Currently, the dkrv2 plugin will walk the entire tree of the graph data image in order to find the graph data (things that match the output_allowlist). However, if using this plugin with the "fat" UBI-based image, the graph data is stored under /var/lib/cincinnati-graph-data.

This has two main side effects.

(1) (less important but annoying) The allowlist code will pick up things in the image that are not part of the graph data payload. For example, all sorts of files in the base OS that match "LICENSE":

[jeckersb@willys .tmpTSgIjm]$ pwd
/var/tmp/dkrv2chk/.tmp06Bkaa/.tmpTSgIjm
[jeckersb@willys .tmpTSgIjm]$ find usr/ -name LICENSE | wc -l
29

(2) This makes it difficult to link the output directory of the dkrv2 plugin to be used as the input for the openshift-secondary-metadata-parse plugin, since depending on the format of the input image the metadata will unpack to a different place.

(2b) This also breaks the generated graph-data.tar.gz because the paths carry through to there as well:

$ less graph-data.tar.gz | grep metadata.json
rw-rw-r- 1000/1000 380 2023-07-21 15:33 var/lib/cincinnati-graph-data/raw/metadata.json

The dkrv2 plugin should take a new option (defaulting to "/" to preserve the old behavior) which points to the location of the graph data within the requested graph data image. Then for the UBI-based image we can set that to "/var/lib/cincinnati-graph-data" and unpack relative to that. Then we can predictably link the output to other plugins and the graph-data.tar.gz will be rooted in the correct place.