RHAIENG-304, RHAIENG-786: chore(ci): update Trivy scan to handle pyproject.toml using uv lock (opendatahub-io#2217)

Author: jiridanek

.github/workflows/security.yaml

@@ -19,6 +19,18 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v5
 
+      # https://github.com/astral-sh/setup-uv
+      - name: Install the latest version of uv
+        uses: astral-sh/setup-uv@v6
+        with:
+          version: "latest"
+          python-version: "3.12"
+          enable-cache: false
+          activate-environment: true
+
+      # Trivy does not support pylock.toml https://github.com/aquasecurity/trivy/discussions/9408
+      - run: find . -name pyproject.toml -execdir uv lock \;
+
       - name: Trivy scan
         uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4  # 0.32.0
         with: