Add `finding_id` foreign key to `vulnerabilities`

Why are we doing this work?

In order to achieve a proper 1:1 relation between vulnerabilities and vulnerability_occurrences tables we need to move the foreign key from vulnerability_occurrences to vulnerabilities table. This is the first step towards that goal.

Implementation plan

database create a migration that will add finding_id column to vulnerabilities table
backend adjust ee/app/services/vulnerabilities/create_service.rb and our ingestion pipeline to populate finding_id on the Vulnerability record created
database create a migration that uses add_concurrent_foreign_key with validate: false

Testing

E2E testing: Make sure e2e: package-and-test is run and govern specs are green

Edited Aug 24, 2023 by Michael Becker