Feature flag to enable License Scanning SBOM scanner
<!-- Implementation issues are used break-up a large piece of work into small, discrete tasks that can move independently through the build workflow steps. They're typically used to populate a Feature Epic. Once created, an implementation issue is usually refined in order to populate and review the implementation plan and weight. Example workflow: https://about.gitlab.com/handbook/engineering/development/threat-management/planning/diagram.html#plan --> ## Why are we doing this work We need a feature flag to roll out the License Scanning SBOM Scanner, and to enable it in specific projects before making it the default. ## Further details `LicenseScanning.scanner_class` introduce in https://gitlab.com/gitlab-org/gitlab/-/merge_requests/105747 always returns the `ArtifactScanner`. This needs to be change to return the `SbomScanner` when the new feature flag is enabled. ## Relevant links - `LicenseScanning.scanner_class`: https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/lib/gitlab/license_scanning.rb#L21 - Implementation of the SBOM Scanner: https://gitlab.com/gitlab-org/gitlab/-/issues/384932 ## Non-functional requirements ## Implementation plan - [ ] Declare a new FF to enable License Scanning SBOM Scanner. - [ ] Change `LicenseScanning` to use `SbomScanner` instead of `ArtifactScanner` when the FF is enabled. ## Verification steps Check FF - Enable FF for a specific project - Use any License Scanning feature that's been refactored as part of https://gitlab.com/groups/gitlab-org/-/epics/8532+. - The backend should raise a `Not implemented` error (unless https://gitlab.com/gitlab-org/gitlab/-/issues/384932 has been implemented). Non-regression test - Go to a projet where License Scanning has been configured, and that has License Scanning artifacts. - Use any License Scanning feature that's been refactored as part of https://gitlab.com/groups/gitlab-org/-/epics/8532+. - Make sure that there's no regression.
issue