darkwizard242.grype

Panoramica Versioni Approfondimenti

build-test release Ansible Role Maintainability Rating Reliability Rating Security Rating GitHub tag (latest SemVer) GitHub repo size

Ansible Role: grype

This role installs grype by default on Debian/Ubuntu and EL systems. Grype is a tool used to scan for vulnerabilities in container images and file systems.

Requirements

No special requirements.

Role Variables

Below are the available variables (found in defaults/main.yml):

List of Variables:

grype_app: grype
grype_desired_state: present
grype_version: 0.80.0
grype_os: "{{ ansible_system | lower }}"
grype_architecture_map:
  amd64: amd64
  arm: arm64
  x86_64: amd64
  armv6l: armv6
  armv7l: armv7
  aarch64: arm64
  32-bit: "386"
  64-bit: amd64

# URL for Debian/Ubuntu systems
grype_debian_url: "https://github.com/anchore/{{ grype_app }}/releases/download/v{{ grype_version }}/{{ grype_app }}_{{ grype_version }}_{{ grype_os }}_{{ grype_architecture_map[ansible_architecture] }}.deb"

# URL for EL systems
grype_el_url: "https://github.com/anchore/{{ grype_app }}/releases/download/v{{ grype_version }}/{{ grype_app }}_{{ grype_version }}_{{ grype_os }}_{{ grype_architecture_map[ansible_architecture] }}.rpm"

Variables Overview:

Variable Description
grype_app The application to install (i.e., grype)
grype_desired_state Chooses whether to install (present or latest) or uninstall (absent) the package. Defaults to present.
grype_version The version of Grype to install. Defaults to: 0.80.0
grype_os The operating system type, used to get the right binaries.
grype_architecture_map The system architecture, used to get the right binaries based on the OS architecture.
grype_debian_url URL to download the 'deb' package for Debian/Ubuntu systems.
grype_el_url URL to download the 'rpm' package for EL systems.

Dependencies

No dependencies.

Example Playbook

Default behavior for installing grype in Ansible playbooks:

- hosts: servers
  roles:
    - darkwizard242.grype

Custom behavior for specifying the desired grype version:

- hosts: servers
  roles:
    - darkwizard242.grype
  vars:
    grype_version: 0.27.3

Custom behavior for using a different OS architecture of grype (e.g., arm64):

- hosts: servers
  roles:
    - darkwizard242.grype
  vars:
    grype_arch: "arm64"

License

MIT

Author Information

This role was created by Ali Muhammad

Informazioni sul progetto

Installs/Uninstalls 'grype'. A vulnerability scanner for container images and filesystems.

role grype vulnerability scanner container images filesystems os linux
Installa
ansible-galaxy install darkwizard242.grype
GitHub repository
4 stelle
0 fork
0 problemi aperti
Licenza
mit
Download
2.4k
Proprietario
Ali Muhammad
Senior DevOps/CloudOps Engineer. Dedicated to Automating everything I come across. Love to work on and learn new technologies/tools everyday!