itaysk
commented
6 months ago @nodiscc hi, this issue is actually for parsing ansible templates and identifying security issues in the declared resources, it's not about secret scanning.
Open itaysk opened 2 years ago
itaysk
commented
6 months ago @nodiscc hi, this issue is actually for parsing ansible templates and identifying security issues in the declared resources, it's not about secret scanning.
nodiscc
commented
6 months ago Thanks @itaysk , moved to https://github.com/aquasecurity/trivy/discussions/6097
simar7
commented
5 months ago As a placeholder, the first PoC for ansible scanning is available on this branch https://github.com/aquasecurity/trivy/compare/main...ansible-poc
davejdeemer
commented
2 months ago It does not appear that there has been any recent movement on this feature request. Is there an updated planned release date for the PoC? Or, perhaps, an image build based upon that PoC?
simar7
commented
2 months ago @davejdeemer we don't have any further updates at this time. Just curious how do you use Ansible today (to manage cloud infra or bare-metal)?
davejdeemer
commented
2 months ago @simar7 A little of both in our Organization (cloud infra and bare-metal). My team focuses on cloud infra of which we only have a few repos where we use Ansible. The bulk of what we have is Terraform; I was hoping to use one tool for both.
I appreciate the response and also that Ansible is not a focus for Aquasecurity Trivy at this time.
simar7
commented
2 months ago @davejdeemer thanks for the feedback! Your input does help us to appropriately prioritize feature requests.
Hi, is this issue about scanning ansible projects for cleartext secrets? (if not let me know and I'll move this to a separate issue) -> moved to https://github.com/aquasecurity/trivy/discussions/6097