GHA: bump rancher-eio/read-vault-secrets #737

	name: trivy-scanning
	on:
	push:
	branches:
	- master
	- 'v**'
	pull_request:

	jobs:
	build:
	name: Build
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3

	- name: Run Trivy vulnerability scanner in repo mode
	uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0
	with:
	scan-type: 'fs'
	ignore-unfixed: true
	format: 'sarif'
	output: 'trivy-results.sarif'
	severity: 'CRITICAL,HIGH,MEDIUM'

	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@b8d3b6e8af63cde30bdc382c0bc28114f4346c88 # v2
	with:
	sarif_file: 'trivy-results.sarif'

Provide feedback