chore: configure trivy ignore

[rshoemaker]

Summary

• Replace flat .trivyignore with structured .trivy/pgedge-control-plane.trivyignore.yaml per PLAT-482 conventions
• Each suppressed CVE includes a justification statement
• All three suppressed CVEs are Docker daemon issues that do not affect the Go client SDK

Test plan

• trivy fs --show-suppressed --ignorefile .trivy/pgedge-control-plane.trivyignore.yaml --scanners vuln . shows 0 findings and 3 suppressed

PLAT-482

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 4051ba82-64e3-484f-8f7f-a968b9e2f2ef

📥 Commits

Reviewing files that changed from the base of the PR and between 1a768b7 and b52a773.

📒 Files selected for processing (2)

• .trivy/pgedge-control-plane.trivyignore.yaml
• .trivyignore

💤 Files with no reviewable changes (1)

• .trivyignore

---

📝 Walkthrough

Walkthrough

Trivy vulnerability ignore configurations are reorganized by moving CVE entries from the root .trivyignore file to a new service-specific .trivy/pgedge-control-plane.trivyignore.yaml file, with detailed exemption statements added for each vulnerability.

Changes

Cohort / File(s)	Summary
Trivy Configuration Reorganization .trivy/pgedge-control-plane.trivyignore.yaml, .trivyignore	New service-specific ignore file created with three CVE exemptions (CVE-2026-34040, CVE-2026-33997, CVE-2025-54410) including detailed statements; corresponding entries removed from root ignore file.

Poem

🐰 A rabbit hops through config files with glee,
Moving CVE ignores where they ought to be,
From root to service, organized and neat,
With statements explaining why they're not a threat,
Security sorted, now that's a safe bet! 🔒

🚥 Pre-merge checks | ✅ 2 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description covers the summary and test plan, but is missing several required template sections including Changes, Checklist, and Notes for Reviewers.	Add the missing template sections: a bulleted Changes list, completion of the Checklist items, and any relevant Notes for Reviewers.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change—configuring Trivy ignore rules by replacing a flat file with a structured YAML configuration.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch chore/PLAT-482/trivy

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codacy-production]

Up to standards ✅

🟢 Issues 0 issues

Results:
0 new issues

View in Codacy

_{TIP This summary will be updated as you push new changes. Give us feedback}