move scanning job to docker hub

.github/workflows/main.yml

@@ -35,34 +35,7 @@ jobs:
           echo "latest_version=`cat latest`" >> $GITHUB_OUTPUT
           echo "local_version=`cat local_version`" >> $GITHUB_OUTPUT
           echo "build=`cat build`" >> $GITHUB_OUTPUT
-  scan:
-    name: Scan
-    needs: checkTags
-    runs-on: "ubuntu-18.04"
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v2
-
-      - name: Build an image from Dockerfile
-        run: |
-          echo Latest Version = ${{ needs.checkTags.outputs.latest_version }}
-          echo Local Version = ${{ needs.checkTags.outputs.local_version }}
-          echo Build Status = ${{ needs.checkTags.outputs.build }}
-          docker build -t docker.io/richarvey/awscli:latest .
-
-      - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
-        with:
-          image-ref: 'docker.io/richarvey/awscli:latest'
           format: 'template'
-          template: '@/contrib/sarif.tpl'
-          output: 'trivy-results.sarif'
-          severity: 'CRITICAL'
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v1
-        with:
-          sarif_file: 'trivy-results.sarif'
   build:
     name: Build
     needs: checkTags