Merge pull request #5995 from carlosmmatos/fix_5048

Update ansible additional when statement to fix issues with rules not being applied to vm's

ssg/build_remediations.py

@@ -346,8 +346,7 @@ def _get_rule_reference(self, ref_class):
     def update_when_from_rule(self, to_update):
         additional_when = ""
         if self.associated_rule.platform == "machine":
-            additional_when = ('ansible_virtualization_role != "guest" '
-                               'or ansible_virtualization_type != "docker"')
+            additional_when = 'ansible_virtualization_type not in ["docker", "lxc", "openvz"]'
         to_update.setdefault("when", "")
         new_when = ssg.yaml.update_yaml_list_or_string(to_update["when"], additional_when)
         if not new_when:

tests/unit/ssg-module/data/ansible-resolved.yml

@@ -2,7 +2,7 @@
   stat:
     path: /boot/grub2/grub.cfg
   register: file_exists
-  when: ansible_virtualization_role != "guest" or ansible_virtualization_type != "docker"
+  when: ansible_virtualization_type not in ["docker", "lxc", "openvz"]
   tags:
     - file_owner_grub2_cfg
     - medium_severity
@@ -22,7 +22,7 @@
     owner: 0
   when:
     - file_exists.stat.exists
-    - ansible_virtualization_role != "guest" or ansible_virtualization_type != "docker"
+    - ansible_virtualization_type not in ["docker", "lxc", "openvz"]
   tags:
     - file_owner_grub2_cfg
     - medium_severity