Limit scope of changes that are monitored by Trivy scan

.github/workflows/trivy.yml

@@ -1,8 +1,20 @@
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+# Copyright (C) 2024 Intel Corporation.
+
 name: Trivy scan
 
 on:
- pull_request:
+ workflow_dispatch:
+ schedule:
+ - cron: '45 8 * * *'
+ push:
  branches: ["master", "release/**"]
+ pull_request:
+ paths:
+ - '**/go.mod'
+ - '**/pom.xml'
+ - '**/requirements.txt'
+ - '**/*trivy*'
 
 # Declare default permissions as nothing.
 permissions: {}
@@ -11,6 +23,8 @@ jobs:
  build:
  name: Build
  runs-on: ubuntu-20.04
+ permissions:
+ security-events: write
  steps:
  - name: Checkout code
  uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

README.md

@@ -5,6 +5,7 @@
 [![Build](https://github.com/daos-stack/daos/actions/workflows/ci2.yml/badge.svg)](https://github.com/daos-stack/daos/actions/workflows/ci2.yml)
 [![Codespell](https://github.com/daos-stack/daos/actions/workflows/spelling.yml/badge.svg)](https://github.com/daos-stack/daos/actions/workflows/spelling.yml)
 [![Doxygen](https://github.com/daos-stack/daos/actions/workflows/doxygen.yml/badge.svg)](https://github.com/daos-stack/daos/actions/workflows/doxygen.yml)
+[![Trivy scan](https://github.com/daos-stack/daos/actions/workflows/trivy.yml/badge.svg)](https://github.com/daos-stack/daos/actions/workflows/trivy.yml)
 
 <a href="https://docs.daos.io/">
 <img src="https://avatars.githubusercontent.com/u/20561043?s=400&u=db7cd0ada987ba59c21c3de5f9e7cffba73c3325&v=4" width="200" height="200">

utils/trivy/trivy.yaml

@@ -1,6 +1,5 @@
 cache:
- backend: fs
- clear: false
+ backend: memory
  dir:
  redis:
  ca: ""