Nephio IaC scanning

Requirements

  1. [P0] Scan k8s manifests, terraform, dockerfiles for findings

  2. [P0] Should be able to create baseline and ignore findings in the base-charts (prerequisites)

  3. [P2] Should be possible to find unique findings across multiple files

  4. [P0] Should be possible to periodically report the findings to the SIG-Automation

  5. [P0] Fail the PR if the changes causes a deviation in the baseline