kitchen.yml

transport:
  name: ssh
  max_ssh_sessions: 2

verifier:
  name: inspec
  sudo: true
  reporter:
    - cli
    - json:spec/results/%{platform}_%{suite}.json
  inspec_tests:
    - name: RedHat Enterprise Linux 7 STIG
      path: .
  load_plugins: true

provisioner:
  name: ansible_playbook
  hosts: all
  require_chef_for_busser: false
  require_ruby_for_busser: false
  require_pip3: true
  ansible_binary_path: /usr/local/bin
  ansible_verbose: true
  roles_path: spec/ansible/roles
  galaxy_ignore_certs: true
  ansible_extra_flags: <%= ENV['ANSIBLE_EXTRA_FLAGS'] %>
  requirements_path: spec/ansible/roles/requirements.yml
  env_vars:
    - ANSIBLE_LOCAL_TEMP=$HOME/.ansible/tmp
    - ANSIBLE_REMOTE_TEMP=$HOME/.ansible/tmp

platforms:
  - name: rhel-7

suites:
  - name: vanilla
    provisioner:
      playbook: spec/ansible/roles/ansible-role-rhel-vanilla.yml
      
  - name: hardened
    provisioner:
      playbook: spec/ansible/roles/ansible-role-rhel-hardened.yml