Set inverse_of option for associations

ee/app/models/security/finding.rb

@@ -11,8 +11,8 @@ module Security
   class Finding < ApplicationRecord
     self.table_name = 'security_findings'
 
-    belongs_to :scan, optional: false
-    belongs_to :scanner, class_name: 'Vulnerabilities::Scanner', optional: false
+    belongs_to :scan, inverse_of: :findings, optional: false
+    belongs_to :scanner, class_name: 'Vulnerabilities::Scanner', inverse_of: :security_findings, optional: false
 
     # TODO: These are duplicated between this model and Vulnerabilities::Finding,
     # we should create a shared module to encapculate this in one place.

ee/app/models/security/scan.rb

@@ -11,7 +11,7 @@ module Security
 
     has_one :pipeline, class_name: 'Ci::Pipeline', through: :build
 
-    has_many :findings
+    has_many :findings, inverse_of: :scan
 
     enum scan_type: {
       sast: 1,

ee/app/models/vulnerabilities/scanner.rb

@@ -5,6 +5,7 @@ module Vulnerabilities
     self.table_name = "vulnerability_scanners"
 
     has_many :findings, class_name: 'Vulnerabilities::Finding', inverse_of: :scanner
+    has_many :security_findings, class_name: 'Security::Finding', inverse_of: :scanner
 
     belongs_to :project
 

ee/spec/models/vulnerabilities/scanner_spec.rb

@@ -4,8 +4,9 @@ require 'spec_helper'
 
 RSpec.describe Vulnerabilities::Scanner do
   describe 'associations' do
-    it { is_expected.to have_many(:findings).class_name('Vulnerabilities::Finding') }
     it { is_expected.to belong_to(:project) }
+    it { is_expected.to have_many(:findings).class_name('Vulnerabilities::Finding') }
+    it { is_expected.to have_many(:security_findings).class_name('Security::Finding') }
   end
 
   describe 'validations' do