checkov

Overview Versions Insights

build-test release Ansible Role Maintainability Rating Reliability Rating Security Rating GitHub tag (latest SemVer) GitHub repo size

Ansible Role: checkov

Role to install checkov pip package on Debian/Ubuntu systems for performing static code analysis based on benchmarks and policies for code written in popular IaC's like Terraform, CloudFormation and Kubernetes.

Requirements

None.

Role Variables

Available variables are listed below (located in defaults/main.yml):

Variables List:

checkov_debian_pre_reqs:
  - python3
  - python3-pip
checkov_debian_pre_reqs_desired_state: present
pip_executable: pip3
pip_upgrade_version: latest
checkov_app_debian_package: checkov
checkov_desired_state: present

Variables table:

Variable Description
checkov_debian_pre_reqs Packages required to install checkov on Debian based systems. Using python3 as python2.x is EOL by end of 2020.
checkov_debian_pre_reqs_desired_state Desired state for checkov pre-requisite apps on Debian systems.
pip_executable The executable to utilize for installing pip package of checkov.
checkov_app_debian_package Name of checkov application package require to be installed i.e. checkov on Debian based systems.
checkov_desired_state Desired state for checkov.

Dependencies

None

Example Playbook

For default behaviour of role (i.e. installation of checkov package) in ansible playbooks.

- hosts: servers
  roles:
    - darkwizard242.checkov

For customizing behavior of role (i.e. installation of latest checkov package instead of ensure it is installed ) in ansible playbooks.

- hosts: servers
  roles:
    - darkwizard242.checkov
  vars:
    checkov_desired_state: latest

For customizing behavior of role (i.e. removal of checkov package) in ansible playbooks.

- hosts: servers
  roles:
    - darkwizard242.checkov
  vars:
    checkov_desired_state: absent

License

MIT

Author Information

This role was created by Ali Muhammad, a DevOps/CloudOps Engineer who loves to learn and contribute to Open Source community.

About

Installs checkov using pip3 package for performing static code analysis of popular IaC tools.

role checkov static python framework codeanalysis os linux
Install
ansible-galaxy install darkwizard242/ansible-role-checkov
GitHub repository
2 stars
0 forks
0 open issues
License
mit
Downloads
3802
Owner
Ali Muhammad
Senior DevOps/CloudOps Engineer. Dedicated to Automating everything I come across. Love to work on and learn new technologies/tools everyday!