CSPL-4372: Enable triggering workflows from forks #2728

	name: Prodsec Workflow
	permissions:
	contents: read
	packages: write
	pull-requests: write
	on:
	# See .github/README.md for PR testing strategy documentation
	pull_request_target:
	branches:
	- 'develop'
	paths-ignore:
	- 'docs/**'
	- '*.md'
	pull_request:
	# Commented to enable PR testing before merging to main
	# TODO: Uncomment after merge
	# branches-ignore:
	# - 'develop'
	paths-ignore:
	- 'docs/**'
	- '*.md'
	push:
	branches:
	- main
	- develop
	paths-ignore:
	- 'docs/**'
	- '*.md'
	jobs:
	approval-gate:
	uses: ./.github/workflows/approval-gate.yml
	semgrep:
	needs: approval-gate
	name: Semgrep Scanner
	runs-on: ubuntu-24.04
	env:
	SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
	container:
	image: returntocorp/semgrep
	steps:
	- uses: actions/checkout@v6
	with:
	ref: ${{ needs.approval-gate.outputs.commit-sha }}
	- run: semgrep ci
	FOSSA-scanner:
	needs: approval-gate
	runs-on: ubuntu-latest
	env:
	SPLUNK_ENTERPRISE_IMAGE: ${{ secrets.SPLUNK_ENTERPRISE_IMAGE }}
	SPLUNK_OPERATOR_IMAGE_NAME: splunk/splunk-operator
	ECR_REPOSITORY: ${{ secrets.ECR_REPOSITORY }}
	S3_REGION: ${{ secrets.AWS_DEFAULT_REGION }}
	steps:
	- uses: actions/checkout@v6
	with:
	ref: ${{ needs.approval-gate.outputs.commit-sha }}
	- name: Dotenv Action
	id: dotenv
	uses: falti/dotenv-action@d4d12eaa0e1dd06d5bdc3d7af3bf4c8c93cb5359
	- name: Run FOSSA Test
	uses: fossas/fossa-action@main
	with:
	api-key: ${{secrets.FOSSA_API_TOKEN}}

Provide feedback