Add InfraScan CI workflow for IaC security and cost auditing

[igor-soldev]

This PR introduces a new GitHub Actions workflow integrating InfraScan (soldevelo/infrascan@v1.0.8) into the redirectioneaza repository.

The workflow runs automatically on every push and pull_request, performs a comprehensive Infrastructure as Code (IaC) scan, generates an HTML report, and uploads it as a GitHub Actions artifact for later review.

🔎 Web report:
https://infrascan.soldevelo.com/report/redirectioneaza-1833d9b7-ef48-4b94-840a-4fa94a9e4152

The scan evaluates infrastructure definitions across:

• Infrastructure security posture
• Cost optimization opportunities
• IaC best practices and configuration quality
• Container image vulnerabilities

---

Why

The purpose of this change is to introduce continuous Infrastructure as Code security and cost auditing directly into the CI/CD pipeline.

InfraScan helps identify:

• Infrastructure misconfigurations before deployment
• Cost-saving opportunities
• Security and compliance issues in infrastructure code
• Vulnerabilities in container images

By running these checks automatically on every pull request and push, teams gain immediate visibility into infrastructure health and can address issues earlier in the development lifecycle.

The current scan results show a generally healthy infrastructure baseline, with relatively few high-severity findings. However, the scan also identified a container image with high-severity vulnerabilities and several IaC security findings, demonstrating the value of continuous automated validation.

---

Key Scan Results (InfraScan)

• Repository: redirectioneaza
• Branch: main
• Scanned: 2026-06-19 06:57:05 UTC
• Resources scanned: 85

Overall Infrastructure Health

• Grade: B (90.4%)

• Total findings: 91

  • 3 High severity
  • 87 Medium severity
  • 1 Low severity

Cost Optimization

• Grade: B (93.8%)

• Findings: 11

  • 2 High impact cost optimization opportunities
  • 8 Medium
  • 1 Low

IaC Security

• Grade: C (82.4%)
• Findings: 79 (Medium severity)
• Indicates opportunities to improve infrastructure security configuration and adherence to best practices.

Container Security

• Grade: B (94.9%)
• Affected images: 1
• High severity vulnerabilities: 1

Recommendations

• Address the container image with high-severity vulnerabilities by updating the image or patching affected packages.
• Review the identified IaC security findings to improve overall security posture.
• Optimize the 2 high-impact cost findings to reduce infrastructure expenses.

---

Value Provided by InfraScan

• Continuous Infrastructure as Code auditing in CI/CD
• Early detection of security and configuration issues
• Container vulnerability scanning alongside IaC analysis
• Identification of infrastructure cost-saving opportunities
• Consistent infrastructure health scoring across repositories
• Actionable remediation guidance directly from scan reports