🧪 Integrate Zizmor checks into GHA CI/CD 🌈

This linter guards against common insecure setups in GitHub Actions
and Workflows. It is authored and maintained by a member of the PyPA,
contributor to PyPI, former employee of the Trail Of Bits.

Ref: https://zizmor.sh

Author: webknjaz

.github/workflows/ci.yml

@@ -450,3 +450,11 @@ jobs:
         with:
           name: awx-collection-integration-coverage-html
           path: ~/.ansible/collections/ansible_collections/awx/awx/tests/output/reports/coverage
+
+  zizmor:
+    name: 🌈 zizmor
+    permissions:
+      security-events: write
+
+    # yamllint disable-line rule:line-length
+    uses: zizmorcore/workflow/.github/workflows/reusable-zizmor.yml@3bb5e95068d0f44b6d2f3f7e91379bed1d2f96a8