Update the other workflow file

.github/workflows/nightly-jobs.yaml

@@ -48,18 +48,26 @@ jobs:
         with:
           inlineScript: az config set bicep.use_binary_from_path=false && az bicep build -f deploy/aca/infra/main.bicep --stdout
 
-      - name: Run Microsoft Security DevOps Analysis
-        uses: microsoft/security-devops-action@v1
-        id: msdo
-        continue-on-error: true
+      - name: Run PSRule analysis on App Service deployment
+        uses: microsoft/[email protected]
         with:
-          tools: templateanalyzer
+          modules: PSRule.Rules.Azure
+          baseline: Azure.Pillar.Security
+          inputPath: deploy/app-service/infra/*.test.bicep
+          outputFormat: Sarif
+          outputPath: reports/ps-rule-results.sarif
+          summary: true
+        continue-on-error: true
+
+        env:
+          PSRULE_CONFIGURATION_AZURE_BICEP_FILE_EXPANSION: 'true'
+          PSRULE_CONFIGURATION_AZURE_BICEP_FILE_EXPANSION_TIMEOUT: '30'
 
-      - name: Upload alerts to Security tab
-        uses: github/codeql-action/upload-sarif@v2
+      - name: Upload results to security tab
+        uses: github/codeql-action/upload-sarif@v3
         if: github.repository == 'Azure-Samples/azure-search-openai-demo-java'
         with:
-          sarif_file: ${{ steps.msdo.outputs.sarifFile }}
+          sarif_file: reports/ps-rule-results.sarif
 
   frontend:
     name: "Front-end validation"