Describe the solution you'd like
We intentionally filter out Pebble, vulnerabilities <HIGH,CRITICAL, and whatever CVEs are in .trivyignore. However, this is our passing rule, and not really what the CI should spit out as the vulnerability assessment.
GOAL: keep the current logic, but make sure to also scan the rocks without any filters, uploading the corresponding report as the CI artifact
Describe the solution you'd like
We intentionally filter out Pebble, vulnerabilities <HIGH,CRITICAL, and whatever CVEs are in .trivyignore. However, this is our passing rule, and not really what the CI should spit out as the vulnerability assessment.
GOAL: keep the current logic, but make sure to also scan the rocks without any filters, uploading the corresponding report as the CI artifact