-
Notifications
You must be signed in to change notification settings - Fork 62
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support for trivy status #821
Comments
Hi! 👋🏼 Was this planned to be picked up by someone else (sozercan) or could I? If I can pick it up, it looks not too bad. I'm thinking of updating the helm template to allow for an extra field ignoredStatuses:
# - will_not_fix
# - <... + other ones from the trivy filter page> then updating our Trivy CLI go code to use the above values as its arguments to Ah actually looks like |
@inFocus7 hello! 👋 we would love the contribution! This would be a similar type of field as these (types, security checks, severities) in the configmap: eraser/pkg/scanners/trivy/types.go Lines 74 to 79 in 7cdb6eb
not_affected ). eraser/pkg/scanners/trivy/types.go Lines 118 to 131 in 7cdb6eb
Please let me know if this answers your question and gives you info to get started. |
Awesome, thank you! I just put up a draft PR that I worked on yesterday. I'll still need to manually test that it acts as expected before being confident enough to un-draft it 👍🏼 |
I'd say I'm very close to the finish line. I manually verified it and added my verification steps on the PR. A final question/unknown is: Did I update every relevant area to expose |
Describe the solution you'd like
[A clear and concise description of what you want to happen.]
allow filtering by vuln status
https://aquasecurity.github.io/trivy/v0.44/docs/configuration/filtering/#by-status
Anything else you would like to add:
[Miscellaneous information that will assist in solving the issue.]
Environment:
kubectl version
):The text was updated successfully, but these errors were encountered: