When comparing Ansible vs Snyk, the Slant community recommends Ansible for most people. In the question“What are the best DevOps tools?” Ansible is ranked 1st while Snyk is ranked 15th. The most important reason people chose Ansible is:
Ansible does not use agents. Instead, all master-agent communications are handled via SSH commands or through the Paramiko module which provides a Python interface to SSH.
Specs
Ranked in these QuestionsQuestion Ranking
Pros
Pro Agentless
Ansible does not use agents. Instead, all master-agent communications are handled via SSH commands or through the Paramiko module which provides a Python interface to SSH.
Pro Gentle learning curve
Ansible is agentless, making it quick and painless to setup. Ansible has clear and detailed documentation and provides plenty of built-in modules. Its DSL is obtained using YAML and a familiar template system.
Pro Simple tasks can be run from the command line
Some simple tasks such as triggering updates or reboots, or even checking if the service is running can be done without configuration files. These commands can be run from the command line instead.
Pro Support for major cloud providers
Ansible supports managing major cloud devices (AWS, RackSpace, Digital Ocean, OpenStack) through a collection of modules which are available.
Pro Extensible in any language / runtime
Although you may need to preinstall favorite programming environment, Ansible modules are accessed via shell calls and therefore any executable on the remote system built for use with Ansible may be used as an Ansible module.
Pro Web UI
Ansible has a Web UI in the form of AnsibleWorks AWX which unfortunately does not tie directly into the CLI. So configuration elements present in the CLI can not appear in the UI unless a sync pass is run. Although the Web UI is helpful and functional, it's still not as complete feature-wise as the CLI.
Pro Easy to customize
Ansible is very easy to customize. It doesn't force you to use a language with which you are unfamiliar. Instead, all commands are packaged into YAML modules which are called playbooks. So as long as you use a programming language that can output JSON, you are able to customize it.
Pro Rich diff
Modules that support rich diffs can expose nearly every detail of what will change. However not all core modules support diffs, so there may still be some opaque chances made.
Pro Creating reusable components is simple
Making roles modular and reusable is a fast process with Ansible.
Pro Integrations
Snyk can connect directly to GitHub, GitLab, Heroku, AWS Lambda, Bitbucket Server etc. It is also possible to use the CLI.
Pro TeamCity plugin
TeamCity plugin available.
Pro Multi language support
Snyk supports .NET, GO, Java. Node.js, PHP, Python, Ruby, Scala.
Cons
Con Slow
Compared to other tools, Ansible requires more time to complete the same actions.
Con Somewhat weak documentation
Ansible is still relatively new, as far as server automation tools go. This is the reason that many users have found it's documentation lacking in some parts. Although this is mitigated by the fact that it's very easy to learn to use.
Con Too easy to move the port in the crappy scripts you've been using for years
If you have an extensive codebase of scripts, your users might find it too easy to just port in the same unsupportable crappy scripts they've been using for years.
Con Doesn't have its own inventory system
Ansible really depends on you to provide it a list of nodes to run on and doesn't actively maintain a central inventory
Con No Python API available, despite the fact that Ansible is written in Python
Despite being written and taking good advantage of the python environment, Ansible offers no python api for programming, and does not make it possible to follow best practices for writing custom Ansible modules.
Con Shallow .NET support
Only seems to check the NuGet packages and not much else.
Con ASP.NET Core is "High risk"
The TeamCity plugin fails the build for all ASP.NET Core applications stating that it is vulnerable to DOS attacks and that "there is no fix available".