ci(trivy): fetch vulnerabilities DB from erc

aquasecurity/trivy-action#389 (comment)

Signed-off-by: Michael Beemer <[email protected]>

Author: beeme1mr

.github/workflows/pr-checks.yml

@@ -82,6 +82,8 @@ jobs:
           template: "@/contrib/sarif.tpl"
           output: "trivy-results.sarif"
           severity: "CRITICAL,HIGH"
+        env:
+          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2
         with: