Merge "Adding Vagrant setup for deploying security-ansible"

README.md

@@ -28,6 +28,15 @@ Using the role is fairly straightforward:
       roles:
          - openstack-ansible-security
 
+Running with Vagrant
+--------------------
+
+Security Ansible can be easily run for testing using Vagrant.
+
+To do so run:
+    `vagrant destroy` To destroy any previously created Vagrant setup
+    `vagrant up` Spin up Ubuntu Trusty VM and run ansible-security against it
+
 License
 -------
 

Vagrantfile

@@ -0,0 +1,16 @@
+# Sets up Ubuntu 14.04, downloads security-ansible, and runs it
+
+Vagrant.configure("2") do |config|
+  config.vm.box = "ubuntu/trusty64"
+  config.vm.hostname = "sec-ansible-test"
+
+  config.vm.provision "ansible" do |ansible|
+    # ansible.verbose = "vvv"
+    ansible.playbook = "tests/vagrant.yml"
+    # we'll skip V-38496 because Vagrant itself creates the user that causes
+    # this to fail
+    ansible.skip_tags = ['V-38496']
+    # we need to run as sudo for a lot of the checks ansible-security runs
+    ansible.raw_arguments = ['-s']
+  end
+end

tests/vagrant.yml

@@ -0,0 +1,19 @@
+---
+# Copyright 2016, HPE, VMWare
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Playbook for role testing
+  hosts: all
+  roles:
+    - role: "../../../openstack-ansible-security"