Docker EOL - Report on usage of EOL annotated images

[MichaelSimons]

EOL annotations are being added to the buildtools docker images. Once completed, the Docker EOL reporting infrastructure should incorporate the EOL annotations. Any usage of an EOL annotated image should be reported as an EOL usage. The primary scenarios in which this can occur is the following:

1. A pipeline is using a pinned/versioned tag that is out of date - e.g. almalinux-8-helix-amd64-20240724202313-cbf67da. Using the pinned/versioned tags is not generally recommended.
2. Support for a particular image is removed from buildtools prior to the underlying OS reaching it's EOL. To date, this rarely happens.

[MichaelSimons]

The rollout of EOL annotations in buildtools is complete.

Per @mthalman in https://github.com/dotnet/dnceng/issues/4350

The current data showing in the report is inaccurate because it does not take into account these annotations. For example, filtering the report to show tags containing windowsservercore-ltsc2022-helix-webassembly, you'll see a reference to the tag windowsservercore-ltsc2022-helix-webassembly-20240702174122-7aba2af by dotnet/runtime.

The report shows that it's not yet EOL.

But the actual image has been annotated with an EOL date:

$ oras discover mcr.microsoft.com/dotnet-buildtools/prereqs:windowsservercore-ltsc2022-helix-webassembly-20240702174122-7aba2af --format json
{
  "manifests": [
    {
      "reference": "mcr.microsoft.com/dotnet-buildtools/prereqs@sha256:7aaf16098579c7f8c740f8223fd6ebdb6a4e688f4120decd1e016c36f45dab41",
      "mediaType": "application/vnd.oci.image.manifest.v1+json",
      "digest": "sha256:7aaf16098579c7f8c740f8223fd6ebdb6a4e688f4120decd1e016c36f45dab41",
      "size": 783,
      "annotations": {
        "org.opencontainers.image.created": "2024-09-30T20:32:27Z",
        "vnd.microsoft.artifact.lifecycle.end-of-life.date": "2024-08-02"
      },
      "artifactType": "application/vnd.microsoft.artifact.lifecycle"
    }
  ]
}

The report should reflect this EOL date.