ISV-NCP-Validation-Suite/.trivyignore.yaml at main · NVIDIA/ISV-NCP-Validation-Suite · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
# Trivy Ignore Configuration
# Format: https://trivy.dev/docs/latest/configuration/filtering/#trivyignoreyaml
#
# All entries are reviewed and accepted misconfiguration findings.
# CI enforces fail-on-findings: true — any NEW finding will break the pipeline.
#
# Why no 'paths' scoping: Trivy resolves Terraform module sources and reports
# findings against virtual paths (e.g. terraform-aws-modules/eks/aws/main.tf)
# that vary between local runs (.terraform/ present) and CI (clean checkout).
# These check IDs are specific to Kubernetes manifests and Terraform configs;
# all such files in this project are test/validation infrastructure.

misconfigurations:
  # ---------------------------------------------------------------------------
  # KSV-0014 — Container should set securityContext.readOnlyRootFilesystem
  # KSV-0118 — Workload uses the default security context (allows root)
  #
  # Affected files:
  #   isvtest/src/isvtest/workloads/manifests/k8s/nccl_allreduce_job.yaml
  #   isvtest/src/isvtest/workloads/manifests/k8s/nim_llama_3b_inference_job.yaml
  #   (+ third-party example manifests inside .terraform/modules/ locally)
  #
  # GPU workload Jobs that inherently require elevated privileges:
  #   - NCCL benchmarks use mpirun --allow-run-as-root and write to hostPath
  #   - NIM containers write to model cache and /dev/shm
  #   - prepare-cache init container runs as root to set permissions
  #   - inference-test sidecar installs curl via apt at runtime
  # ---------------------------------------------------------------------------

  - id: AVD-KSV-0014
    statement: >
      GPU workload containers require a writable root filesystem — NCCL writes
      benchmark logs, NIM writes model cache, init containers set directory
      permissions, and the inference-test sidecar installs curl at runtime.

  - id: AVD-KSV-0118
    statement: >
      GPU workload Jobs run NVIDIA benchmarks and inference workloads that
      require root (mpirun --allow-run-as-root, CUDA runtime, NIM server).
      Non-root execution is not supported by these upstream images.

  # ---------------------------------------------------------------------------
  # AWS-0040 — Public cluster access is enabled
  # AWS-0041 — Cluster allows access from a public CIDR
  # AWS-0104 — Security group rule allows unrestricted egress
  #
  # Affected files:
  #   isvctl/configs/stubs/aws/eks/terraform/main.tf   (EFS security group)
  #   terraform-aws-modules/eks/aws/main.tf            (resolved module source)
  #   terraform-aws-modules/eks/aws/node_groups.tf     (resolved module source)
  #
  # All Terraform in this repository provisions ephemeral infrastructure
  # for ISV validation testing, not production environments. The
  # terraform-aws-modules/eks findings originate in third-party module
  # source code resolved by Trivy; access and CIDR settings are controlled
  # through our input variables, not the module source.
  # ---------------------------------------------------------------------------

  - id: AVD-AWS-0040
    statement: >
      Third-party terraform-aws-modules/eks module. Cluster access visibility
      is controlled through our input variables.

  - id: AVD-AWS-0041
    statement: >
      Third-party terraform-aws-modules/eks module. CIDR allow-lists are
      controlled through our input variables.

  - id: AVD-AWS-0104
    statement: >
      EFS security group egress 0.0.0.0/0 is required for mount targets to
      reach AWS services. This is ephemeral test infrastructure. The matching
      finding in terraform-aws-modules/eks is third-party module code.