The source project of this merge request has been removed.
allow trivy vuln type to be configurable via env
Currently, the vulnerability type is configured in the trivy command as os. This works. However, it doesn't allow it to be configured in case you'd like to scan os,library, which is the default for trivy. Therefore, this MR simply plumbs through the TRIVY_VULN_TYPE so it can be passed in the environment to override the default. The default is kept as os to prevent changing the current functionality.