Black Duck integration and CI/SonarQube updates

[nikhil2611]

This pull request updates the CI workflow and SonarQube configuration.

Description

CI Workflow Updates:

• Added a new, feature-rich CI workflow stub for pull requests and pushes to the main branch.
• Includes checks such as TruffleHog, Trivy, BlackDuck, SonarQube, SBOM generation, and more.
• Provides documentation of inputs and secrets for easier setup and maintenance.

SonarQube Configuration Updates:

• Updated sonar.projectName for clearer project identification and added sonar.language for clearer project configuration.
• Added documentation, and improved configuration comments for clarity and maintainability

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Chore (non-breaking change that does not add functionality or fix an issue)

Checklist:

• I have read the CONTRIBUTING document.
• I have run the pre-merge tests locally and they pass.
• I have updated the documentation accordingly.
• I have added tests to cover my changes.
• If Gemfile.lock has changed, I have used --conservative to do it and included the full output in the Description above.
• All new and existing tests passed.
• All commits have been signed-off for the Developer Certificate of Origin.

[github-actions]

Simplecov Report

Covered	Threshold
93.45%	90%

[sonarqube-for-infrastructure-prod]

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube