feature: updates to trivy code scanner #46

	name: Trivy Scanner
	on:
	pull_request:
	push:
	branches:
	- develop
	schedule:
	- cron: "0 21 * * 0"

	jobs:
	dotnet:
	name: .NET Analysis
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- uses: actions/setup-dotnet@v4
	with:
	dotnet-version: "8.0.x"

	- name: dotnet backend
	run: dotnet build CSETWebApi/CSETWeb_Api/CSETWeb_Api.sln

	- name: Run vulnerability scanner
	uses: aquasecurity/[email protected]
	with:
	# format: "sarif"
	# output: "trivy-dotnet-results.sarif"
	scan-type: fs
	scan-ref: CSETWebApi/
	severity: CRITICAL,HIGH
	skip-files: \|
	CSETWebApi/CSETWeb_Api/*/.sql
	CSETWebApi/CSETWeb_Api/*/.xml

	# - name: Upload scan results to Security tab
	# uses: github/codeql-action/upload-sarif@v3
	# if: always()
	# with:
	# category: ".NET"
	# sarif_file: "trivy-dotnet-results.sarif"

Provide feedback