Extract finder, add find command

What does this MR do?

Move finder out of scanner, and make it a top-level package

Also, expose the finder as a CLI command named find, to make it easy to check, debug, and play with the finder. This becomes even more important as the finder is getting more complex and getting more CLI options.

The behavior doesn't change except for the new find command.

Here's the find command in action with the gitlab repo (log messages have been removed):

./gemnasium find ~/gitlab-org/gitlab
yarn.lock
Gemfile.lock
tooling/overcommit/Gemfile.lock
ee/spec/fixtures/security_reports/remediations/yarn.lock
qa/Gemfile.lock
qa/qa/ee/fixtures/secure_premade_reports/yarn.lock
qa/qa/fixtures/auto_devops_rack/Gemfile.lock

Next step is to use project detection to identify file sets in any directory the finder walks through, and to pass detected projects to the scanner. See !134 (merged)

What are the relevant issue numbers?

gitlab-org/gitlab#263441 (closed)

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer