Set up BCIERS apps for OWASP Zap scan

[marcellmueller]

Blocked by #2283 as scanning so many more containers will exacerbate the rate limiting errors

Describe the task

We should set up our BCIERS apps so they can be scanned for common vulnerabilities using https://www.zaproxy.org/ Zap scan. We already have it running in CI for Registration 1.

Now that we have the BCIERS apps running in CI for e2e this will be a lot simpler and the work on this could be reused to run all apps concurrently for e2e tests if we had cross-app workflows to test.

Acceptance Criteria

• [ ] Create a new docker-compose file that runs all apps concurrently
• [ ] Add new steps to our OWASP Zap job in CI to scan each app

Additional context

• Add any other context about the task here.
• Or here

[patrickisaac]

Good topic for next DevOps meeting