Scheduled upload of Trivy tar files to AWS S3 buckets

In order to get our Container Scanning analyzer accepted into Iron Mountain, we need to ensure that it can be built without reaching out to the external internet. Currently, our image reaches out to download and install two external tar files as part of the image build process:

• https://github.com/aquasecurity/trivy-db/releases/latest/download/trivy-offline.db.tgz
• https://github.com/aquasecurity/trivy/releases/download/v0.18.1/trivy_0.18.1_Linux-64bit.tar.gz

We need to download these tar files on a daily basis and push them up to an S3 bucket that is accessible from the Iron Mountain environment. This has been done for other GitLab containers already, so we have a good template that we can follow. For reference, see the following links:

• https://gitlab.com/gitlab-org/build/CNG/-/blob/master/docs/build.md#offline-builds
• The CI pipeline calls this for releases: https://gitlab.com/gitlab-org/build/CNG/-/blob/master/build-scripts/ubi-offline/assets-release.sh#L50