feat(misconf): Add short_code for checks into AVD

[simar7]

Short code is defined here:

trivy/pkg/iac/scan/rule.go

Lines 76 to 78 in 6d84e0c

	func (r Rule) LongID() string {
	return strings.ToLower(fmt.Sprintf("%s-%s-%s", r.Provider, r.Service, r.ShortCode))
	}

Discussed in #8846

^{Originally posted by nekketsuuu May 8, 2025}

Description

I propose to add a long ID of a check to the documentation of the check on https://avd.aquasec.com/. For example, I want that google-gke-encrypt-instance-storage-data is written in https://avd.aquasec.com/misconfig/google/gke/avd-gcp-0051/.

This would help writing inline ignore comments. First, we can write inline comments in several formats, especially a short ID format # trivy:ignore:AVD-GCP-0051 and a long ID format # trivy:ignore:google-gke-encrypt-instance-storage-data (Ref. https://trivy.dev/v0.62/docs/scanner/misconfiguration/#skipping-detected-misconfigurations-by-inline-comments). Currently, when scanning with Trivy, it provides a URL like https://avd.aquasec.com/misconfig/avd-gcp-0051 for details, and the page only displays the short ID.

I prefer the long ID format because the short ID makes it difficult to understand its purpose in the code without additional searching. However, since the check's documentation only shows the short ID, it takes extra time to locate the correct long ID (for example, by searching through the metadata in aquasecurity/trivy-checks: https://github.com/aquasecurity/trivy-checks/blob/a5cb6398785b450db3bc7a569eaaa12b9683e1e9/checks/cloud/google/gke/use_cluster_labels.rego). This is why I suggest including the long ID of a check in its documentation.

Link

As an example: https://avd.aquasec.com/misconfig/avd-gcp-0051

Suggestions

I'd like to add a long ID, in which is <provider>-<service>-<short-code> style, into the docs of checks.

[simar7]

Closing as per #8969