Add issue_type filter for issues in graphql

What does this MR do?

This adds field and type to Issue when using GraphQL to allow users to query for Issues by issue_type.

I've made this an array input to allow users to query for Issues of more than one type at a time.

We do not have a default type for this, and so all issues will be returned when it is not specified.

Example request + response:

Request:

{
  project(fullPath: "root/autodevops-deploy") {
    issues(issueTypes: [INCIDENT]) {
      nodes {
        id
        title
        issueType
      }
    }
  }
}

Response:

{
  "data": {
    "project": {
      "issues": {
        "nodes": [
          {
            "id": "gid://gitlab/Issue/451",
            "title": "Gitaly is down on server001",
            "issueType": "INCIDENT"
          }
        ]
      }
    }
  }
}

For database review: Issue.with_issue_type:

Issue.with_issue_type(:incident)
=> Issue Load (0.7ms)  SELECT "issues".* FROM "issues" WHERE "issues"."issue_type" = $1  [["issue_type", 1]]

explain SELECT "issues".* FROM "issues" WHERE "issues"."issue_type" = 1

Index Scan using index_issues_on_incident_issue_type on public.issues  (cost=0.12..1.64 rows=1 width=1248) (actual time=0.005..0.005 rows=0 loops=1)
   Buffers: shared hit=1

Using gitlab-org/gitlab:

Query & Plan

explain SELECT “issues”.* FROM “issues” WHERE (
      issues.confidential IS NOT TRUE
      OR (issues.confidential = TRUE
        AND (issues.author_id = 4002669
          OR EXISTS (SELECT TRUE FROM issue_assignees WHERE user_id = 4002669 AND issue_id = issues.id)
          OR EXISTS (SELECT 1 FROM “project_authorizations” WHERE “project_authorizations”.“user_id” = 4002669 AND (project_authorizations.project_id = issues.project_id) AND (project_authorizations.access_level >= 20))))) AND “issues”.“project_id” = 278964 AND “issues”.“issue_type” = 1 ORDER BY “issues”.“id” DESC



Sort  (cost=8.70..8.71 rows=1 width=1249) (actual time=235.682..235.682 rows=0 loops=1)
   Sort Key: issues.id DESC
   Sort Method: quicksort  Memory: 25kB
   Buffers: shared hit=4 read=59 dirtied=24
   I/O Timings: read=189.237
   ->  Index Scan using index_issues_on_incident_issue_type on public.issues  (cost=0.12..8.69 rows=1 width=1249) (actual time=235.605..235.605 rows=0 loops=1)
         Filter: ((issues.project_id = 278964) AND ((issues.confidential IS NOT TRUE) OR (issues.confidential AND ((issues.author_id = 4002669) OR (alternatives: SubPlan 1 or hashed SubPlan 2) OR (alternatives: SubPlan 3 or hashed SubPlan 4)))))
         Rows Removed by Filter: 27
         Buffers: shared hit=1 read=59 dirtied=24
         I/O Timings: read=189.237
         SubPlan 1
           ->  Index Only Scan using index_issue_assignees_on_issue_id_and_user_id on public.issue_assignees  (cost=0.43..3.45 rows=1 width=0) (actual time=0.000..0.000 rows=0 loops=0)
                 Index Cond: ((issue_assignees.issue_id = issues.id) AND (issue_assignees.user_id = 4002669))
                 Heap Fetches: 0
         SubPlan 2
           ->  Index Scan using index_issue_assignees_on_user_id on public.issue_assignees issue_assignees_1  (cost=0.43..85.21 rows=85 width=4) (actual time=0.000..0.000 rows=0 loops=0)
                 Index Cond: (issue_assignees_1.user_id = 4002669)
         SubPlan 3
           ->  Index Only Scan using index_project_authorizations_on_user_id_project_id_access_level on public.project_authorizations  (cost=0.57..3.59 rows=1 width=0) (actual time=0.000..0.000 rows=0 loops=0)
                 Index Cond: ((project_authorizations.user_id = 4002669) AND (project_authorizations.project_id = issues.project_id) AND (project_authorizations.access_level >= 20))
                 Heap Fetches: 0
         SubPlan 4
           ->  Index Only Scan using index_project_authorizations_on_user_id_project_id_access_level on public.project_authorizations project_authorizations_1  (cost=0.57..357.73 rows=1296 width=4) (actual time=0.000..0.000 rows=0 loops=0)
                 Index Cond: ((project_authorizations_1.user_id = 4002669) AND (project_authorizations_1.access_level >= 20))
                 Heap Fetches: 0

Screenshots

Does this MR meet the acceptance criteria?

Conformity

• Changelog entry
• Documentation (if required)
• Code review guidelines
• Merge request performance guidelines
• Style guides
• Database guides
• [-] Separation of EE specific content

Availability and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
• Tested in all supported browsers
• Informed Infrastructure department of a default or new setting change, if applicable per definition of done

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

• Label as security and @ mention @gitlab-com/gl-security/appsec
• The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
• Security reports checked/validated by a reviewer from the AppSec team

Related to #232405 (closed)