-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathtrivy.yaml
More file actions
18 lines (17 loc) · 781 Bytes
/
trivy.yaml
File metadata and controls
18 lines (17 loc) · 781 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# SPDX-FileCopyrightText: (C) 2026 Intel Corporation
#
# SPDX-License-Identifier: Apache-2.0
---
scan:
skip-dirs:
- vendor
- test
- app-orch-tutorials
skip-check-ids:
- KSV110 # Helm sets namespace at install time; no hardcoded default namespace
- KSV-0110 # alternate rule ID for the same check
- KSV0125 # image registry is templated via .Values.image.registry; resolved at deploy time
- KSV-0125 # alternate rule ID for the same check
- KSV021 # runAsGroup is set to 65532 (> 10000) via catalogSecurityContext in values.yaml; Trivy false positive on templated Helm values
- KSV-0021 # alternate rule ID for the same check
- CVE-2025-58767 # rexml in golang builder base image only; absent from final distroless/static image