Add service that extends .gitlab-ci.yml configuration with DAST security scans

Why are we doing this work

While we were working on Research Spike in scope of #270880 (closed) and #280315 (closed) we have noticed the need for the service that could take the GitLab CI configuration from the repository and then extend it to either add DAST scan to configuration or to have only DAST security scans in the configuration.

YAML with proposed policy: (policy must reside in .gitlab/security-policies/policy.yml)

    scan_execution_policy:
       -  name: Run DAST in every pipeline
          description: This policy enforces to run DAST for every pipeline within the project
          enabled: true
          rules:
          - type: pipeline
            branches:
            - "production"
          actions:
          - scan: dast
            site_profile: Site Profile
            scanner_profile: Scanner Profile

We need a service that will be able:

• take GitLab CI configuration as a parameter,
• take a list of scans to run in parameters list (but support DAST only for now),

Example of the code that could be reused here:

• Ci::RunDastScanService => https://gitlab.com/gitlab-org/gitlab/blob/master/ee/app/services/ci/run_dast_scan_service.rb
• or similar to extend_config method from this service:

Relevant links

Non-functional requirements

• [-] Documentation: Since we will only work on internal services we do not need documentation.
• [-] Feature flag: No need to have feature flag for internal service.
• [-] Performance:
• Testing: Unit tests

Implementation plan

• backend Create ff security_orchestration_policies
• backend Implement service that will take current GitLab CI configuration, list of security scans and flag to extend/replace CI config that will take GitLab CI configuration and modify it to have DAST scan templates included.
• backend Use new service in CI Processor