Update django 4.2 #24


	name: trivy-pr-scan
	on:
	pull_request:
	branches:
	- develop
	- master
	- main
	types: [ opened, synchronize ]
	paths-ignore:
	- README.md
	- .old_cicd/*
	- .github/*
	- .github/workflows/*
	- LICENSE
	- .gitignore
	- .dockerignore
	- .githooks

	jobs:
	trivy-pr-scan:
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	with:
	driver-opts: \|
	network=host

	- name: Login to DockerHub
	uses: docker/login-action@v3
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}
	logout: true

	# Notes on Cache:
	# https://docs.docker.com/build/ci/github-actions/examples/#inline-cache
	- name: Build Container
	uses: docker/build-push-action@v5
	with:
	context: .
	push: false
	load: true
	tags: ${{ github.repository }}:vuln-test
	cache-from: type=registry,ref=${{ github.repository }}:buildcache
	cache-to: type=registry,ref=${{ github.repository }}:buildcache,mode=max

	# We will not be concerned with Medium and Low vulnerabilities
	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: '${{ github.repository }}:vuln-test'
	format: 'sarif'
	severity: 'CRITICAL,HIGH'
	output: 'trivy-results.sarif'
	exit-code: '1'
	# Scan results should be viewable in GitHub Security Dashboard
	# We still fail the job if results are found, so below will always run
	# unless manually canceled.
	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v2
	if: '!cancelled()'
	with:
	sarif_file: 'trivy-results.sarif'

Provide feedback