Add vulnerability scanner trivy to CI pipeline (#28) #85

	name: GitHub Actions Prod Deployment
	on:
	push:
	branches:
	- main
	- sst

	jobs:
	DeployToProd:
	runs-on: ubuntu-latest
	env: # Defined in the repository settings on github.com
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	CLOUDFLARE_DEFAULT_ACCOUNT_ID: ${{ secrets.CLOUDFLARE_DEFAULT_ACCOUNT_ID }}
	CLOUDFLARE_API_TOKEN: ${{ secrets.CLOUDFLARE_API_TOKEN }}
	steps:
	- uses: actions/checkout@v4
	- uses: actions/setup-node@v4
	with:
	node-version: 20
	- run: corepack enable
	- run: echo "path=$(pnpm store path)" > $GITHUB_OUTPUT
	id: store-path
	- name: Cache pnpm modules
	id: cache-npm
	uses: actions/cache@v3
	env:
	cache-name: cache-pnpm-modules
	with:
	# npm cache files are stored in `~/.npm` on Linux/macOS
	path: ${{ steps.store-path.outputs.path }}
	key: ${{ runner.os }}-build-${{ env.cache-name }}-${{ hashFiles('**/pnpm-lock.yaml') }}
	restore-keys: \|
	${{ runner.os }}-build-${{ env.cache-name }}-
	${{ runner.os }}-build-
	${{ runner.os }}-
	- run: pnpm i
	- run: pnpm deploy:prod

Provide feedback