Looking up by UUIDv5 should be more stable in detecting duplicates.

Changes:
 - Use sequence to simulate project_id in Ci::Reports::Security::Finding
   factory
 - Return vulnerability_finding in case of duplicates
 - Check if UUIDv4 gets updated to UUIDv5