feat(): add trivy

.gitea/workflows/main.yaml

@@ -17,6 +17,15 @@ jobs:
           go-version: '1.24.x'
       - name: Test with the Go CLI
         run: go test ./...
+      - name: Run Trivy vulnerability scanner 
+        uses: aquasecurity/trivy-action@0.28.0
+        with:
+          scan-type: 'fs'
+          scan-ref: '.'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          severity: 'CRITICAL,HIGH'
   Build_Image:
     runs-on: ubuntu-latest
     steps:

.gitea/workflows/pr.yaml

@@ -14,6 +14,15 @@ jobs:
           go-version: '1.24.x'
       - name: Test with the Go CLI
         run: go test ./...
+      - name: Run Trivy vulnerability scanner 
+        uses: aquasecurity/trivy-action@0.28.0
+        with:
+          scan-type: 'fs'
+          scan-ref: '.'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          severity: 'CRITICAL,HIGH'
   Build_Image:
     runs-on: ubuntu-latest
     steps:
@@ -31,4 +40,4 @@ jobs:
             file: ./Dockerfile
             push: false
             tags: |
-              lerentis/canada-kaktus:latest
+              lerentis/canada-kaktus:latest

.gitea/workflows/release.yaml

@@ -14,6 +14,15 @@ jobs:
           go-version: '1.24.x'
       - name: Test with the Go CLI
         run: go test ./...
+      - name: Run Trivy vulnerability scanner 
+        uses: aquasecurity/trivy-action@0.28.0
+        with:
+          scan-type: 'fs'
+          scan-ref: '.'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          severity: 'CRITICAL,HIGH'
   Build_Image:
     runs-on: ubuntu-latest
     steps: