Vulnerability management using ES for self-managed GitLab instances

Update: Tracked on epic Vulnerability management using ES for self-mana... (&18758)

Purpose

Placed holder issue to support Advanced Vulnerability Management using ES for SelfManaged GitLab instances. Ongoing discussion and details in this thread.

Primary challenge:

ES packaging for GitLab self-managed which is tracked in epic &18396. Distributions like Omnibus does not come with ES, details here.

Other considerations:

• Have a config setting similar to global search to skip ES indexing for configured projects? Confirm with the product team.
• Admin settings page and rake task for Index creation (this includes code changes where vulnerabilities have to be added to INDEXED_PROJECT_ASSOCIATIONS), reindex etc similar to https://docs.gitlab.com/integration/advanced_search/elasticsearch/#enable-advanced-search
  • Revisit the initial ingestion logic disabled for Self-managed in !197147 (merged)
• Feature enabling check on the backend code here for Self-managed.
• Validate that ES index is correctly installed and backfilled during first time ES bootstrap. Related to #543089 (closed)
• Reintroduce the ES migrations especially the backfills which are skipped in code with conditional checks.
• Documentation for Self-managed instances on how to configure advanced vulnerability management using advanced search.
• Show banner on security features UI that have advanced vulnerability management features but have not enabled advanced search. Tracked in #557323