Suggestion of optimizing the scan all

[wy65701436]

Harbor uses Trivy to scan artifacts for CVEs, relying on a CVE database that is regularly downloaded from the network.

Currently, the "scan all" function does not consider the state of the database when deciding whether to perform a scan. I suggest storing metadata about the CVE database and comparing it before running a "scan all" operation. This way, we can avoid unnecessary scans and reduce the overall execution time.

[Vad1mo]

We can also create a policy around Scan All, like we have for other parts in Harbor. This way the user can create a policy around scan process and skip old images from being scanned.

With that approach, I fear we are building a solution just for Trivy, and not solving the general problem.