update reporting

Author: tylertitsworth

.github/workflows/container-ci.yaml

@@ -151,14 +151,7 @@ jobs:
     - name: Cleanup
       if: always()
       run: docker rmi -f ${{ secrets.REGISTRY }}/${{ secrets.REPO }}:${{ matrix.container }}
-    - uses: actions/upload-artifact@v4
-      if: ${{ github.repository != 'intel/ai-containers' }}
-      with:
-        name: ${{ matrix.container }}-scan
-        path: '${{ matrix.container }}-scan.sarif'
-        overwrite: true
     - uses: github/codeql-action/upload-sarif@v3
-      if: ${{ github.repository == 'intel/ai-containers' }}
       with:
         sarif_file: '${{ matrix.container }}-scan.sarif'
         ####################################################################################################

.github/workflows/dependency-review.yaml

@@ -29,6 +29,8 @@ concurrency:
 jobs:
   dependency-review:
     runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
     steps:
       - uses: actions/checkout@v4
       - uses: actions/dependency-review-action@v4

.github/workflows/gitleaks.yaml

@@ -32,3 +32,6 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.ACTION_TOKEN }}
           GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE}}
+      - uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: 'gitleaks-results.sarif'