Explore what kind of "PII" needs scrubbing from the runner diagnostic logs

[juliobbv]

In the GitHub diagnostic logs, the runner logs information that can be considered "Personally-Identifiable" (e.g. names, emails), either from the GitHub context, or from the regular info/warning/debug messages.

@patrickcarnahan made a good point on exploring the need to scrub PII data out of the logs:

GH will (likely) eventually want the same types of certifications that MS has for data sovereignty, right to be forgotten, etc, as some customers may depend on these types of features and certifications to use the products.

This issue tracks the effort of figuring out what sort of information we need to scrub in order to comply with such certifications.

[bryanmacfarlane]

We already did the work to scrub PII data. If there's a specific issue or part of that larger epic finds an issue, create a specific issue.