Danilo Patrucco
Reputation: 142
Trivy ignore list does not register AsymetricPrivateKey exclusions
I am using Trivy and I have a .trivyignore file in the repo. trivy identifies in the layers of the docker image some certificates that were created by an openssl command and then removed, so I tried adding those certs to the ignore list using the following logic:
/usr/local/src/openssl/** AsymmetricPrivateKey
or
/usr/local/src/openssl/apps/s1024key.pem:1 AsymmetricPrivateKey
but when scanning it still find the certificates.
I tried changing the syntaxt to Asymmetric Private Key and just add the folder /usr/local/src/openssl without success, but it does not seem to fix the scanning findings.
Is it a bug in trivyignore handling or it is a syntax issue on my side?
Upvotes: 1
Views: 259
Answers (0)
Related Questions
- Using the RUN instruction in a Dockerfile with 'source' does not work
- Git command executed in Docker container fails on server but not locally
- Nuget restore on Docker from private feed
- Running virtual hosts on different ports of the same container using jwilder/nginx-proxy
- running traefik with a private docker registry as containers on different domains with self signed certs