chore: Try to make CodeQL happy (#20094)

[jsoref]

Closes #20094

Checklist:

• Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
• The title of the PR states what changed and the related issues number (used for the release note).
• The title of the PR conforms to the Toolchain Guide
• I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
• I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
• Does this PR require documentation updates?
• I've updated documentation as required by this PR.
• I have signed off all my commits as required by DCO
• I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
• My build is green (troubleshooting builds).
• My new feature complies with the feature status guidelines.
• I have added a brief description of why this PR is necessary and/or what this PR solves.
• Optional. My organization is added to USERS.md.
• Optional. For bug fixes, I've indicated what older releases this fix should be cherry-picked into (this may or may not happen depending on risk/complexity).

[bunnyshell]

❗ Preview Environment deployment failed on Bunnyshell

See: Environment Details | Pipeline Logs

Available commands (reply to this comment):

• 🚀 /bns:deploy to redeploy the environment
• ❌ /bns:delete to remove the environment

[bunnyshell]

✅ Preview Environment created on Bunnyshell but will not be auto-deployed

See: Environment Details

Available commands (reply to this comment):

• 🚀 /bns:deploy to deploy the environment

[jsoref]

Before

After

---

Note that the other Cleartext thing had been resolved as noise, but I accidentally unresolved the wrong thing when trying to validate this...

[codecov]

Codecov Report

Attention: Patch coverage is 35.71429% with 9 lines in your changes missing coverage. Please review.

Project coverage is 55.84%. Comparing base (ca91dd9) to head (234d2e2).
Report is 1 commits behind head on master.

Files with missing lines	Patch %	Lines
...md/argocd/commands/admin/redis_initial_password.go	0.00%	8 Missing ⚠️
common/common.go	83.33%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #20129      +/-   ##
==========================================
- Coverage   55.86%   55.84%   -0.02%     
==========================================
  Files         321      321              
  Lines       44492    44492              
==========================================
- Hits        24854    24848       -6     
- Misses      17072    17074       +2     
- Partials     2566     2570       +4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[crenshaw-dev]

The old var names are so much more clear.... I'd rather try to find some way to get CodeQL to ignore the false positives

[jsoref]

They don't support annotations. It's just the words. I'm open to anything.

[jsoref]

You can mark an item as a false positive in repositories where you have certain permissions, but it has no impact on forks (connected or disconnected), and contributors won't be working from your repository's curated view, they'll work from the blank slate version.

We can file tickets against Code QL – I've filed a bunch. But I don't see how to improve this one. Maybe we can ask them to improve the qhelp – I've done that a couple of times, but I'm not really sure what to say beyond a generic "please think before you file" which is too generic.

[jsoref]

I should note that I'm submitting this PR under protest. It's stupid that we're considering doing this to work around a silly word list rule in CodeQL, but we've seen enough lousy issues and PRs that it's worth thinking about something like this to avoid more of them.