No way to update --exclude-regex after object exists

[KevinHock]

By default, we do not overwrite the repo metadata if it already exists https://github.com/Yelp/detect-secrets-server/blob/2662fa8192e487fb4e2e4f15ebd3cc66dc61d3d5/detect_secrets_server/actions/initialize.py#L132 and there is good reason for not blindly overwriting the exclude_regex, because each repo could have a different one in its baseline, and exclude specific files. (Even though we are not doing that at the moment.)

I propose: Short-term: We add an exclude_regex to scan, and ignore the exclude_regex in the repo metadata. Long-term: We use both, and take the exclude_regex from the baseline during "add", if it exists, do not have --exclude-regex in the CLI for the 'add' command. (i.e. Set the exclude regex in the repo metadata from the baseline)

Similar to, in the pre-commit hook code (pre_commit_hook.py) we

1. Use the --exclude from pre-commit framework
2. use the baseline exclude_regex in get_secrets_not_in_baseline https://github.com/Yelp/detect-secrets/blob/f0ece437079854910a97394451b3ab66f99ae515/detect_secrets/core/baseline.py#L57

[KevinHock]

(https://github.com/Yelp/detect-secrets-server/pull/18) hopes to provide the short-term solution

[sp3nx0r]

Would an appropriate modification for this be that we remove the exclude_regex from the repo metadata / yaml upload and add an exclude_files and exclude_lines instead? Currently hitting this as we aren't using baselines yet and enmasse scanning don't have a way to handle these exclusions.