ci: add osv-scanner workflow

[shahar-h]

What this PR does / why we need it:

• Added osv-scanner workflow in order to detect vulnerabilities in project dependencies.
  This tool was chosen in order to be aligned with OpenSSF scorecard, which also uses it behind the scenes to determine vulnerabilities score.
• The workflow is triggered on both PR and merge to main branch. When triggered from PR it only fails in case new vulnerabilities are introduced as part of the PR. See more details here.
• I fixed some of the detected vulnerabilities as part of this PR(let me know if you think this should be in a separate PR):
  • Updated sigs.k8s.io/controller-tools in tools/sec/controller-gen to v0.15.0.
  • Updated go version from 1.12 to 1.22.2 in site folder.
  • Updated github.com/bufbuild/buf to v1.31.0.
  • Updated google.golang.org/protobuf to v1.33.0
  • Updated sigs.k8s.io/controller-runtime/tools/setup-envtest to latest.
• There is a single active vulnerability which will be resolved with the next google.golang.org/grpc/cmd/protoc-gen-go-grpc release. See related issue.

Which issue(s) this PR fixes:

Fixes #3167

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[shahar-h]

/retest

[zirain]

LGTM

[guydc]

LGTM, thanks!

[arkodg]

LGTM thanks for bringing this in !