Rename security workflows to sec_*

.github/workflows/sec_sast_flawfinder.yml

@@ -0,0 +1,40 @@
+---
+name: Flawfinder Scan
+
+on:
+  push:
+    branches: [master, develop]
+    paths-ignore:
+      - "**.md"
+      - "version.properties"
+
+jobs:
+  flawfinder:
+      runs-on: ubuntu-latest
+      name: Flawfinder
+
+      steps:
+        # step 1
+        - name: clone application source code
+          uses: actions/checkout@v3
+
+        # step 2
+        - name: flawfinder_scan
+          uses: david-a-wheeler/flawfinder@2.0.19
+          with:
+            arguments: '--sarif ./'
+            output: 'flawfinder_report.sarif'
+
+        # step 3
+        - name: save report as pipeline artifact
+          uses: actions/upload-artifact@v3
+          with:
+            name: flawfinder_report.sarif
+            path: flawfinder_report.sarif
+
+        # step 4
+        - name: publish code scanning alerts
+          uses: github/codeql-action/upload-sarif@v2
+          with:
+            sarif_file: flawfinder_report.sarif
+            category: flawfinder