Opt out of misconfig for specific k8s role

[chen-keinan]

Discussed in https://github.com/aquasecurity/trivy/discussions/6753

^{Originally posted by **kyrofa** May 22, 2024} ### Question I'm using `trivy k8s` to scan my cluster. I have a particular service account and role that is used for automating deployments, and its capabilities are such that deployments can actually happen, which as you can imagine trivy is [complaining about](https://avd.aquasec.com/misconfig/kubernetes/general/avd-ksv-0056/). I know I can use `.trivyignore` to opt out of that entire issue, but honestly I don't want to. I WANT to be notified of these kinds of things, just _not for this specific role_. I see the docs talking about the experimental `.trivyignore.yaml` that includes the ability to specify paths: is there anything similar for my situation? Thanks for your help! ### Target Kubernetes ### Scanner Misconfiguration ### Output Format None ### Mode Standalone ### Operating System Ubuntu 20.04 ### Version ```bash $ trivy --version Version: 0.51.1 Vulnerability DB: Version: 2 UpdatedAt: 2024-05-22 18:12:26.384511718 +0000 UTC NextUpdate: 2024-05-23 00:12:26.384511447 +0000 UTC DownloadedAt: 2024-05-22 19:52:06.62139173 +0000 UTC Java DB: Version: 1 UpdatedAt: 2024-05-22 15:18:06.330086849 +0000 UTC NextUpdate: 2024-05-25 15:18:06.330086559 +0000 UTC DownloadedAt: 2024-05-22 17:33:54.580120705 +0000 UTC Check Bundle: Digest: sha256:6d0771effa53c6cf8130861fc3ac28f5515c35a028edb4bb1e67261b9218c80e DownloadedAt: 2024-05-22 17:27:16.041469293 +0000 UTC ```

[chen-keinan]

Add support for ignoring misconfig check for specific resource name