Role to install (by default) grype on Debian/Ubuntu and EL systems. A vulnerability scanner for container images and filesystems.
None.
Available variables are listed below (located in defaults/main.yml):
grype_app: grype
grype_desired_state: present
grype_version: 0.77.4
grype_os: linux
grype_arch: amd64
# For Debian/Ubuntu Family
grype_debian_url: "https://github.com/anchore/{{ grype_app }}/releases/download/v{{ grype_version }}/{{ grype_app }}_{{ grype_version }}_{{ grype_os }}_{{ grype_arch }}.deb"
# For EL Family
grype_el_url: "https://github.com/anchore/{{ grype_app }}/releases/download/v{{ grype_version }}/{{ grype_app }}_{{ grype_version }}_{{ grype_os }}_{{ grype_arch }}.rpm"| Variable | Description |
|---|---|
| grype_app | Defines the app to install i.e. grype |
| grype_desired_state | Defined to dynamically chose whether to install (i.e. either present or latest) or uninstall (i.e. absent) the package. Defaults to present. |
| grype_version | Defined to dynamically fetch the desired version to install. Defaults to: 0.77.4 |
| grype_os | Defines os type. Used for obtaining the correct type of binaries based on OS type. Defaults to: linux |
| grype_arch | Defines os architecture. Used for obtaining the correct type of binaries based on OS System Architecture. Defaults to: amd64 |
| grype_debian_url | Defines URL to download the 'deb' package from for Debian/Ubuntu family systems. |
| grype_el_url | Defines URL to download the 'rpm' package from for EL family systems. |
None
For default behaviour of role (i.e. installation of grype) in ansible playbooks.
- hosts: servers
roles:
- darkwizard242.grypeFor customizing behavior of role (i.e. specifying the desired grype version) in ansible playbooks.
- hosts: servers
roles:
- darkwizard242.grype
vars:
grype_version: 0.27.3For customizing behavior of role (i.e. different os architecture of grype package like arm64) in ansible playbooks.
- hosts: servers
roles:
- darkwizard242.grype
vars:
grype_arch: "arm64"This role was created by Ali Muhammad