{"id":5829,"sha1":"5395dd91c4945dae9fc8fcfc5c0aa3a0340e9e3f","playbook":{"id":3709,"items":{"plays":1,"tasks":1,"results":1,"hosts":1,"files":1,"records":0},"arguments":{"version":null,"verbosity":1,"private_key_file":"/home/ssh-gateway/.ssh/id_rsa","remote_user":"root","connection":"ssh","timeout":null,"ssh_common_args":null,"sftp_extra_args":null,"scp_extra_args":null,"ssh_extra_args":null,"ask_pass":false,"connection_password_file":null,"force_handlers":false,"flush_cache":false,"become":false,"become_method":"sudo","become_user":null,"become_ask_pass":false,"become_password_file":null,"tags":["all"],"skip_tags":[],"check":false,"diff":false,"inventory":["/home/ssh-gateway/ansible/kuly/bash-kvm-inventory-dev.sh"],"listhosts":false,"subset":"friendly-pelican.man-1.solus.stage.town","extra_vars":"Not saved by ARA as configured by 'ignored_arguments'","vault_ids":[],"ask_vault_pass":false,"vault_password_files":[],"forks":20,"module_path":null,"syntax":false,"listtasks":false,"listtags":false,"step":false,"start_at_task":null,"args":["find_snowflakes_repos.yaml"]},"labels":[{"id":1,"name":"remote_user:root"},{"id":2,"name":"check:False"},{"id":3,"name":"tags:all"},{"id":225,"name":"subset:friendly-pelican.man-1.solus.stage.town"}],"started":"2025-09-11T13:53:49.684390+01:00","ended":"2025-09-11T13:53:50.751875+01:00","duration":"00:00:01.067485","name":null,"ansible_version":"2.16.11","client_version":"1.7.3","python_version":"3.10.10","server_version":"1.7.3","status":"failed","path":"/home/ssh-gateway/ansible/kuly/find_snowflakes_repos.yaml","controller":"ssh-gw-4.layershift.com","user":"root"},"content":"---\n- name: Check for Third-Party Yum/DNF Repositories\n  hosts: all\n  become: true\n  gather_facts: false\n  vars:\n    # These are the standard, expected repository IDs for AlmaLinux 8 and EPEL.\n    # The 'crb' repo is the new name for 'powertools' in later 8.x versions.\n    # We include both to be safe.\n    allowed_repos:\n      - appstream\n      - baseos\n      - extras\n      - ha\n      - powertools\n      - crb\n      - epel\n      - epel-modular\n\n  tasks:\n    - name: Get list of enabled repositories\n      ansible.builtin.shell:\n        cmd: \"dnf repolist --enabled | awk 'NR>1 {print $1}'\"\n        warn: false\n      changed_when: false\n      register: enabled_repos_raw\n      check_mode: false\n\n    - name: Create a list of enabled repo IDs\n      ansible.builtin.set_fact:\n        enabled_repos_list: \"{{ enabled_repos_raw.stdout_lines }}\"\n\n    - name: Identify any non-standard repositories\n      ansible.builtin.set_fact:\n        third_party_repos: \"{{ enabled_repos_list | difference(allowed_repos) }}\"\n\n    - name: Report hosts with third-party repositories\n      ansible.builtin.debug:\n        msg:\n          - \"WARNING: Found unexpected third-party repositories on {{ inventory_hostname }}:\"\n          - \"{{ third_party_repos }}\"\n      when: third_party_repos | length > 0\n\n    - name: Report compliant hosts\n      ansible.builtin.debug:\n        msg: \"OK: No third-party repositories found on {{ inventory_hostname }}.\"\n      when: third_party_repos | length == 0\n\n","created":"2025-09-11T13:53:49.716622+01:00","updated":"2025-09-11T13:53:49.716642+01:00","path":"/home/ssh-gateway/ansible/kuly/find_snowflakes_repos.yaml"}