added github actions flow

[OlegPhenomenon]

You did what?

• I added to Github Action the bundle-audit security check for gem vulnerabilities
• I added to Github Action a code security check with the brakeman static analyzer.
• I've added a test pass checker to Github Action

What did you do that for?

• To be aware of different vulnerabilities, dangerous code that might be vulnerable to attacks, and also to be sure that nothing is broken, because there are situations when you forget to run tests in your working environment.

Did you change anything else?

• Yes, I firstly updated the gems that bundle-audit pointed to
• I also added a check to the code where I use metaprogramming and the brakeman gem pointed out that this is unsafe
• I fixed some tests that were not working correctly
• I fixed some of the code where the tests were crashing
• I commented out a number of tests to check jobs queues, as there are issues with redis on staging and while everyone is on holiday, I decided to run jobs immediately rather than asynchronously.
• Added brakeman.ignore one warning which I think is safe. The thing is that he doesn't like that I use the :role attribute in the parameters and he thinks that because of that users can manipulate the access level, but :role in the context of my business logic applies to a normal contact, a typical entity that doesn't have the ability to influence the system in any way.

How to test?

• Overall, the system should work as far as tests go.
• However, I have made a number of changes to the code:
  • Check authorisation and access levels
  • Check how synchronisation of adding data from the registry to eedirekt works