Draft: Copy all sast-rules files into final image

What does this MR do?

This MR changes the series of cp dist/ONE-SPECIFIC-FILE /rules invocations into a single cp -r.

This corrects a problem where some rules that have been added to sast-rules were not being added to the analyzer, and hence not scanned.

By inspecting the code I realized that the cp calls omitted:

• gitlab/gitlab_ee_java.yml
• lgpl-cc/gitlab_lgpl_cc_java.yml
• lgpl-cc/gitlab_lgpl_cc_javascript.yml
• lgpl-cc/gitlab_lgpl_cc_python.yml

The analyzer image has:

% docker run --rm -it registry.gitlab.com/security-products/semgrep:5 sh
/ # ls -1 /rules
bandit.yml
brakeman.yml
eslint.yml
find_sec_bugs.yml
find_sec_bugs_kotlin.yml
find_sec_bugs_scala.yml
flawfinder.yml
gosec.yml
mobsf.yml
nodejs_scan.yml
phpcs_security_audit.yml
security_code_scan.yml

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests updated/added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer