Use parameter value in ansible lineinfile macro #10958

ggbecker · 2023-08-07T14:00:13Z

Description:

Use parameter value in ansible lineinfile macro.

Rationale:

The value of create was not being used for some of the function calls in this macro.
Found when investigating: Invalid TMUX tasks defined by latest version of ansible-role-rhel8-stig #10957

openshift-ci · 2023-08-07T14:00:21Z

Skipping CI for Draft Pull Request.
If you want CI signal for your change, please convert it to an actual PR.
You can still manually trigger a test run with /test all

github-actions · 2023-08-07T14:05:37Z

This datastream diff is auto generated by the check Compare DS/Generate Diff

Click here to see the full diff

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_harden_sshd_ciphers_openssh_conf_crypto_policy' differs.
--- xccdf_org.ssgproject.content_rule_harden_sshd_ciphers_openssh_conf_crypto_policy
+++ xccdf_org.ssgproject.content_rule_harden_sshd_ciphers_openssh_conf_crypto_policy
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/crypto-policies/back-ends/openssh.config
-      create: false
+      create: true
       regexp: ^.*Ciphers\s+
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/crypto-policies/back-ends/openssh.config
     lineinfile:
       path: /etc/crypto-policies/back-ends/openssh.config
-      create: false
+      create: true
       regexp: ^.*Ciphers\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_harden_sshd_macs_openssh_conf_crypto_policy' differs.
--- xccdf_org.ssgproject.content_rule_harden_sshd_macs_openssh_conf_crypto_policy
+++ xccdf_org.ssgproject.content_rule_harden_sshd_macs_openssh_conf_crypto_policy
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/crypto-policies/back-ends/openssh.config
-      create: false
+      create: true
       regexp: ^.*MACs\s+
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/crypto-policies/back-ends/openssh.config
     lineinfile:
       path: /etc/crypto-policies/back-ends/openssh.config
-      create: false
+      create: true
       regexp: ^.*MACs\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_configure_tmux_lock_after_time' differs.
--- xccdf_org.ssgproject.content_rule_configure_tmux_lock_after_time
+++ xccdf_org.ssgproject.content_rule_configure_tmux_lock_after_time
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/tmux.conf
-      create: false
+      create: true
       regexp: ^\s*set -g lock-after-time\s+
       mode: '0644'
       state: absent
@@ -15,7 +15,7 @@
   - name: Deduplicate values from /etc/tmux.conf
     lineinfile:
       path: /etc/tmux.conf
-      create: false
+      create: true
       regexp: ^\s*set -g lock-after-time\s+
       mode: '0644'
       state: absent

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_configure_tmux_lock_command' differs.
--- xccdf_org.ssgproject.content_rule_configure_tmux_lock_command
+++ xccdf_org.ssgproject.content_rule_configure_tmux_lock_command
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/tmux.conf
-      create: false
+      create: true
       regexp: ^\s*set -g lock-command\s+
       mode: '0644'
       state: absent
@@ -15,7 +15,7 @@
   - name: Deduplicate values from /etc/tmux.conf
     lineinfile:
       path: /etc/tmux.conf
-      create: false
+      create: true
       regexp: ^\s*set -g lock-command\s+
       mode: '0644'
       state: absent

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_configure_tmux_lock_keybinding' differs.
--- xccdf_org.ssgproject.content_rule_configure_tmux_lock_keybinding
+++ xccdf_org.ssgproject.content_rule_configure_tmux_lock_keybinding
@@ -1,7 +1,7 @@
 - name: Check for duplicate values
   lineinfile:
     path: /etc/tmux.conf
-    create: false
+    create: true
     regexp: \s*bind\s+\w\s+lock-session.*$
     mode: '0644'
     state: absent
@@ -22,7 +22,7 @@
 - name: Deduplicate values from /etc/tmux.conf
   lineinfile:
     path: /etc/tmux.conf
-    create: false
+    create: true
     regexp: \s*bind\s+\w\s+lock-session.*$
     mode: '0644'
     state: absent

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_accounts_have_homedir_login_defs' differs.
--- xccdf_org.ssgproject.content_rule_accounts_have_homedir_login_defs
+++ xccdf_org.ssgproject.content_rule_accounts_have_homedir_login_defs
@@ -17,7 +17,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/login.defs
-      create: false
+      create: true
       regexp: ^\s*CREATE_HOME\s+
       state: absent
     check_mode: true
@@ -27,7 +27,7 @@
   - name: Deduplicate values from /etc/login.defs
     lineinfile:
       path: /etc/login.defs
-      create: false
+      create: true
       regexp: ^\s*CREATE_HOME\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_auditd_freq' differs.
--- xccdf_org.ssgproject.content_rule_auditd_freq
+++ xccdf_org.ssgproject.content_rule_auditd_freq
@@ -17,7 +17,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*freq\s*=\s*
       state: absent
     check_mode: true
@@ -27,7 +27,7 @@
   - name: Deduplicate values from /etc/audit/auditd.conf
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*freq\s*=\s*
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_auditd_local_events' differs.
--- xccdf_org.ssgproject.content_rule_auditd_local_events
+++ xccdf_org.ssgproject.content_rule_auditd_local_events
@@ -18,7 +18,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*local_events\s*=\s*
       state: absent
     check_mode: true
@@ -28,7 +28,7 @@
   - name: Deduplicate values from /etc/audit/auditd.conf
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*local_events\s*=\s*
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_auditd_log_format' differs.
--- xccdf_org.ssgproject.content_rule_auditd_log_format
+++ xccdf_org.ssgproject.content_rule_auditd_log_format
@@ -19,7 +19,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*log_format\s*=\s*
       state: absent
     check_mode: true
@@ -29,7 +29,7 @@
   - name: Deduplicate values from /etc/audit/auditd.conf
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*log_format\s*=\s*
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_auditd_name_format' differs.
--- xccdf_org.ssgproject.content_rule_auditd_name_format
+++ xccdf_org.ssgproject.content_rule_auditd_name_format
@@ -19,7 +19,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*name_format\s*=\s*
       state: absent
     check_mode: true
@@ -29,7 +29,7 @@
   - name: Deduplicate values from /etc/audit/auditd.conf
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*name_format\s*=\s*
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_auditd_overflow_action' differs.
--- xccdf_org.ssgproject.content_rule_auditd_overflow_action
+++ xccdf_org.ssgproject.content_rule_auditd_overflow_action
@@ -18,7 +18,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*overflow_action\s*=\s*
       state: absent
     check_mode: true
@@ -28,7 +28,7 @@
   - name: Deduplicate values from /etc/audit/auditd.conf
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*overflow_action\s*=\s*
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_auditd_write_logs' differs.
--- xccdf_org.ssgproject.content_rule_auditd_write_logs
+++ xccdf_org.ssgproject.content_rule_auditd_write_logs
@@ -17,7 +17,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*write_logs\s*=\s*
       state: absent
     check_mode: true
@@ -27,7 +27,7 @@
   - name: Deduplicate values from /etc/audit/auditd.conf
     lineinfile:
       path: /etc/audit/auditd.conf
-      create: false
+      create: true
       regexp: (?i)^\s*write_logs\s*=\s*
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_journald_compress' differs.
--- xccdf_org.ssgproject.content_rule_journald_compress
+++ xccdf_org.ssgproject.content_rule_journald_compress
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/systemd/journald.conf
-      create: false
+      create: true
       regexp: ^\s*Compress=
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/systemd/journald.conf
     lineinfile:
       path: /etc/systemd/journald.conf
-      create: false
+      create: true
       regexp: ^\s*Compress=
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_journald_forward_to_syslog' differs.
--- xccdf_org.ssgproject.content_rule_journald_forward_to_syslog
+++ xccdf_org.ssgproject.content_rule_journald_forward_to_syslog
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/systemd/journald.conf
-      create: false
+      create: true
       regexp: ^\s*ForwardToSyslog=
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/systemd/journald.conf
     lineinfile:
       path: /etc/systemd/journald.conf
-      create: false
+      create: true
       regexp: ^\s*ForwardToSyslog=
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_journald_storage' differs.
--- xccdf_org.ssgproject.content_rule_journald_storage
+++ xccdf_org.ssgproject.content_rule_journald_storage
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/systemd/journald.conf
-      create: false
+      create: true
       regexp: ^\s*Storage=
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/systemd/journald.conf
     lineinfile:
       path: /etc/systemd/journald.conf
-      create: false
+      create: true
       regexp: ^\s*Storage=
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_firewalld-backend' differs.
--- xccdf_org.ssgproject.content_rule_firewalld-backend
+++ xccdf_org.ssgproject.content_rule_firewalld-backend
@@ -19,7 +19,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/firewalld/firewalld.conf
-      create: false
+      create: true
       regexp: ^\s*FirewallBackend=
       state: absent
     check_mode: true
@@ -29,7 +29,7 @@
   - name: Deduplicate values from /etc/firewalld/firewalld.conf
     lineinfile:
       path: /etc/firewalld/firewalld.conf
-      create: false
+      create: true
       regexp: ^\s*FirewallBackend=
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_selinux_not_disabled' differs.
--- xccdf_org.ssgproject.content_rule_selinux_not_disabled
+++ xccdf_org.ssgproject.content_rule_selinux_not_disabled
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/selinux/config
-      create: false
+      create: true
       regexp: ^SELINUX=
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/selinux/config
     lineinfile:
       path: /etc/selinux/config
-      create: false
+      create: true
       regexp: ^SELINUX=
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_selinux_policytype' differs.
--- xccdf_org.ssgproject.content_rule_selinux_policytype
+++ xccdf_org.ssgproject.content_rule_selinux_policytype
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/selinux/config
-      create: false
+      create: true
       regexp: ^SELINUXTYPE=
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/selinux/config
     lineinfile:
       path: /etc/selinux/config
-      create: false
+      create: true
       regexp: ^SELINUXTYPE=
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_selinux_state' differs.
--- xccdf_org.ssgproject.content_rule_selinux_state
+++ xccdf_org.ssgproject.content_rule_selinux_state
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/selinux/config
-      create: false
+      create: true
       regexp: ^SELINUX=
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/selinux/config
     lineinfile:
       path: /etc/selinux/config
-      create: false
+      create: true
       regexp: ^SELINUX=
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_postfix_client_configure_mail_alias_postmaster' differs.
--- xccdf_org.ssgproject.content_rule_postfix_client_configure_mail_alias_postmaster
+++ xccdf_org.ssgproject.content_rule_postfix_client_configure_mail_alias_postmaster
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/aliases
-      create: false
+      create: true
       regexp: ^\s*postmaster\s*:\s*
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/aliases
     lineinfile:
       path: /etc/aliases
-      create: false
+      create: true
       regexp: ^\s*postmaster\s*:\s*
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay' differs.
--- xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay
+++ xccdf_org.ssgproject.content_rule_postfix_prevent_unrestricted_relay
@@ -17,7 +17,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/postfix/main.cf
-      create: false
+      create: true
       regexp: ^[ \t]*smtpd_client_restrictions\s*=\s*
       state: absent
     check_mode: true
@@ -27,7 +27,7 @@
   - name: Deduplicate values from /etc/postfix/main.cf
     lineinfile:
       path: /etc/postfix/main.cf
-      create: false
+      create: true
       regexp: ^[ \t]*smtpd_client_restrictions\s*=\s*
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_chronyd_client_only' differs.
--- xccdf_org.ssgproject.content_rule_chronyd_client_only
+++ xccdf_org.ssgproject.content_rule_chronyd_client_only
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/chrony.conf
-      create: false
+      create: true
       regexp: ^\s*port\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/chrony.conf
     lineinfile:
       path: /etc/chrony.conf
-      create: false
+      create: true
       regexp: ^\s*port\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_chronyd_no_chronyc_network' differs.
--- xccdf_org.ssgproject.content_rule_chronyd_no_chronyc_network
+++ xccdf_org.ssgproject.content_rule_chronyd_no_chronyc_network
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/chrony.conf
-      create: false
+      create: true
       regexp: ^\s*cmdport\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/chrony.conf
     lineinfile:
       path: /etc/chrony.conf
-      create: false
+      create: true
       regexp: ^\s*cmdport\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_set_keepalive_0' differs.
--- xccdf_org.ssgproject.content_rule_sshd_set_keepalive_0
+++ xccdf_org.ssgproject.content_rule_sshd_set_keepalive_0
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*ClientAliveCountMax\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*ClientAliveCountMax\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_set_keepalive' differs.
--- xccdf_org.ssgproject.content_rule_sshd_set_keepalive
+++ xccdf_org.ssgproject.content_rule_sshd_set_keepalive
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*ClientAliveCountMax\s+
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*ClientAliveCountMax\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_set_idle_timeout' differs.
--- xccdf_org.ssgproject.content_rule_sshd_set_idle_timeout
+++ xccdf_org.ssgproject.content_rule_sshd_set_idle_timeout
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*ClientAliveInterval\s+
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*ClientAliveInterval\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_disable_host_auth' differs.
--- xccdf_org.ssgproject.content_rule_disable_host_auth
+++ xccdf_org.ssgproject.content_rule_disable_host_auth
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*HostbasedAuthentication\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*HostbasedAuthentication\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_allow_only_protocol2' differs.
--- xccdf_org.ssgproject.content_rule_sshd_allow_only_protocol2
+++ xccdf_org.ssgproject.content_rule_sshd_allow_only_protocol2
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*Protocol\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*Protocol\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_compression' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_compression
+++ xccdf_org.ssgproject.content_rule_sshd_disable_compression
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*Compression\s+
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*Compression\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_empty_passwords' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_empty_passwords
+++ xccdf_org.ssgproject.content_rule_sshd_disable_empty_passwords
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PermitEmptyPasswords\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PermitEmptyPasswords\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_gssapi_auth' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_gssapi_auth
+++ xccdf_org.ssgproject.content_rule_sshd_disable_gssapi_auth
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*GSSAPIAuthentication\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*GSSAPIAuthentication\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_kerb_auth' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_kerb_auth
+++ xccdf_org.ssgproject.content_rule_sshd_disable_kerb_auth
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*KerberosAuthentication\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*KerberosAuthentication\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_pubkey_auth' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_pubkey_auth
+++ xccdf_org.ssgproject.content_rule_sshd_disable_pubkey_auth
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PubkeyAuthentication\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PubkeyAuthentication\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_rhosts' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_rhosts
+++ xccdf_org.ssgproject.content_rule_sshd_disable_rhosts
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*IgnoreRhosts\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*IgnoreRhosts\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_rhosts_rsa' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_rhosts_rsa
+++ xccdf_org.ssgproject.content_rule_sshd_disable_rhosts_rsa
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*RhostsRSAAuthentication\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*RhostsRSAAuthentication\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_root_login' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_root_login
+++ xccdf_org.ssgproject.content_rule_sshd_disable_root_login
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PermitRootLogin\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PermitRootLogin\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_root_password_login' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_root_password_login
+++ xccdf_org.ssgproject.content_rule_sshd_disable_root_password_login
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PermitRootLogin\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PermitRootLogin\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_tcp_forwarding' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_tcp_forwarding
+++ xccdf_org.ssgproject.content_rule_sshd_disable_tcp_forwarding
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*AllowTcpForwarding\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*AllowTcpForwarding\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_user_known_hosts' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_user_known_hosts
+++ xccdf_org.ssgproject.content_rule_sshd_disable_user_known_hosts
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*IgnoreUserKnownHosts\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*IgnoreUserKnownHosts\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_disable_x11_forwarding' differs.
--- xccdf_org.ssgproject.content_rule_sshd_disable_x11_forwarding
+++ xccdf_org.ssgproject.content_rule_sshd_disable_x11_forwarding
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*X11Forwarding\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*X11Forwarding\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_do_not_permit_user_env' differs.
--- xccdf_org.ssgproject.content_rule_sshd_do_not_permit_user_env
+++ xccdf_org.ssgproject.content_rule_sshd_do_not_permit_user_env
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PermitUserEnvironment\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PermitUserEnvironment\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_enable_gssapi_auth' differs.
--- xccdf_org.ssgproject.content_rule_sshd_enable_gssapi_auth
+++ xccdf_org.ssgproject.content_rule_sshd_enable_gssapi_auth
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*GSSAPIAuthentication\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*GSSAPIAuthentication\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_enable_pam' differs.
--- xccdf_org.ssgproject.content_rule_sshd_enable_pam
+++ xccdf_org.ssgproject.content_rule_sshd_enable_pam
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*UsePAM\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*UsePAM\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_enable_pubkey_auth' differs.
--- xccdf_org.ssgproject.content_rule_sshd_enable_pubkey_auth
+++ xccdf_org.ssgproject.content_rule_sshd_enable_pubkey_auth
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PubkeyAuthentication\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PubkeyAuthentication\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_enable_strictmodes' differs.
--- xccdf_org.ssgproject.content_rule_sshd_enable_strictmodes
+++ xccdf_org.ssgproject.content_rule_sshd_enable_strictmodes
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*StrictModes\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*StrictModes\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_enable_warning_banner' differs.
--- xccdf_org.ssgproject.content_rule_sshd_enable_warning_banner
+++ xccdf_org.ssgproject.content_rule_sshd_enable_warning_banner
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*Banner\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*Banner\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_enable_warning_banner_net' differs.
--- xccdf_org.ssgproject.content_rule_sshd_enable_warning_banner_net
+++ xccdf_org.ssgproject.content_rule_sshd_enable_warning_banner_net
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*Banner\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*Banner\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_enable_x11_forwarding' differs.
--- xccdf_org.ssgproject.content_rule_sshd_enable_x11_forwarding
+++ xccdf_org.ssgproject.content_rule_sshd_enable_x11_forwarding
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*X11Forwarding\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*X11Forwarding\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_print_last_log' differs.
--- xccdf_org.ssgproject.content_rule_sshd_print_last_log
+++ xccdf_org.ssgproject.content_rule_sshd_print_last_log
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PrintLastLog\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*PrintLastLog\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_rekey_limit' differs.
--- xccdf_org.ssgproject.content_rule_sshd_rekey_limit
+++ xccdf_org.ssgproject.content_rule_sshd_rekey_limit
@@ -15,7 +15,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*RekeyLimit\s+
       state: absent
     check_mode: true
@@ -25,7 +25,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*RekeyLimit\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_set_login_grace_time' differs.
--- xccdf_org.ssgproject.content_rule_sshd_set_login_grace_time
+++ xccdf_org.ssgproject.content_rule_sshd_set_login_grace_time
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*LoginGraceTime\s+
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*LoginGraceTime\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_set_loglevel_info' differs.
--- xccdf_org.ssgproject.content_rule_sshd_set_loglevel_info
+++ xccdf_org.ssgproject.content_rule_sshd_set_loglevel_info
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*LogLevel\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*LogLevel\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_set_loglevel_verbose' differs.
--- xccdf_org.ssgproject.content_rule_sshd_set_loglevel_verbose
+++ xccdf_org.ssgproject.content_rule_sshd_set_loglevel_verbose
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*LogLevel\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*LogLevel\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_set_max_auth_tries' differs.
--- xccdf_org.ssgproject.content_rule_sshd_set_max_auth_tries
+++ xccdf_org.ssgproject.content_rule_sshd_set_max_auth_tries
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*MaxAuthTries\s+
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*MaxAuthTries\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_set_max_sessions' differs.
--- xccdf_org.ssgproject.content_rule_sshd_set_max_sessions
+++ xccdf_org.ssgproject.content_rule_sshd_set_max_sessions
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*MaxSessions\s+
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*MaxSessions\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_set_maxstartups' differs.
--- xccdf_org.ssgproject.content_rule_sshd_set_maxstartups
+++ xccdf_org.ssgproject.content_rule_sshd_set_maxstartups
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*MaxStartups\s+
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*MaxStartups\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_use_priv_separation' differs.
--- xccdf_org.ssgproject.content_rule_sshd_use_priv_separation
+++ xccdf_org.ssgproject.content_rule_sshd_use_priv_separation
@@ -10,7 +10,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*UsePrivilegeSeparation\s+
       state: absent
     check_mode: true
@@ -20,7 +20,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*UsePrivilegeSeparation\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_use_strong_rng' differs.
--- xccdf_org.ssgproject.content_rule_sshd_use_strong_rng
+++ xccdf_org.ssgproject.content_rule_sshd_use_strong_rng
@@ -5,7 +5,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/sysconfig/sshd
-      create: false
+      create: true
       regexp: ^\s*SSH_USE_STRONG_RNG=
       state: absent
     check_mode: true
@@ -15,7 +15,7 @@
   - name: Deduplicate values from /etc/sysconfig/sshd
     lineinfile:
       path: /etc/sysconfig/sshd
-      create: false
+      create: true
       regexp: ^\s*SSH_USE_STRONG_RNG=
       state: absent
     when: dupes.found is defined and dupes.found > 1

ansible remediation for rule 'xccdf_org.ssgproject.content_rule_sshd_x11_use_localhost' differs.
--- xccdf_org.ssgproject.content_rule_sshd_x11_use_localhost
+++ xccdf_org.ssgproject.content_rule_sshd_x11_use_localhost
@@ -4,7 +4,7 @@
   - name: Check for duplicate values
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*X11UseLocalhost\s+
       state: absent
     check_mode: true
@@ -14,7 +14,7 @@
   - name: Deduplicate values from /etc/ssh/sshd_config
     lineinfile:
       path: /etc/ssh/sshd_config
-      create: false
+      create: true
       regexp: (?i)^\s*X11UseLocalhost\s+
       state: absent
     when: dupes.found is defined and dupes.found > 1

github-actions · 2023-08-07T14:06:39Z

Start a new ephemeral environment with changes proposed in this pull request:

rhel8 (from CTF) Environment (using Fedora as testing environment)

Fedora Testing Environment

Oracle Linux 8 Environment

codeclimate · 2023-08-07T14:50:03Z

Code Climate has analyzed commit b5f0402 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 53.2% (0.0% change).

View more on Code Climate.

Mab879

Thanks for the PR! I'm waving the Automatus tests as they also failing on master.

Use parameter value in ansible lineinfile macro.

b5f0402

ggbecker added the Ansible Ansible remediation update. label Aug 7, 2023

ggbecker added this to the 0.1.70 milestone Aug 7, 2023

ggbecker marked this pull request as ready for review August 7, 2023 14:00

openshift-ci bot added the do-not-merge/work-in-progress Used by openshift-ci bot. label Aug 7, 2023

openshift-ci bot removed the do-not-merge/work-in-progress Used by openshift-ci bot. label Aug 7, 2023

Mab879 self-assigned this Aug 7, 2023

jan-cerny changed the title ~~Use parameter value in ansible lineinfile macro.~~ Use parameter value in ansible lineinfile macro Aug 7, 2023

Mab879 approved these changes Aug 7, 2023

View reviewed changes

Mab879 merged commit 34a0b26 into ComplianceAsCode:master Aug 7, 2023
31 of 34 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Use parameter value in ansible lineinfile macro #10958

Use parameter value in ansible lineinfile macro #10958

ggbecker commented Aug 7, 2023 •

edited

openshift-ci bot commented Aug 7, 2023

github-actions bot commented Aug 7, 2023

github-actions bot commented Aug 7, 2023

codeclimate bot commented Aug 7, 2023

Mab879 left a comment

Use parameter value in ansible lineinfile macro #10958

Use parameter value in ansible lineinfile macro #10958

Conversation

ggbecker commented Aug 7, 2023 • edited

Description:

Rationale:

openshift-ci bot commented Aug 7, 2023

github-actions bot commented Aug 7, 2023

github-actions bot commented Aug 7, 2023

codeclimate bot commented Aug 7, 2023

Mab879 left a comment

Choose a reason for hiding this comment

ggbecker commented Aug 7, 2023 •

edited