colin
/
UBUNTU24-CIS
mirror of https://github.com/ansible-lockdown/UBUNTU24-CIS.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add ignore_apt_update_changed_when default variable to allow users to specify changed_when behavior of apt update task; allows for idempotency checks (like Molecule) 

Signed-off-by: Shawn Hardwick <time4swim@gmail.com>
This commit is contained in:
Shawn Hardwick 2025-02-05 11:59:30 -05:00
parent a41047672d
commit 8a38650658
No known key found for this signature in database
GPG Key ID: 2F156DF1396D01DF
2 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
defaults/main.yml
View File

@ -626,6 +626,10 @@ ubtu24cis_desktop_required: false
# This will also purge any packages not removed via this playbook
ubtu24cis_purge_apt: false
## Ignore change_when for apt update task
# Modifies behavior of 'changed_when' for 'apt update' task in prelim that always changes
ignore_apt_update_changed_when: false
##
## Section 1 Control Variables
##

1
tasks/prelim.yml
View File

@ -55,6 +55,7 @@
tags: always
ansible.builtin.package:
update_cache: true
changed_when: not ignore_apt_update_changed_when
- name: Include audit specific variables
when: