document helm parameter for trivy timeout

undistro · Feb 29, 2024 · d2f738e · d2f738e
1 parent 4cde18d
commit d2f738e
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 0 deletions.
diff --git a/docs/plugins/trivy.md b/docs/plugins/trivy.md
@@ -31,3 +31,18 @@ The `ClusterScan` will have a `Failed` status. You will see a log entry similar
 ```
 2023-09-26T14:18:02Z	ERROR	worker	failed to run worker	{"error": "failed to create VulnerabilityReport \"kind-kind-usdockerpkgdevgooglesamplescontainersgkegbfrontendsha256dc8de8e0d569d2f828b187528c9317bd6b605c273ac5a282aebe471f630420fc-rzntw\": etcdserver: request is too large"}
 ```
+
+## Scan timeout
+
+Trivy's scan duration may vary depending on the total images in your cluster 
+and the time to download the vulnerability database during each scan. 
+
+By default, Zora sets a timeout of **10 minutes** for Trivy scan completion.
+
+To adjust this timeout, use the following Helm parameter:
+
+```shell
+--set scan.plugins.trivy.timeout=15m
+```
+
+Once this parameter is updated, the next scan will use the specified value.
diff --git a/mkdocs.yml b/mkdocs.yml
@@ -90,6 +90,7 @@ nav:
           - HTTPS Proxy: configuration/https-proxy.md
           - Scanning Images hosted in AWS ECR: configuration/aws-elastic-container-registry.md
           - Scanning Images hosted in Azure ACR: configuration/acr.md
+          - Vulnerability scan timeout: plugins/trivy/#scan-timeout
       - "🔌 Plugins":
           - Overview: plugins/index.md
           - Misconfiguration: