Add documentation and security-testing sections

Co-authored-by: Pranshu Srivastava <[email protected]>

Author: dalehenries

SECURITY-INSIGHTS.yml

@@ -32,3 +32,16 @@ dependencies:
   dependencies-lists:
     - https://github.com/kubernetes/kube-state-metrics/blob/main/go.mod
     - https://github.com/kubernetes/kube-state-metrics/blob/main/Dockerfile
+documentation:
+    - https://github.com/kubernetes/kube-state-metrics/tree/main/docs
+security-testing:
+- tool-type: dast
+  tool-name: govulncheck
+  tool-version: latest
+  tool-url: https://go.googlesource.com/vuln
+  tool-rulesets:
+  - built-in
+  integration:
+    ci: true
+  comment: |
+    Detects vulnerabilities as a result of the affected call-paths being invoked directly in the repository, while reducing false positives by ignoring dormant call-paths for package dependencies.