Add snyk container test check to CI

[crenshaw-dev]

Summary

I think the CI checks should include snyk container test to check for high-severity issues.

Motivation

The Snyk check that is currently in the Argo CD CI has two shortcomings:

1. It checks only for new issues, rather than setting a threshold (we want a threshold of "no 'High' severity issues")
2. It does not generate a report

Proposal

snyk container test --org=argoproj --json-file-output=/tmp/snyk-container.json --severity-threshold=high --file=Dockerfile quay.io/argoproj/argocd:whatever-tag-was-just-built

If snyk container test fails due to high-severity vulnerabilities, investigate those vulnerabilities and either resolve the
vulnerable path (upgrade, use a different library, etc.) or add them to the .snyk file in the root of the repo if they
should be ignored.

If the build is part of a release, use snyk-to-html to build a report and add it
to the release assets.

See crenshaw-dev/actions-test
for an example.