From 18ecf75176a1cadcf20e088a991af899e96fe40b Mon Sep 17 00:00:00 2001
From: Nikita Pivkin <nikita.pivkin@smartforce.io>
Date: Wed, 10 Dec 2025 05:07:39 +0600
Subject: [PATCH] fix(misconf): respect .yml files when Helm charts are
 detected (#9912)

Signed-off-by: nikpivkin <nikita.pivkin@smartforce.io>
---
 docs/guide/coverage/iac/index.md | 2 +-
 pkg/iac/detection/detect.go      | 2 +-
 pkg/iac/detection/detect_test.go | 6 ++++++
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/docs/guide/coverage/iac/index.md b/docs/guide/coverage/iac/index.md
index 41e65a607e..7d2f674e73 100644
--- a/docs/guide/coverage/iac/index.md
+++ b/docs/guide/coverage/iac/index.md
@@ -16,7 +16,7 @@ Trivy scans Infrastructure as Code (IaC) files for
 | [Terraform Plan](terraform.md)      | tfplan, \*.tfplan, \*.json                          |
 | [CloudFormation](cloudformation.md) | \*.yml, \*.yaml, \*.json                            |
 | [Azure ARM Template](azure-arm.md)  | \*.json                                             |
-| [Helm](helm.md)                     | \*.yaml, \*.tpl, \*.tar.gz, etc.                    |
+| [Helm](helm.md)                     | \*.yml, \*.yaml, \*.tpl, \*.tar.gz, etc.            |
 | [YAML][json-and-yaml]               | \*.yaml, \*.yml                                     |
 | [JSON][json-and-yaml]               | \*.json                                             |
 | [Ansible](ansible.md)               | \*.yml, \*.yaml, \*.json, \*.ini, without extension |
diff --git a/pkg/iac/detection/detect.go b/pkg/iac/detection/detect.go
index 0d17971903..600d0835f6 100644
--- a/pkg/iac/detection/detect.go
+++ b/pkg/iac/detection/detect.go
@@ -193,7 +193,7 @@ func init() {
 				return true
 			}
 		}
-		helmFileExtensions := []string{".yaml", ".tpl"}
+		helmFileExtensions := []string{".yml", ".yaml", ".tpl"}
 		ext := filepath.Ext(filepath.Base(name))
 		for _, expected := range helmFileExtensions {
 			if strings.EqualFold(ext, expected) {
diff --git a/pkg/iac/detection/detect_test.go b/pkg/iac/detection/detect_test.go
index 55142583f2..bedc84b718 100644
--- a/pkg/iac/detection/detect_test.go
+++ b/pkg/iac/detection/detect_test.go
@@ -246,6 +246,7 @@ Resources:
 			r:    nil,
 			expected: []FileType{
 				FileTypeYAML,
+				FileTypeHelm,
 				FileTypeAnsible,
 			},
 		},
@@ -276,6 +277,7 @@ spec:
 			expected: []FileType{
 				FileTypeKubernetes,
 				FileTypeYAML,
+				FileTypeHelm,
 				FileTypeAnsible,
 			},
 		},
@@ -342,6 +344,7 @@ spec:
 			r:    nil,
 			expected: []FileType{
 				FileTypeYAML,
+				FileTypeHelm,
 				FileTypeAnsible,
 			},
 		},
@@ -351,6 +354,7 @@ spec:
 			r:    nil,
 			expected: []FileType{
 				FileTypeYAML,
+				FileTypeHelm,
 			},
 		},
 		{
@@ -384,6 +388,7 @@ data:
 			expected: []FileType{
 				FileTypeKubernetes,
 				FileTypeYAML,
+				FileTypeHelm,
 				FileTypeAnsible,
 			},
 		},
@@ -413,6 +418,7 @@ rules:
 			expected: []FileType{
 				FileTypeKubernetes,
 				FileTypeYAML,
+				FileTypeHelm,
 				FileTypeAnsible,
 			},
 		},