From 695a295c4d514d3ce2f92c2dfee2ecec62d82fa3 Mon Sep 17 00:00:00 2001
From: Sheldon Hull <sheldonhull@users.noreply.github.com>
Date: Mon, 12 Feb 2024 17:05:04 -0600
Subject: [PATCH] chore(trunk): update versions of linters and adjust linter
 settings

- Increment Linter versions for checkov, osv-scanner, trivy,
trufflehog, renovate, markdownlint, prettier, gitleaks, and yamllint
- Add linter exceptions for `'charts/**'` path in checkov
- Add a comment to bypass invalid flagged secret exposure warning in
`dsvInjectorCredentialsSecretName` in `charts/dsv-syncer/values.yaml`
---
 .trunk/trunk.yaml             | 24 ++++++++++++++----------
 charts/dsv-syncer/values.yaml |  2 +-
 2 files changed, 15 insertions(+), 11 deletions(-)

diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml
index 18bde0d..17e44f1 100644
--- a/.trunk/trunk.yaml
+++ b/.trunk/trunk.yaml
@@ -48,25 +48,25 @@ lint:
     - cspell
     - gofmt
   enabled:
-    - checkov@3.1.69
+    - checkov@3.2.19
     - gokart@0.5.1
-    - osv-scanner@1.6.1
+    - osv-scanner@1.6.2
     - terrascan@1.18.11
-    - trivy@0.48.3
-    - trufflehog@3.63.11
+    - trivy@0.49.1
+    - trufflehog@3.67.5
     - gofumpt@0.5.0
-    - renovate@37.146.0
+    - renovate@37.180.0
     - golangci-lint@SYSTEM
     - git-diff-check
     - taplo@0.8.1
-    - markdownlint@0.38.0
-    - prettier@3.2.4
+    - markdownlint@0.39.0
+    - prettier@3.2.5
     - actionlint@1.6.26
     - hadolint@2.12.0
-    - gitleaks@8.18.1
+    - gitleaks@8.18.2
     - shellcheck@0.9.0
     - shfmt@3.6.0
-    - yamllint@1.33.0
+    - yamllint@1.34.0
     - svgo@3.2.0
     - prettier@2.8.3
     - git-diff-check
@@ -75,7 +75,7 @@ lint:
     - actionlint@1.6.26
     - gitleaks@8.15.3
     - hadolint@2.12.0
-    - markdownlint@0.38.0
+    - markdownlint@0.39.0
     - shellcheck@0.9.0
     - shfmt@3.6.0
 
@@ -94,3 +94,7 @@ lint:
         - 'charts/*/templates/*'
     # - linters: [prettier, yamllint]
     #   paths:
+    - linters: [checkov]
+      paths:
+        - '**'
+        - '!charts/**'
diff --git a/charts/dsv-syncer/values.yaml b/charts/dsv-syncer/values.yaml
index fb015c1..d39f954 100644
--- a/charts/dsv-syncer/values.yaml
+++ b/charts/dsv-syncer/values.yaml
@@ -84,7 +84,7 @@ resources:
   #   memory: 128Mi
 
 # -- dsvInjectorCredentialsSecretName is the name of thecredentialsJson secret from the dsv-injector
-dsvInjectorCredentialsSecretName: dsv-injector-credentials
+dsvInjectorCredentialsSecretName: dsv-injector-credentials #checkov:skip=CKV_SECRET_6: this is a secret name and not an embedded secret
 
 # -- cronJobSchedule controls when the syncer runs; five asterisks means "every minute".
 # See [cronjob](https://kubernetes.io/docs/concepts/workloads/controllers/cron-jobs/#cron-schedule-syntax)