From 51af09a44662a170bb043096dd6442eae0728389 Mon Sep 17 00:00:00 2001
From: "Brad P. Crochet" <brad@redhat.com>
Date: Tue, 23 May 2023 09:06:07 -0400
Subject: [PATCH] Ignore build-id directory in HasModifiedFiles

The usr/lib/.build-id directory often has modifications. We don't
care about these getting modified. So, ignore in the initial scan.

Signed-off-by: Brad P. Crochet <brad@redhat.com>
---
 internal/policy/container/has_modified_files.go | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/internal/policy/container/has_modified_files.go b/internal/policy/container/has_modified_files.go
index ce4a2321..f4bd7652 100644
--- a/internal/policy/container/has_modified_files.go
+++ b/internal/policy/container/has_modified_files.go
@@ -306,9 +306,10 @@ func findRPMDB(ctx context.Context, layer v1.Layer) (found bool, pkglist []*rpmd
 // directoryIsExcluded excludes a directory and any file contained in that directory.
 func directoryIsExcluded(ctx context.Context, s string) bool {
 	excl := map[string]struct{}{
-		"etc": {},
-		"var": {},
-		"run": {},
+		"etc":               {},
+		"var":               {},
+		"run":               {},
+		"usr/lib/.build-id": {},
 	}
 
 	for k := range excl {