Add version check job

What does this MR do?

This MR adds the version-check job from container scanning into the analyzer.yml template so all Go-based analyzers can benefit from the script.

The purpose of this new version-check is to ensure that the version reported by the analyzer using the --version flag matches the latest version in the CHANGELOG.md file. This is necessary now that a scan.scanner.version field is being added to the reports generated by our analyzers, as part of Add scanner, report_type to SAST, CS, DS reports.

This version-check stage has the following behaviour:

• If the app.Version value is not configured, for example gemnasium doesn't define this value, then version-check will output a warning and return a 0 status code. This will allow us to immediately use this version-check script in all analyzer projects without altering existing behaviour:

  • and urfave/cli <= v1.22.2 is used:

    [INFO] [klar] [2020-07-29T02:01:50Z] ▶ GitLab klar analyzer v0.0.0
    Warning: analyzer binary does not have a version configured. 
    Please update the analyzer binary version to match the most recent version in CHANGELOG.md.
    
    Job succeeded

  • and urfave/cli >= v1.22.3 is used:

    [INFO] [klar] [2020-07-29T02:10:16Z] ▶ GitLab klar analyzer v
    [FATA] [klar] [2020-07-29T02:10:16Z] ▶ flag provided but not defined: -version
    Warning: analyzer binary does not have a version configured. 
    Please update the analyzer binary version to match the most recent version in CHANGELOG.md.
    
    Job succeeded     

  Note: the reason why we need logic to support both urfave/cli <= v1.22.2 and >= v1.22.3 is because of the following bugfix which changed the version behaviour.

• If the app.Version value is configured, for example in klar

  • and the app.Version value matches the most recent version in CHANGELOG.md:

    [INFO] [klar] [2020-07-29T01:57:46Z] ▶ GitLab klar analyzer v2.4.9
    Success: Analyzer binary version '2.4.9' matches CHANGELOG.md version '2.4.9
    
    Job succeeded

  • and the app.Version value does not match the most recent version in CHANGELOG.md:

    [INFO] [klar] [2020-07-29T02:02:27Z] ▶ GitLab klar analyzer v2.5.0
    Error: The most recent version in CHANGELOG.md '2.4.9' does not match the analyzer binary 
    version value '2.5.0'. Please update the analyzer binary version to match the most recent 
    version in CHANGELOG.md.
    
    ERROR: Job failed: exit code 1

What are the relevant issue numbers?

gitlab-org/gitlab#232757 (closed)

Testing

All four scenarios have been tested - click on the links in the This version-check stage has the following behaviour section above

Does this MR meet the acceptance criteria?

• Tests added for this feature/bug