feat(ci/cd): Add scanning for M365 Image and Terraform Config

[jacdavi]

🗣 Description

• Adds GitHub action to scan the M365 image on pushes to main
• Adds GitHub action to scan Terraform on any push/pr

💭 Motivation and context

• This will allow us to better maintain our image if vulnerabilities are found
• This will allow us to identify any Terraform security issues in PRs

🧪 Testing

• Have been testing actions on branch and confirmed they show up in GitHub scan reports. Not sure if they will block PRs at the moment

✅ Pre-approval checklist

• This PR has an informative and human-readable title.
• PR targets the correct parent branch (e.g., main or release-name) for merge.
• Changes are limited to a single goal - eschew scope creep!
• Changes are sized such that they do not touch excessive number of files.
• All future TODOs are captured in issues, which are referenced in code comments.
• Related issues these changes resolve are linked preferably via closing keywords.
• All relevant repo and/or project documentation updated to reflect these changes.
• All automated checks (e.g., linting, static analysis, unit/smoke tests) passed.

✅ Post-merge checklist

• Feature branch deleted after merge to clean up repository.
• Verified that all checks pass on parent branch (e.g., main or release-name) after merge.

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.