omit kubectl binary in build trivy scans

.github/workflows/build-and-publish.yml

@@ -47,13 +47,15 @@ jobs:
           exit-code: 1
           format: 'sarif'
           output: 'trivy-results-root.sarif'
+          skip-files: /usr/local/bin/kubectl
       - name: Run Trivy Vulnerability Scanner for Non-Root Image
         uses: aquasecurity/trivy-action@master
         with:
           image-ref: 'ghcr.io/groundnuty/k8s-wait-for:no-root-latest'
           exit-code: 1
           format: 'sarif'
           output: 'trivy-results-non-root.sarif'
+          skip-files: /usr/local/bin/kubectl
       # just upload root scan results
       - name: Upload Trivy Scan Results to GitHub Security Tab
         uses: github/codeql-action/upload-sarif@v2