Add rebuild agent and triage rebuild resolution

[lbarcziova]

Introduce a rebuild workflow for packages that need rebuilding against updated dependencies without source code changes (e.g., vendored dependency CVEs in Go/Rust/Node.js packages). The triage agent detects
rebuild scenarios by checking dependency issue status via issuelinks or JQL search.

Also adds JIRA_DRY_RUN, FORCE_CVE_TRIAGE, and DEPENDENCY_COMPONENT options for flexible standalone testing.

Assisted-by: Claude

Tests I ran so far:

make run-triage-agent-standalone JIRA_ISSUE=RHEL-158765 DRY_RUN=true FORCE_CVE_TRIAGE=true

INFO:__main__:Direct run completed: {
    "resolution": "rebuild",
    "data": {
        "package": "git-lfs",
        "jira_issue": "RHEL-158765",
        "dependency_issue": "RHEL-156572",
        "dependency_component": "golang",
        "fix_version": "rhel-9.8"
    }
}

make run-rebuild-agent-c9s-debug PACKAGE=git-lfs JIRA_ISSUE=RHEL-158765 BRANCH=c9s SKIP_JIRA=true DEPENDENCY_COMPONENT=golang

resulting in https://gitlab.com/redhat/centos-stream/rpms/git-lfs/-/merge_requests/41

[gemini-code-assist]

Code Review

This pull request introduces a new rebuild_agent to automate package rebuilds against updated dependencies, supporting both direct and queue-based execution. It integrates this new agent into the existing system by adding new Makefile targets, updating documentation, and modifying the triage agent's logic to include "rebuild" as a possible resolution for CVEs, especially for vendored/bundled dependencies. Additionally, it enhances Jira interaction by introducing a SKIP_JIRA environment variable to bypass Jira write operations and modifies git commit tasks to allow empty commits. Review comments suggest improving error handling consistency in the rebuild_agent, refactoring Makefile targets for better maintainability, removing an unused parameter, and refining Jira comment formatting.

[lbarcziova]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a new Rebuild agent and workflow designed to handle package rebuilds necessitated by dependency updates. Key changes include updating the triage agent to recognize rebuild scenarios, adding new Redis queues and Jira labels for tracking, and implementing a JIRA_DRY_RUN mode to skip write operations. The feedback highlights several improvement opportunities in the new rebuild agent, specifically regarding the robustness of the task processing loop, the removal of unused function parameters, and the use of more appropriate data models for successful task results.

[gemini-code-assist]

If is_empty_commit is true, the agent will create an empty commit and open a merge request. In the context of RHEL package maintenance, a rebuild usually requires a new NVR (Name-Version-Release), which is achieved by bumping the release number in the spec file. If update_release failed to modify the spec file, an empty commit will not result in a new build. Consider whether creating an MR with an empty commit is the desired behavior when no changes are detected.

[lbarcziova]

it is, for %autorelease and %autochangelog scenario