ],
+    "templates/pam_pkcs11.conf.j2": [
+      {
+        "type": "Secret Keyword",
+        "filename": "templates/pam_pkcs11.conf.j2",
+        "hashed_secret": "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3",
+        "is_verified": false,
+        "line_number": 173,
+        "is_secret": false
+      }
+    ]
+  },
+  "generated_at": "2023-09-14T14:19:49Z"
+}
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
diff --git a/.github/ISSUE_TEMPLATE/feature-request-or-enhancement.md b/.github/ISSUE_TEMPLATE/feature-request-or-enhancement.md
diff --git a/.github/ISSUE_TEMPLATE/question.md b/.github/ISSUE_TEMPLATE/question.md
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
diff --git a/.github/workflows/OS.tfvars b/.github/workflows/OS.tfvars