Add Hadolint and Trivy Checks

[samuelarogbonlo]

No description provided.

[sea212]

This is just a fast scan-over opinion, proper review coming soon.

The major thing I see is that we do the checks when we want to publish the docker images. I assume an lint/security issue will stop the publishing of the image, won't it?
I think it would be better to check those before a PR is merged into main. In regards to that, it would be nice to triggers those checks only when relevant changes are made.

[samuelarogbonlo]

Hello @sea212 can you please take a look at the changes I've made so far? And possibly take a look at the results of the job in https://github.com/zeitgeistpm/zeitgeist/actions/runs/4145477882/jobs/7169887429

[mergify]

This pull request is now in conflicts. Could you fix it @samuelarogbonlo? 🙏

[codecov-commenter]

Codecov Report

Merging #557 (a48763a) into main (bac24e6) will increase coverage by 0.00%.
Report is 8 commits behind head on main.
The diff coverage is n/a.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

@@           Coverage Diff           @@
##             main     #557   +/-   ##
=======================================
  Coverage   92.93%   92.94%           
=======================================
  Files          92       92           
  Lines       21589    21581    -8     
=======================================
- Hits        20064    20058    -6     
+ Misses       1525     1523    -2     

Flag	Coverage Δ
tests	92.94% <ø> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 2 files with indirect coverage changes

[mergify]

This pull request is now in conflicts. Could you fix it @samuelarogbonlo? 🙏

[mergify]

This pull request is now in conflicts. Could you fix it @samuelarogbonlo? 🙏