Add columns `first_pipeline_id` and `latest_pipeline_id` to `vulnerability_occurrences`

In order to drop the vulnerability_occurrence_pipelines table, we need to preserve the first and latest pipelines in which a vulnerability has occurred in order to maintain the current functionality within GitLab.

The most logical place to place this currently is the vulnerability_occurences table as the logic that depends on this information is most commonly used in association with the finding.

These columns should both be nullable, as continuous scanning or alternative scan sources will not have a pipeline_id to associate.

Implementation Plan

• Add the columns | M (#443280 - closed) • Michael Becker • 16.10
• Add the indexes ASYNC | M (#443281 - closed) • Michael Becker • 16.10
• Add the indexes SYNC | M (#443282 - closed) • Michael Becker • 16.10
• Add the model associations | M (#443283 - closed) • Michael Becker • 16.10
• Add the loose FK config | M (#443284 - closed) • Michael Becker • 16.10