Switch Clair to Grype

Signed-off-by: Tommy <contact@tommytran.io>

.github/workflows/build.yml

@@ -88,24 +88,23 @@ jobs:
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'trivy-results.sarif'
-          category: trivy
+          category: 'trivy'
 
-  clair:
-    name: Scan current image with Clair
+  grype:
+    name: Scan current image with Grype
     needs: build
     permissions:
       security-events: write
     runs-on: "ubuntu-latest"
     steps:
-      - name: Run Clair vulnerability scanner
-        uses: quay/clair-action@main
+      - name: Run Grype vulnerability scanner
+        uses: anchore/scan-action@v3
+        id: grype
         with:
-          image-ref: 'ghcr.io/tommytran732/matrix.to'
-          format: sarif
-          output: clair_results.sarif
+          image: "ghcr.io/tommytran732/matrix.to"
 
-      - name: Upload Trivy scan results to GitHub Security tab
+      - name: Upload Grype scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: 'clair_results.sarif'
-          category: clair
+          sarif_file: ${{ steps.scan.outputs.sarif }}
+          category: grype