Establish relationship between Security Orchestration Policies and CI Pipelines

Summary

After the scan execution policies are moved to the database, we need to create a relationship between a scan execution policy and a pipeline so that we can record which policy triggered a pipeline.

This will enable us to:

• Establish audit trails for how the pipelines were triggered
• Show end users how the pipeline was triggered
• Associate pipeline data with a security policy (i.e. This policy last ran a scan at...)

Implementation Plan

See !56821 (merged) for similar implementation with DAST profiles

• backend Add has_many relationship with :ci_pipelines to security orchestration policy
• backend Add has_one relationship with :security_orchestration_policy to ee/app/models/ee/ci/pipeline.rb
• ... needs further refinement