"trivy.ignorefile" is ignored in client/server scans #2739
Unanswered
felixb-denic
asked this question in
Help & Support
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hey,
just wanted to check if what I'm encountering is intended behavior or a bug:
We run the trivy-operator in our cluster which works fine. Now we also want to use trivy in our ci pipelines, and to save on resources we activated
operator.builtInTrivyServerso we can use the client/server model.Now I added some CVEs to
trivy.ignorefilein the helm values of the operator, and they get correctly dropped on scans that are executed by the operator when launching a new workload in the cluster, but when I run a test manually with the trivy-cli and use--server=to connect to the trivy server inside the cluster, the ignorefile has no effect and the ignored CVEs appear in the report.Is this intended? My intention was to have a "global ignorefile" which gets picked up by all our pipelines.
Best,
Felix
Beta Was this translation helpful? Give feedback.
All reactions