BE - [License Approvals] - Add relationship between Software License Policy and Security Policy Project Configuration

Why are we doing this work

Currently Software License Policies are created manually in Security & Compliance -> License Compliance -> Policies page and are not related to Security Policy Project. To successfully perform deleting of related policies we need to add optional relationship to Security Policy Project Configuration in database so we can easily remove it when Policy Project is unassigned or deleted.

We want to currently work on this feature behind existing feature flag (license_scanning_policies), so policy will be only processed when this feature flag is enabled for the project.

Relevant links

Related issue with proposed format Epic

Non-functional requirements

• Documentation: documentation should be updated with new type of Scan Result Policies after this feature is available for users.
• [-] Feature flag:
• [-] Performance:
• Testing:

Implementation plan

• database add new column security_orchestration_policy_configuration_id bigint to software_license_policies and index and foreign key to delete ON CASCADE when entry from security_orchestration_policy_configurations is removed,
• backend update SoftwareLicensePolicies::CreateService to accept security_orchestration_policy_configuration_id and store it in the model,

Verification steps

• Check if software license policies are removed when security policy project is unassigned or deleted,
• Check if software license policies are updated when policy is updated with new licenses,