├── .github └── workflows │ └── build.yml ├── .gitignore ├── Dockerfile ├── README.md ├── docker-compose.yml ├── playbooks ├── .DS_Store ├── inventory.yml ├── main.yml ├── requirements.yml └── roles │ ├── central │ ├── tasks │ │ ├── central.yml │ │ └── main.yml │ ├── templates │ │ └── central.yml.j2 │ └── vars │ │ └── main.yml │ ├── cluster_sensor │ ├── tasks │ │ ├── cluster_bundle.yml │ │ └── main.yml │ ├── templates │ │ └── cluster.yml.j2 │ └── vars │ │ └── main.yml │ ├── demo │ ├── files │ │ ├── demos │ │ │ ├── attack.sh │ │ │ ├── backend │ │ │ │ ├── attack.sh │ │ │ │ └── everything.yaml │ │ │ ├── frontend │ │ │ │ ├── attack.sh │ │ │ │ └── everything.yaml │ │ │ ├── medical │ │ │ │ └── everything.yaml │ │ │ ├── misc │ │ │ │ └── cm.yaml │ │ │ ├── operations │ │ │ │ └── everything.yaml │ │ │ └── payments │ │ │ │ └── everything.yaml │ │ └── policies │ │ │ ├── cvss_7.json │ │ │ ├── process_uid_0.json │ │ │ └── read_write_root_fs.json │ ├── tasks │ │ ├── baseline_processes.yml │ │ ├── deploy_demos.yml │ │ ├── image_pull_secret.yml │ │ ├── main.yml │ │ ├── network_anomalies.yml │ │ ├── openshift_policy_fix.yml │ │ ├── setup_auth0.yml │ │ └── violation_policies.yml │ ├── templates │ │ ├── auth0 │ │ │ ├── auth_config.json.j2 │ │ │ └── group.json.j2 │ │ ├── baseline │ │ │ ├── baseline.json.j2 │ │ │ └── lock.json.j2 │ │ ├── gcr │ │ │ └── gcr_config.json.j2 │ │ ├── network_anomalies │ │ │ └── peers.json.j2 │ │ └── openshift_policy_fix │ │ │ └── policy.json.j2 │ └── vars │ │ └── main.yml │ └── pipelines │ ├── files │ ├── config │ │ ├── 2-rox-deployment-check-task.yml │ │ ├── 2-rox-image-check-task.yml │ │ ├── 2-rox-image-scan-task.yml │ │ ├── 3-rox-deploy-pipeline.yml │ │ └── 3-rox-pipeline.yml │ └── install │ │ └── pipeline_subscription.yml │ ├── tasks │ └── main.yml │ ├── templates │ ├── config │ │ └── 1-rox-secrets.yml.j2 │ └── run │ │ ├── 4-rox-deploy-pipelinerun.yml.j2 │ │ └── 4-rox-pipelinerun.yml.j2 │ └── vars │ └── main.yml └── sample.env /.github/workflows/build.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/.github/workflows/build.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/.gitignore -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/Dockerfile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/README.md -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/docker-compose.yml -------------------------------------------------------------------------------- /playbooks/.DS_Store: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/.DS_Store -------------------------------------------------------------------------------- /playbooks/inventory.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/inventory.yml -------------------------------------------------------------------------------- /playbooks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/main.yml -------------------------------------------------------------------------------- /playbooks/requirements.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/requirements.yml -------------------------------------------------------------------------------- /playbooks/roles/central/tasks/central.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/central/tasks/central.yml -------------------------------------------------------------------------------- /playbooks/roles/central/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/central/tasks/main.yml -------------------------------------------------------------------------------- /playbooks/roles/central/templates/central.yml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/central/templates/central.yml.j2 -------------------------------------------------------------------------------- /playbooks/roles/central/vars/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/central/vars/main.yml -------------------------------------------------------------------------------- /playbooks/roles/cluster_sensor/tasks/cluster_bundle.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/cluster_sensor/tasks/cluster_bundle.yml -------------------------------------------------------------------------------- /playbooks/roles/cluster_sensor/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/cluster_sensor/tasks/main.yml -------------------------------------------------------------------------------- /playbooks/roles/cluster_sensor/templates/cluster.yml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/cluster_sensor/templates/cluster.yml.j2 -------------------------------------------------------------------------------- /playbooks/roles/cluster_sensor/vars/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/cluster_sensor/vars/main.yml -------------------------------------------------------------------------------- /playbooks/roles/demo/files/demos/attack.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/demos/attack.sh -------------------------------------------------------------------------------- /playbooks/roles/demo/files/demos/backend/attack.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/demos/backend/attack.sh -------------------------------------------------------------------------------- /playbooks/roles/demo/files/demos/backend/everything.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/demos/backend/everything.yaml -------------------------------------------------------------------------------- /playbooks/roles/demo/files/demos/frontend/attack.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/demos/frontend/attack.sh -------------------------------------------------------------------------------- /playbooks/roles/demo/files/demos/frontend/everything.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/demos/frontend/everything.yaml -------------------------------------------------------------------------------- /playbooks/roles/demo/files/demos/medical/everything.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/demos/medical/everything.yaml -------------------------------------------------------------------------------- /playbooks/roles/demo/files/demos/misc/cm.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/demos/misc/cm.yaml -------------------------------------------------------------------------------- /playbooks/roles/demo/files/demos/operations/everything.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/demos/operations/everything.yaml -------------------------------------------------------------------------------- /playbooks/roles/demo/files/demos/payments/everything.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/demos/payments/everything.yaml -------------------------------------------------------------------------------- /playbooks/roles/demo/files/policies/cvss_7.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/policies/cvss_7.json -------------------------------------------------------------------------------- /playbooks/roles/demo/files/policies/process_uid_0.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/policies/process_uid_0.json -------------------------------------------------------------------------------- /playbooks/roles/demo/files/policies/read_write_root_fs.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/files/policies/read_write_root_fs.json -------------------------------------------------------------------------------- /playbooks/roles/demo/tasks/baseline_processes.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/tasks/baseline_processes.yml -------------------------------------------------------------------------------- /playbooks/roles/demo/tasks/deploy_demos.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/tasks/deploy_demos.yml -------------------------------------------------------------------------------- /playbooks/roles/demo/tasks/image_pull_secret.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/tasks/image_pull_secret.yml -------------------------------------------------------------------------------- /playbooks/roles/demo/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/tasks/main.yml -------------------------------------------------------------------------------- /playbooks/roles/demo/tasks/network_anomalies.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/tasks/network_anomalies.yml -------------------------------------------------------------------------------- /playbooks/roles/demo/tasks/openshift_policy_fix.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/tasks/openshift_policy_fix.yml -------------------------------------------------------------------------------- /playbooks/roles/demo/tasks/setup_auth0.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/tasks/setup_auth0.yml -------------------------------------------------------------------------------- /playbooks/roles/demo/tasks/violation_policies.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/tasks/violation_policies.yml -------------------------------------------------------------------------------- /playbooks/roles/demo/templates/auth0/auth_config.json.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/templates/auth0/auth_config.json.j2 -------------------------------------------------------------------------------- /playbooks/roles/demo/templates/auth0/group.json.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/templates/auth0/group.json.j2 -------------------------------------------------------------------------------- /playbooks/roles/demo/templates/baseline/baseline.json.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/templates/baseline/baseline.json.j2 -------------------------------------------------------------------------------- /playbooks/roles/demo/templates/baseline/lock.json.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/templates/baseline/lock.json.j2 -------------------------------------------------------------------------------- /playbooks/roles/demo/templates/gcr/gcr_config.json.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/templates/gcr/gcr_config.json.j2 -------------------------------------------------------------------------------- /playbooks/roles/demo/templates/network_anomalies/peers.json.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/templates/network_anomalies/peers.json.j2 -------------------------------------------------------------------------------- /playbooks/roles/demo/templates/openshift_policy_fix/policy.json.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/templates/openshift_policy_fix/policy.json.j2 -------------------------------------------------------------------------------- /playbooks/roles/demo/vars/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/demo/vars/main.yml -------------------------------------------------------------------------------- /playbooks/roles/pipelines/files/config/2-rox-deployment-check-task.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/pipelines/files/config/2-rox-deployment-check-task.yml -------------------------------------------------------------------------------- /playbooks/roles/pipelines/files/config/2-rox-image-check-task.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/pipelines/files/config/2-rox-image-check-task.yml -------------------------------------------------------------------------------- /playbooks/roles/pipelines/files/config/2-rox-image-scan-task.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/pipelines/files/config/2-rox-image-scan-task.yml -------------------------------------------------------------------------------- /playbooks/roles/pipelines/files/config/3-rox-deploy-pipeline.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/pipelines/files/config/3-rox-deploy-pipeline.yml -------------------------------------------------------------------------------- /playbooks/roles/pipelines/files/config/3-rox-pipeline.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/pipelines/files/config/3-rox-pipeline.yml -------------------------------------------------------------------------------- /playbooks/roles/pipelines/files/install/pipeline_subscription.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/pipelines/files/install/pipeline_subscription.yml -------------------------------------------------------------------------------- /playbooks/roles/pipelines/tasks/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/pipelines/tasks/main.yml -------------------------------------------------------------------------------- /playbooks/roles/pipelines/templates/config/1-rox-secrets.yml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/pipelines/templates/config/1-rox-secrets.yml.j2 -------------------------------------------------------------------------------- /playbooks/roles/pipelines/templates/run/4-rox-deploy-pipelinerun.yml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/pipelines/templates/run/4-rox-deploy-pipelinerun.yml.j2 -------------------------------------------------------------------------------- /playbooks/roles/pipelines/templates/run/4-rox-pipelinerun.yml.j2: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/pipelines/templates/run/4-rox-pipelinerun.yml.j2 -------------------------------------------------------------------------------- /playbooks/roles/pipelines/vars/main.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/playbooks/roles/pipelines/vars/main.yml -------------------------------------------------------------------------------- /sample.env: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/stackrox/ansible-demo/HEAD/sample.env --------------------------------------------------------------------------------