Compliance controls should show success/failed based on scan completion regardless of pipeline status

Problem

The compliance framework is not displaying the correct control compliance status in some scenarios. Specifically:

• Compliance controls currently only show success/failed on successfully run pipelines (default branch only)
• Even when SAST, Secret, and Container scans are executed successfully, the compliance framework can incorrectly mark these controls as failing if the overall pipeline fails
• This creates confusion for users who expect the compliance status to reflect whether security scans ran and completed, not whether the entire pipeline passed

Current Behavior

• Compliance controls scan every 12 hours
• Scanner controls require the project to have a passing pipeline on the default branch
• If the pipeline fails (even with successful security scans), controls show as failing

Desired Behavior

Users would like to see:

Success/failed controls based solely on scan completion - regardless of overall pipeline status