fix: uploading trivy scan

.github/workflows/security-terraform.yaml

@@ -11,9 +11,18 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - name: Setup Trivy
+      - name: Scan Terraform
         uses: aquasecurity/trivy-action@master
+        with:
+          scan-type: "config"
+          hide-progress: true
+          format: "sarif"
+          output: "trivy-results.sarif"
+          exit-code: "1"
+          ignore-unfixed: true
+          severity: "CRITICAL,HIGH"
 
-      - name: Scan Terraform
-        run: |
-          find infra/terrform -type d -exec trivy config --severity HIGH,CRITICAL --exit-code 1 --format table {} \;
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v2
+        with:
+          sarif_file: "trivy-results.sarif"