integrate blackduck and update sonarqube properties

[nikhil2611]

Description

This pull request introduces a new GitHub Actions workflow stub for CI checks on the main branch and adds a SonarQube configuration file for Ruby projects. These changes help standardize CI processes and enable automated code quality analysis.

Continuous Integration Workflow:

• Added .github/workflows/ci-main-pull-request-stub.yml as a reusable stub to invoke a centralized GitHub Actions workflow for CI checks on pull requests and pushes to main, develop, and release/** branches. This includes settings for security scans, SAST/SCA, SBOM generation, and more, with extensive configuration options and secret management.

Code Quality and Analysis:

• Updated sonar-project.properties to configure SonarQube for Ruby projects, specifying project metadata, source and test directories, language settings, and exclusion rules, facilitating automated static analysis and code quality reporting.

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)
• Chore (non-breaking change that does not add functionality or fix an issue)

Checklist:

• I have read the CONTRIBUTING document.
• I have run the pre-merge tests locally and they pass.
• I have updated the documentation accordingly.
• I have added tests to cover my changes.
• If Gemfile.lock has changed, I have used --conservative to do it and included the full output in the Description above.
• All new and existing tests passed.
• All commits have been signed-off for the Developer Certificate of Origin.

[sonarqube-for-infrastructure-prod]

Quality Gate passed

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube