diff --git a/README.md b/README.md index b4de62b2..fd95baff 100644 --- a/README.md +++ b/README.md @@ -28,6 +28,15 @@ Using the role is fairly straightforward: roles: - openstack-ansible-security +Running with Vagrant +-------------------- + +Security Ansible can be easily run for testing using Vagrant. + +To do so run: + `vagrant destroy` To destroy any previously created Vagrant setup + `vagrant up` Spin up Ubuntu Trusty VM and run ansible-security against it + License ------- diff --git a/Vagrantfile b/Vagrantfile new file mode 100644 index 00000000..a4ca67cb --- /dev/null +++ b/Vagrantfile @@ -0,0 +1,16 @@ +# Sets up Ubuntu 14.04, downloads security-ansible, and runs it + +Vagrant.configure("2") do |config| + config.vm.box = "ubuntu/trusty64" + config.vm.hostname = "sec-ansible-test" + + config.vm.provision "ansible" do |ansible| + # ansible.verbose = "vvv" + ansible.playbook = "tests/vagrant.yml" + # we'll skip V-38496 because Vagrant itself creates the user that causes + # this to fail + ansible.skip_tags = ['V-38496'] + # we need to run as sudo for a lot of the checks ansible-security runs + ansible.raw_arguments = ['-s'] + end +end diff --git a/tests/vagrant.yml b/tests/vagrant.yml new file mode 100644 index 00000000..040006ba --- /dev/null +++ b/tests/vagrant.yml @@ -0,0 +1,19 @@ +--- +# Copyright 2016, HPE, VMWare +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +- name: Playbook for role testing + hosts: all + roles: + - role: "../../../openstack-ansible-security"