trivy-action icon indicating copy to clipboard operation
trivy-action copied to clipboard

Published 20 hours ago verified publisher icon aquasecurity

Is it possible to somehow pass .trivyignore file to Trivy GH action?

Open gasgithub opened this issue 3 years ago • 4 comments

I'd like to ignore some of the vulnerabilities same way as specifying .trivyignore does. Could this be somehow passed to action?

Regards

gasgithub avatar Jan 19 '22 16:01 gasgithub

@gasgithub Good question! Currently the action is built using Dockerfile and the entrypoint.sh. https://github.com/aquasecurity/trivy-action/blob/master/Dockerfile

I think we could create a parameter to receive the CVE and create the .trivyignore.

Any thoughts @simar7

krol3 avatar Jan 27 '22 08:01 krol3

Yes, PRs are welcome

simar7 avatar Jan 27 '22 16:01 simar7

I'd like to ignore some of the vulnerabilities same way as specifying .trivyignore does. Could this be somehow passed to action?

Just add a .trivyignore to your GITHUB_WORKSPACE (aka your repo and use checkout action). Trivy will pick it up automatically.

timdittler avatar Jun 14 '22 08:06 timdittler

Alternately, release 0.4.0 now has support for passing in a relative path to a .trivyignore file which will then be picked up by the action.

achton avatar Jun 15 '22 20:06 achton