Add Static Scanning Action

Add an Action that handle Static Scan results.  Notionally it will grab all of the dismissed and open alerts for a ref and produce a new SARIF file based on those.  For the dismissed ones, I’d use the dismissed_reason in the JSON response from GitHub.  We will place the file in the `S3_ASSETS` folder to be uploaded to the S3 bucket.