Currently the Clair updaters will collect vulnerability information from multiple sources, normalize it and insert it into the matcher DB. ACS's scanner pulls previously normalized data from one source and saves it into the DB for matching. ACS also packages vulnerability data directly into container images.

It seems a course of action with minimal friction is to add a dedicated Updater for ACS, this will be the only updater enabled in the Clair V4 instance ACS would use. The bulk of the work would be {{Parse()}}ing the vulnerability rows from the ACS scanner format into Clair V4's format.