ci: adjust scanner actions

.github/workflows/ci.yml

@@ -146,12 +146,6 @@ jobs:
       - name: Build FIPS Docker image for scanning
         run: make build-image-fips-amd64-with-tags
 
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
-        with:
-          image-ref: "mattermost/mattermost-push-proxy-fips:${{ github.ref == 'refs/heads/master' && 'master' || format('dev-{0}', github.sha) }}"
-          format: 'table'
-
   security-scan:
     name: Security Scan
     runs-on: ubuntu-latest
@@ -166,12 +160,6 @@ jobs:
       - name: Build Docker image for scanning
         run: make build-image-amd64-with-tags
 
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
-        with:
-          image-ref: "mattermost-push-proxy:${{ github.ref == 'refs/heads/master' && 'master' || format('dev-{0}', github.sha) }}"
-          format: 'table'
-
   pr-deploy-amd64:
     name: PR Deploy AMD64
     runs-on: ubuntu-latest

Makefile

@@ -741,28 +741,8 @@ scan-fips: ## Scan FIPS Docker image for vulnerabilities using Docker Scout
 	fi
 	docker scout cves $(APP_NAME_FIPS):$(APP_VERSION_NO_V)
 
-.PHONY: trivy
-trivy: ## Scan Docker image for vulnerabilities using Trivy
-	@echo Running Trivy vulnerability scan
-	@if ! docker images -q ${APP_NAME}:${APP_VERSION_NO_V} | grep -q .; then \
-		echo "❌ Image ${APP_NAME}:${APP_VERSION_NO_V} not found locally. Please build it first with:"; \
-		echo "   make build-image-amd64-with-tags (or build-image-arm64-with-tags)"; \
-		exit 1; \
-	fi
-	trivy image --format table --exit-code 0 --ignore-unfixed --vuln-type os,library --severity CRITICAL,HIGH,MEDIUM ${APP_NAME}:${APP_VERSION_NO_V}
-
-.PHONY: trivy-fips
-trivy-fips: ## Scan FIPS Docker image for vulnerabilities using Trivy
-	@echo Running Trivy vulnerability scan for FIPS image
-	@if ! docker images -q $(APP_NAME_FIPS):$(APP_VERSION_NO_V) | grep -q .; then \
-		echo "❌ Image $(APP_NAME_FIPS):$(APP_VERSION_NO_V) not found locally. Please build it first with:"; \
-		echo "   make build-image-fips-amd64-with-tags (or build-image-fips-arm64-with-tags)"; \
-		exit 1; \
-	fi
-	trivy image --format table --exit-code 0 --ignore-unfixed --vuln-type os,library --severity CRITICAL,HIGH,MEDIUM $(APP_NAME_FIPS):$(APP_VERSION_NO_V)
-
 .PHONY: security-all
-security-all: ## Run all vulnerability scans (Docker Scout and Trivy) for both regular and FIPS images
+security-all: ## Run all vulnerability scans (Docker Scout) for both regular and FIPS images
 	@echo "🔍 Running comprehensive security scans for all images..."
 	@echo ""
 	@echo "=========================================="
@@ -776,15 +756,6 @@ security-all: ## Run all vulnerability scans (Docker Scout and Trivy) for both r
 	$(MAKE) scan-fips
 	@echo ""
 	@echo "=========================================="
-	@echo "🛡️  Trivy - Regular Image"
-	@echo "=========================================="
-	$(MAKE) trivy
-	@echo ""
-	@echo "=========================================="
-	@echo "🛡️  Trivy - FIPS Image"
-	@echo "=========================================="
-	$(MAKE) trivy-fips
-	@echo ""
 	@echo "✅ All security scans completed!"
 
 .PHONY: security-build-and-scan