Fetch rules on start time

[itaysk]

currently rules has to be either built into the container image or mounted in by the user. Tracee should be able to automatically check for updates for it's rules DB on start time.

TBD: should this be implemented in tracee-rules or in the entrypoint?

TBD: where/how we package rules

[simar7]

Leaving my commentary as we discussed last:

1. Existing setup to package rules into a object file can be used but their distribution can be decoupled.
2. One of the distribution channels for rule object files can be through GitHub releases.
3. Tracee checks for updates to download new said object release file and does so, if found.

Pros to this approach:

1. Leverage existing setup and build on top.
2. Proven with Trivy DB distribution model.
3. Relatively lightweight and simple.

Cons to this approach:

1. Tracee no longer self contained, needs a download to be functional in any capacity.
2. Runtime dependencies can fail in unexpected/untested ways (network failure, disk failure etc.)
3. Not leveraging something more suited for storing policies (only OPA based) like Artifact Hub.

[yanivagman]

This is currently out of scope for the project