Add hyperlink to the components (License Scanning SBOM Scanner)

Fix the license compliance page to show the hyperlink for the component name. The old license compliance page used to point the hyperlink to the scanned file for example build.gradle in case of a gradle project.

Old implementation:

New implementation:

The new license compliance page does not show links for any components:

The root cause of this issue is that the frontend gets the component link from the Gitlab::Ci::Reports::LicenseScanning::Dependency#blob_path_for method, which requires that the path field is present.

This path field is present for the old license scanning report:

{
  "version": "2.1",
  "licenses": [
    "...",
    {
      "id": "MPL-2.0",
      "name": "Mozilla Public License 2.0",
      "url": "https://opensource.org/licenses/MPL-2.0"
    },
    "..."
  ],
  "dependencies": [
    "...",
    {
      "name": "rhino",
      "version": "1.7.10",
      "package_manager": "gradle",
      "path": "build.gradle",
      "licenses": [
        "MPL-2.0"
      ]
    },
    "..."
  ]
}

Implementation details

As for the new license scanning process, the input path is available via the gitlab:dependency_scanning:input_file:path field in the SBOM, however, this path value is not propagated to the license dependencies in Gitlab::LicenseScanning::SbomScanner#report, therefore, the frontend does not show any links for components for the new license scanning system.

Implementation plan

1. From pipeline.sbom_reports fetch the report.source.

2. report.source would look like the following:

   sbom_report.source
   
   #<Gitlab::Ci::Reports::Sbom::Source:0x000000013f8c70b8
    @data={"input_file"=>{"path"=>"go.sum"}, "source_file"=>{"path"=>"go.mod"}, "package_manager"=>{"name"=>"go"}, "language"=>{"name"=>"go"}},
    @source_type=:dependency_scanning>

3. Pass the path to SbomScanner#report add_dependency