container scanning-INPLATFORM-306

Ticket description

The goal is to set up Qualys container scanning for IICS secure agent docker image, scan on a regular basis, and notify Teams if any vulnerabilities occur.

Change made

I have added check-qualys job at post stage by including the template in check-qualys repo and two variable to pull the docker image: CI_TOKEN, DOCKER_IMAGE.

previously questions (solved):

• to build at post or build stage, change the original manual job to: when:always / - only: a pipeline scheduled or on a merge_request
• don't know how to remove the original job in the template while still extends based on that
• post stage job set to be allow failure by default
• And currently no vulnerabilities found so I didn't include a .cveignore file.