adding trivy config

Signed-off-by: John O'Loughlin <[email protected]>

Author: johnoloughlin

Diff for: .github/workflows/trivy.yml

@@ -52,3 +52,19 @@ jobs:
         uses: github/codeql-action/upload-sarif@012739e5082ff0c22ca6d6ab32e07c36df03c4a4 # v3.22.12
         with:
           sarif_file: 'trivy-results.sarif'
+
+      - name: Run Trivy vulnerability scanner in repo mode
+        uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: 'fs'
+          ignore-unfixed: true
+          format: 'table'
+          output: './trivy_config.txt'
+          severity: 'CRITICAL,HIGH'
+
+      - name: GitHub Upload Release Artifacts
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0
+        with:
+          name: trivy_report
+          path: |
+             ./trivy_config.txt