[CS For Registry] Set report_type to CONTAINER_SCANNING_FOR_REGISTRY for sbom vulnerabilities

Description

1. During vulnerability ingestion by advisory scanner, set the vulnerability report type(vulnerability.report_type) to CONTAINER_SCANNING_FOR_REGISTRY.
2. After this step, vulnerabilities returned by report_type: CONTAINER_SCANNING should not have these vulnerabilities.
3. This is only required for vulnerabilities created by SBOM under this issues

User Impact

No direct user impact as this is a backend implementation. Although, make sure that user does not see the vulnerabilities created by registry event in development or OCS vulnerability tab.

Non-functional requirements

• Benchmarking: Assess the performance impact of using the newly introduced data for filtering.
• Testing: Add unit tests/specs.

Implementation plan

1. Add new enum container_scanning_for_registry ee/app/models/concerns/ee/enums/vulnerability.rb
2. set report_type to sbom_source.source_type in ee/lib/gitlab/vulnerability_scanning/container_scanning/finding_builder.rb
3. In finding builder ee/lib/gitlab/vulnerability_scanning/finding_builder.rb add support for container_scanning_for_registry

Verification steps

1. Ingest a SBOM report with metadata.tools as registry event set as a part of [CS For Registry] Set SBOM occurrence source to... (#443634 - closed)
2. Verify that db records are created as per the requirements.
3. Run advisory scanner and report parser.
4. Verify that the vulnerabilities are created with report_type: CONTAINER_SCANNING_FOR_REGISTRY