Add container scanning test to catch Trivy Java DB regressions

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Proposal

We should catch issues with the Trivy Java DB (like the one in #496660 (closed)) automatically. To do this we'll need to run a scan against a container with a Java application (in a .jar file), and CS_DISABLE_LANGUAGE_VULNERABILITY_SCAN set to false.

Links

Related to gitlab-org/security-products/analyzers/container-scanning!3077 (comment 2164702378)

Implementation plan

TODO