From 1d245b47d15e3dd013d231b965c0c23d38223bcc Mon Sep 17 00:00:00 2001
From: Danny Brody <dbrody@gofundme.com>
Date: Tue, 16 Jul 2024 10:59:03 -0700
Subject: [PATCH 1/4] ability to supress the package logging facts

Signed-off-by: Danny Brody <dbrody@gofundme.com>
---
 defaults/main.yml | 4 ++++
 tasks/main.yml    | 1 +
 2 files changed, 5 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index 34407a9..da8b8b6 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1234,3 +1234,7 @@ audit_run_script_environment:
     AUDIT_BIN: "{{ audit_bin }}"
     AUDIT_FILE: 'goss.yml'
     AUDIT_CONTENT_LOCATION: "{{ audit_out_dir }}"
+
+#### Logging Configuration Settings ####
+# Set to true in order to supress the various tasks from logging
+suppress_package_facts_logging: false
diff --git a/tasks/main.yml b/tasks/main.yml
index ef6a464..e75ce3e 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -82,6 +82,7 @@
 - name: Gather the package facts
   ansible.builtin.package_facts:
       manager: auto
+  no_log: suppress_package_facts_logging
   tags:
       - always
 

From 9eb6d3544f824e4c0b0d9cd5e99c8a1fe2bd0aac Mon Sep 17 00:00:00 2001
From: Danny Brody <dbrody@gofundme.com>
Date: Tue, 16 Jul 2024 12:04:20 -0700
Subject: [PATCH 2/4] testing default bool false

Signed-off-by: Danny Brody <dbrody@gofundme.com>
---
 tasks/main.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/main.yml b/tasks/main.yml
index e75ce3e..394c096 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -82,7 +82,7 @@
 - name: Gather the package facts
   ansible.builtin.package_facts:
       manager: auto
-  no_log: suppress_package_facts_logging
+  no_log: "{{ suppress_package_facts_logging | default(false) }}"
   tags:
       - always
 

From e5a729df1f46ded4d1de5eecac61abd5e96da023 Mon Sep 17 00:00:00 2001
From: Danny Brody <dbrody@gofundme.com>
Date: Tue, 16 Jul 2024 13:50:58 -0700
Subject: [PATCH 3/4] adding suppress_etc_passwd_logging variable

Signed-off-by: Danny Brody <dbrody@gofundme.com>
---
 defaults/main.yml            | 1 +
 tasks/parse_etc_password.yml | 3 +++
 tasks/prelim.yml             | 1 +
 3 files changed, 5 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index da8b8b6..7a7f070 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -1238,3 +1238,4 @@ audit_run_script_environment:
 #### Logging Configuration Settings ####
 # Set to true in order to supress the various tasks from logging
 suppress_package_facts_logging: false
+suppress_etc_passwd_logging: false
diff --git a/tasks/parse_etc_password.yml b/tasks/parse_etc_password.yml
index f957c9a..b22d4f6 100644
--- a/tasks/parse_etc_password.yml
+++ b/tasks/parse_etc_password.yml
@@ -7,10 +7,13 @@
         changed_when: false
         check_mode: false
         register: amzn2023cis_passwd_file_audit
+        no_log: "{{ suppress_etc_passwd_logging | default(false) }}"
+
 
       - name: "PRELIM | 5.5.2 | 6.2.7 | 6.2.8 | 6.2.20 | Split passwd entries"
         ansible.builtin.set_fact:
             amzn2023cis_passwd: "{{ amzn2023cis_passwd_file_audit.stdout_lines | map('regex_replace', ld_passwd_regex, ld_passwd_yaml) | map('from_yaml') | list }}"
+        no_log: "{{ suppress_etc_passwd_logging | default(false) }}"
         loop: "{{ amzn2023cis_passwd_file_audit.stdout_lines }}"
         vars:
             ld_passwd_regex: >-
diff --git a/tasks/prelim.yml b/tasks/prelim.yml
index ed47db2..98ec781 100644
--- a/tasks/prelim.yml
+++ b/tasks/prelim.yml
@@ -292,5 +292,6 @@
 - name: "PRELIM | Gather the package facts after prelim"
   ansible.builtin.package_facts:
       manager: auto
+  no_log: "{{ suppress_package_facts_logging | default(false) }}"
   tags:
       - always

From 4a6270f7273ae29fd0e81358259926d1439fa1aa Mon Sep 17 00:00:00 2001
From: Danny Brody <dbrody@gofundme.com>
Date: Tue, 16 Jul 2024 14:05:33 -0700
Subject: [PATCH 4/4] fixing lint error

Signed-off-by: Danny Brody <dbrody@gofundme.com>
---
 tasks/parse_etc_password.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/tasks/parse_etc_password.yml b/tasks/parse_etc_password.yml
index b22d4f6..54db1c3 100644
--- a/tasks/parse_etc_password.yml
+++ b/tasks/parse_etc_password.yml
@@ -9,7 +9,6 @@
         register: amzn2023cis_passwd_file_audit
         no_log: "{{ suppress_etc_passwd_logging | default(false) }}"
 
-
       - name: "PRELIM | 5.5.2 | 6.2.7 | 6.2.8 | 6.2.20 | Split passwd entries"
         ansible.builtin.set_fact:
             amzn2023cis_passwd: "{{ amzn2023cis_passwd_file_audit.stdout_lines | map('regex_replace', ld_passwd_regex, ld_passwd_yaml) | map('from_yaml') | list }}"