Steampunk Spotter

Steampunk Spotter: What's new in 2.0?

June 1, 2023 - Words by  The Spotter Team - 5 min read

Card image caption

We’re excited to announce that Spotter 2.0 is here, bigger and better, ready to conquer all of your automation challenges! Our dedicated team has once again outdone themselves and gone the extra mile to ensure the stability, reliability, and security of your Ansible Playbooks. The freshly released version is packed with new and enhanced enterprise-ready features and checks that will make your automation even more reliable and secure. Explore what’s new.

New features

1. Custom rules and policies

Spotter 2.0 introduces custom policies that allow you to add your own rules and policies, ensuring that all playbooks meet your specific needs, requirements and use cases.

Spotter helps you follow organizational and industry-specific regulations, standards, or compliance requirements. It further specifies playbooks standards, allowed modules and collections, and defines specific naming convention and limits required values on specific modules and entities. By leveraging Spotter, you easily achieve corporate standards and security compliance of your Ansible Playbooks.

The Open Policy Agent (OPA)-compliant policy definition engine is integrated to facilitate the creation of OPA-based policies that can be included to Spotter with minimal additional effort.

  • Spotter set-policies command lets you import one or multiple Rego language OPA-based policies. They can be set to a project or an entire organization, allowing for a custom Spotter scan.

  • Spotter clear-policies command clears the custom policies that you set for yourself.

2. Reporting

Spotter’s intuitive reporting feature empowers you with valuable insights into your scan activity and data. With access to detailed reports, you can easily spot trends and monitor progress, enabling you to focus on results and make data-driven decisions. With this enhanced level of visibility, it becomes much easier to identify successes, areas for improvement, and determine necessary actions for you and your team.

3. Assisted playbook writing

To take your playbook writing to a new level, we have added the new assisted playbook writing feature, allowing you to easily define your automation goals and get suggestions for suitable tasks and playbooks while writing. This powerful capability saves you time and effort and maximizes your productivity.

New checks

1. Security checks

Spotter 2.0 introduces security checks, adding an extra layer of security to your playbooks. With Spotter, you can gain a comprehensive understanding of the potential outcomes when running playbooks and adhere to security best practices to minimize security risks, downtime, and costs. Spotter helps prevent misconfigurations, security vulnerabilities and policy violations and proactively evaluates runtime security threats, enabling businesses to prevent security breaches before they occur.

To ensure compliance with security standards and stay ahead of potential security vulnerabilities, simply use spotter scan-- profile security command in the CLI or choose the security profile in VSC settings.

2. New and improved upgrade checks

Spotter is already very powerful when it comes to speeding up Ansible upgrades, but we’re constantly adding new checks that help you save even more time.

In addition to general upgrade checks, Spotter 2.0 also introduces two specific checks to ease your upgrade to Ansible Automation Platform 2 (available only in full scan profile):

  • If Spotter notices that a task is taking information from a local file when migrating to AAP, you are given feedback that the Execution Environment (EE) needs access to that file.

  • If Spotter notices that lookup is performed as local action while migrating to AAP, you are notified that you must have access to the file system.

And that’s just some of the new checks we have added. The list of checks that help you further enhance your playbooks is continuously expanding. You can find all the checks performed by Spotter in one place - in the Check catalogue within the Spotter app.

Enhanced flexibility

Spotter offers great flexibility and allows you to customize it to suit your needs. You now have the option to run Spotter with its full capabilities, select specific checks you want to run (or don’t want to run), or include your own custom checks.

Spotter Profiles

Spotter offers scan profiles to cater your specific project goals. Whether it’s upgrading your Ansible environment to a newer version of Ansible or improving playbooks for a current version, different projects have different needs. With scan profiles, Spotter ensures that the check results generated by Spotter are relevant to the specific project.

With the optional argument --profile, you can specify a scan profile that contains a selected set of checks for scanning. Spotter currently supports the following profiles:

  • Default profile is suitable for day-to-day testing and improving Ansible Playbooks. It includes best practices, validation, and basic security checks but excludes upgrade and advanced security checks. It is used by default when executing the basic spotter scan command.

  • Full profile displays the full range of check results included in the default profile and also includes upgrade and advanced security checks.

  • Security profile includes checks for potential security issues.

Excluding specific checks

By using the --skip-checks switch and specifying the IDs of the checks you wish to exclude (which can be found in the Check Catalogue), you can further customize your scanning process and exclude specific checks based on your needs.

Including your own checks

You can set custom checks using the set-policies command.

Up to date knowledge base

Spotter is always keeping up with the times! You can already check if your playbooks are compatible with the freshly released Ansible 2.15 simply by running --ansible-version 2.15 command in the CLI and integrations or select the version in settings if you are using VSC.

On-Prem deployment

Those looking for greater security, privacy, and control over their data will be happy to know that a self-contained, highly secure deployment of Spotter is ready to be installed on your private infrastructure.

Improved ease of use and increased performance

We understand the importance of speed and efficiency when it comes to scanning playbooks. Spotter 2.0 is therefore even faster at delivering and displaying the results for your scans compared to previous versions.

Additionally, we have significantly improved the UX for both CLI and VSC plugin. And to enhance security and ease of use, we have introduced the API token authentication and Support for Single Sign-On (SSO). These updates streamline the signing-on process and simplify access management, providing a seamless experience for users.

See new features in action

We’ve been busy indeed! But don’t worry, our team won’t rest on their laurels. On the contrary, they are already working on the next updates. To keep up with everything we are doing, follow us on Twitter, Linkedin or sign up for our newsletter.

And if you don’t feel like just reading about Spotter all the time, visit our YouTube channel where you can see Spotter in action. From demos to tutorials, our channel offers an interactive way to explore the tool’s capabilities.

Interested in Spotter, but don’t know how to start? Explore our Getting started guide.