Allow for easy identification of SAST and DAST reports on job logs page

Release notes

Problem to solve

<Ultimate users depend on the JSON format security scan artifacts reports to analyse the results of a scan. When listing reports on the jobs detail page, we don't surface report type tags for easy identification. We only show a download button that downloads the repost without showing which one is being downloaded.

Intended users

User experience goal

Proposal

frontend

1. Add security report type tags against report names on job logs page
2. On the artifacts page, surface the tags on the collapsed view to allow for quick identification(today the tags are shown only upon expanding a particular section).

backend

1. Add the file_type field as its own exposed field in the BuildArtifactEntity << (Veethika: report type?)
2. Update the related tests for the BuildArtifactEntity

Further details

https://gitlab.com/gitlab-com/gitlab-OKRs/-/work_items/8995#note_2182312478.

Permissions and Security

Documentation

Availability & Testing

Available Tier

Feature Usage Metrics

What does success look like, and how can we measure that?

What is the type of buyer?

Is this a cross-stage feature?

What is the competitive advantage or differentiation for this feature?

Links / references