Add summary fields

[fabriziosestito]

Add the following summary fields to the report:

• Critical count
• High count
• Medium count
• Low count
• Unknown count

Acceptance Criteria

• Update VulnerabilityReport as described below
• Update the vulnerability report format RFC to describe this change

Extend the VulnerabiltyReport to have this structure:

kind: VulnerabilityReport
apiVersion: storage.sbombastic.rancher.io/v1alpha1
metadata:
  name: 733d0ae8c02e45d2e31090fb8ad739b03ffcb7863bedeaa78ffdf6e4c1e34fb7
  namespace: default
imageMetadata: {
  # usual stuff
}
report:
  summary: # <- THIS IS NEW  
    critical: 1
    high: 2
    medium: 0
    low: 40
    unknown: 0
    suppressed: 5
  results:
    # usual stuff

When not using VEX, the critical, high, medium, low and unknown numbers are going to equal to the number of issues found.

When using VEX, the numbers will be adjusted taking into account VEX suppression data.
To make an example:

• we're using VEX
• the image has 10 critical vulnerabilities
• VEX suppresses 2 critical vulnerabilities

The report will have these numbers:

• critical: 8 (10 - 2)
• suppressed: 2

[fabriziosestito]

@flavio I'm not sure we need these fields, since calculating the summary is straightforward and I’d prefer not to add unnecessary details to the report. WDYT?

[flavio]

Yes, I think we can skip that. As you said, these information can be obtained in a trivial way

[flavio]

We decided to bring it back, in this way we can have nicer output when doing a kubectl get REPORT.

Moreover, this can be useful for the UI