ci(workflows): more improvements

.github/workflows/semgrep-analysis.yml

@@ -41,13 +41,13 @@ jobs:
       - uses: actions/checkout@v4
       # Run the "semgrep ci" command on the command line of the docker image.
       - run: semgrep ci --sarif --output=semgrep.sarif
+        continue-on-error: true
         env:
           # Connect to Semgrep Cloud Platform through your SEMGREP_APP_TOKEN.
           # Generate a token from Semgrep Cloud Platform > Settings
           # and add it to your GitHub secrets.
           SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
           SEMGREP_DEPLOYMENT_ID: ${{ secrets.SEMGREP_DEPLOYMENT_ID }}
-          SEMGREP_SUPPRESS_ERRORS: true
 
       - name: Secure Code Warrior
         uses: SecureCodeWarrior/github-action-add-sarif-contextual-training@v1

.github/workflows/validate-codeowners.yml

@@ -32,8 +32,8 @@ jobs:
           #        so we will not be using it for now
           # duppaterns: Reports if codeowners file contains duplicated lines
           # syntax: Reports if file contains an invalid syntax definition
-          checks: files,duppatterns,syntax
-          experimental_checks: notowned
+          checks: files,owners,duppatterns,syntax
+          experimental_checks: notowned,avoid-shadowing
 
           # GitHub access token is required only if the `owners` check is enabled
-          #github_access_token: "${{ secrets.OWNERS_VALIDATOR_PAC }}"
+          github_access_token: ${{ secrets.GITHUB_TOKEN }}

CODEOWNERS

@@ -64,5 +64,4 @@ charts @awlayton
 .github            @abalmos
 .github/workflows/validate-codeowners.yml @aaron97neu
 .github/workflows/build-and-push-services.yml @abalmos @awlayton
-.github/workflows/codeql-analysis.yml @awlayton
 .github/workflows/semgrep-analysis.yml @awlayton