Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Config file options are not respected #308

Open
kieran-lowe opened this issue Feb 15, 2024 · 2 comments
Open

Config file options are not respected #308

kieran-lowe opened this issue Feb 15, 2024 · 2 comments

Comments

@kieran-lowe
Copy link

Hi,

I currently have an issue where I'm specifying options via a config file, but no matter what permutation I come up with it seems trivy is not respecting it.

Config

.trivy.yaml

exit-code: 1

quiet: false

scan:
  skip-dirs:
    - "examples/**"
    - "tests/**"

misconfiguration:
  scanners:
    - terraform

  include-non-failures: false

  terraform:
    exclude-downloaded-modules: true

Workflow File

...

- name: Run Trivy
  uses: aquasecurity/trivy-action@v0.17.0
  with:
    scan-type: "config"
    trivy-config: "${{ github.workspace }}/.trivy.yaml"
  • It's still showing failures in all subdirectories of examples/ etc. It shouldn't do this as I've said to skip that dir
  • Exit Code is not being respected, as Actions shows succeeded despite errors so assuming it's returning a 0 status code, although I've said 1.

If I specify these flags with steps.with in the Action Workflow I have no issue and works as I want it too.

Anything I'm doing wrong?

Cheers,
Kieran
@nikpivkin
Copy link
Contributor

nikpivkin commented Mar 15, 2024
edited

Hi @kieran-lowe !

The action runs in a docker container and your repository is used as a working directory, so you must specify the path to a configuration file relative to your project, i.e. .trivy.yaml. Also, if the examples directory is not in the root of the repository, you must use the */examples/** pattern to skip this directory.

Example run: https://github.com/nikpivkin/trivy-test/actions/runs/8297182354
Repo: https://github.com/nikpivkin/trivy-test

@simar7 simar7 mentioned this issue Apr 23, 2024
Open
@simar7
Copy link
Member

simar7 commented Apr 23, 2024

Hi @kieran-lowe !

The action runs in a docker container and your repository is used as a working directory, so you must specify the path to a configuration file relative to your project, i.e. .trivy.yaml. Also, if the examples directory is not in the root of the repository, you must use the */examples/** pattern to skip this directory.

Example run: https://github.com/nikpivkin/trivy-test/actions/runs/8297182354 Repo: https://github.com/nikpivkin/trivy-test

We should probably add this to the docs as it might not be obvious to folks.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@simar7 @kieran-lowe @nikpivkin