chore: migrate from `trivy` to `trivy image` (#355)

Signed-off-by: Anish Ramasekar <anish.ramasekar@gmail.com>

.pipelines/templates/scan-images.yaml

@@ -7,13 +7,13 @@ steps:
       ALL_LINUX_ARCH: amd64 # build amd64 only to speed up PR gate
       OUTPUT_TYPE: type=docker
   - script: |
-      wget https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION:-0.20.0}/trivy_${TRIVY_VERSION:-0.20.0}_Linux-64bit.tar.gz
-      tar zxvf trivy_${TRIVY_VERSION:-0.20.0}_Linux-64bit.tar.gz
+      wget https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION:-0.23.0}/trivy_${TRIVY_VERSION:-0.23.0}_Linux-64bit.tar.gz
+      tar zxvf trivy_${TRIVY_VERSION:-0.23.0}_Linux-64bit.tar.gz
       # show all vulnerabilities in the logs
       ./trivy image --reset
       for IMAGE_NAME in "proxy" "proxy-init" "webhook"; do
-        ./trivy "${REGISTRY}/${IMAGE_NAME}:${IMAGE_VERSION}-linux-amd64"
-        ./trivy --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL "${REGISTRY}/${IMAGE_NAME}:${IMAGE_VERSION}-linux-amd64" || exit 1
+        ./trivy image "${REGISTRY}/${IMAGE_NAME}:${IMAGE_VERSION}-linux-amd64"
+        ./trivy image --exit-code 1 --ignore-unfixed --severity MEDIUM,HIGH,CRITICAL "${REGISTRY}/${IMAGE_NAME}:${IMAGE_VERSION}-linux-amd64" || exit 1
       done
     displayName: Scan images
     env: