home-server/ansible/roles/noble_trivy/tasks/main.yml

---
- name: Apply trivy-system namespace (PSA)
  ansible.builtin.command:
    argv:
      - kubectl
      - apply
      - -f
      - "{{ noble_repo_root }}/clusters/noble/bootstrap/trivy/namespace.yaml"
  environment:
    KUBECONFIG: "{{ noble_kubeconfig }}"
  changed_when: true

- name: Install Trivy Operator
  ansible.builtin.command:
    argv:
      - helm
      - upgrade
      - --install
      - trivy-operator
      - aqua/trivy-operator
      - -n
      - trivy-system
      - --version
      - "{{ noble_trivy_chart_version }}"
      - -f
      - "{{ noble_repo_root }}/clusters/noble/bootstrap/trivy/values.yaml"
      - --force-conflicts
      - --wait
      - --timeout
      - "{{ noble_helm_trivy_wait_timeout }}"
  environment:
    KUBECONFIG: "{{ noble_kubeconfig }}"
  changed_when: true