build(deps): bump aquasecurity/trivy-action from 0.27.0 to 0.28.0 in the actions group #1418

	---
	name: tests

	on:
	pull_request:
	branches:
	- main
	push:
	branches:
	- main

	permissions:
	contents: read

	jobs:
	test:
	name: ${{ matrix.test.name }}
	runs-on: ubuntu-latest
	strategy:
	matrix:
	test:
	- name: unit
	path: tests/unit
	- name: api
	path: tests/api

	env:
	REDIS_OM_URL: redis://localhost:6379/0
	GITHUB_BASE_URL: http://localhost:4010
	TRUNK_TOKEN: ${{ secrets.TRUNK_TOKEN }}
	steps:
	- uses: actions/checkout@v4
	- name: Boot compose services
	run: docker compose --profile tests up --build --detach
	- run: pipx install poetry
	- uses: actions/setup-python@v5
	with:
	python-version: 3.11
	cache: poetry
	- run: poetry install
	- name: Run tests
	run: poetry run pytest ${{ matrix.test.path }}
	env:
	GITHUB_TOKEN: test
	- name: Upload coverage
	uses: codecov/codecov-action@v4
	with:
	flags: ${{ matrix.test.name }}
	name: ${{ matrix.test.name }}
	env:
	CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
	- name: Upload results
	if: "!cancelled() && env.TRUNK_TOKEN"
	uses: trunk-io/analytics-uploader@main
	with:
	junit-paths: .reports/*.xml
	org-slug: ${{ github.repository_owner }}
	token: ${{ env.TRUNK_TOKEN }}
	continue-on-error: true
	- name: Upload test results to Codecov
	if: always()
	uses: codecov/test-results-action@v1
	with:
	token: ${{ secrets.CODECOV_TOKEN }}
	flags: ${{ matrix.test.name }}
	- name: Dump logs
	run: docker compose --profile tests logs
	if: always()

Provide feedback