Update secrets analyzer to emit leaked secret

Problem to solve

As a user, I want the secrets analyzer to emit the secret which has been leaked as part of its report.

User experience goal

Proposal

1. Add issue.RawSourceCodeExtract field to support secrets exposing relevant tokens gitlab-org/security-products/analyzers/common!126 (merged)
2. Bump security-report-schema with new SAST field gitlab-org/security-products/security-report-schemas!52 (merged)
3. Remap secrets offender field to issue.raw_source_code_extract gitlab-org/security-products/analyzers/secrets!79 (merged)

Permissions and Security

No change to permissions. Part of the assumed risk with this work is potentially providing more attack surface by exposing the detected secrets within the report artifacts. This was considered not significant for a couple reasons:

1. Job Artifact permissions should remain restricted as-is, assuming our standard permission model
2. While not explicitly including the secret currently, the security reports are already clear evidence of RED classified data and should be assumed to contain confidential data
3. The secrets are already leaked within the repository itself. This remains unchanged with this modification.

Documentation

1. Update security-report-schema with new field
2. Consider updating security integration docs with new field

Availability & Testing

1. Update integration tests projects
2. Ensure field is available to rails during parsing

What is the type of buyer?

GitLab Ultimate

Links / references