chore: add trivy check on docker images

Ticket: WP-6506

Author: pranavjain97

.github/workflows/build-and-test.yaml

@@ -125,7 +125,7 @@ jobs:
         if: steps.node-modules-cache.outputs.cache-hit != 'true'
         run: npm ci
 
-      - name: Run Trivy vulnerability scanner
+      - name: Run Trivy vulnerability scanner (Filesystem)
         uses: aquasecurity/trivy-action@master
         with:
           scan-type: 'fs'
@@ -136,6 +136,36 @@ jobs:
           ignore-unfixed: true
           scanners: 'vuln' # Only scan for vulnerabilities, not secrets
 
+  trivy-image-scan:
+    name: Security - Docker Image Scan
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Build Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          push: false
+          load: true
+          tags: advanced-wallet-manager:pr-${{ github.event.pull_request.number || 'test' }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Run Trivy vulnerability scanner (Docker Image)
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'advanced-wallet-manager:pr-${{ github.event.pull_request.number || 'test' }}'
+          format: 'table'
+          severity: 'CRITICAL,HIGH'
+          exit-code: '1'
+          ignore-unfixed: true
+          scanners: 'vuln' # Only scan for vulnerabilities, not secrets
+
   test:
     name: Test
     runs-on: ubuntu-latest