chore(deps): Bump DavidAnson/markdownlint-cli2-action from 22 to 23 #32

	---
	name: 🕵️ Security Scanning

	on:
	push:
	branches:
	- main
	pull_request:
	branches:
	- main

	permissions:
	contents: read

	jobs:
	setup-matrix:
	runs-on: ubuntu-latest
	outputs:
	build_matrix: ${{ steps.set-build-matrix.outputs.build_matrix }}
	steps:
	- name: Source checkout
	uses: actions/checkout@v6

	- name: 'Setup yq'
	uses: dcarbone/install-yq-action@v1.3.1

	- id: set-build-matrix
	run: echo "build_matrix=$(bash matrix.sh build)" >> $GITHUB_OUTPUT

	scan_ci_container:
	name: 'Scan CI container'
	runs-on: ${{ matrix.runner }}
	permissions:
	actions: read
	contents: read
	security-events: write
	needs: setup-matrix
	strategy:
	matrix: ${{ fromJson(needs.setup-matrix.outputs.build_matrix) }}
	steps:
	- name: Checkout repository
	uses: actions/checkout@v6

	- name: Build CI container
	uses: docker/build-push-action@v7
	with:
	tags: 'ci/openbolt:${{ matrix.rubygem_openbolt }}'
	push: false
	file: Containerfile
	platforms: linux/${{ matrix.platform }}
	build-args: \|
	BASE_IMAGE=${{ matrix.base_image }}
	RUBYGEM_BUNDLER=${{ matrix.rubygem_bundler }}
	RUBYGEM_OPENBOLT=${{ matrix.rubygem_openbolt }}

	- name: Scan image with Anchore Grype
	uses: anchore/scan-action@v7
	id: scan
	with:
	image: 'ci/openbolt:${{ matrix.rubygem_openbolt }}'
	fail-build: false

	- name: Inspect action SARIF report
	run: jq . ${{ steps.scan.outputs.sarif }}

	- name: Upload Anchore scan SARIF report
	uses: github/codeql-action/upload-sarif@v4
	with:
	sarif_file: ${{ steps.scan.outputs.sarif }}

Provide feedback