Use CS_IGNORE_STATUSES to ignore non-actionable CS findings

What does this MR do?

Leverage the new CS_IGNORE_STATUSES variable to configure container scanning to ignore non-actionable findings and skip them in the generated security report. Reporting these findings would only lead to the creation of SLA Exception Requests which is a waste of time for our development and security teams.

This policy will also be documented soon in the handbook.

Results

You can check the before/after by looking at the number of reported CS vulnerabilities in the pipeline security tab. Not sharing here for security reasons.

• Before : https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium/-/pipelines/1081789202/security
• After: https://gitlab.com/gitlab-org/security-products/analyzers/gemnasium/-/pipelines/1081984124/security

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer