ansible-collection-hardening/molecule/ssh_hardening_bsd/molecule.yml

---
driver:
  name: vagrant
  provider:
    name: libvirt
platforms:
  # we need to name every instance differently to start multiple VMs on the same host (parallelization)
  # since we also need to use different OS users to run the tests because of how molecule operates,
  # the VM names must be predictable by OS user (to clean up canceled runs)
  - name: ${USER}
    box: generic/${MOLECULE_DISTRO}
    memory: 1024
    cpus: 2
provisioner:
  name: ansible
  options:
    diff: true
  env:
    ANSIBLE_PIPELINING: "True"
  config_options:
    defaults:
      interpreter_python: auto_silent
      callbacks_enabled: profile_tasks, timer, yaml
verifier:
  name: ansible
  env:
    ANSIBLE_PIPELINING: "True"

scenario:
  create_sequence:
    - dependency
    - create
    - prepare
  check_sequence:
    - dependency
    - destroy
    - create
    - prepare
    - converge
    - check
    - destroy
  converge_sequence:
    - dependency
    - create
    - prepare
    - converge
  destroy_sequence:
    - destroy
  test_sequence:
    - dependency
    - destroy
    - syntax
    - create
    - prepare
    - converge
    - idempotence
    - verify
    - destroy
add testing for OpenBSD and FreeBSD (#642) * add testing for OpenBSD and FreeBSD Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make python work Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove jinja template ... Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make verify work Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use right vm name for connect Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add a bit of documentation Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove sudo Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add weird OpenSBD workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make verify playbook more consistent Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * rename nonlinux to BSD Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use openbsd7 for testing Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct use openbsd7 everywhere Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add waivers Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * update waiver descriptions Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use docker for inspec Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * keep looking right ;) Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct path to waivers Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use ephemeral directory in docker Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use bsd inspec profile Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove openbsd workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * re-add openbsd workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * commit suggestions Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add supportet OS to metadata Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use current python Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> --------- Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> 2023-03-31 07:50:04 +00:00			`---`
			`driver:`
			`name: vagrant`
			`provider:`
			`name: libvirt`
			`platforms:`
fix spelling errors Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> 2023-04-14 21:51:53 +00:00			`# we need to name every instance differently to start multiple VMs on the same host (parallelization)`
add testing for OpenBSD and FreeBSD (#642) * add testing for OpenBSD and FreeBSD Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make python work Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove jinja template ... Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make verify work Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use right vm name for connect Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add a bit of documentation Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove sudo Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add weird OpenSBD workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make verify playbook more consistent Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * rename nonlinux to BSD Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use openbsd7 for testing Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct use openbsd7 everywhere Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add waivers Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * update waiver descriptions Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use docker for inspec Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * keep looking right ;) Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct path to waivers Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use ephemeral directory in docker Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use bsd inspec profile Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove openbsd workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * re-add openbsd workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * commit suggestions Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add supportet OS to metadata Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use current python Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> --------- Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> 2023-03-31 07:50:04 +00:00			`# since we also need to use different OS users to run the tests because of how molecule operates,`
			`# the VM names must be predictable by OS user (to clean up canceled runs)`
use ansible-lint to autofix problems Signed-off-by: Martin Schurz <Martin.Schurz@telekom.de> 2023-12-06 13:37:09 +00:00			`- name: ${USER}`
			`box: generic/${MOLECULE_DISTRO}`
add testing for OpenBSD and FreeBSD (#642) * add testing for OpenBSD and FreeBSD Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make python work Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove jinja template ... Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make verify work Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use right vm name for connect Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add a bit of documentation Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove sudo Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add weird OpenSBD workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make verify playbook more consistent Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * rename nonlinux to BSD Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use openbsd7 for testing Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct use openbsd7 everywhere Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add waivers Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * update waiver descriptions Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use docker for inspec Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * keep looking right ;) Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct path to waivers Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use ephemeral directory in docker Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use bsd inspec profile Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove openbsd workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * re-add openbsd workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * commit suggestions Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add supportet OS to metadata Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use current python Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> --------- Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> 2023-03-31 07:50:04 +00:00			`memory: 1024`
			`cpus: 2`
			`provisioner:`
			`name: ansible`
			`options:`
			`diff: true`
			`env:`
			`ANSIBLE_PIPELINING: "True"`
			`config_options:`
			`defaults:`
			`interpreter_python: auto_silent`
fix deprecation warnings Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> 2023-04-10 18:36:03 +00:00			`callbacks_enabled: profile_tasks, timer, yaml`
add testing for OpenBSD and FreeBSD (#642) * add testing for OpenBSD and FreeBSD Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make python work Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove jinja template ... Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make verify work Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct verify Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use right vm name for connect Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add a bit of documentation Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove sudo Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add weird OpenSBD workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * make verify playbook more consistent Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * rename nonlinux to BSD Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use openbsd7 for testing Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct use openbsd7 everywhere Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add waivers Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * update waiver descriptions Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use docker for inspec Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * keep looking right ;) Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * correct path to waivers Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use ephemeral directory in docker Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use bsd inspec profile Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * remove openbsd workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * re-add openbsd workaround Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * commit suggestions Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * add supportet OS to metadata Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> * use current python Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> --------- Signed-off-by: Martin Schurz <Martin.Schurz@t-systems.com> 2023-03-31 07:50:04 +00:00			`verifier:`
			`name: ansible`
			`env:`
			`ANSIBLE_PIPELINING: "True"`

			`scenario:`
			`create_sequence:`
			`- dependency`
			`- create`
			`- prepare`
			`check_sequence:`
			`- dependency`
			`- destroy`
			`- create`
			`- prepare`
			`- converge`
			`- check`
			`- destroy`
			`converge_sequence:`
			`- dependency`
			`- create`
			`- prepare`
			`- converge`
			`destroy_sequence:`
			`- destroy`
			`test_sequence:`
			`- dependency`
			`- destroy`
			`- syntax`
			`- create`
			`- prepare`
			`- converge`
			`- idempotence`
			`- verify`
			`- destroy`