Move Dependency Scanning reports logic for the Merge Request widget to the backend

The security request reports on the merge request widget currently use the generated artifacts to generate Dependency Scanning reports on the frontend. We should move this logic into the backend, and provide final results to the frontend, like junit reports do.

This will improve performances of page load and will allow more flexibility.

This issue is one step towards completing the larger issue of #8519 (closed)

Proposal

We should compare the Dependency Scanning reports in the backend and expose the result to frontend, using a ready to use and common json entity. Such entities already exist as part of the Group Security Dashboard and should be reused to provide the same structure everywhere and allow frontend to reuse standard components.

This API should then be consumed by the frontend and the older artifacts code should be moved behind a feature flag so we can revert back to using it if we need to.

Implementation Plan

Frontend Part https://gitlab.com/gitlab-org/gitlab-ee/issues/13649
Backend Part https://gitlab.com/gitlab-org/gitlab-ee/issues/13389

Edited Sep 12, 2019 by Sam Beckham