feat: add package purl in VulnerabilityReport CRD

[hown3d]

Description

This adds package url (pURL) information into the vulnerability report CRD. Having the pURL here defines a clear definition of which package this report is actually generated. Also the pURL can be used much better to integrate into other systems. Since this information is in the trivy scan result anyways it's beneficial to include it in the CR too.

Checklist

• [x] I've read the guidelines for contributing to this repository.
• [ ] I've added tests that prove my fix is effective or that my feature works.
• [ ] I've updated the documentation with the relevant information (if needed).
• [ ] I've added usage information (if the PR introduces new options)
• [ ] I've included a "before" and "after" example to the description (if the PR is a user interface change).

[CLAassistant]

All committers have signed the CLA.

[afdesk]

@hown3d could you update the PR with the base branch? it should help with tests. thanks!

[simar7]

@hown3d could you update the PR with the base branch? it should help with tests. thanks!

@afdesk I just did that but it seems tests are still red.

[afdesk]

@hown3d could you update the PR with the base branch? it should help with tests. thanks!

@afdesk I just did that but it seems tests are still red.

thanks! I'll take a look

[afdesk]

@simar7 the tests are passed could you take another look? thanks

[afdesk]

@hown3d thanks!