From d2f738eb31be2d61955ec2f951902f7b23d58af6 Mon Sep 17 00:00:00 2001
From: Matheus Moraes <matheusfaria.moraes@gmail.com>
Date: Thu, 29 Feb 2024 15:26:18 -0300
Subject: [PATCH] document helm parameter for trivy timeout

---
 docs/plugins/trivy.md | 15 +++++++++++++++
 mkdocs.yml            |  1 +
 2 files changed, 16 insertions(+)

diff --git a/docs/plugins/trivy.md b/docs/plugins/trivy.md
index e536b9d8..880d23d0 100644
--- a/docs/plugins/trivy.md
+++ b/docs/plugins/trivy.md
@@ -31,3 +31,18 @@ The `ClusterScan` will have a `Failed` status. You will see a log entry similar
 ```
 2023-09-26T14:18:02Z	ERROR	worker	failed to run worker	{"error": "failed to create VulnerabilityReport \"kind-kind-usdockerpkgdevgooglesamplescontainersgkegbfrontendsha256dc8de8e0d569d2f828b187528c9317bd6b605c273ac5a282aebe471f630420fc-rzntw\": etcdserver: request is too large"}
 ```
+
+## Scan timeout
+
+Trivy's scan duration may vary depending on the total images in your cluster 
+and the time to download the vulnerability database during each scan. 
+
+By default, Zora sets a timeout of **10 minutes** for Trivy scan completion.
+
+To adjust this timeout, use the following Helm parameter:
+
+```shell
+--set scan.plugins.trivy.timeout=15m
+```
+
+Once this parameter is updated, the next scan will use the specified value.
diff --git a/mkdocs.yml b/mkdocs.yml
index 16424d2a..f256c690 100644
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -90,6 +90,7 @@ nav:
           - HTTPS Proxy: configuration/https-proxy.md
           - Scanning Images hosted in AWS ECR: configuration/aws-elastic-container-registry.md
           - Scanning Images hosted in Azure ACR: configuration/acr.md
+          - Vulnerability scan timeout: plugins/trivy/#scan-timeout
       - "🔌 Plugins":
           - Overview: plugins/index.md
           - Misconfiguration: