Opt out of secret scanning to make trivy faster

Signed-off-by: Dom Del Nano <ddelnano@gmail.com>

Author: ddelnano

.github/workflows/trivy_images.yaml

@@ -48,7 +48,7 @@ jobs:
       # yamllint disable rule:line-length
       run: |
         mkdir -p sarif/${{ matrix.artifact }}
-        ./bazel-bin/k8s/${{ matrix.artifact }}/list_image_bundle | xargs -I{} sh -c 'trivy image {} --format=sarif --output=sarif/${{ matrix.artifact }}/$(basename {} | cut -d":" -f1).sarif'
+        ./bazel-bin/k8s/${{ matrix.artifact }}/list_image_bundle | xargs -I{} sh -c 'trivy image --scanners vuln {} --format=sarif --output=sarif/${{ matrix.artifact }}/$(basename {} | cut -d":" -f1).sarif'
 
         # TODO(ddelnano): Remove this check once the operator dependency images are supported.
         # This requires rendering helm templates and requires some additional work.
@@ -65,7 +65,7 @@ jobs:
         # Ignore images whose basename is "/${{ matrix.artifact }}" to avoid scanning the bazel built images (e.g. /vizier-, /cloud-)
         # The deps images must have their file named processed differently to avoid conflicts with the image name. For example,
         # ory/hydra:v1.9.2-alpine and ory/hydra:v1.9.2-sqlite must not conflict.
-        cat ./bazel-bin/k8s/${{ matrix.artifact }}/${{ matrix.artifact }}_image_list.txt | grep -v "\/${{ matrix.artifact }}" | xargs -I{} sh -c 'trivy image {} --format=sarif --output=sarif/${{ matrix.artifact }}_deps/$(basename {} | cut -d"@" -f1 | tr ":" "_").sarif'
+        cat ./bazel-bin/k8s/${{ matrix.artifact }}/${{ matrix.artifact }}_image_list.txt | grep -v "\/${{ matrix.artifact }}" | xargs -I{} sh -c 'trivy image --scanners vuln {} --format=sarif --output=sarif/${{ matrix.artifact }}_deps/$(basename {} | cut -d"@" -f1 | tr ":" "_").sarif'
       # yamllint enable rule:line-length
     - run: |
         # Loop through all ${artifact} and ${artifact}_deps sarif files