[Proposal] - Skip SBOM ingestion based on ingestion checksum
An idea raised as a result of the work on https://gitlab.com/groups/gitlab-org/-/epics/17028+s, it was proposed by @minac that we could potentially improve GitLab's efficiency by skipping SBOM record ingestion based on a checksum value provided or generated from the artifacts of a dependency scan.
As a result, if the scanner provides a checksum consistent with the previous one seen, or we generate one based on the CycloneDX fields reported, we should be able to safely skip the ingestion of sbom records as the resulting information should be consistent with what is already stored.
epic