This question is confusing in a number of ways and I’ve tried a lot of things, but keep running into “ERROR! playbooks must be a list of plays”.
Issue #1: We are supposed to run report_status.sh against all hosts, but in the previous question we were only copying the script to web2. I could have re-run the other playbook against web1, but I decided to use the “script” module which copies in place.
Issue #2: This question specifically says to write a playbook “/root/playbook/check_if_vulnerable.yml”. This directory (/root/playbook/) is obscure in that it requires root access (which I obtained with “sudo su”) and “playbook” is singular as opposed to plural which we see in “/home/thor/playbooks/”, so I can’t tell whether it’s a typo or some test of attention to detail.
I originally wrote my playbook with one play and multiple tasks (runs without issue), but even after I broke it up into multiple plays (runs without issue) I still receive the validation error. Here is my current playbook and below are various screenshots:
#conditionals5_check_if_vulnerable.yml
---
- name: Check for shellshock vulnerability
hosts: all
tasks:
# - name: Run already copied script to test for shellshock vulnerability
# shell: /usr/local/bin/report_status.sh
# register: shell_report_status_result
# - debug:
# var: shell_report_status_result
- name: Copy and run script to test for shellshock vulnerability
script: /home/thor/playbooks/report_status.sh
register: script_report_status_result
- debug:
var: script_report_status_result.stdout
- name: Mitigate shellshock vulnerability
hosts: all
tasks:
- name: Update bash if vulnerable
package:
name: bash
state: latest
when: script_report_status_result.stdout is match("vulnerable")!