feat: Update SECURE_ANALYZER_PREFIX in all Sec Section templates

What does this MR do and why?

Follow-up to reverted MR !80195 (merged) due to reports of customers being unable to fetch images, see incident gitlab-com/gl-infra/production#6313 (comment 836069735)

Root cause was due to projects which override rules per job, i.e. to enable Merge Request Pipelines. Since previous MR relied on dynamic setting of rules:variables:, these variables are not being set when overridden and the correct registry location is not being fetched. Since we cannot expect rules to not be overridden, we had to revert the original MR and explore a flattened registry hierarchy instead of the previous nested one.

With this new MR it's much simpler and only changes the raw variable values.

Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/334325

Screenshots or screen recordings

Test cases

note: Below build failures are irrelevant, this is purely a change to the image locations so checking job initialization is sufficient.

• Default: Category:SAST, Category:Secret Detection, ~"Category:Dependency Scanning", ~"Category:License Compliance", Category:DAST, Category:Fuzz Testing https://gitlab.com/theoretick/all-the-templates-test/-/pipelines/467510351/builds
  • With SECURE_ANALYZERS_PREFIX=registry.example.com set https://gitlab.com/theoretick/all-the-templates-test/-/pipelines/471913177
• DAST.latest.gitlab-ci.yml + API-Fuzzing.latest.gitlab-ci.yml https://gitlab.com/theoretick/all-the-templates-test/-/pipelines/478864725/builds
  • With SECURE_ANALYZERS_PREFIX=registry.example.com set https://gitlab.com/theoretick/all-the-templates-test/-/pipelines/478866438/builds
• DAST-On-Demand-Scan.gitlab-ci.yml https://gitlab.com/theoretick/all-the-templates-test/-/pipelines/467511030/builds
  • With SECURE_ANALYZERS_PREFIX=registry.example.com set https://gitlab.com/theoretick/all-the-templates-test/-/pipelines/467511418/failures
• DAST-On-Demand-API-Scan.gitlab-ci.yml https://gitlab.com/theoretick/all-the-templates-test/-/pipelines/478865091/builds
  • With SECURE_ANALYZERS_PREFIX=registry.example.com set https://gitlab.com/theoretick/all-the-templates-test/-/pipelines/478867078/builds

How to set up and validate locally

1. Testing templates inclusions
   • Setup include:remote for relevant templates (example) check base container image addresses

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

• I have evaluated the MR acceptance checklist for this MR.