As mentioned previously, this first role is a simple one that installs the packages we need to run a scan:
$ ansible-galaxy init roles/install
There are a few defaults we need to set in roles/install/defaults/main.yml; these are:
install: packages: - "openscap-scanner" - "scap-security-guide"
There is a task in roles/install/tasks/main.yml that installs the packages and also performs a yum update:
- name: update all of the installed packages yum: name: "*" state: "latest" update_cache: "yes"- name: install the packages needed package: name: "{{ item }}" state: latest with_items: "{{ install.packages }}"
That is it for this role; we will be calling it each time we run a scan to ensure that we have the correct packages installed ...