Add scan result policy to enforce security gates on merge requests

Becka Lippertrequested to merge
duo-edit-20260226-184606 into main

This merge request adds a scan result policy that enforces security gates on merge requests.

The policy includes:

  • Blocks merge requests with critical or high severity vulnerabilities
  • Requires approval for medium severity findings
  • Applies to SAST, dependency scanning, and container scanning results
  • Targets the main branch

This helps ensure that security vulnerabilities are reviewed and approved before merging code.

Merge request reports