Add conan package reference filter to package file finder

What does this MR do?

Currently, when a conan package file is searched for the file is found by name and conan_file_type, however for conan packages, there may be multiple files with the same name and type, but are differentiated by conan_package_reference. This MR adds the additional filter to the file finder to fix the bug where the same file is being returned regardless of which conan_package_reference is requested.

Database data

I don't believe it is necessary to add an index for this additional filter because a given conan package will only have a relatively small number of package_files.

New scope .with_conan_package_reference on Packages::PackageFile

Scope Query

SELECT "packages_package_files".* 
FROM   "packages_package_files" 
       INNER JOIN "packages_conan_file_metadata" 
               ON "packages_conan_file_metadata"."package_file_id" = 
                  "packages_package_files"."id" 
WHERE  "packages_conan_file_metadata"."conan_package_reference" = "123456789"

Explain Analyze:

                                                                         QUERY PLAN
------------------------------------------------------------------------------------------------------------------------------------------------------------
 Nested Loop  (cost=0.42..23.65 rows=4 width=186) (actual time=0.025..0.051 rows=3 loops=1)
   ->  Seq Scan on packages_conan_file_metadata  (cost=0.00..9.84 rows=4 width=8) (actual time=0.009..0.026 rows=3 loops=1)
         Filter: ((conan_package_reference)::text = '123456789'::text)
         Rows Removed by Filter: 144
   ->  Index Scan using packages_package_files_pkey on packages_package_files  (cost=0.42..3.44 rows=1 width=186) (actual time=0.007..0.008 rows=1 loops=3)
         Index Cond: (id = packages_conan_file_metadata.package_file_id)
 Planning time: 0.238 ms
 Execution time: 0.075 ms

Query as used in the finder

SELECT "packages_package_files".* 
FROM   "packages_package_files" 
       INNER JOIN "packages_conan_file_metadata" 
               ON "packages_conan_file_metadata"."package_file_id" = 
                  "packages_package_files"."id" 
WHERE  "packages_package_files"."package_id" = 1
       AND "packages_package_files"."file_name" = 'conan_package.tgz' 
       AND "packages_conan_file_metadata"."conan_file_type" = 2
       AND "packages_conan_file_metadata"."conan_package_reference" = '123456789'
ORDER  BY "packages_package_files"."id" DESC 
LIMIT  1 

Explain Analyze:

                                                                                              QUERY PLAN
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
 Limit  (cost=6.63..6.64 rows=1 width=186) (actual time=0.040..0.041 rows=1 loops=1)
   ->  Sort  (cost=6.63..6.64 rows=1 width=186) (actual time=0.040..0.040 rows=1 loops=1)
         Sort Key: packages_package_files.id DESC
         Sort Method: quicksort  Memory: 25kB
         ->  Nested Loop  (cost=0.57..6.62 rows=1 width=186) (actual time=0.026..0.027 rows=1 loops=1)
               ->  Index Scan using index_packages_package_files_on_package_id_and_file_name on packages_package_files  (cost=0.42..3.44 rows=1 width=186) (actual time=0.019..0.019 rows=1 loops=1)
                     Index Cond: ((package_id = 1) AND ((file_name)::text = 'conan_package.tgz'::text))
               ->  Index Scan using index_packages_conan_file_metadata_on_package_file_id on packages_conan_file_metadata  (cost=0.14..3.17 rows=1 width=8) (actual time=0.006..0.007 rows=1 loops=1)
                     Index Cond: (package_file_id = packages_package_files.id)
                     Filter: ((conan_file_type = 2) AND ((conan_package_reference)::text = '123456789'::text))
 Planning time: 0.447 ms
 Execution time: 0.098 ms

Screenshots

Does this MR meet the acceptance criteria?

Conformity

• Changelog entry
• [-] Documentation (if required)
• Code review guidelines
• Merge request performance guidelines
• Style guides
• Database guides
• Separation of EE specific content

Availability and Testing

• Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
• [-] Tested in all supported browsers
• [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

• [-] Label as security and @ mention @gitlab-com/gl-security/appsec
• [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
• [-] Security reports checked/validated by a reviewer from the AppSec team

Related #208830 (closed)