Fix multi-project support for Security Code Scan

What does this MR do?

Upon studying the dotnet docs some more I realized we were doing some things wrong. Namely not specifying paths in the dotnet, nuget, and msbuild commands. This led to some incorrect behavior as those commands would try to figure out what solution OR project to build/restore/clean/add to.

I've included this diagram to help illustrate what we are changing (it's not a complete flow diagram but demonstrates some of the decisions being made):

We add analyzeSolution, analyzeProjectDotNet, and analyzeProjectMSBuild functions which do the following:

• analyzeSolution: determines what projects are associated with the solution using dotnet sln <solution> list. Those projects then call analyzeProjectsDotNet and if that fails, analyzeProjectMSBuild
• analyzeProjectDotNet: this function analyzes the project using dotnet commands only (add, clean, build)
• analyzeProjectMSBuild: this function adds the required Security-Code-Scan dependency to the .csproj project file. Next we download required Nuget dependencies using nuget restore <solution>. Notice this requires the solution file for downloading the dependencies. Then we can run msbuild <project> -t:Clean;Build on the project.

This MR should address the issues in this conversation thread. gitlab-org/gitlab#233033 (comment 484917072)

What are the relevant issue numbers?

gitlab-org/gitlab#233033 (closed)

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer