Remove support for handling multiple scanners in a single security scan

Summary

Remove support for resolving multiple vulnerabilities from multiple scanners that originate from a single security scan.

As of GitLab 16.0 we will drop support for 14.x.x schemas. This means that the only way to define a scanner/analyzer for a security report is via the scan.scanner and scan.analyzer properties because the scanner property was removed in the 15.0.0 schema.

Improvements

The Security::Scan should only have a single scanner to process which means that we will not need to parse multiple scanners from a single security report. The associated QA tests will also need to be updated to stop using a 14.x.x schema file fixture. A primary scanner method was added to Security::Scan in !109923 (merged). Reverting the changes introduced in !112868 (merged) may accomplish most of what we need to do.

Involved components

Security::Scan#scanner
Security::Ingestion::IngestReportService

Optional: Intended side effects

Once this is completed, we will not be able to process version 14.x.x and older security reports with multiple scanners.

Implementation Plan

Revert changes from: !112868 (merged)
Update QA test to use a newer fixture file.

Testing

Make sure e2e:package-and-test in the MR is run after updating the required QA fixtures.

Edited Jun 05, 2023 by Malcolm Locke