Add Semgrep as static analyser for CI

[JorTurFer]

Proposal

We are already using go linters and also CodeQL for detecting code smells and potential code vulnerabilities. Semgrep is another interesting tool that can help us with this job as it has some interesting rules that we can extend.

• Introduce analyser https://github.com/kedacore/keda/blob/main/.github/workflows/static-analysis.yml#L55 🤞
• Update docs https://github.com/kedacore/keda/blob/main/SECURITY.md?plain=1#L25
• Fix alerts

Use-Case

No response

Anything else?

No response