From b52065d1552ffcb167c22d5d2b458864aaf0a3da Mon Sep 17 00:00:00 2001
From: Andrew <90681520+andrew-gropyus@users.noreply.github.com>
Date: Wed, 8 Nov 2023 17:46:18 +0100
Subject: [PATCH] feat: expose trivy.skipFiles in helm values (#1622)

---
 deploy/helm/README.md                       | 1 +
 deploy/helm/templates/configmaps/trivy.yaml | 3 +++
 deploy/helm/values.yaml                     | 2 ++
 3 files changed, 6 insertions(+)

diff --git a/deploy/helm/README.md b/deploy/helm/README.md
index 4736274f7..7bfcba9d2 100644
--- a/deploy/helm/README.md
+++ b/deploy/helm/README.md
@@ -138,6 +138,7 @@ Keeps security report resources updated
 | trivy.serverUser | string | `""` | serverUser this param is the server user to be used to download db from private registry |
 | trivy.severity | string | `"UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL"` | severity is a comma separated list of severity levels reported by Trivy. |
 | trivy.skipDirs | string | `nil` | a comma separated list of directories for Trivy to skip |
+| trivy.skipFiles | string | `nil` | a comma separated list of file paths for Trivy to skip |
 | trivy.skipJavaDBUpdate | bool | `false` | skipJavaDBUpdate is the flag to enable skip Java index databases update for Trivy client. |
 | trivy.slow | bool | `true` | slow this flag is to use less CPU/memory for scanning though it takes more time than normal scanning. It fits small-footprint |
 | trivy.sslCertDir | string | `nil` | sslCertDir can be used to override the system default locations for SSL certificate files directory, example: /ssl/certs |
diff --git a/deploy/helm/templates/configmaps/trivy.yaml b/deploy/helm/templates/configmaps/trivy.yaml
index caa16648f..5da7eeb68 100644
--- a/deploy/helm/templates/configmaps/trivy.yaml
+++ b/deploy/helm/templates/configmaps/trivy.yaml
@@ -50,6 +50,9 @@ data:
   trivy.dbRepository: "{{ .Values.trivy.dbRegistry }}/{{ .Values.trivy.dbRepository }}"
   trivy.javaDbRepository: "{{ .Values.trivy.javaDbRegistry }}/{{ .Values.trivy.javaDbRepository }}"
   trivy.command: {{ .Values.trivy.command | quote }}
+  {{- with .Values.trivy.skipFiles }}
+  trivy.skipFiles: {{ . | quote }}
+  {{- end }}
   {{- with .Values.trivy.skipDirs }}
   trivy.skipDirs: {{ . | quote }}
   {{- end }}
diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml
index 6eac57173..089a12eec 100644
--- a/deploy/helm/values.yaml
+++ b/deploy/helm/values.yaml
@@ -335,6 +335,8 @@ trivy:
   # vulnerabilities reported by Trivy. Set to true to enable it.
   #
   ignoreUnfixed: false
+  # -- a comma separated list of file paths for Trivy to skip
+  skipFiles:
   # -- a comma separated list of directories for Trivy to skip
   skipDirs: