Configure SAST, dependency scanning, and secret detection for step-runner

Overview

Configure security scanning for the step-runner project to ensure code quality and identify potential vulnerabilities early in the development process.

Requirements

Enable the following GitLab security scanning features:

• SAST (Static Application Security Testing) - Analyze source code for potential security vulnerabilities
• Dependency Scanning - Identify vulnerabilities in project dependencies
• Secret Detection - Detect secrets and credentials accidentally committed to the repository

Acceptance Criteria

• SAST is configured and running in CI/CD pipelines
• Dependency scanning is configured and running in CI/CD pipelines
• Secret detection is configured and running in CI/CD pipelines
• Security scan results are visible in merge requests
• Security dashboard shows scan results for the project