docs(#1748): add exclusion info to per-rule documentation

antora/docs/modules/ROOT/pages/packages/build_task_build_labels.adoc

@@ -16,6 +16,7 @@ Confirm the build task definition has the required build type label.
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `The required build label '%s' is missing`
 * Code: `build_labels.build_type_label_set`
+* To exclude this rule, add `build_labels.build_type_label_set` to the `exclude` list in your policy config. You can also exclude the entire package with `build_labels`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/build_task/build_labels/build_labels.rego#L18[Source, window="_blank"]
 
 [#build_labels__build_task_has_label]
@@ -26,4 +27,5 @@ Confirm that the build task definition includes at least one label.
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `The task definition does not include any labels`
 * Code: `build_labels.build_task_has_label`
+* To exclude this rule, add `build_labels.build_task_has_label` to the `exclude` list in your policy config. You can also exclude the entire package with `build_labels`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/build_task/build_labels/build_labels.rego#L31[Source, window="_blank"]

antora/docs/modules/ROOT/pages/packages/pipeline_basic.adoc

@@ -16,4 +16,5 @@ Confirm that the pipeline definition has the kind "Pipeline".
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `Unexpected kind '%s' for pipeline definition`
 * Code: `basic.expected_kind`
+* To exclude this rule, add `basic.expected_kind` to the `exclude` list in your policy config. You can also exclude the entire package with `basic`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/basic/basic.rego#L19[Source, window="_blank"]

antora/docs/modules/ROOT/pages/packages/pipeline_required_tasks.adoc

@@ -16,6 +16,7 @@ Produce a warning when a task that will be required in the future is not current
 * Rule type: [rule-type-indicator warning]#WARNING#
 * WARNING message: `%s is missing and will be required on %s`
 * Code: `required_tasks.missing_future_required_task`
+* To exclude this rule, add `required_tasks.missing_future_required_task` to the `exclude` list in your policy config. You can also exclude the entire package with `required_tasks`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/required_tasks/required_tasks.rego#L63[Source, window="_blank"]
 
 [#required_tasks__missing_required_task]
@@ -26,6 +27,7 @@ Ensure that the set of required tasks is included in the Pipeline definition.
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `%s is missing or outdated`
 * Code: `required_tasks.missing_required_task`
+* To exclude this rule, add `required_tasks.missing_required_task` to the `exclude` list in your policy config. You can also exclude the entire package with `required_tasks`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/required_tasks/required_tasks.rego#L100[Source, window="_blank"]
 
 [#required_tasks__tasks_found]
@@ -36,6 +38,7 @@ Confirm at least one task is present in the pipeline definition.
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `No tasks found in pipeline`
 * Code: `required_tasks.tasks_found`
+* To exclude this rule, add `required_tasks.tasks_found` to the `exclude` list in your policy config. You can also exclude the entire package with `required_tasks`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/required_tasks/required_tasks.rego#L87[Source, window="_blank"]
 
 [#required_tasks__required_tasks_list_present]
@@ -46,6 +49,7 @@ Confirm the `required-tasks` rule data was provided, since it's required by the
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `The required tasks list is missing from the rule data`
 * Code: `required_tasks.required_tasks_list_present`
+* To exclude this rule, add `required_tasks.required_tasks_list_present` to the `exclude` list in your policy config. You can also exclude the entire package with `required_tasks`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/required_tasks/required_tasks.rego#L122[Source, window="_blank"]
 
 [#required_tasks__required_tasks_found]
@@ -56,4 +60,5 @@ Produce a warning if a list of current or future required tasks does not exist i
 * Rule type: [rule-type-indicator warning]#WARNING#
 * WARNING message: `Required tasks do not exist for pipeline %q`
 * Code: `required_tasks.required_tasks_found`
+* To exclude this rule, add `required_tasks.required_tasks_found` to the `exclude` list in your policy config. You can also exclude the entire package with `required_tasks`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/required_tasks/required_tasks.rego#L44[Source, window="_blank"]

antora/docs/modules/ROOT/pages/packages/pipeline_task_bundle.adoc

@@ -16,6 +16,7 @@ Confirm the `trusted_tasks` rule data was provided, since it's required by the p
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `Missing required trusted_tasks data`
 * Code: `task_bundle.missing_required_data`
+* To exclude this rule, add `task_bundle.missing_required_data` to the `exclude` list in your policy config. You can also exclude the entire package with `task_bundle`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/task_bundle/task_bundle.rego#L124[Source, window="_blank"]
 
 [#task_bundle__untrusted_task_bundle]
@@ -26,6 +27,7 @@ For each Task in the Pipeline definition, check if the Tekton Bundle used is a t
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `Pipeline task '%s' uses an untrusted task bundle '%s'`
 * Code: `task_bundle.untrusted_task_bundle`
+* To exclude this rule, add `task_bundle.untrusted_task_bundle` to the `exclude` list in your policy config. You can also exclude the entire package with `task_bundle`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/task_bundle/task_bundle.rego#L109[Source, window="_blank"]
 
 [#task_bundle__out_of_date_task_bundle]
@@ -36,6 +38,7 @@ For each Task in the Pipeline definition, check if the Tekton Bundle used is the
 * Rule type: [rule-type-indicator warning]#WARNING#
 * WARNING message: `Pipeline task '%s' uses an out of date task bundle '%s', new version of the Task must be used before %s`
 * Code: `task_bundle.out_of_date_task_bundle`
+* To exclude this rule, add `task_bundle.out_of_date_task_bundle` to the `exclude` list in your policy config. You can also exclude the entire package with `task_bundle`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/task_bundle/task_bundle.rego#L60[Source, window="_blank"]
 
 [#task_bundle__empty_task_bundle_reference]
@@ -46,6 +49,7 @@ Check that a valid task bundle reference is being used.
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `Pipeline task '%s' uses an empty bundle image reference`
 * Code: `task_bundle.empty_task_bundle_reference`
+* To exclude this rule, add `task_bundle.empty_task_bundle_reference` to the `exclude` list in your policy config. You can also exclude the entire package with `task_bundle`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/task_bundle/task_bundle.rego#L96[Source, window="_blank"]
 
 [#task_bundle__disallowed_task_reference]
@@ -56,6 +60,7 @@ Check for the existence of a task bundle. This rule will fail if the task is not
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `Pipeline task '%s' does not contain a bundle reference`
 * Code: `task_bundle.disallowed_task_reference`
+* To exclude this rule, add `task_bundle.disallowed_task_reference` to the `exclude` list in your policy config. You can also exclude the entire package with `task_bundle`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/task_bundle/task_bundle.rego#L82[Source, window="_blank"]
 
 [#task_bundle__unpinned_task_bundle]
@@ -66,4 +71,5 @@ Check if the Tekton Bundle used for the Tasks in the Pipeline definition is pinn
 * Rule type: [rule-type-indicator warning]#WARNING#
 * WARNING message: `Pipeline task '%s' uses an unpinned task bundle reference '%s'`
 * Code: `task_bundle.unpinned_task_bundle`
+* To exclude this rule, add `task_bundle.unpinned_task_bundle` to the `exclude` list in your policy config. You can also exclude the entire package with `task_bundle`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/pipeline/task_bundle/task_bundle.rego#L46[Source, window="_blank"]

antora/docs/modules/ROOT/pages/packages/release_attestation_type.adoc

@@ -18,6 +18,7 @@ The Conforma CLI now places the attestation data in a different location. This c
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `Deprecated policy attestation format found`
 * Code: `attestation_type.deprecated_policy_attestation_format`
+* To exclude this rule, add `attestation_type.deprecated_policy_attestation_format` to the `exclude` list in your policy config. You can also exclude the entire package with `attestation_type`, or exclude by collection with `@collection-name`.
 * Effective from: `2023-08-31T00:00:00Z`
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/attestation_type/attestation_type.rego#L82[Source, window="_blank"]
 
@@ -31,6 +32,7 @@ Confirm the attestation found for the image has a known attestation type.
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `Unknown attestation type '%s'`
 * Code: `attestation_type.known_attestation_type`
+* To exclude this rule, add `attestation_type.known_attestation_type` to the `exclude` list in your policy config. You can also exclude the entire package with `attestation_type`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/attestation_type/attestation_type.rego#L16[Source, window="_blank"]
 
 [#attestation_type__known_attestation_types_provided]
@@ -43,6 +45,7 @@ Confirm the `known_attestation_types` rule data was provided.
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `%s`
 * Code: `attestation_type.known_attestation_types_provided`
+* To exclude this rule, add `attestation_type.known_attestation_types_provided` to the `exclude` list in your policy config. You can also exclude the entire package with `attestation_type`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/attestation_type/attestation_type.rego#L44[Source, window="_blank"]
 
 [#attestation_type__pipelinerun_attestation_found]
@@ -55,4 +58,5 @@ Confirm at least one PipelineRun attestation is present.
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `Missing pipelinerun attestation`
 * Code: `attestation_type.pipelinerun_attestation_found`
+* To exclude this rule, add `attestation_type.pipelinerun_attestation_found` to the `exclude` list in your policy config. You can also exclude the entire package with `attestation_type`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/attestation_type/attestation_type.rego#L62[Source, window="_blank"]

antora/docs/modules/ROOT/pages/packages/release_base_image_registries.adoc

@@ -18,6 +18,7 @@ Confirm the `allowed_registry_prefixes` rule data was provided, since it's requi
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `%s`
 * Code: `base_image_registries.allowed_registries_provided`
+* To exclude this rule, add `base_image_registries.allowed_registries_provided` to the `exclude` list in your policy config. You can also exclude the entire package with `base_image_registries`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/base_image_registries/base_image_registries.rego#L74[Source, window="_blank"]
 
 [#base_image_registries__base_image_permitted]
@@ -30,6 +31,7 @@ Verify that the base images used when building a container image come from a kno
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `Base image %q is from a disallowed registry`
 * Code: `base_image_registries.base_image_permitted`
+* To exclude this rule, add `base_image_registries.base_image_permitted` to the `exclude` list in your policy config. You can also exclude the entire package with `base_image_registries`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/base_image_registries/base_image_registries.rego#L18[Source, window="_blank"]
 
 [#base_image_registries__base_image_info_found]
@@ -42,4 +44,5 @@ Verify the expected information was provided about which base images were used d
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `Base images information is missing`
 * Code: `base_image_registries.base_image_info_found`
+* To exclude this rule, add `base_image_registries.base_image_info_found` to the `exclude` list in your policy config. You can also exclude the entire package with `base_image_registries`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/base_image_registries/base_image_registries.rego#L48[Source, window="_blank"]

antora/docs/modules/ROOT/pages/packages/release_buildah_build_task.adoc

@@ -18,6 +18,7 @@ Verify the ADD_CAPABILITIES parameter of a builder Tasks was not used.
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `ADD_CAPABILITIES parameter is not allowed`
 * Code: `buildah_build_task.add_capabilities_param`
+* To exclude this rule, add `buildah_build_task.add_capabilities_param` to the `exclude` list in your policy config. You can also exclude the entire package with `buildah_build_task`, or exclude by collection with `@collection-name`.
 * Effective from: `2024-08-31T00:00:00Z`
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/buildah_build_task/buildah_build_task.rego#L38[Source, window="_blank"]
 
@@ -31,6 +32,7 @@ Verify the Dockerfile used in the buildah task was not fetched from an external
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `DOCKERFILE param value (%s) is an external source`
 * Code: `buildah_build_task.buildah_uses_local_dockerfile`
+* To exclude this rule, add `buildah_build_task.buildah_uses_local_dockerfile` to the `exclude` list in your policy config. You can also exclude the entire package with `buildah_build_task`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/buildah_build_task/buildah_build_task.rego#L17[Source, window="_blank"]
 
 [#buildah_build_task__platform_param]
@@ -43,6 +45,7 @@ Verify the value of the PLATFORM parameter of a builder Task is allowed by match
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `PLATFORM parameter value %q is disallowed by regex %q`
 * Code: `buildah_build_task.platform_param`
+* To exclude this rule, add `buildah_build_task.platform_param` to the `exclude` list in your policy config. You can also exclude the entire package with `buildah_build_task`, or exclude by collection with `@collection-name`.
 * Effective from: `2024-09-01T00:00:00Z`
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/buildah_build_task/buildah_build_task.rego#L61[Source, window="_blank"]
 
@@ -56,6 +59,7 @@ Verify the PRIVILEGED_NESTED parameter of a builder Tasks was not set to `true`.
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `setting PRIVILEGED_NESTED parameter to true is not allowed`
 * Code: `buildah_build_task.privileged_nested_param`
+* To exclude this rule, add `buildah_build_task.privileged_nested_param` to the `exclude` list in your policy config. You can also exclude the entire package with `buildah_build_task`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/buildah_build_task/buildah_build_task.rego#L100[Source, window="_blank"]
 
 [#buildah_build_task__disallowed_platform_patterns_pattern]
@@ -66,4 +70,5 @@ Confirm the `disallowed_platform_patterns` rule data, if provided matches the ex
 * Rule type: [rule-type-indicator failure]#FAILURE#
 * FAILURE message: `%s`
 * Code: `buildah_build_task.disallowed_platform_patterns_pattern`
+* To exclude this rule, add `buildah_build_task.disallowed_platform_patterns_pattern` to the `exclude` list in your policy config. You can also exclude the entire package with `buildah_build_task`, or exclude by collection with `@collection-name`.
 * https://github.com/conforma/policy/blob/{page-origin-refhash}/policy/release/buildah_build_task/buildah_build_task.rego#L84[Source, window="_blank"]