[Exploration] Security policy approval description in merge request

Description

I believe the merge request approval policies are displaying this message regardless of the criteria defined 🤔 ... maybe this is controlled by Code Review for approvals in general, but if so, managing the description here to display the policy details would be more useful, .. and more accurate.

In this case, the policies are focused on MRs targeting the default branch, not any protected branch.

Implementation

We ensure the description updates based on the policy rules to be specific -- if targeting default branch, that should be updated in description for the hover state as well.
- backend update api to return target branch
- frontend update popover to use target branch
We could also make this pull in the user-provided description from the policy. I think we are missing a way for the policy creators to share any context they prefer and this could allow them to make the description as specific as they need.
- backend update api to return policy description
- frontend update popover to use description

Edited Feb 16, 2024 by Alexander Turinske