Add namespace to Gemnasium CycloneDX reachability property

By the end of this issue, the reachability property in the CycloneDX report will have a namespace and be changed from reachability to gitlab:component:reachability.
This is needed to reduce the code complexity of the new feature, and to keep the current report parsing conventions. as can be seen in this file lib/gitlab/ci/parsers/sbom/cyclonedx_properties.rb

Currently a component in the CycloneDX report looks something like this:

{
  "name": "GitPython",
  "version": "3.1.43",
  "purl": "pkg:pypi/GitPython@3.1.43",
  "type": "library",
  "bom-ref": "pkg:pypi/GitPython@3.1.43",
  "properties": [
    {
      "name": "reachability",
      "value": "not_available"
    }
  ]
}

After this issue, it should look something like this:

{
  "name": "GitPython",
  "version": "3.1.43",
  "purl": "pkg:pypi/GitPython@3.1.43",
  "type": "library",
  "bom-ref": "pkg:pypi/GitPython@3.1.43",
  "properties": [
    {
      "name": "gitlab:dependency_scanning_component:reachability",
      "value": "unknown"
    }
  ]
}

/cc @Joey_Khabie @or-gal @minac

Edited Sep 04, 2024 by Adam Cohen