cicd: setup trivy scan and call gh-pages URL with results

[d-koppenhagen]

In order to demo and also scan the used dockerfile, we could make use of https://github.com/aquasecurity/trivy-action

[Morl99]

Unfortunately, using the actions artifacts does not seem to work, since the only way to download them is by using a zip file, and the explorer does not support zip files. See https://github.com/actions/upload-artifact?tab=readme-ov-file#zip-archives for documentation on this. Do you have any other ideas @d-koppenhagen or do we want to revert the changes from #527 and close this issue as won't fix?

[d-koppenhagen]

Ahhh... I remember, I stumbled over this.
Unfortunately there seems to be no way to get the raw artifacts.

I think we have three options:

1. upload the artifacts somewhere else.. wehrte? Probably a service where it's stored only temporarily is good enough (1d?)
2. accept this technical limit
3. add a UI feature which accepts a zip file and unzips it

[d-koppenhagen]

Candidates for (1):

• https://filebin.net/
• https://tmpfiles.org/ (60min limited)