Move secret detection into its own vendored template

Problem to solve

As it stands today, secrets detection is enabled as part of the SAST vendored template. However, secret detection is a separate feature category and has an emerging roadmap. Keeping these two features coupled through the vendored template will be a limiting factor and we should move secret detection into its own vendored template sooner rather than later.

Intended users

• Rachel (Release Manager)
• Delaney (Development Team Lead)
• Sasha (Software Developer)
• Devon (DevOps Engineer)
• Sidney (Systems Administrator)
• Sam (Security Analyst)

Further details

Proposal

• Create a new vendored template dedicated to the secret detection feature category.
• Remove Secret Detection from the SAST vendored template.
• Create a new report type for secret detection
• Add Secret Detection vendored template to the AutoDevops Template
• Check how telemetry/usage ping works for tracking Security job usage and ensure it tracks this new secret template

Permissions and Security

Documentation

• New page likely at https://docs.gitlab.com/ee/user/application_security/secret_detection
• Move content from existing section to this page
• I expect we'll want to make edits that talk about the vendored template, and generally about how secret detection works.

Availability & Testing

• This is a breaking change. Previous users of the SAST vendored template will no longer get Secret Detection from that one include.
• Integration tests need to be updated.

What does success look like, and how can we measure that?

What is the type of buyer?

Links / references