Extend GraphQL Ci::PipelineType to include Security Report Findings

Why are we doing this work

This is the backend work to be used by the UI as described in #227105 (closed). The pipeline security tab looks the same as the project/group/Security Center vulnerability reports, but it is implemented using entirely different code/endpoints.

Relevant links

Frontend Issue

Non-functional requirements

Documentation: Update GraphQL documentation
Testing: Add/update GraphQL specs for the new type

Implementation plan

backend: extend Pipeline Type as described in #227105 (comment 375471930)
- backend: Create new PipelineSecurityReportFindingType GraphQL Type to be used by Ci::Pipeline
- backend: Create new GraphQL PipelineSecurityReportFindingsResolver class
- backend: Add ability to filter by scanner
- backend: Add ability to filter by severity
- backend: Add ability to filter by reportType

Example:

query {
  project(fullPath: "mparuszewski/security-reports") {
    pipeline(iid: "1") {
      securityReportFindings(scanner: "bandit", severity: "critical") {
        id
        severity
      }    
    }
  }
}

Edited Feb 16, 2021 by Subashis Chakraborty