chore(COD-6868): docker copy compare dir instead of one file at a time

[baltoiteodor]

Linked JIRA issue(s)

https://lacework.atlassian.net/browse/COD-6868

Description

Fix noisy Error: Command failed with status 1 logs during compare mode when only a subset of
scanners is enabled (e.g. SCA only).

• Replaced 3 individual docker cp calls (each wrapped in try/catch) with a single docker cp
  of the entire compare/ directory, then verify locally which files were produced
• Previously, expected missing files (e.g. iac-compare.md when IAC is disabled) triggered
  callCommand's error() logging before the catch block could handle it gracefully
• No behavioral change — same files are copied, same validation that at least one output exists

Tests and additional notes

https://github.com/lacework-dev/WebGoat/actions/runs/24084748514?pr=173

[lacework-code-security]

Lacework Code Security

When a Pull Request in a repository is submitted, the Lacework FortiCNAPP runs scans on both the source and target branches and compares the results to identify any issues / vulnerabilities which will be introduced by the source branch.

3rd Party Vulnerabilities - Found 1 package(s) which introduces 2 new CVE(s) - Severity: 🛑 High

Expand Details

The Lacework FortiCNAPP’s Software Composition Analysis (SCA) tool identified the following vulnerabilities introduced through the 3rd-party packages / dependencies included in the source branch.

Package	Location	Vulnerabilities (CVEs)		Fix Version
		Direct	Transitive
@actions/artifact@2.3.2	package-lock.json#L5342-L5347 ./	-	🛑 High: 1 🟧 Medium: 1	Unknown
Expand Details Vulnerability ID Severity Dependency Direct / Transitive Fix Version CVE-2026-4800 🛑 High lodash@4.17.23 Transitive 4.18.0 CVE-2026-2950 🟧 Medium lodash@4.17.23 Transitive 4.18.0

---

For more information on adding exceptions for any of the finding above, please refer to the Leveraging the codesec.yaml file for exceptions guide