Update Security MR approvasl documentation

What does this MR do?

This updates the wording of the security MR approval rules to hopefully remove ambiguity.

The existing wording led me to think the Approval would be required if there is no report generated during the pipeline.

Though the intent is that this is just a temporary requirement while the pipeline is running and the report is not yet generated. Though, if the pipeline completes and there are no generated report, the approval is not required.

In other words, this is not a feature to enforce the execution of the scans, it's rather to ensure that we await for the scans (if any) to be executed before updating the approval requirement.

Related issues

Author's checklist

• Consider taking the GitLab Technical Writing Fundamentals course
• Follow the:
  • Documentation process.
  • Documentation guidelines.
  • Style Guide.
• Ensure that the product tier badge is added to topic's h1.
• Request a review based on:
  • The documentation page's metadata.
  • The associated Technical Writer.

If you are only adding documentation, do not add any of the following labels:

• ~"type::feature"
• ~"frontend"
• ~"backend"
• ~"type::bug"
• ~"database"

These labels cause the MR to be added to code verification QA issues.

Review checklist

Documentation-related MRs should be reviewed by a Technical Writer for a non-blocking review, based on Documentation Guidelines and the Style Guide.

• If the content requires it, ensure the information is reviewed by a subject matter expert.
• Technical writer review items:
  • Ensure docs metadata is present and up-to-date.
  • Ensure the appropriate labels are added to this MR.
  • If relevant to this MR, ensure content topic type principles are in use, including:
    • The headings should be something you'd do a Google search for. Instead of Default behavior, say something like Default behavior when you close an issue.
    • The headings (other than the page title) should be active. Instead of Configuring GDK, say something like Configure GDK.
    • Any task steps should be written as a numbered list.
    • If the content still needs to be edited for topic types, you can create a follow-up issue with the docs-technical-debt label.
• Review by assigned maintainer, who can always request/require the above reviews. Maintainer's review can occur before or after a technical writer review.
• Ensure a release milestone is set.