Replies: 2 comments
-
|
I'm not able to understand what your question is - can you share with examples what you are trying to do? |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
Hi @xdiptan ! Do you want to ignore all built-in rules and leave only custom ones? If so, you can use the following ignore file: package trivy
import rego.v1
# disable all built-in checks
ignore if not startswith(input.ID, "USR-")More about how to ignore results: https://trivy.dev/latest/docs/configuration/filtering/#by-rego |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Question
On latest version of trivy , it's respecting inbuild as well as custom rego rule.
Why so?
We can avoid by setting up by adding mosconfig ID on .trivyignore or by adding filter.rego having rule like starts like AVD*.
We are seeing dockerfile list of misconfig Id(s). but I am not sure if trivy have any rule that mosconfig ID will always start with AVD*
Please help me find a way so that trivy only respect custom rule.
If that not possible, can we have information about the rule of defining dockerfile mosconfig ID ?
Target
Container Image
Scanner
Misconfiguration
Output Format
JSON
Mode
Standalone
Operating System
Linux
Version
It's 0.64.0Beta Was this translation helpful? Give feedback.
All reactions