feat: add Infrastructure as Code (IaC) scanning support

[jasonouellet]

Summary

This PR adds support for Snyk Infrastructure as Code (IaC) scanning to the Azure Pipelines task, enabling users to scan IaC files such as Terraform, CloudFormation, Kubernetes manifests, and ARM templates for security misconfigurations.

Changes

New Features

• Added iac as a new test type option in the task configuration
• Support for snyk iac test command execution
• Added iac and iac test as valid commands for the command input
• IaC scans now support severity thresholds (low, medium, high, critical)
• IaC projects can be monitored using snyk monitor
• Target file specification for IaC configurations via targetFile parameter

Updated Components

• task.json: Added IaC to test type options and updated visibility rules for relevant parameters
• task-lib.ts: Added TestType.IAC enum value, severity threshold configuration, and valid command definitions
• index.ts: Updated runSnykTest to handle IaC test type
• test-task-args.ts: Updated test expectations to include new IaC commands
• README.md: Comprehensive documentation including IaC usage examples and updated parameter descriptions

Supported IaC Options

All Snyk CLI options for snyk iac test are supported via the additionalArguments parameter, including:

• --scan modes (resource-changes, deployment-analysis, full-scan)
• --var-file for Terraform variables
• --policy-path for custom policies
• --rules for custom rule sets
• --report for sharing results with Snyk
• And all other documented CLI flags

Testing

• All existing unit tests pass (88/88)
• Code adheres to ESLint and Prettier standards
• Updated test for valid command validation

Usage Example

- task: SnykSecurityScan@1
  inputs:
    serviceConnectionEndpoint: 'mySnykToken'
    testType: 'iac'
    severityThreshold: 'high'
    failOnIssues: true
    monitorWhen: 'always'

Documentation

• README.md updated with IaC examples and parameter descriptions
• All IaC-specific parameters are documented in the Task Parameters table

---

This proposal follows the project's conventions (Angular-style commits) and provides a clear and comprehensive description of the changes made.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[jasonouellet]

@danlucian, can you review this ?

[github-actions]

Your PR has not had any activity for 30 days. In 2 days I'll close it. Make some activity to remove this.

[github-actions]

Your PR has now been stale for 2 days. I'm closing it.