---

#### Audit Configuration Settings ####

# Timeout for those cmds that take longer to run where timeout set
audit_cmd_timeout: 120000

# if get_audit_binary_method == download change accordingly
audit_bin_url: "https://github.com/goss-org/goss/releases/download/{{ audit_bin_version.release }}/goss-linux-"

### Goss Audit Benchmark file ###
## managed by the control audit_content
# git
audit_file_git: "https://github.com/ansible-lockdown/{{ benchmark }}-Audit.git"
audit_git_version: "benchmark_{{ benchmark_version }}"

## Goss configuration information
# Where the goss audit configuration will be stored - NOTE benchmark-audit is expected
audit_conf_dir: "{{ audit_conf_dest | default('/opt') }}/{{ benchmark }}-Audit"

# If changed these can affect other products
pre_audit_outfile: "{{ audit_log_dir }}/{{ ansible_facts.hostname }}-{{ benchmark }}-{{ benchmark_version }}_pre_scan_{{ ansible_facts.date_time.epoch }}.{{ audit_format }}"
post_audit_outfile: "{{ audit_log_dir }}/{{ ansible_facts.hostname }}-{{ benchmark }}-{{ benchmark_version }}_post_scan_{{ ansible_facts.date_time.epoch }}.{{ audit_format }}"

## The following should not need changing

### Audit binary settings ###
audit_bin_version:
  release: v0.4.8
  AMD64_checksum: 'sha256:85d00b7bba5f175bec95de7dfe1f71f8f25204914aad4c6f03c8457868eb6e2f'
  ARM64_checksum: 'sha256:bca8c898bfd35b94c51455ece6193c95e2cd7b2b183ac2047b2d76291e73e47d'
audit_bin_path: /usr/local/bin/
audit_bin: "{{ audit_bin_path }}goss"
audit_format: json

audit_vars_path: "{{ audit_conf_dir }}/vars/{{ ansible_facts.hostname }}.yml"
audit_results: |
  The{% if not audit_only %} pre remediation{% endif %} audit results are: {{ pre_audit_results }}
  {% if not audit_only %}The post remediation audit results are: {{ post_audit_results }}{% endif %}

  Full breakdown can be found in {{ audit_log_dir }}