Ansible role to install trivy.
If latest
is set for trivy_version
, the role tries to install the latest release version.
Please use this with caution, as incompatibilities between releases may occur!
The binaries are installed below /usr/local/bin/trivy/${trivy_version}
and later linked to /usr/bin
.
This should make it possible to downgrade relatively safely.
The downloaded archive is stored on the Ansible controller, unpacked and then the binaries are copied to the target system.
The cache directory can be defined via the environment variable CUSTOM_LOCAL_TMP_DIRECTORY
.
By default it is ${HOME}/.cache/ansible/trivy
.
If this type of installation is not desired, the download can take place directly on the target system.
However, this must be explicitly activated by setting trivy_direct_download
to true
.
Ansible Collections
ansible-galaxy collection install bodsch.core
ansible-galaxy collection install bodsch.scm
or
ansible-galaxy collection install --requirements-file collections.yml
Tested on
- Arch Linux
- Debian based
- Debian 10 / 11 / 12
- Ubuntu 20.10 / 22.04
Please read Contribution
The master
Branch is my Working Horse includes the "latest, hot shit" and can be complete broken!
If you want to use something stable, please use a Tagged Version!
trivy_version: 0.45.1
trivy_direct_download: false
trivy_release: {}
- Bodo Schulz
FREE SOFTWARE, HELL YEAH!