Secret Scanning Alerts migration - update to new location types

[theztefan]

Our Secret Scanning solution has expanded to search for secrets in other GitHub repository contents than only git history. We need to include the new location types when migration secret scanning alerts between repositories.

The /repos/{owner}/{repo}/secret-scanning/alerts/{alert_number}/locations REST API endpoint response gives us good overview of locations that we need to consider and match on. Current location types:

"commit",
"wiki_commit",
"issue_title",
"issue_body",
"issue_comment",
"discussion_title",
"discussion_body",
"discussion_comment",
"pull_request_title",
"pull_request_body",
"pull_request_comment",
"pull_request_review",
"pull_request_review_comment"

Furthermore, when migrating Secret Scanning alerts, currently the tool only migrates the state but not the resolution_comment. Given this information might include evidence (or pointers to) for auditing purposes, we should be keeping it when migrating as well.

Todo

• Update GitHubSecretScanningAlert model with fields related to new location types and comments
• Update GitHubApi service to populate all new fields for new location types and comment
• Update SecretScanningAlertService logic to match on new types (current matching criteria)
• Review/adapt/add tests
• Update RELEASENOTES.md

Dependencies

n/a