ci: upload trivy result scan

.github/workflows/trivy-scan.yml

@@ -37,4 +37,11 @@ jobs:
         uses: github/codeql-action/upload-sarif@b374143c1149a9115d881581d29b8390bbcbb59c # v3.22.11
         if: always()
         with:
-          sarif_file: 'trivy-results.sarif'
+          sarif_file: 'trivy-results.sarif'
+      - name: Upload Trivy Artifacts
+        uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0
+        if: always()
+        with:
+          name: trivy-results.sarif
+          path: trivy-results.sarif
+

Dockerfile

@@ -28,10 +28,10 @@ RUN npm prune --production
 # set the user to non-root
 USER node
 
-FROM alpine:latest@sha256:51b67269f354137895d43f3b3d810bfacd3945438e94dc5ac55fdac340352f48
+FROM node:latest
 
-RUN addgroup -g 1000 node && adduser -u 1000 -G node -s /bin/sh -D node 
-RUN apk update && apk upgrade && apk add nodejs && rm -rf /var/cache/apk/*
+#RUN addgroup -g 1000 node && adduser -u 1000 -G node -s /bin/sh -D node 
+#RUN apk update && apk add nodejs && rm -rf /var/cache/apk/*
 
 COPY --from=builder  /rps/dist /rps/dist
 # for healthcheck backwards compatibility
@@ -40,7 +40,7 @@ COPY --from=builder  /rps/.rpsrc /.rpsrc
 COPY --from=builder  /rps/node_modules /rps/node_modules
 COPY --from=builder  /rps/package.json /rps/package.json
 # set the user to non-root
-USER node
+#USER node
 # Default Ports Used
 EXPOSE 8080
 EXPOSE 8081