chore(COD-2736): remove the remaining SAST-related code

.github/workflows/integration-test.yml

@@ -39,7 +39,6 @@ jobs:
         uses: ./../action
         with:
           target: push
-          tools: sca,sast
           sources: ${{ github.workspace }}
           debug: true
       - name: Check run succeeded

action.yaml

@@ -78,18 +78,13 @@ runs:
         echo "LACEWORK_CONTEXT_ID=$(echo $LACEWORK_CONTEXT_ID)" >> $GITHUB_ENV
         echo "LACEWORK_ACTION_REF=$(echo $LACEWORK_ACTION_REF)" >> $GITHUB_ENV
         SCA_VERSION=0.1.2
-        SAST_VERSION=0.0.71
         curl https://raw.githubusercontent.com/lacework/go-sdk/main/cli/install.sh | bash
         KEY="$(date +'%Y-%m-%d')"
         KEY="$KEY-$RUNNER_OS-$RUNNER_ARCH"
         if [[ $TOOLS == *"sca"* ]]; then
           KEY="$KEY-sca-$SCA_VERSION"
           echo "sca-version=$SCA_VERSION" >> $GITHUB_OUTPUT
         fi
-        if [[ $TOOLS == *"sast"* ]]; then
-          KEY="$KEY-sast-$SAST_VERSION"
-          echo "sast-version=$SAST_VERSION" >> $GITHUB_OUTPUT
-        fi
         HASH="$(echo $KEY | md5sum | head -c 8)"
         echo "cache-key=$HASH" >> $GITHUB_OUTPUT
     - id: cache
@@ -104,9 +99,6 @@ runs:
         if [[ "${{ steps.init.outputs.sca-version }}" != "" ]]; then
           lacework --noninteractive -a "${LW_ACCOUNT_NAME}" -k "${LW_API_KEY}" -s "${LW_API_SECRET}" component install sca --version "${{ steps.init.outputs.sca-version }}"
         fi
-        if [[ "${{ steps.init.outputs.sast-version }}" != "" ]]; then
-          lacework --noninteractive -a "${LW_ACCOUNT_NAME}" -k "${LW_API_KEY}" -s "${LW_API_SECRET}" component install sast --version "${{ steps.init.outputs.sast-version }}"
-        fi
         echo "::endgroup::"
         echo "::group::Printing Lacework CLI information"
         lacework --noninteractive -a "${LW_ACCOUNT_NAME}" -k "${LW_API_KEY}" -s "${LW_API_SECRET}" version

src/index.ts

@@ -24,7 +24,6 @@ import {
 import { downloadKeys, trustedKeys } from './keys'
 
 const scaSarifReport = 'scaReport/output.sarif'
-const sastReport = 'sast.sarif'
 const scaReport = 'sca.sarif'
 const scaLWJSONReport = 'scaReport/output-lw.json'
 const scaDir = 'scaReport'
@@ -52,32 +51,6 @@ async function runAnalysis() {
   appendFileSync(getRequiredEnvVariable('GITHUB_ENV'), `LACEWORK_TOOLS=${tools.join(',')}\n`)
   const indirectDeps = getInput('eval-indirect-dependencies')
   const toUpload: string[] = []
-  if (tools.includes('sast') && !tools.includes('sca')) {
-    var args = [
-      'sca',
-      'scan',
-      '.',
-      '--save-results',
-      '-o',
-      scaDir,
-      '--formats',
-      'sarif,lw-json',
-      '--deployment',
-      'ci',
-      '--fast',
-      '--keyring',
-      trustedKeys,
-      '--no-eval',
-      '--no-license',
-      '--no-scr',
-    ]
-    if (debug()) {
-      args.push('--debug')
-    }
-    await callLaceworkCli(...args)
-    await printResults('sast', sastReport)
-    toUpload.push(sastReport)
-  }
   if (tools.includes('sca')) {
     await downloadKeys()
     // command to print both sarif and lwjson formats
@@ -145,13 +118,6 @@ async function displayResults() {
       `results-new/${scaReport}`
     )
   }
-  if (existsSync(`results-old/${sastReport}`) && existsSync(`results-new/${sastReport}`)) {
-    issuesByTool['sast'] = await compareResults(
-      'sast',
-      `results-old/${sastReport}`,
-      `results-new/${sastReport}`
-    )
-  }
   const commentStart = Date.now()
   if (Object.values(issuesByTool).some((x) => x.length > 0) && getInput('token').length > 0) {
     info('Posting comment to GitHub PR as there were new issues introduced:')