FoD: Review and improve commands for configuring & starting scans

[rsenden]

Current code is difficult to understand/maintain, thereby (potentially) causing bugs like trying to load Mobile assessment types when configuring regular SAST scans. Also based on some incorrect assumptions, like assessment types having predefined, fixed names.

[kadraman]

Based on email discussions:

• Remove --entitlement-id from scan start-sast and related commands
• Remove --purchase-entitlement from scan start-sast and related commands
• Remove --entitlement-preference from scan start-sast and related commands
• Only options on start-xxxx commands will therefore be ReleaseMixin, --notes, --file, --remediation-preference, --in-progress-action and --start-date for DAST?
• All, configuration of assessment types, entitlements etc will be done through scan-config setup-sast and related commands (when we have the functionality!)
• The scan start-sast command will check to see if --entitlement-id is set and fail if not (as currently)

From testing, entitlement-id is automatically set when "Assessment Type" and “Entitlement” (Static/Subscription) is set from the UI so the scan-config setup-sast needs to mimic this. This requires the following:

• Mandatory parameters for --technology-stack, --language-level --audit-preference, --assessment-type and --entitlement-frequency
• This information is used be FoDScanHelper.getEntitlementToUse to find and set the entitlement-id to use - we need to confirm this logic is correct.
• To allow custom Assessment Types, change --assessment-type to be a String on scan-config setup-sast and check it is valid for supplied --entitlement-frequency.