Add Kyverno Reporter Data to PostgreSQL and Implement Vulnerability Endpoint

Description:

Integrate Kyverno Policy Reporter data into PostgreSQL and develop a policy-endpoint API to retrieve and process this data for compliance and security reporting.

---

Tasks:

1. Database Schema Update

   • Define a new table for storing Kyverno Policy Reporter vulnerability data.
   • Fields may include:
     • id (UUID, Primary Key)
     • namespace (VARCHAR)
     • policy_name (VARCHAR)
     • rule_name (VARCHAR)
     • severity (VARCHAR)
     • status (VARCHAR - Pass/Fail)
     • timestamp (TIMESTAMP)
     • raw_data (JSONB - for detailed policy violation information)
   • Implement necessary indexes for performance optimization.

2. Ingest Kyverno Reporter Data

   • Normalize and insert policy violation data into PostgreSQL.
   • Implement error handling and logging.

3. Create Vulnerability API Endpoint

   • Develop a new GET /api/v1/policy-scans endpoint.
   • Support filtering by namespace, policy_name, severity, and timestamp.
   • Query the PostgreSQL database to fetch and return vulnerability reports.

4. Testing & Validation

   • Write unit tests for data ingestion and API queries.

5. Documentation

   • Document database schema changes and API usage.
   • Provide examples of API requests and expected responses.

---

Acceptance Criteria:

• Kyverno Policy Reporter vulnerability data is stored in PostgreSQL.
• GET /api/v1/policy-scans returns correct policy violation results with filters.
• Unit and integration tests validate data ingestion and API behavior.
• Documentation is complete and published.