[TT-15942]: Integrate Sentinel One CNS scanner workflow (#7529)

This adds a github action workflow that will scan the code base for
vulnerabilities, secrets, misconfigurations etc. on every pull request.
These can be manged based on centrally set up rules on the S1 console.

Related Issue: TT-15942
---------

Signed-off-by: Asutosh <[email protected]>

Author: asutosh

.github/workflows/s1-cns-scans.yml

@@ -0,0 +1,21 @@
+---
+name: SentinelOne CNS Scan
+
+on:  # yamllint disable-line rule:truthy
+  pull_request:
+    types: [opened, reopened, synchronize, ready_for_review]
+    branches: [master]
+
+jobs:
+  s1_scanner:
+    uses: TykTechnologies/github-actions/.github/workflows/s1-cns-scan.yml@main
+    permissions:
+      contents: read
+    with:
+      iac_enabled: false
+      tag: service:vulnscan
+      scope_type: ACCOUNT
+    secrets:
+      S1_API_TOKEN: ${{ secrets.S1_API_TOKEN }}
+      CONSOLE_URL: ${{ secrets.S1_CONSOLE_URL }}
+      SCOPE_ID: ${{ secrets.S1_SCOPE_ID }}