2-scan.yml

---
- name: Set SSH tunnel
  command: ssh -o StrictHostKeyChecking=no -f -N -L localhost:9390:192.168.235.234:9390 jenkins@scans.cloud.infn.it 

- debug: 
    var: paas_ci_test.endpoints_to_scan

- name: Copy script to run
  copy: 
    src: files/script.py
    dest: "{{ paas_ci_scan_script_path }}"

- name: Remove existing reports
  command: "rm -f *report.txt"
  args:
    chdir: "{{ paas_ci_workdir }}"

- name:  Run scan
  command: "python3 {{ paas_ci_scan_script_path }} {{ paas_ci_test.endpoints_to_scan }} {{ paas_ci_workdir + '/dep.json'}} {{ paas_ci_workdir }}" 
  register: scan_output

- name: Find report files
  find:
    paths: "{{paas_ci_workdir}}"
    patterns: '*report.txt'
  register: report_files

# - name: Show reports
#   debug:
#     msg: "{{lookup('file', item.path)}}"
#   with_items: "{{report_files.files}}"

- name: Chech reports
  command: "cat *report.txt |  grep Port | sort | uniq "
  args:
    chdir: "{{ paas_ci_workdir }}"
  register: report_ports_output

- debug:
    var: report_ports_output

- name: get Severity file content
  shell: cat "{{ paas_ci_workdir + '/severity.json'}}"
  register: severity 

- name: import severity
  set_fact:
    severity_json: "{{ severity.stdout | from_json }}"

- debug:
    var: severity_json

- name: Get scan outputs (if successful)
  assert:
    that:
      - severity_json.global == 'OK'
    fail_msg: "SCAN FAILED - global_severity: {{ severity_json.global_severity }}"
    success_msg: "SCAN PASSED - global_severity: {{ severity_json.global_severity }}"