feat(ansible): playbook scanning; allow Ansible scanning for both YAML and YML files #7110
Labels
ansible
Ansible query
community
Community contribution
feature request
Community: new feature request
Comments
davejdeemer
added
community
davejdeemer
changed the title
davejdeemer
changed the title
davejdeemer
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Many of our Ansible-based repos use the YML file extension for our ansible files and these are not recognized by Kics Ansible scanning. I have experimented with kics and found that when I change one (or more) playbook or task files from YML to YAML, kics may or may not understand these as Ansible (I haven't found a pattern for what triggers Ansible scanning -- on the surface it appears that when I change a task file from YML to YAML, kics has a higher probability to pick up the remaining files as Ansible).
Describe the solution you'd like
When specifying the scan type of Ansible, I would like kics to scan the repo and all subsequent YML files (or YAML if mixed with YML file extensions) as Ansible. Essentially, when explicitly specifying Ansible; that is what kics should scan as.
Describe alternatives you've considered
I considered renaming all playbook and task files from YML to YAML file extension names but I'd prefer not to (and ultimately decided against it).
Another alternative might be to have the file extension configurable; keep the default/current behavior but have a config flag to allow explicit filename extension values.
Additional context
The kics documentation is fairly clear that it only supports YAML files for Ansible scanning. What I found interesting was that I was able to nudge kics to sometimes scan YML files as Ansible (as mentioned above, I did not find the exact pattern that triggered it).
The text was updated successfully, but these errors were encountered: