Remove trufflehog dependency in the secrets analyzer

Summary

The secrets analyzer uses both Trufflehog and Gitleaks. Both of these scanners do the same thing in the context of the current implementation -- they do simple regex checks on rules defined by us. However as we build out features for the secrets analyzer (rule packs, customization, historic source code extraction, etc) we will need a scanner that supports these features. Gitleaks supports these features and more.

Additionally, removing a scanner will simplify the code base and reduce future tech debt.

Improvements

smaller secrets image size (no trufflehog dependency)
faster scans (no double scanning with two different scanners)
simplified and reduced codebase
committing to a scanner that is actively maintained
Trufflehog does not offer commit scan ranges which will be needed for https://gitlab.com/gitlab-org/gitlab/-/issues/36860

Risks

We will need to verify that the gitleaks scanner is picking up the same secrets as the trufflehog scanner.

Involved components

Removal of the trufflehog package
Removal of trufflehog install the dockerfile
Migrate trufflehog specific rules to gitleaks
Updated trufflehog reference in the docs

Edited Jul 09, 2020 by Thomas Woodham