chore: bump up trivy to v0.57.0

[afdesk]

Description

This PR updates dependencies related on Trivy 0.57.0 and fixes some vulnerabilities inside these ones.

Notes:

• Support NVD CVSS V4.0 Schema was added in Trivy DB: feat(vulnsrc/nvd): add CVSS v4.0 trivy-db#414.

• controller-runtime v0.19.0 contains a breaking change - a check for duplicate controller names (⚠️ Validate controller names are unique kubernetes-sigs/controller-runtime#2902). It's disabled for this PR and should be disabled for tests.
  More details: incorrect check for duplicate controller names kubernetes-sigs/controller-runtime#2937

• Now using build-in Rego policies is disabled by default, useEmbeddedRegoPolicies is enabled. It allows to decrease downloads from ghcr.io (the single source for trivy-checks)

• Trivy-operator uses mirror.gcr.io registry instead of ghcr.io by default for some available OCI artifacts (trivy-db, trivy-java-db).

Before:

trivy rootfs .
2024-10-29T17:43:58+06:00	INFO	[vuln] Vulnerability scanning is enabled
2024-10-29T17:43:58+06:00	INFO	[secret] Secret scanning is enabled
2024-10-29T17:43:58+06:00	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-10-29T17:43:58+06:00	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.56/docs/scanner/secret#recommendation for faster secret detection
2024-10-29T17:43:58+06:00	INFO	Number of language-specific files	num=1
2024-10-29T17:43:58+06:00	INFO	[gobinary] Detecting vulnerabilities...

to (gobinary)

Total: 3 (UNKNOWN: 0, LOW: 1, MEDIUM: 1, HIGH: 0, CRITICAL: 1)

┌──────────────────────────────────┬─────────────────────┬──────────┬────────┬──────────────────────┬─────────────────────────────────┬───────────────────────────────────────────────────────────┐
│             Library              │    Vulnerability    │ Severity │ Status │  Installed Version   │          Fixed Version          │                           Title                           │
├──────────────────────────────────┼─────────────────────┼──────────┼────────┼──────────────────────┼─────────────────────────────────┼───────────────────────────────────────────────────────────┤
│ github.com/docker/docker         │ CVE-2024-41110      │ CRITICAL │ fixed  │ v26.1.3+incompatible │ 23.0.15, 26.1.5, 27.1.1, 25.0.6 │ moby: Authz zero length regression                        │
│                                  │                     │          │        │                      │                                 │ https://avd.aquasec.com/nvd/cve-2024-41110                │
├──────────────────────────────────┼─────────────────────┼──────────┤        ├──────────────────────┼─────────────────────────────────┼───────────────────────────────────────────────────────────┤
│ github.com/open-policy-agent/opa │ CVE-2024-8260       │ MEDIUM   │        │ v0.65.0              │ 0.68.0                          │ opa: OPA SMB Force-Authentication                         │
│                                  │                     │          │        │                      │                                 │ https://avd.aquasec.com/nvd/cve-2024-8260                 │
├──────────────────────────────────┼─────────────────────┼──────────┤        ├──────────────────────┼─────────────────────────────────┼───────────────────────────────────────────────────────────┤
│ google.golang.org/grpc           │ GHSA-xr7q-jx4m-x55m │ LOW      │        │ v1.64.0              │ 1.64.1                          │ Private tokens could appear in logs if context containing │
│                                  │                     │          │        │                      │                                 │ gRPC metadata is...                                       │
│                                  │                     │          │        │                      │                                 │ https://github.com/advisories/GHSA-xr7q-jx4m-x55m         │
└──────────────────────────────────┴─────────────────────┴──────────┴────────┴──────────────────────┴─────────────────────────────────┴───────────────────────────────────────────────────────────┘

After

 trivy rootfs .                                           
2024-10-29T17:40:31+06:00	INFO	[vuln] Vulnerability scanning is enabled
2024-10-29T17:40:31+06:00	INFO	[secret] Secret scanning is enabled
2024-10-29T17:40:31+06:00	INFO	[secret] If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-10-29T17:40:31+06:00	INFO	[secret] Please see also https://aquasecurity.github.io/trivy/v0.56/docs/scanner/secret#recommendation for faster secret detection
2024-10-29T17:40:31+06:00	INFO	Number of language-specific files	num=1
2024-10-29T17:40:31+06:00	INFO	[gobinary] Detecting vulnerabilities...

Checklist

• I've read the guidelines for contributing to this repository.
• I've added tests that prove my fix is effective or that my feature works.
• I've updated the documentation with the relevant information (if needed).
• I've added usage information (if the PR introduces new options)
• I've included a "before" and "after" example to the description (if the PR is a user interface change).

[afdesk]

@simar7 @nikpivkin there were some changes (renaming) in iac/rego methods.
Could you check please that I update them correctly here? thanks!