Add scim_group_uid to saml_group_links

This is part of #509425 (closed).

What does this MR do and why?

This MR adds a scim_group_uid column to saml_group_links to support the coming-soon SCIM group synchronization for self-managed. This column will store a UUID generated by GitLab to uniquely identify groups in SCIM operations, enabling group membership management through the SCIM API.

This is the first step of the SCIM group sync implementation, allowing GitLab to expose SAML group links through SCIM endpoints while maintaining consistency between the IdP and GitLab group memberships. Subsequent MRs will implement the actual API endpoints (behind a TBD feature flag).

References

• Implement `POST /Groups` endpoint (#509425 - closed)
• Group Sync using SCIM for Self-managed (&15990 - closed)
• Draft: [PoC] Add basic SCIM /Groups support (!178644 - closed)

Migration outputs

Taken from CI:

$ scripts/db_tasks db:migrate:down VERSION=20250205214736
Running: `bundle exec rake db:migrate:down:main VERSION=20250205214736`
main: == [advisory_lock_connection] object_id: 117220, pg_backend_pid: 124
main: == 20250205214736 AddScimGroupUidToSamlGroupLinks: reverting ==================
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- view_exists?(:postgres_partitions)
main:    -> 0.0682s
main: -- index_exists?(:saml_group_links, :scim_group_uid, {:name=>"index_saml_group_links_on_scim_group_uid", :algorithm=>:concurrently})
main:    -> 0.0093s
main: -- execute("SET statement_timeout TO 0")
main:    -> 0.0005s
main: -- remove_index(:saml_group_links, {:name=>"index_saml_group_links_on_scim_group_uid", :algorithm=>:concurrently, :column=>:scim_group_uid})
main:    -> 0.0126s
main: -- execute("RESET statement_timeout")
main:    -> 0.0009s
main: -- remove_column(:saml_group_links, :scim_group_uid)
main:    -> 0.0029s
main: == 20250205214736 AddScimGroupUidToSamlGroupLinks: reverted (0.1595s) =========
main: == [advisory_lock_connection] object_id: 117220, pg_backend_pid: 124
$ scripts/db_tasks db:schema:dump
Running: `bundle exec rake db:schema:dump:main`
$ git diff master -- db/structure.sql
$ scripts/db_tasks db:migrate
Running: `bundle exec rake db:migrate:main`
main: == [advisory_lock_connection] object_id: 116640, pg_backend_pid: 157
main: == 20250205214736 AddScimGroupUidToSamlGroupLinks: migrating ==================
main: -- add_column(:saml_group_links, :scim_group_uid, :uuid)
main:    -> 0.0026s
main: -- transaction_open?(nil)
main:    -> 0.0000s
main: -- view_exists?(:postgres_partitions)
main:    -> 0.0089s
main: -- index_exists?(:saml_group_links, :scim_group_uid, {:name=>"index_saml_group_links_on_scim_group_uid", :algorithm=>:concurrently})
main:    -> 0.0053s
main: -- execute("SET statement_timeout TO 0")
main:    -> 0.0005s
main: -- add_index(:saml_group_links, :scim_group_uid, {:name=>"index_saml_group_links_on_scim_group_uid", :algorithm=>:concurrently})
main:    -> 0.0019s
main: -- execute("RESET statement_timeout")
main:    -> 0.0004s
main: == 20250205214736 AddScimGroupUidToSamlGroupLinks: migrated (0.0532s) =========
main: == [advisory_lock_connection] object_id: 116640, pg_backend_pid: 157

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

N/A

How to set up and validate locally

N/A, this only includes the DB migration.