Security features are not listed in GITLAB_FEATURES
Description
We now have an environment variable listing all the EE features available.
GITLAB_FEATURES=audit_events,burndown_charts,contribution_analytics,elastic_search,export_issues,group_webhooks,issuable_default_templates,issue_board_focus_mode,issue_weights,jenkins_integration,ldap_group_sync,merge_request_approvers,merge_request_squash,multiple_ldap_servers,multiple_issue_assignees,multiple_project_issue_boards,push_rules,protected_refs_for_users,related_issues,repository_mirrors,repository_size_limit,scoped_issue_board,admin_audit_log,auditor_user,cross_project_pipelines,db_load_balancing,deploy_board,extended_audit_events,file_locks,geo,ldap_group_sync_filter,multiple_group_issue_boards,object_storage,service_desk,variable_environment_scope,external_authorization_service
This was mainly intended to spot if users have specific features enabled, and run jobs only in that case to avoid wasting of resources.
It actually applies to security features reports in the UI (SAST, DAST, etc), but there is no entry for that.
Proposal
Ensure that security features are listed in the variable. It is fine just to have one single entry for all of them.