Warn users submitting crash reports that they must be signed into GitHub

[alfarok]

DYN-1491

This PR adds a tooltip to the Submit Bug To GitHub button in the CrashPrompt dialog box warning users they must be signed in before attempting to launch a pre-filled crash report on GitHub. If the user clicks the button and is not logged in they will likely face a 414 or 404 depending on several factors. This is a result of #9393 as users used to be directed to issues as opposed to new issues which requires auth. The redirect url cannot handle the long content from the crash report often resulting in a 414. This could be avoided by using a GitHubApp and making a post request.

Declarations

Check these if you believe they are true

• The code base is in a better state after this PR
• Is documented according to the standards
• The level of testing this PR includes is appropriate
• User facing strings, if any, are extracted into *.resx files
• All tests pass using the self-service CI.
• Snapshot of UI changes, if any.
• Changes to the API follow Semantic Versioning, and are documented in the API Changes document.

Reviewers

@mjkkirschner @QilongTang

[alfarok]

@mjkkirschner @QilongTang Curious what you guys think of this approach? I can update the message but specifically displaying the warning as a ToolTip

[radumg]

👍 was thinking about this @alfarok , think we could limit the length of the string in the GitHubCrashReportBody method, to avoid some of the nastiness of Github erroring out with 414 ?
Yes, stack traces might be truncated then, but should always have at least the first few lines.

Otherwise, all up for a GithubApp, just don't know how we'd distribute/include the API key needed ?

[alfarok]

Hey @radumg, I gave that a quick attempt right after the issue was discovered and remember running into some other issues. I think the max url length that was guaranteed on all browsers were slightly over 2k chars. I can't remember if this approach didn't work because it diluted the stack trace to almost nothing or I hit another error. I do agree it would be a better solution if possible so I can spend a little more time investigating.

[alfarok]

If we eventually used a GitHubApp for all our GitHub automation we could use a public API gateway that calls a lambda function which would have the client id/secret stored as environment variables or something similar. I think it would be cool and could be used for other purposes but I don't think we have the bandwidth to prioritize this at the current moment.

[radumg]

Yep, that's what i imagined as well - hard sell to introduce yet another service to maintain just for this.

[alfarok]

@radumg I have been messing around with the the uri length and seem to run into other errors in the redirect regarding security and end up getting a 500 error. It isn't related to escaping characters I don't think either as I am reducing the stack trace before building the uri. Using 2-factor OAuth also uses an additional redirect which may cause issues. 🤔

[alfarok]

replaced with #9523