Support Trivy Enterprise Reports

[Morl99]

Trivy Enterprise reports have a different schema, it would be helpful if the vulnerability explorer could parse them as well.

Additional features could be:

• show and filter acknowledgements
• acknowledgement via aqua api

[d-koppenhagen]

Where can I find the schema specification?

[Morl99]

that is a great question. I am afraid that I have not seen a real spec, but only actual reports. These can be generated by running trivy enterprise. Since this can only be done with a license, we could export one and check it into this repo. We probably need to clear this with aqua first, as I am unsure about the license of the produced report.

[d-koppenhagen]

Great. So let's go this way. I've also seen no JSON schema definition for version 1 and 2. probably we should open an issue since it would be way better to refer to a published spec. It would also allow us to validate against the schema automatically without custom implementation.

[Morl99]

I am thinking about picking this up again, as we are getting ready to adopt trivy enterprise. I still feel that in pipelines it has value to have a better ui for exploring findings as compared to the static html report.