You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If we have the CIS hardening hook enabled and run a command such as the
following:
kayobe overcloud host configure -t foo
where 'cis' is not in the specified tags, we see the following error:
PLAY [Security hardening] *****************************************
TASK [include_role : ansible-lockdown.rhel9_cis] ******************
fatal: [controller-01]: FAILED! =>
msg: |-
The conditional check 'ansible_facts.os_family == 'RedHat' and
ansible_facts.distribution_major_version == '9'' failed. The error
was: error while evaluating conditional (ansible_facts.os_family
== 'RedHat' and ansible_facts.distribution_major_version == '9'):
'dict object' has no attribute 'os_family'. 'dict object' has no
attribute 'os_family'
The error appears to be in 'etc/kayobe/ansible/cis.yml': line 35,
column 7, but may be elsewhere in the file depending on the exact
syntax problem.
The offending line appears to be:
- include_role:
^ here
This is because the include_role task has the 'always' tag, so runs
despite no facts having been gathered.
The always tag is not required for this task - specifying the 'cis' tag
causes the role to be included. This change fixes the issue by removing
the always tags from these tasks.
0 commit comments