Incorporate container image scanning and alerting for cert renewer and wpt server docker images

[jcscottiii]

Building and deploying a docker container comes with maintaining the security of the image over time.

This repository needs a way to scan, alert or create and issue.
Triggers could be on PR, push to main, and/or periodically

The risk by not doing this:

• Over time, vulnerabilities can arise and the deployed images can be at-risk for extended periods of time without knowing

Pros:

• For code that doesn't update often but is still used, it will force us to keep minor infra updates

example tool to scan (don't have to use this)