ci: add scan workflow for image vulnerabilities

Author: esolitos

.github/workflows/scan.yml

@@ -0,0 +1,18 @@
+name: Scan
+
+on:
+  schedule:
+    - cron: "0 0 * * 0" # Weekly on Sundays at midnight
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  scan:
+    uses: vespa-engine/gh-actions/.github/workflows/mend.yml@marlon/feat/add-mend-scan-workflow
+    with:
+      mend-app-name: "vespa-engine"
+      scan-type: "image"
+      image-list: |
+        docker.io/vespaengine/vespa-build-almalinux-8:latest
+        docker.io/vespaengine/vespa-build-almalinux-9:latest