From a4979371f32be7b27523b6a31c28d24ba10ce0da Mon Sep 17 00:00:00 2001
From: ByeonJungHun <sa_8001@ex-em.com>
Date: Wed, 3 Jan 2024 16:06:05 +0900
Subject: [PATCH] =?UTF-8?q?task=20=EC=B6=94=EA=B0=80?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md                                    |   2 ++
 checklist                                    |   2 +-
 roles/security_check/.DS_Store               | Bin 6148 -> 0 bytes
 roles/security_check/tasks/create_readme.yml |   9 ++++++++-
 roles/security_check/tasks/start.yml         |  17 ++++++++++++-----
 roles/security_check/templates/README.md.j2  |   5 +++++
 server_check.yml                             |   5 ++++-
 7 files changed, 32 insertions(+), 8 deletions(-)
 create mode 100644 README.md
 delete mode 100644 roles/security_check/.DS_Store

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..6b94bdd
--- /dev/null
+++ b/README.md
@@ -0,0 +1,2 @@
+|이름|상태 요약|상세 보기|
+|---|---|---|
diff --git a/checklist b/checklist
index b048da4..983e8d2 100644
--- a/checklist
+++ b/checklist
@@ -4,7 +4,7 @@ nas
 
 [server]
 10.10.43.200 ansible_port=2222 ansible_user=dev2
-10.10.43.201 ansible_port=2222 ansible_user=dev2
+#10.10.43.97 ansible_port=2222 ansible_user=dev2
 
 [nas]
 10.10.43.42 ansible_port=2222 ansible_user=exemdev2
diff --git a/roles/security_check/.DS_Store b/roles/security_check/.DS_Store
deleted file mode 100644
index 3959d3fa3b3a23ed0762d6b40141b0862986121d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 6148
zcmeHK%}T>S5Z>*NO({YT3gT(OYsFNmt#}EwzJL)usMLfO4UO5-q~=fxc>sMOAH?Tz
zW_JTE29F|k26n&M`Pt2Uko{qd@&0_&W~|8=v!EezR0;&mg|3nbM&xRa*iYlBA4<Pq
zn!jnnZ?Ce1c`RlVw)*`a{xl5Y#I`?qsa&aU)vTJ;upZoJnYxLW%;UZ{yTj47l%b#N
zo_`aJ(_wSxLPm)fMB|xC2u5QFxxWpfkxct?9*ts^>uQHpx9Y>@{$g?1?sn{!=-9nw
zODxWMCoR!EJzg&B*6zX4`PFa|zC`j(Q^|pICEEsbcn4*rrdM|sg)({qYo3uu5)uQ%
z05L!eY$5~ZG_V?*SUlBC3=ji9GJyMofQIN8%rvU413J7uqrZZP0y@4W5QRa<V5Si~
zAY7*c>Qru?7+j}=U6?q>V5U*0Gp<&KdCbcB<Atl$!7fxd<Bmq^i2-6@oq@6*Hu3zw
zgkPrck-wfoBVvFU_-738%D^4;p(t~<ek%{pS^@158Vbf`sDOaJb_sw1?jw83sr>?V
Zh;s~P8gUl1t8_rR2q;3RBL;qffiJ?KOL+hQ

diff --git a/roles/security_check/tasks/create_readme.yml b/roles/security_check/tasks/create_readme.yml
index f2a5f2f..6710a6c 100644
--- a/roles/security_check/tasks/create_readme.yml
+++ b/roles/security_check/tasks/create_readme.yml
@@ -8,5 +8,12 @@
   when: "'nas' in group_names"
 
 - debug:
-    msg: "{{ check_status.stdout_lines }}"
+    msg: "취약점 {{ check_status.stdout_lines }} 발견"
+  when: "'nas' in group_names"
+
+- name: Create README.md
+  template:
+    src: README.md.j2
+    dest: "{{ playbook_dir }}/README.md"
+  delegate_to: 127.0.0.1
   when: "'nas' in group_names"
\ No newline at end of file
diff --git a/roles/security_check/tasks/start.yml b/roles/security_check/tasks/start.yml
index b5028a0..79ccc94 100644
--- a/roles/security_check/tasks/start.yml
+++ b/roles/security_check/tasks/start.yml
@@ -1,8 +1,9 @@
 ---
 - name: Create Result Directory
   file:
-    path: /resultdir
+    path: ~/checklist/
     state: directory
+  become: false
   delegate_to: 127.0.0.1
   when: "'nas' in group_names"
 
@@ -27,7 +28,7 @@
 - name: Copy Result File to Local
   fetch:
     src: "/tmp/{{ ansible_hostname }}.txt"
-    dest: "/resultdir/"
+    dest: "~/checklist/"
     flat: yes
   when: ansible_distribution == 'Ubuntu'
 
@@ -38,21 +39,27 @@
   when: ansible_distribution == 'Ubuntu'
 
 - name: Find Copy File Name
-  shell: ls -l /resultdir/ | awk 'NR>1 {print $9}'
+  shell: ls -l ~/checklist/ | awk 'NR>1 {print $9}'
   register: copy_file
+  become: false
   delegate_to: 127.0.0.1
   when: "'nas' in group_names"
 
+- debug:
+    msg: "파일 {{ copy_file.stdout_lines }} 발견"
+  when: "'nas' in group_names"
+
 - name: Copy Result File to NAS
   copy:
-    src: "/resultdir/{{ item }}"
+    src: "~/checklist/{{ item }}"
     dest: /volume1/platform/05_Security_check
   with_items: "{{ copy_file.stdout_lines }}"
   when: "'nas' in group_names"
 
 - name: Delete Result File
   file:
-    path: "/resultdir"
+    path: "~/checklist/"
     state: absent
+  become: false
   delegate_to: 127.0.0.1
   when: ansible_distribution == 'Ubuntu'
\ No newline at end of file
diff --git a/roles/security_check/templates/README.md.j2 b/roles/security_check/templates/README.md.j2
index e69de29..a792705 100644
--- a/roles/security_check/templates/README.md.j2
+++ b/roles/security_check/templates/README.md.j2
@@ -0,0 +1,5 @@
+|이름|상태 요약|상세 보기|
+|---|---|---|
+{% for filename in check_status.stdout_lines %}
+|{{ filename|splitext|first }}|취약|http://10.10.43.42:8080/{{ filename }}|
+{% endfor %}
\ No newline at end of file
diff --git a/server_check.yml b/server_check.yml
index 58f2b2c..e3a3f6d 100644
--- a/server_check.yml
+++ b/server_check.yml
@@ -2,5 +2,8 @@
 - hosts: all
   become: true
   gather_facts: true
+  vars:
+    user: byeonjeonghun
+    group: staff
   roles:
-    - role: security_check
\ No newline at end of file
+    - role: security_check