feature: updates to trivy code scanner #47

	name: Trivy Scanner
	on:
	pull_request:
	push:
	branches:
	- develop
	schedule:
	- cron: "0 21 * * 0"

	jobs:
	dotnet:
	name: .NET Analysis
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- uses: actions/setup-dotnet@v4
	with:
	dotnet-version: "8.0.x"

	- name: dotnet backend
	run: dotnet build CSETWebApi/CSETWeb_Api/CSETWeb_Api.sln

	- name: Run vulnerability scanner
	uses: aquasecurity/[email protected]
	with:
	format: "sarif"
	output: "trivy-dotnet-results.sarif"
	scan-type: fs
	scan-ref: ./CSETWebApi
	severity: CRITICAL,HIGH
	skip-files: \|
	CSETWebApi/CSETWeb_Api/*/.sql
	CSETWebApi/CSETWeb_Api/*/.xml

	- name: Upload scan results to Security tab
	uses: github/codeql-action/upload-sarif@v3
	if: always()
	with:
	category: ".NET"
	sarif_file: "trivy-dotnet-results.sarif"

	nodejs:
	name: Node.js Analysis
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Run vulnerability scanner
	uses: aquasecurity/[email protected]
	with:
	format: "sarif"
	output: "trivy-nodejs-results.sarif"
	scan-type: fs
	scan-ref: ./CSETWebNg
	severity: CRITICAL,HIGH

	- name: Upload scan results to Security tab
	uses: github/codeql-action/upload-sarif@v3
	with:
	category: "Node.js"
	sarif_file: "trivy-nodejs-results.sarif"

Provide feedback