🌱 Convert SAST check to probes

[AdamKorcz]

This PR rewrites the SAST check to 3 different probes. The SAST check before this change contained both creation of raw results and the evaluation part, so to convert it to probes, I've had to split it into raw results, probes and evaluation. As such, the SAST check was also missing testing - both whole unit tests and variety of input in existing tests - and I have added more tests.

Raw results

At a high level, the raw results will return a new struct called SASTData. This struct contains the following information for each probe:

CodeQL Probe:

• All CI workflows of the project that use CodeQL

Sonar Probe:

• All CI workflows of the project that use Sonar

Probe that checks whether SAST runs in every commit:

• A list of all commits. Each commit is marked either Compliant or not Compliant (in its Compliant field).

Probes

The probes are fairly straight forward. For an explanation of each, I refer to the implementation in the def.yml file of the respective probes.

Checks and evalutation

checks/sast.go contains nothing majorly different from other migrated checks.

Important changes to evaluation:

• I have removed the existing debug statements. As such, this migration removes the nonCompliantPRs from here.
• The major part of the evaluation is kept as is from the existing SAST check. The evaluation does two high-level things:
  • It first calculates the sastScore, codeQlScore, sonarScore. The existing check does that from the raw results directly, whereas the updated uses the results from the probes to assign values to these 3 variables.
  • It then uses the values of sastScore, codeQlScore, sonarScore to create a check score. This part is kept as-is from the existing check.

---

What kind of change does this PR introduce?

(Is it a bug fix, feature, docs update, something else?)

• PR title follows the guidelines defined in our pull request documentation

What is the current behavior?

What is the new behavior (if this is a feature change)?**

• Tests for the changes have been added (for bug fixes/features)

Which issue(s) this PR fixes

Special notes for your reviewer

Does this PR introduce a user-facing change?

For user-facing changes, please add a concise, human-readable release note to
the release-note

(In particular, describe what changes users might need to make in their
application as a result of this pull request.)

[codecov]

Codecov Report

Merging #3571 (9b5df47) into main (70c8e05) will decrease coverage by 5.92%.
Report is 2 commits behind head on main.
The diff coverage is 73.34%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3571      +/-   ##
==========================================
- Coverage   76.13%   70.22%   -5.92%     
==========================================
  Files         199      206       +7     
  Lines       13738    14003     +265     
==========================================
- Hits        10460     9834     -626     
- Misses       2668     3590     +922     
+ Partials      610      579      -31