Integrate GitHub security dismissed findings with Grype ignores

[bryopsida]

I've dismissed a few alerts in the security/code scanning alerts page.

But whenever the scan action is executed it detects these vulnerabilities as being new and fails the check under Code scanning results

The job has the following permissions:

permissions:
  security-events: write

And I'm running the scan action like this:

      - name: Scan image
        id: scan
        uses: anchore/scan-action@v3
        with:
          image: ${{ steps.meta.outputs.tags }}
          fail-build: false
          severity-cutoff: "critical"
          acs-report-enable: true

Any ideas on why it's reporting the dismissed (and already existing) alerts as new in the pr checks?

[spiffcs]

@bryopsida currently scan action and the github alerts page are not connected

This could be a feature enhancement where we could get scan action to be aware of these alerts and their dismissal. Is that what you're requesting?

cc @kzantow