Store vendor status property in the rails PackageMedatata::* models when syncing with PMDB

Why are we doing this work

To implement features based on the vendor status for a given advisory, this information must be made available to the rails platform. For instance, to filter which Container Scanning findings should be created based on the vendor status (unknown, fixed, not_affected, etc.). See epic for more details: Support CS_IGNORE_STATUSES in Continuous Vulner... (&15362)

The first step to achieve this is to store this value in the PMDB when syncing the Trivy-DB source. This is tracked in Sync the advisory vendor status from Trivy-DB i... (#498301)

The second step is to add this property to the NDJSON exports we generate in the GCP buckets. This is tracked in Export the advisory vendor status from PMDB (#498303)

This issue focuses on the final step which is to store this information in the rails DB when syncing the advisory data with the PMDB.

Relevant links

Non-functional requirements

• Documentation:
• Feature flag:
• Performance:
• Testing:

Implementation plan

Verification steps