feat: add SCM report test support [ZEN-668]

[novalex]

• Follows CONTRIBUTING rules

What does this PR do?

Implements support for running Code tests against existing SCM projects and uploading/reporting results under them.
AKA CLI Uploads Phase 2, AKA CLI-triggered SCM Tests.

Follows the existing --report flow logic, with some distinctions:

• It is triggered by providing --project-id and --commit-id instead of --project-name as used by the files flow. That is because the files flow can create or fetch a CLI project, whereas this one relies on an SCM Code project existing.
• It calls analyzeScmProject from code-client, instead of analyzeFolders. That is because it triggers an SCM analysis in our backend, and does not need to upload local files first like the file-based flow.

Otherwise the interfaces and handling logic are very similar.

Where should the reviewer start?

How should this be manually tested?

export SNYK_CODE_CLIENT_PROXY_URL=https://deeproxy.dev.snyk.io
export SNYK_API=https://dev.snyk.io/api
export SNYK_TOKEN=<SNYK_API_KEY>
cd <TEST_PROJECT_PATH>
<CLI_PATH>/bin/snyk code test --report --project-id=<SNYK_PROJECT_ID> --commit-id=$(git rev-parse HEAD)

Make sure --commit-id is a valid commit available on the remote SCM your Snyk project is linked to.

Any background context you want to provide?

What are the relevant tickets?

https://snyksec.atlassian.net/browse/ZEN-668

Screenshots

Additional questions

[patricia-v]

LGTM 🙌

Once again, I'll leave the final approval to @michelkaporin 😁

[michelkaporin]

Leaving the codebase in a better state, great work! :)