fix(ci): use correct image tag for Trivy scan

The vulnerability scan was attempting to scan :latest tag instead of the
actual built image tagged with the commit SHA. This caused the scan to
fail with 'trivy-results.sarif not found' error.

Author: taymoor89

.github/workflows/build-push-greenhouse-image.yaml

@@ -145,7 +145,7 @@ jobs:
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
         with:
-          image-ref: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:latest
+          image-ref: ${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ env.IMAGE_NAME }}:${{ github.sha }}
           ignore-unfixed: true
           format: "sarif"
           output: "trivy-results.sarif"