Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(misconf): support for ignoring by inline comments for Dockerfile #8113

Open
nikpivkin opened this issue Dec 17, 2024 Discussed in #7832 · 0 comments · May be fixed by #8115
Open

feat(misconf): support for ignoring by inline comments for Dockerfile #8113

nikpivkin opened this issue Dec 17, 2024 Discussed in #7832 · 0 comments · May be fixed by #8115
Assignees
@nikpivkin
Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/filesystem Issues relating to filesystem scanning

Comments

@nikpivkin
Copy link
Contributor

Discussed in #7832

Originally posted by tstraley October 30, 2024

Description

According to the docs, trivy misconfig scans support filtering via inline comments - but this appears to only work for terraform files https://aquasecurity.github.io/trivy/test/docs/configuration/filtering/#by-inline-comments

Would like to have a similar capability for Dockerfile scanning, so that we can more accurately accept / ignore specific lines in our Dockerfile while not excluding the specific check entirely.

Target

Filesystem

Scanner

Misconfiguration
@nikpivkin nikpivkin added kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/filesystem Issues relating to filesystem scanning labels Dec 17, 2024
@nikpivkin nikpivkin self-assigned this Dec 17, 2024
@nikpivkin nikpivkin linked a pull request Dec 17, 2024 that will close this issue
Draft
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nikpivkin nikpivkin

Labels
kind/feature Categorizes issue or PR as related to a new feature. scan/misconfiguration Issues relating to misconfiguration scanning target/filesystem Issues relating to filesystem scanning
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat(misconf): support for ignoring by inline comments for Dockerfile nikpivkin/trivy
1 participant
@nikpivkin