fod sast-scan start: Add --in-progress-action and --entitlement-preference options

[gilseara]

Summary

• Adds --in-progress-action and --entitlement-preference options to fcli fod sast-scan start, exposing the start-scan-advanced endpoint's inProgressScanActionType parameter (DoNotStartScan | CancelScanInProgress | Queue) and entitlementPreferenceType parameter.
• Backward compatible: when neither new option is passed, the command continues to use start-scan-with-defaults (no behavior change for existing callers, including the bundled fod ci action).
• When the advanced path is taken and --in-progress-action is not explicitly set, fcli defaults it to Queue instead of FoD's DoNotStartScan.
• Sends the API-correct value CancelInProgressScan over the wire (FoD's start-scan-advanced rejects CancelScanInProgress); the existing shared InProgressScanActionType enum keeps its current name so DAST behavior is unaffected — translation happens only at the SAST command boundary.

Test plan

• fcli fod sast-scan start --rel <app:rel> -f <pkg.zip> — verify it still hits start-scan-with-defaults (no regression).
• fcli fod sast-scan start --rel <app:rel> -f <pkg.zip> --in-progress-action=Queue — verify request goes to start-scan-advanced with inProgressScanActionType=Queue.
• fcli fod sast-scan start ... --in-progress-action=CancelScanInProgress — verify the API receives CancelInProgressScan and the scan-in-progress is cancelled.
• fcli fod sast-scan start ... --in-progress-action=DoNotStartScan — verify FoD rejects/skips when a scan is already running.
• fcli fod sast-scan start ... --entitlement-preference=SubscriptionOnly — verify the entitlement preference is honored and --in-progress-action silently defaults to Queue.
• fcli fod sast-scan start --help — verify both new options show with the correct help text and completion candidates.
• fcli fod dast-scan start --help — confirm DAST still shows CancelScanInProgress as a valid value (unchanged).

[rsenden]

@kadraman Can you please review this enhancement? For example, does it make sense to dynamically switch between start-scan-advanced and start-scan-with-defaults, or would it be better to just always use start-scan-advanced? Probably good to also have Copilot do a review, but first would like your feedback on general approach.

[Copilot]

Pull request overview

This PR extends the FoD SAST scan start command (fcli fod sast-scan start) to expose additional FoD start-scan-advanced capabilities while keeping existing callers backward-compatible by continuing to use start-scan-with-defaults unless one of the new options is provided.

Changes:

• Adds --in-progress-action and --entitlement-preference options to fod sast-scan start.
• Introduces a conditional “advanced” execution path that defaults --in-progress-action to Queue when advanced mode is triggered.
• Adjusts the SAST advanced-start helper to allow sending API-correct inProgressScanActionType values (notably CancelInProgressScan) as a raw string.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.

File	Description
fcli-core/fcli-fod/src/main/resources/com/fortify/cli/fod/i18n/FoDMessages.properties	Adds help text for the new --in-progress-action option.
fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/sast_scan/cli/cmd/FoDSastScanStartCommand.java	Adds new CLI options and routes to advanced vs defaults start endpoints based on option usage (with API-value translation for cancel).
fcli-core/fcli-fod/src/main/java/com/fortify/cli/fod/_common/scan/helper/sast/FoDScanSastHelper.java	Updates advanced start request construction to pass inProgressScanActionType through without enum parsing.

[kadraman]

The in-progress-action DoNotStarScan is exiting with FcliException if a scan is in progress - this is the API response and not very good - but shouldn't we intercept and display a nicer message here:

>java -jar .\build\libs\fcli.jar fod sast-scan start -f ..\fortify-demo-app\fortifypackage.zip --release "Fortify Demo App:klee2_dev" --in-progress-action DoNotStartScan
FcliSimpleException: Error uploading file
        at com.fortify.cli.fod._common.rest.helper.FoDFileTransferHelper.uploadChunked(FoDFileTransferHelper.java:101)
Caused by: com.fortify.cli.common.rest.unirest.UnexpectedHttpResponseException: 
Request: POST https://api.emea.fortify.com/api/v3/releases/191706/static-scans/start-scan-advanced?entitlementPreferenceType=SubscriptionFirstThenSingleScan&purchaseEntitlement=false&remdiationScanPreferenceType=NonRemediationScanOnly&inProgressScanActionType=DoNotStartScan&scanTool=fcli&scanToolVersion=0.20260610.141015&scanMethodType=Other&fragNo=0&offset=0:   
  Reason: HTTP 422 Unprocessable Entity
  Body:   
    {"errors":[{"errorCode":2001,"message":"Cannot start scan as another scan is in progress"}]}
  ----
        at com.fortify.cli.common.rest.unirest.config.UnirestUnexpectedHttpResponseConfigurer$UnexpectedHttpResponseInterceptor.onResponse(UnirestUnexpectedHttpResponseConfigurer.java:36)
        at kong.unirest.CompoundInterceptor.lambda$onResponse$1(CompoundInterceptor.java:48)