Add docker.sock mount

[Bakkym]

Added docker.sock mount according to recommendations in trivy documentation

[CLAassistant]

All committers have signed the CLA.

[georg-jung]

Due to the staleness of this repo and the corresponding extension, I decided to fork it. I don't plan to invest in really developing this further, but I will probably update it from time to time and accept PRs. For the time beeing, my forked extension is available here and includes the following improvements:

• Yours: Mount docker.sock to scan docker images from a containerized trivy instance.
• Update obsolete usage of --security-checks to --scanners.
• Mount a consistent cache dir so that multiple runs using docker only download the vulnerability db once.
• Use a recent version of trivy if not using the trivy docker image.
  • Due to the other changes above it should be possible to just use the docker-based execution in most cases, which always automatically uses the latest trivy version and does not require updates to this extension.
• It can be installed in parallel to the official trivy extension.
• This is a drop-in replacement, just change - task: trivy@1 to - task: trivy-contrib@1 after installing this extension.