Add Trivy integration to noble cluster setup, including namespace and application configurations. Update README and playbook tags to reflect new security scanning capabilities. Enhance Longhorn and kube-prometheus-stack deployment reliability with increased timeout settings and retry mechanisms.

ansible/roles/noble_trivy/defaults/main.yml

@@ -0,0 +1,3 @@
+---
+noble_trivy_chart_version: "0.32.1"
+noble_helm_trivy_wait_timeout: 15m

ansible/roles/noble_trivy/tasks/main.yml

@@ -0,0 +1,33 @@
+---
+- name: Apply trivy-system namespace (PSA)
+  ansible.builtin.command:
+    argv:
+      - kubectl
+      - apply
+      - -f
+      - "{{ noble_repo_root }}/clusters/noble/bootstrap/trivy/namespace.yaml"
+  environment:
+    KUBECONFIG: "{{ noble_kubeconfig }}"
+  changed_when: true
+
+- name: Install Trivy Operator
+  ansible.builtin.command:
+    argv:
+      - helm
+      - upgrade
+      - --install
+      - trivy-operator
+      - aqua/trivy-operator
+      - -n
+      - trivy-system
+      - --version
+      - "{{ noble_trivy_chart_version }}"
+      - -f
+      - "{{ noble_repo_root }}/clusters/noble/bootstrap/trivy/values.yaml"
+      - --force-conflicts
+      - --wait
+      - --timeout
+      - "{{ noble_helm_trivy_wait_timeout }}"
+  environment:
+    KUBECONFIG: "{{ noble_kubeconfig }}"
+  changed_when: true