Only run Trivy against Dockerfile changes

As the Trivy run is scheduled via cron, we should only run in addition to that if the Dockerfile itself is changed.

.github/workflows/trivy-analysis.yml

@@ -2,10 +2,11 @@ name: Build and scan container for vulnerabilities with Trivy
 
 on:
   push:
-    branches: [ main ]
+    paths:
+    - 'Dockerfile'
   pull_request:
-    # The branches below must be a subset of the branches above
+    paths:
-    branches: [ main ]
+    - 'Dockerfile'
   schedule:
     - cron: '22 14 * * 0'