add var.SEMGREP_NO_FAIL option

.github/workflows/cicd_comp_semgrep-phase.yml

@@ -56,6 +56,7 @@ jobs:
     runs-on: ubuntu-20.04
     env:
       SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
+      NO_FAIL: ${{ vars.SEMGREP_NO_FAIL || 'false' }}
     container:
       image: semgrep/semgrep
     # Skip any PR created by dependabot to avoid permission issues:
@@ -69,4 +70,8 @@ jobs:
       - name: Semgrep Scan
         run: |
           unzip -o dependency-tree.zip
-          semgrep ci
+          if [ "${NO_FAIL}" = "true" ]; then
+            semgrep ci || echo "Semgrep completed with errors, but continuing due to NO_FAIL=true"
+          else
+            semgrep ci
+          fi