This is a follow up on packit/packit#2371 (reply in thread)

We should add two separate configuration options to cause CI to fail on scan failures and new findings:

• fail_ci_on_scan_failure should cause CI to become red if OSH scan fails.
• fail_ci_on_new_findings should cause CI to become red on new findings.

Both of these options should be kept false by default. Because there may be issues with buildroot that can cause a scan to fail, or there may be large amount of false positives for certain projects.