Add Trivy integration to noble cluster setup, including namespace and application configurations. Update README and playbook tags to reflect new security scanning capabilities. Enhance Longhorn and kube-prometheus-stack deployment reliability with increased timeout settings and retry mechanisms.

clusters/noble/bootstrap/argocd/app-of-apps/trivy-operator-application.yaml

@@ -0,0 +1,29 @@
+# Bootstrap app-of-apps leaf: Trivy Operator (vulnerability + config audit reports).
+apiVersion: argoproj.io/v1alpha1
+kind: Application
+metadata:
+  name: noble-trivy-operator
+  namespace: argocd
+  finalizers:
+    - resources-finalizer.argocd.argoproj.io/background
+spec:
+  project: default
+  sources:
+    - repoURL: https://aquasecurity.github.io/helm-charts/
+      chart: trivy-operator
+      targetRevision: 0.32.1
+      helm:
+        releaseName: trivy-operator
+        valueFiles:
+          - $values/clusters/noble/bootstrap/trivy/values.yaml
+    - repoURL: https://gitea.pcenicni.ca/gsdavidp/home-server.git
+      targetRevision: HEAD
+      ref: values
+  destination:
+    server: https://kubernetes.default.svc
+    namespace: trivy-system
+  # Manual sync: Ansible helm runs first; enable automation after cutover (see ../README.md §5).
+  syncPolicy:
+    syncOptions:
+      - CreateNamespace=true
+      - ServerSideApply=true