Add blossom github action

[wendell-hom]

Support build trigger to launch jobs in blossom

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

.github/workflows/blossom-ci.yml

Package	Version	License	Issue Type
NVIDIA/blossom-action	main	Null	Unknown License

Denied Licenses: GPL-1.0-or-later, LGPL-2.0-or-later

OpenSSF Scorecard

Package	Version	Score	Details
actions/NVIDIA/blossom-action	main	Unknown	Unknown
actions/actions/checkout	2.*.*	🟢 6.5	Details Check Score Reason Maintained 🟢 3 4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3 Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 7 3 existing vulnerabilities detected

Scanned Files

• .github/workflows/blossom-ci.yml

[mocsharp]

Approved for testing integration with Blossom.