License Compliance Approvals required even when no new denied licenses have been found

Summary

The license compliance capability is inappropriately blocking users from merging. This is a similar issue to what our security compliance capability suffered prior to 13.4.

Steps to reproduce

Deny one of the licenses existing on the default branch.
Turn on the License Approval feature
Create an MR that doesn't change anything related to licenses (like update Readme)
Wait until the pipeline is finished.

Example Project

What is the current bug behavior?

License approval is required because of denied licenses added

What is the expected correct behavior?

License approval is fall back to optional

Relevant logs and/or screenshots

Output of checks

Results of GitLab environment info

Expand for output related to GitLab environment info


(For installations with omnibus-gitlab package run and paste the output of:
`sudo gitlab-rake gitlab:env:info`)

(For installations from source run and paste the output of:
`sudo -u git -H bundle exec rake gitlab:env:info RAILS_ENV=production`)

Results of GitLab application Check

Expand for output related to the GitLab application check

(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:check SANITIZE=true)
(For installations from source run and paste the output of:
sudo -u git -H bundle exec rake gitlab:check RAILS_ENV=production SANITIZE=true)
(we will only investigate if the tests are passing)

Implementation plan

Add a condition to has_denied_policies? to check only new licenses
Use Ci::CompareLicenseScanningReportsService to get a list of added licenses and then check what is denied
Add tests that cover this case

Edited May 20, 2021 by Tetiana Chupryna