Add Trivy dependency scan to CI #2

	name: Security Scan

	on:
	push:
	branches: [ main ]
	pull_request:
	branches: [ main ]

	jobs:
	gosec-scan:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v3

	- name: Set Up Go
	uses: actions/setup-go@v4
	with:
	go-version: '1.22'

	- name: Install gosec
	run: go install github.com/securego/gosec/v2/cmd/gosec@latest

	- name: Run gosec
	run: gosec ./...

	trivy-scan:
	runs-on: ubuntu-latest
	needs: gosec-scan
	steps:
	- name: Checkout code
	uses: actions/checkout@v3

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	scan-type: fs
	severity: HIGH,CRITICAL



	# Runs automatically on every push and comments on any unsafe code
	# such as use of os/exec, hard-coded creds, weak crypto

Provide feedback