🔧 Fix Code Scanning Upload Error

✅ Replaced Code Scanning Upload:
- Removed github/codeql-action/upload-sarif (requires Code Scanning)
- Added actions/upload-artifact for Trivy results
- SARIF report saved as artifact (30 days retention)
- No more 'Code scanning not enabled' errors

🎯 Benefits:
- Trivy results still available as downloadable artifact
- No dependency on GitHub Advanced Security
- Clean CI/CD pipeline without errors
- Security reports accessible via Actions tab

.github/workflows/ci-cd.yml

@@ -71,11 +71,13 @@ jobs:
           skip-version-check: true
           scanners: 'vuln,secret,config'
 
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
+      - name: Upload Trivy scan results as artifact
+        uses: actions/upload-artifact@v4
         if: always()
         with:
-          sarif_file: 'trivy-results.sarif'
+          name: trivy-security-report
+          path: trivy-results.sarif
+          retention-days: 30
 
   # Build and push Docker image
   build: