ci: ignore centos CVE-2020-22218 and CVE-2023-3341 (#369)

Signed-off-by: Sertac Ozercan <sozercan@gmail.com>
project-copacetic · Oct 16, 2023 · ff4fb01 · ff4fb01
1 parent ed77375
commit ff4fb01
Showing 1 changed file with 11 additions and 3 deletions.
diff --git a/integration/fixtures/trivy_ignore.rego b/integration/fixtures/trivy_ignore.rego
@@ -4,8 +4,16 @@ import data.lib.trivy
 
 default ignore = false
 
+# Ignore the following Vulnerability IDs
 ignore_vulnerability_ids := {
     # centos 7.6.1810
-    # bind-license package version "9.11.4-26.P2.el7_9.14" does not exist
-    "CVE-2023-2828"
-}
+    # bind-license package version "9.11.4-26.P2.el7_9.15" does not exist
+    "CVE-2023-3341",
+    # libssh2 package version "1.8.0-4.el7_9.1" does not exist yet
+    "CVE-2020-22218"
+}
+
+# For ignoring vulnID
+ignore {
+    input.VulnerabilityID == ignore_vulnerability_ids[_]
+}