Refactor CI workflow to integrate Trivy vulnerability scanning directly into the deployment job, removing redundant security scan job.

.github/workflows/e2e-testing.yml

@@ -35,17 +35,17 @@ jobs:
           echo "WEKAN_IMAGE_TAG=$TAG" >> $GITHUB_ENV
 
       - name: Install Trivy
-          run: |
+        run: |
             sudo apt-get update
             sudo apt-get install -y wget
             wget https://github.com/aquasecurity/trivy/releases/latest/download/trivy_0.50.0_Linux-64bit.deb
             sudo dpkg -i trivy_0.50.0_Linux-64bit.deb
 
       - name: Scan Wekan Docker image for vulnerabilities
-          env:
+        env:
             WEKAN_IMAGE_TAG: ${{ env.WEKAN_IMAGE_TAG }}
             DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
-          run: |
+        run: |
             docker pull $DOCKERHUB_USERNAME/wekan:$WEKAN_IMAGE_TAG
             trivy image $DOCKERHUB_USERNAME/wekan:$WEKAN_IMAGE_TAG || true
 
@@ -98,28 +98,6 @@ jobs:
             sudo docker compose pull
             sudo docker compose up -d
 
-    security-scan:
-    needs: deploy
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v4
-
-      - name: Install Trivy
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y wget
-          wget https://github.com/aquasecurity/trivy/releases/latest/download/trivy_0.50.0_Linux-64bit.deb
-          sudo dpkg -i trivy_0.50.0_Linux-64bit.deb
-
-      - name: Scan Wekan Docker image for vulnerabilities
-        env:
-          WEKAN_IMAGE_TAG: ${{ needs.deploy.outputs.wekan_image_tag }}
-          DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }}
-        run: |
-          docker pull $DOCKERHUB_USERNAME/wekan:$WEKAN_IMAGE_TAG
-          trivy image $DOCKERHUB_USERNAME/wekan:$WEKAN_IMAGE_TAG || true
-
   API-tests:
     needs: deploy
     runs-on: ubuntu-latest