Document performance-related troubleshooting steps for Advanced SAST

Advanced SAST sometimes can take a long time to scan. When this happens, the response action is not always clear.

We should proactively tell people how to seek support and what is likely to work (or not).

For example:

• When reporting a performance problem to support, please tell us what language you use, how the repo is structured, etc.
• Don't bother increasing CPUs too far because some aspects of scanning are single-threaded (verify how to say this)
• You can pre-filter to reduce scan time (explain how much/why/what is most helpful)
• If a scan is going past (say) 1 hour then it is probably not worth expanding further; rather, get in touch
• If you are trying to see if you can increase the allocated memory, then you need to both (1.) adjust the memory available to the runner, and (2.) configure the analyzer to use that additional memory
  • CI/CD variable: SAST_SCANNER_ALLOWED_CLI_OPTS = --max-memory 0
  • 0 means unlimited
  • If there is not enough memory, this can produce a situation with a lot of swap ... lots of IO is very slow and can make the scan almost endless.
  • If the customer has given a lot of memory to the runner without setting the --max-memory accordingly, this essentially has no effect—the additional memory of the runner will not be used.