Add daily vulnerability scan

[R-HNF]

Description

I have updated three files for daily vulnerability scan.

1. daily-vul-scan.yml
2. README.md
3. trivy-results.tpl

---

1. daily-vul-scan.yml

Add daily vulnerability scan workflow daily-vul-scan.yml using trivy-action created by the official Trivy team.

This is the result of a test run.

• https://github.com/R-HNF/gatling-operator/actions/runs/6529806592

2. README.md

Add a badge to README.md to display the workflow results on the main branch.

Sample:

The result is marked as failing due to vulnerabilities.
ref. https://github.com/R-HNF/gatling-operator/tree/add_daily-vul-scan

3. trivy-results.tpl

Add a template trivy-results.tpl for writing out Trivy results to an issue.

This is the sample of a test run.

• [DO NOT CHANGE] Security Alert R-HNF/gatling-operator#3

---

Checklist

Please check if applicable

• Tests have been added (if applicable, ie. when operator codes are added or modified)
• Relevant docs have been added or modified (if applicable, ie. when new features are added or current features are modified)

Relevant issue #45

[gold-kou]

I feel the job should be separated more as not only building here.
Such as scanning and making an issue.

[R-HNF]

As you suggested, it seemed like a good idea to separate the jobs.
However, upon consideration of the following points, I concluded that processing the trivy results within the same job would be more efficient than writing them out as a string and sharing across different jobs.

• The output of aquasecurity/trivy-action@master is specified by file.
• The input specification for JasonEtco/create-an-issue@v2 is filename.

Consequently, I decided to only change the job name, instead of separating the jobs.

[gold-kou]

OK, I understand it's tough to separate jobs.

[gold-kou]

LGTM