SBOM Scan API performance tuning on self-managed

Problem to solve

The SBOM scan API implementation has required careful tuning to ensure the feature can scale adequately without impairing other GitLab features using these shared resources. However, such advanced tunning is based on the profile of our giltab.com instance's infrastructure, which is not necessarily what our customers will have for their self-managed instance. The currently configured urgency and concurrency settings of the workers could maybe result in eating entire capacity of the sidekiq fleet of some instances, and thus overwhelm the system when several big projects are triggering scans.

Proposal

⚠️ WIP

• Review the infrastructure of the Dedicated and Dedicated for government platforms and verify if the current tunning suits them.
• Review the infrastructure of the reference architectures for self-managed platforms and verify if the current tunning suits them.
• consider docummenting suggested routing rules
• consider making some settings configurable (at least concurrency_limit can be an application setting)