Introduce maintenance tasks; Unify cron and lock duration configs for tasks

[nscuro]

Description

Adds maintenance tasks to help with freeing the database from unwanted bloat:

• ComponentMetadataMaintenanceTask deletes dangling IntegrityMetaComponent and RepositoryMetaComponent records, which would otherwise accumulate forever.
• MetricsMaintenanceTask deletes metrics records older than a configurable retention period (90 days per default). Since the frontend only shows metrics for up to 90 days, it doesn't make sense to keep older data around. Users with longer retention requirements can re-configure this in the UI.
• TagMaintenanceTask deletes tags that are not used, i.e. not associated with any project, policy, or notification rule. This is particularly useful for organizations that make use of ephemeral, or frequently changing tags.
• VulnerabilityDatabaseMaintenanceTask deletes VulnerableSoftware records that are no longer referenced by any Vulnerability. Such orphaned records can happen when vulnerability databases such as the NVD update a vulnerability's affected version ranges, or affected components entirely.

The following existing cleanup tasks were renamed accordingly to fit the new maintenance convention:

• VulnerabilityScanCleanupTask -> VulnerabilityScanMaintenanceTask
• WorkflowStateCleanupTask -> WorkflowMaintenanceTask

They were additionally refactored to make use of bulk SQL UPDATE / DELETE statements, rather than modifying individual records via the ORM. This makes them both better performing and more concurrency-friendly.

The way how cron and lock duration configuration is retrieved for tasks was refactored to be more uniform. Now, property names align with a task's class name, and follow a predictable structure, voiding the need for separate ConfigKey definitions.

For example:

• task.cron.metrics.portfolio -> task.portfolio.metrics.update.cron
• task.metrics.portfolio.lockAtMostForInMillis -> task.portfolio.metrics.update.lock.max.duration
• task.metrics.portfolio.lockAtLeastForInMillis -> task.portfolio.metrics.update.lock.min.duration

Addressed Issue

N/A

Additional Details

N/A

Checklist

• I have read and understand the contributing guidelines
• This PR fixes a defect, and I have provided tests to verify that the fix is effective
• This PR implements an enhancement, and I have provided tests to verify that it works as intended
• This PR introduces changes to the database model, and I have updated the migration changelog accordingly
• This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

[codacy-production]

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation	Diff coverage
✅ -0.02% (target: -1.00%)	✅ 78.41% (target: 70.00%)

Coverage variation details

	Coverable lines	Covered lines	Coverage
Common ancestor commit (40293f8)	21233	17467	82.26%
Head commit (9bfe302)	21308 (+75)	17524 (+57)	82.24% (-0.02%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details

	Coverable lines	Covered lines	Diff coverage
Pull request (#840)	352	276	78.41%

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

_{Codacy stopped sending the deprecated coverage status on June 5th, 2024. Learn more}