Open
Description
The current usage of Resources status field is confusing because it seems to conflate several types of status:
Scanning status
- scanned
- scanned-with-error
File ignored
- ignored-empty-file
- ignored-whiteout
- ignored-not-interesting
Package type for container images
- application-package
- system-package
License scanning status
- no-licenses
- unknown-licenses
It is not clear where the status values are exclusive or where SCIO picks the best one for a file. Using a field like this for multiple dimensions of status makes it harder to filter and search the Resources data.
I think that we should have separate status fields such as:
- scanning_status
- license_detection_status
- container_package_type:
- file_scan_status
There are two related issues for the "ignored-not-interesting" status values:
#405
#409
We should replace the current code for ignoring files when we have a file-cat addon pipeline for SCIO.