docker-trivy job exits with code 1 if any vulnerability is found

Describe the bug

docker-trivy job exists with code 1 if any vulnerability is found, this causes issues as Gitlab doesn't show the security reports for failed jobs in the security dashboard.

Expected behavior

There should be a way to control whether docker-trivy job fails upon vulnerability findings. Ideally it should not fail as the main task is to publish the reports to Gitlab which fails for failed jobs, there is no point of saving the report as artifacts:container_scanning if it can't be published to the security dashboard

Actual behavior

docker-trivy fails when there are any vulnerabilities found and the container_scanning report is not published to gitlab security dashboard.

Logs and/or screenshots

This is the line that causes this issue : https://gitlab.com/to-be-continuous/docker/-/blob/bdd5249bb106f5d49c3459f2c3126a361b1959dd/templates/gitlab-ci-docker.yml#L1321

Context & Configuration

Link to a project, pipeline or job facing the bug: (please provide one if possible)

The issue was reproduced using:

• Version of the template: to-be-continuous/docker/gitlab-ci-docker@6.1
• GitLab server(s): Self managed Gitlab instance, version : v18.4.2-ee

Here is the .gitlab-ci.yml file:

# Add your .gitlab-ci.yml here, if applicable and useful.
include:
    - component: "$CI_SERVER_FQDN/to-be-continuous/docker/gitlab-ci-docker@6.1"
      inputs:
        kaniko-image: "test"
        build-args: test        
        hadolint-disabled: true
        healthcheck-disabled: true
        sbom-disabled: true
        file: $DOCKERFILE
        prod-publish-strategy: "auto"
        snapshot-image: "$CI_REGISTRY_IMAGE${IMAGE_SUFFIX}:${TAG_VERSION}"
        context-path: "${CONTEXT_PATH}"