As a DevOps Engineer, you are responsible for implementing a CI/CD pipeline that enforces a policy requiring container images to be scanned for vulnerabilities before they are deployed to Google Kubernetes Engine (GKE). Which of the following tools and strategies should you adopt to achieve this goal?