From bcdcdfec41c7f6f27718e36775d3ce133dff5f17 Mon Sep 17 00:00:00 2001
From: Josh <jcoakley@aptivaai.com>
Date: Fri, 8 Aug 2025 14:46:08 +0000
Subject: [PATCH] trivyignore, ignore-unfixed

---
 .trivyignore    | 1 +
 .woodpecker.yml | 8 ++++----
 2 files changed, 5 insertions(+), 4 deletions(-)
 create mode 100644 .trivyignore

diff --git a/.trivyignore b/.trivyignore
new file mode 100644
index 0000000..4d4e13e
--- /dev/null
+++ b/.trivyignore
@@ -0,0 +1 @@
+CVE-2023-45853
\ No newline at end of file
diff --git a/.woodpecker.yml b/.woodpecker.yml
index b674774..5f49710 100644
--- a/.woodpecker.yml
+++ b/.woodpecker.yml
@@ -22,10 +22,10 @@ steps:
 
         gcloud auth configure-docker us-central1-docker.pkg.dev -q
 
-        trivy image --scanners vuln --exit-code 1 --severity CRITICAL $REG/server1:$IMG_TAG
-        trivy image --scanners vuln --exit-code 1 --severity CRITICAL $REG/server2:$IMG_TAG
-        trivy image --scanners vuln --exit-code 1 --severity CRITICAL $REG/server3:$IMG_TAG
-        trivy image --scanners vuln --exit-code 1 --severity CRITICAL $REG/nginx:$IMG_TAG
+        trivy image --scanners vuln --ignore-unfixed --ignorefile .trivyignore --exit-code 1 --severity CRITICAL $REG/server1:$IMG_TAG
+        trivy image --scanners vuln --ignore-unfixed --ignorefile .trivyignore --exit-code 1 --severity CRITICAL $REG/server2:$IMG_TAG
+        trivy image --scanners vuln --ignore-unfixed --ignorefile .trivyignore --exit-code 1 --severity CRITICAL $REG/server3:$IMG_TAG
+        trivy image --scanners vuln --ignore-unfixed --ignorefile .trivyignore --exit-code 1 --severity CRITICAL $REG/nginx:$IMG_TAG
 
 
   - name: staging-deploy