try out adding trivy vulnerability scanner

in docker-nightly image build

.github/workflows/docker-nightly.yml

@@ -138,3 +138,13 @@ jobs:
           push: true
           tags: |
             eclipse/ditto-ui:${{ env.IMAGE_TAG }}
+      - 
+        name: Run Trivy vulnerability scanner for ditto-connectivity
+        uses: aquasecurity/trivy-action@master
+        with:
+          image-ref: 'docker.io/eclipse/ditto-connectivity:${{ env.IMAGE_TAG }}'
+          format: 'table'
+          exit-code: '1'
+          ignore-unfixed: true
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'