Fix incident auto-resolution using stale resolved alerts from previous recoveries

[Copilot]

When a server goes down and recovers, check_resolved() picks up resolved alerts from that recovery indefinitely. If the server goes down again, the new incident immediately auto-resolves against the old resolved alerts.

Changes

• Incident.check_resolved(): Filter resolved alerts to only those created after the current incident (creation > self.creation), and pass the incident creation time into is_enough_firing() so past_alert_instances() also excludes stale alerts
• AlertmanagerWebhookLog.past_alert_instances(): Accept optional since param to add a creation > lower bound on the query
• AlertmanagerWebhookLog.is_enough_firing: Changed from @property to method to thread the since parameter through

# Before: finds any resolved alert for this server, including from previous recoveries
last_resolved = frappe.get_last_doc("Alertmanager Webhook Log", {
    "status": "Resolved",
    "group_key": ("like", f"%{self.incident_scope}%"),
    "alert": self.alert,
})
if not last_resolved.is_enough_firing:

# After: only resolved alerts from after this incident was created
last_resolved = frappe.get_last_doc("Alertmanager Webhook Log", {
    "status": "Resolved",
    "group_key": ("like", f"%{self.incident_scope}%"),
    "alert": self.alert,
    "creation": (">", self.creation),
})
if not last_resolved.is_enough_firing(since=self.creation):

• Added regression test test_subsequent_incident_not_resolved_by_previous_resolved_alerts covering the full cycle: incident → resolve → new incident → verify it stays open → new resolved alert → verify it resolves