Add sbom report background processing

Why are we doing this work

This is an implementation issue for facilitating sbom artifact ingestion by implementing a queue and background worker to add components to the database.

Relevant links

This is part of a wider epic to add SBOM ingestion: &8024 (closed)

Non-functional requirements

Documentation: tbd
Feature flag: Add a cyclonedx_sbom_ingestion feature flag and check it before invoking StoreScansWorker.
Performance: tbd
Testing: tbd

Proposal

Add a queue and background worker for processing sbom artifact and a trigger in the pipeline state to invoke the worker.

Implementation plan

backend add worker similar to the StoreScansWorker which already exists
backend add a queue for the worker https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/workers/all_queues.yml
backend add an after_commit trigger for the worker in https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/models/ee/ci/pipeline.rb#L61, behind a feature flag.

Verification steps

Edited Jul 08, 2022 by Brian Williams