trivyignores not working #337
Description
Hi
I have a problem with trivyignores, when I run it locally, I can ignore without any problem.
config
.trivyignore
# CRITICAL
AVD-GCP-0027
workflow.yml
env.WORKING_DIRECTORY = terraform/mask
- name: Run Trivy vulnerability scanner in config mode
uses: aquasecurity/trivy-action@master
with:
scan-type: 'config'
scan-ref: ${{ env.WORKING_DIRECTORY }}
trivy-config: terraform/trivy.yaml
trivyignores: ${{ env.WORKING_DIRECTORY }}/.trivyignoreFound ignorefile 'terraform/**mask**/.trivyignore':
# CRITICAL
AVD-GCP-0027
Running Trivy with trivy.yaml config from: terraform/trivy.yaml
2024-04-17T03:39:36.626Z INFO Loaded terraform/trivy.yaml
2024-04-17T03:39:36.6[29](https://github.com/aeonnext/anx1-gb-delivery/actions/runs/8715961756/job/23908684753#step:12:30)Z INFO Misconfiguration scanning is enabled
2024-04-17T03:39:36.629Z INFO Need to update the built-in policies
2024-04-17T03:39:36.629Z INFO Downloading the built-in policies...
46.13 KiB / 46.13 KiB [-----------------------------------------------------------] 100.00% ? p/s 0s2024-04-17T03:39:40.494Z INFO Detected config files: 62
.terraform/modules/***/modules/network/modules/fabric-net-firewall/main.tf (terraform)
============================================================================================
Tests: 3 (SUCCESSES: 0, FAILURES: 3, EXCEPTIONS: 0)
Failures: 3 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 3)
CRITICAL: Firewall rule allows ingress traffic from multiple addresses on the public internet.
════════════════════════════════════════
Network security rules should not use very broad subnets.
Where possible, segments should be broken into smaller subnets and avoid using the <code>/0</code> subnet.
See https://avd.aquasec.com/misconfig/avd-gcp-0027