[fix][ci] Disable trivy-action

[lhotari]

Motivation

The aquasecurity/trivy-action repository was compromised in a supply chain attack where an attacker force-pushed malicious payloads to 75 out of 76 version tags. Version v0.35.0 is the first safe release after the incident.

References:

• aquasecurity/trivy-action is compromised aquasecurity/trivy-action#541
• https://github.com/aquasecurity/trivy-action/releases/tag/v0.35.0
• https://github.com/aquasecurity/trivy/discussions/10265

Modifications

• Disable aquasecurity/trivy-action in the CI workflow.
  • We need to get the action allowed by ASF in the https://github.com/apache/infrastructure-actions repository before we can enable it again. PR: Add aquasecurity/trivy-action infrastructure-actions#546
    • Approved actions: https://github.com/apache/infrastructure-actions/blob/main/approved_patterns.yml
• Replace docker/setup-qemu-action@v3 with docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 which is approved. ASF restricted all actions to the approved ones after the trivy-action incident.

Documentation

• doc-not-needed

[lhotari]

/pulsarbot rerun-failure-checks

[lhotari]

I created apache/infrastructure-actions#546 to allow aquasecurity/trivy-action@57a97c7 since we'd like to use it later.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 72.71%. Comparing base (a3ae705) to head (add4aee).
⚠️ Report is 16 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff              @@
##             master   #25373      +/-   ##
============================================
+ Coverage     72.52%   72.71%   +0.19%     
+ Complexity    34275    33863     -412     
============================================
  Files          1927     1954      +27     
  Lines        154339   154792     +453     
  Branches      17683    17731      +48     
============================================
+ Hits         111935   112563     +628     
+ Misses        33389    33196     -193     
- Partials       9015     9033      +18     

Flag	Coverage Δ
inttests	25.86% <ø> (-0.18%)	⬇️
systests	22.45% <ø> (?)
unittests	73.70% <ø> (-0.05%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 173 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.