Rethink the meaning of tracking a pods state

[jayunit100]

If the perceptor data model isn't up to date, or if some how a perceiver knows of a pod but not of its containers, then you can trick perceptor into thinking a pod is free of vulnerabilities even though its just missing information content.

Lets rethink what it means to annotate the overall status of a pod: Or if its even worth doing at all, since the containers are the source of all the threats we care about currently.

[rrati]

If we stop sending pod information to the perceptor it makes the perceptor's job 1 thing, dealing with images. That's what it cares about and really why the perceivers care about too.

The downside to doing that is that the logic in the perceptor to deal with rollup information and which pods have what images gets moved into the perceiver. IMO, that is where it should reside anyway since a pod is a concept in the cluster the perceiver is talking to.

[jayunit100]

I think consensus is that we send pod info, but its really a passthrough thing. perceptor shouldn't interpret that information in anyway, but vendors could hook in and interpret that information at some point.