feat: Enhanced Static Analysis with Domain-Specific Scanning (CORE-2068)

[robaone-redshelf]

Description:

This PR adds domain-specific scanning capabilities to the static analysis action, making it more flexible and efficient.

Ticket:

https://virdocs.atlassian.net/browse/CORE-2068

Changes: (complexity: low-medium)

• Added support for scanning specific domains using a JSON input format
• Updated the domains input parameter to be optional with a detailed description
• Added DOMAINS environment variable to the scan workflow step
• Maintained backward compatibility for existing workflows

Technical Details

• The domains input now accepts a JSON string in the format: {"include": [{"project": "domain1"}, {"project": "domain2"}]}
• When domains are specified, the scanner will only check the .github directories in the listed domains
• If no domains are specified, the scanner will check all domains (maintaining existing behavior)
• The domain '.' is automatically excluded from scanning

These changes allow for more targeted static analysis while maintaining compatibility with existing workflows.

Verification

• No action.yml files scanned when no domains are changed. See: https://github.com/VirdocsSoftware/practice-monorepo/actions/runs/14367214043/job/40282906172
• action.yml files scanned only for domains changed. See: https://github.com/VirdocsSoftware/practice-monorepo/actions/runs/14367286272/job/40283139342#step:3:94