Secret Scanning Alerts migration - update to new location types

[theztefan]

PR implements #1305

• Did you write/update appropriate tests
• Release notes updated (if appropriate)
• Appropriate logging output
• Issue linked
• Docs updated (or issue created)
• New package licenses are added to ThirdPartyNotices.txt (if applicable)

Summary of code changes

• Updated related models src/Octoshift/Models/GithubSecretScanningAlert.cs
  • GithubSecretScanningAlert to include resolution comment
  • GithubSecretScanningAlertLocation to include types of location and related info
• Updated src/Octoshift/Services/GithubApi.cs to work with new model definition
  • to populate new fields objects when fetching alerts
  • to include resolution_comment when updating alert
• Refactored src/Octoshift/Services/SecretScanningAlertService.cs in regards to matching the locations of alerts criteria to include the new location types; and the algorithm for matching alerts between source and target repositories.
  Instead of iterating thru all alerts in a list to match an alert from source and target we now use dictionary for the lookup. We use this lookup to match all locations on all alerts; The criteria for matching alerts follows the similar structure as before but included couple of guards/pre-flight checks to further speed up the matching process. Performance optimization has benefits when migrating repositories with big number of alerts.

[github-actions]

Unit Test Results

866 tests   866 ✅  21s ⏱️
  1 suites    0 💤
  1 files      0 ❌

Results for commit 8e88dd9.

♻️ This comment has been updated with latest results.

[ArinGhazarian]

While I am not super familiar with secret scanning, the code changes looks good. My main concern is the logic changes-do we have sufficient unit test coverage for them?

[theztefan]

Thanks for reviewing and for your suggestions @ArinGhazarian! I've addressed the points made and and included another four tests to cover few more cases for the matching algorithms and couple of 'edge' cases for repos with no secret scanning alerts.
This set cover the use-cases I've encountered in practice plus some more. It didn't really change the code coverage but looking at other PRs the results we got seem to be rather standard. Let me know!

[ArinGhazarian]

The changes look good. I ran our INT tests against your branch and everything was green 🟢 Had to resolve a merge conflict for RELEASENOTES.md but once the CI is 🟢 will proceed with merging.

[github-actions]

Package	Line Rate	Branch Rate	Complexity	Health
Octoshift	87%	74%	1402	✔
ado2gh	84%	78%	631	✔
gei	81%	72%	592	✔
bbs2gh	82%	76%	669	✔
Summary	84% (7195 / 8539)	75% (1671 / 2230)	3294	✔