BE: Update Security Policy Bot comments for warn mode messaging

Why are we doing this work

This backend implementation updates the Security Policy Bot comment system to provide appropriate messaging for warn mode policies. When policies are in warn mode, the bot comments should clearly communicate that violations are present but not blocking the merge request, and provide guidance on dismissal options for developers.

This enhances the user experience by providing clear, contextual messaging that differentiates between warn and enforce modes.

Relevant links

• Epic: &15552
• Related issue: #549766 (closed)
• MR workflow dependency: #561888 (closed)
• Service dependency: #561887 (closed)

Implementation

• Update Security Policy Bot comment templates for warn mode messaging
• Add contextual messaging that explains warn mode behavior to developers
• Include dismissal guidance and instructions in warn mode comments
• Differentiate comment styling and urgency between warn and enforce modes
• Add notification mechanisms for policy owners when violations occur in warn mode
• Update comment generation logic to handle mixed policy scenarios
• Ensure comments include relevant policy violation details and dismissal options

Technical notes

• Bot comments should clearly indicate when policies are in warn vs enforce mode
• Warn mode comments should be informational rather than blocking in tone
• Include actionable guidance for developers on how to dismiss violations
• Comments should link to relevant documentation and dismissal workflows
• Notification system should alert policy owners of warn mode violations
• Support for mixed scenarios where some policies warn and others enforce
• Comment templates should be configurable and maintainable
• Integration with existing bot comment infrastructure

Validation Steps

• Bot comments clearly differentiate between warn and enforce mode violations
• Warn mode comments include appropriate dismissal guidance and instructions
• Comment tone and styling appropriately reflects non-blocking nature of warn mode
• Policy owners receive notifications for warn mode violations as configured
• Mixed policy scenarios generate appropriate combined messaging
• Comments include relevant links to dismissal workflows and documentation
• Bot comment generation performance remains acceptable
• Existing bot comment functionality unaffected by changes