Add container security scanning

cdivitotawela commented 3 months ago

PR description

Container security scanning workflow added. This runs on schedule everyday. Also possible to run on-demand for a given image tag. This replace the CircleCI job running container scan daily. Schedule job only runs for the tag develop.

Fixed Issue(s)

fixes #7154

Thanks for sending a pull request! Have you done the following?

[x] Checked out our contribution guidelines?
[ ] Considered documentation and added the doc-change-required label to this PR if updates are required.
[ ] Considered the changelog and included an update if required.
[ ] For database changes (e.g. KeyValueSegmentIdentifier) considered compatibility and performed forwards and backwards compatibility tests

Locally, you can run these tests to catch failures early:

[ ] unit tests: ./gradlew build
[ ] acceptance tests: ./gradlew acceptanceTest
[ ] integration tests: ./gradlew integrationTest
[ ] reference tests: ./gradlew ethereum:referenceTests:referenceTests

macfarla commented 3 months ago

should this PR also remove the CI job, or will we do that as a separate task @cdivitotawela (if the latter we should not close the issue with this PR)

jflo commented 3 months ago

fixes #3927 and #7126

hyperledger / besu