Post-process leaked credentials on all branches, not just the default branch

What

We have resolved the race-condition in this issue. This solution provides a workable solution for token revocation, but ties the implementation to only the default branch.

While working on this MR, we got some suggestions related to using StoreFindingsMetadataService for token revocation. We can look into these suggestions and figure out whether this addresses all the requirements that we need for token revocation.

Implementation Plan

Utilize security_findings.finding_data attribute instead of vulnerability_findings.raw_metadata, the former should be present for all branches.

From a high level we will need to do the following:

1. Update the security_finding_data JSON schema to include raw_source_code_extract
2. Update Security::StoreFindingsService to persist raw_source_code_extract
3. Update ScanSecurityReportSecretsWorker to rely off security_findings.finding_data['raw_source_code_extract'] in place of vulnerability_findings
4. Trigger ScanSecurityReportSecretsWorker for all pipelines, not only default