Clean up orphaned remediations

While working on #362169 (closed), @minac and I realised that the process for removing remediations that are not applicable to the detected vulnerabilities in a pipeline does not actively clean up those remediations that no longer associate to any findings. As a result, these remediations become orphaned in the database.

Using Postgres.ai we were able to determine that about 40% of all the remediations in the production database are actually orphaned like this.

Investigation

https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/12671/commands/44671 => 90335 rows selecting all remediations https://postgres.ai/console/gitlab/gitlab-production-tunnel-pg12/sessions/12671/commands/44670 => 35865 rows selecting orphaned remediations

35865/90335 = 0.39702219516

While the relative scale of this issue is small currently, with time this will bloat the table unnecessarily, so we should clean these out.

Implementation Plan

• Implement a new Sidekiq Worker called Vulnerabilities::OrphanedRemediationsCleanupWorker
• Use this worker to delete any Vulnerabilities::Remediation records where there are no associated findings. Something like Vulnerabilities::Remediation.where.missing(:findings).destroy_all may work.
• Add Vulnerabilities::OrphanedRemediationsCleanupWorker to the config/initializers/1_settings.rb cron job configurations in the Gitlab.ee do section