Remove secret_detection_default_branch job from Secret-Detection

Description

Let's remove secret_detection_default_build from the Secret Detection template. We can move the logic for determining when/how to run the secret detection jobs from rules to script. This should clear up some of the confusion that comes with having two different secret detection jobs.

This is a breaking change for %14.0

Related Issues

#263711 (closed)

Tasks

• In the Secret Detection vendored template, consolidate secret_detection_default_branch and secret_detection into one job, secret_detection. Move rule logic into script which will determine how the secret_detection job is ran (historic, on a branch, commits, etc).
• Update Secret Detection documentation

Release notes

Draft release notes