Add downstream FP-reduction smoketests for SAST analyzer releases

Proposal

As an action item from the recent rollback of Category:SAST due to an aggressive rule, we should consider adding some downstream smoketests to be triggered on tag pipelines of new releases.

These smoketests should essentially run against a predefined group of test projects to ensure reports generated do not exceed a predetermined threshold (5-10% report size)