Update name of variable

jovial · jovial · commit ee35591b3b4a · 2024-07-10T11:59:57.000+01:00
diff --git a/doc/source/configuration/security-hardening.rst b/doc/source/configuration/security-hardening.rst
@@ -40,18 +40,32 @@ whether or not workloads or API requests are affected by any configuration chang
 
     kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/cis.yml
 
+Targetting additional hosts
+---------------------------
+
+The ``cis.yml`` playbook targets hosts in the ``cis-hardening`` group. By
+default this includes the ``overcloud`` group. You can adjust this group
+to suit your needs, e.g to add the seed VM:
+
+.. code-block:: yaml
+  :caption: $KAYOBE_CONFIG_PATH/inventory/groups
+
+  [cis-hardening:children]
+  overcloud
+  seed
+
 Enabling the host configure hook
 --------------------------------
 
 A hook is pre-installed but its execution is guarded by the
-``stackhpc_enable_cis_benchmark_hardening`` configuration option.
+``stackhpc_enable_cis_benchmark_hardening_hook`` configuration option.
 If you want the hardening playbooks to run automatically, as part of
 host configure, simply set this flag to ``true``:
 
 .. code-block:: yaml
   :caption: $KAYOBE_CONFIG_PATH/stackhpc.yml
 
-    stackhpc_enable_cis_benchmark_hardening: true
+    stackhpc_enable_cis_benchmark_hardening_hook: true
 
 Alternatively, this can be toggled on a per-environment basis by
 setting it in an environment specific config file, or even on
diff --git a/etc/kayobe/environments/ci-aio/stackhpc.yml b/etc/kayobe/environments/ci-aio/stackhpc.yml
@@ -1,3 +1,3 @@
 ---
 
-stackhpc_enable_cis_benchmark_hardening: true
+stackhpc_enable_cis_benchmark_hardening_hook: true
diff --git a/etc/kayobe/environments/ci-multinode/stackhpc.yml b/etc/kayobe/environments/ci-multinode/stackhpc.yml
@@ -1,3 +1,3 @@
 ---
 
-stackhpc_enable_cis_benchmark_hardening: true
+stackhpc_enable_cis_benchmark_hardening_hook: true
diff --git a/etc/kayobe/hooks/overcloud-host-configure/post.d/99-cis.yml b/etc/kayobe/hooks/overcloud-host-configure/post.d/99-cis.yml
@@ -1,4 +1,4 @@
 ---
 
 - import_playbook: ../../../ansible/cis.yml
-  when: stackhpc_enable_cis_benchmark_hardening | bool
+  when: stackhpc_enable_cis_benchmark_hardening_hook | bool
diff --git a/etc/kayobe/inventory/group_vars/all/stackhpc b/etc/kayobe/inventory/group_vars/all/stackhpc
@@ -3,4 +3,4 @@
 # Feature flags
 
 # Whether or not to run CIS benchmark hardening playbooks. Default is false.
-stackhpc_enable_cis_benchmark_hardening: false
+stackhpc_enable_cis_benchmark_hardening_hook: false
diff --git a/etc/kayobe/stackhpc.yml b/etc/kayobe/stackhpc.yml
@@ -157,4 +157,4 @@ stackhpc_docker_registry_password: "{{ pulp_password }}"
 # Feature flags
 
 # Whether or not to run CIS benchmark hardening playbooks. Default is false.
-#stackhpc_enable_cis_benchmark_hardening:
+#stackhpc_enable_cis_benchmark_hardening_hook:
diff --git a/releasenotes/notes/adds-cis-hook-8cec8d42103d075e.yaml b/releasenotes/notes/adds-cis-hook-8cec8d42103d075e.yaml
@@ -3,5 +3,5 @@ features:
   - |
     Adds a hook to automatically run the CIS benchmark hardening playbooks as
     part of host configure. This is guarded by the
-    ``stackhpc_enable_cis_benchmark_hardening`` configuration option and is
+    ``stackhpc_enable_cis_benchmark_hardening_hook`` configuration option and is
     disabled by default.

Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`	`1`	`---`
`2`	`2`
`3`		`-stackhpc_enable_cis_benchmark_hardening: true`
	`3`	`+stackhpc_enable_cis_benchmark_hardening_hook: true`