do not merge - testing

[baltoiteodor]

Linked JIRA issue(s) - Required

https://lacework.atlassian.net/browse/COD-6201

Description

Migrated the GitHub Action from Lacework CLI-based scanner to a Docker-based unified scanner (lacework/codesec:latest).

Changes:

• Replaced CLI-based scanning with Docker image run via new codesecRun() function in src/util.ts
• Removed Lacework CLI installation and SCA component installation from action.yaml
• Removed macOS-specific steps (Docker not pre-installed on macOS runners)
• Updated artifact structure from root-level files to scan-results/{sca,iac}/ paths
• Added support for both SCA and IAC scanning in a single unified workflow

Potential Breaking changes:

• Requires Docker on the runner (use ubuntu-latest)
• Artifact paths changed from sca.sarif to scan-results/sca/sca-scan.sarif
• Removed macOS runner support

Tests and additional notes

Integration tests:

• Updated .github/workflows/integration-test.yml to use single ubuntu-latest runner
• Removed Java setup (no longer needed)
• Updated artifact name and path checks
• Run with: push to main or PR against main

Testing Action on WebGoat, using lacework UEDEMO prod credentials:
Scenario 1 - Only SCA originated violations: https://github.com/lacework-dev/WebGoat/pull/173
Scenario 2 - Only IaC originated violations: https://github.com/lacework-dev/WebGoat/pull/174
Scenario 3 - Combined violations: https://github.com/lacework-dev/WebGoat/pull/172

Notes:

• The generateUILink() function is not currently being used... will need to add some support to the docker image to include this.