Add paths/paths-ignore to CLI and Actions

[cmboling]

Delegate alerts based on paths specified to particular Jira backlogs. For instance, some engineering teams split Action workflows for a monorepo to speed up run time, whether those workflows are used for building, linting and/or running security scanners. In this particular case, We want to fetch code scanning alerts from a monorepo and take subsets of them to post to particular Jira backlogs. We want to take the familiar concept of paths and paths-ignore to this integration.

Take this as an example:

test-repo => MAIN_JIRA_BOARD
|
| -/some_path_1/** => JIRA_BOARD_FOR_SOME_PATH_1
|
| -/some_path_2/** => JIRA_BOARD_FOR_SOME_PATH_2
|
| -/some_path_3/** => JIRA_BOARD_FOR_SOME_PATH_3

• MAIN_JIRA_BOARD will have all alerts except any paths we define for either paths and/or paths-ignore
  • For paths-ignore, exclude specific subdirs meant for JIRA_BOARD_FOR_SOME_PATH_1 and similar
  • For paths, include all paths except paths meant for JIRA_BOARD_FOR_SOME_PATH_1 and similar
• For JIRA_BOARD_FOR_SOME_PATH_1 and similar boards, in this case we want to use paths to include alerts for specific subdirs.

[cmboling]

We can probably use the same mechanisms here but for the code scanning API: https://github.com/zbazztian/filter-sarif which btw is a 🔥 Action! 💯