adding trivy config

Signed-off-by: John O'Loughlin <[email protected]>

Author: johnoloughlin

Diff for: .github/workflows/trivy.yml

@@ -52,3 +52,33 @@ jobs:
         uses: github/codeql-action/upload-sarif@012739e5082ff0c22ca6d6ab32e07c36df03c4a4 # v3.22.12
         with:
           sarif_file: 'trivy-results.sarif'
+
+      # - name: Run Trivy vulnerability scanner in repo mode
+      #   uses: aquasecurity/trivy-action@master
+      #   id: fs_trivy
+      #   with:
+      #     scan-type: 'fs'
+      #     format: 'github' #table
+      #     output: './trivy_config.txt'
+      #     # severity: 'CRITICAL,HIGH'
+
+      - name: Trivy Generate Reports
+        run: |
+           wget -q https://github.com/aquasecurity/trivy/releases/download/v0.48.2/trivy_0.48.2_Linux-64bit.deb
+           sudo apt install -y ./*.deb
+           echo "trivy fs -d ." |tee ./trivy_fs_scan.txt
+           trivy fs -d . &>  ./trivy_fs_scan.txt
+           echo "trivy config -s HIGH,CRITICAL . -d" |tee ./trivy_config_scan.txt
+           trivy config -s HIGH,CRITICAL -d . &>  ./trivy_config_scan.txt
+           echo "trivy image userspacecni:latest -s HIGH,CRITICAL" > ./trivy_image_scan.txt
+           trivy image userspacecni:latest -s HIGH,CRITICAL &>  ./trivy_image_scan.txt
+
+
+      - name: GitHub Upload Trivy Reports
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0
+        with:
+          name: trivy_reports
+          path: |
+            ./trivy_fs_scan.txt
+            ./trivy_config_scan.txt
+            ./trivy_image_scan.txt