feat: report audit config scan status

[MaxRink]

Summary

• Add a typed status.scans surface to MondooAuditConfig for Kubernetes resource, external Kubernetes resource, container image, and node scans.
• Derive scan phase, target, backing CronJob, active Jobs, and last schedule/success timestamps from managed scan workloads.
• Cover status transitions for pending, running, succeeded, failed, and disabled scans in focused helper/controller tests.

Tests

• go test ./pkg/utils/mondoo ./controllers/k8s_scan ./controllers/container_image ./controllers/nodes
• git diff --check
• go test ./... (fails only in tests/integration: requires MONDOO_ORG_MRN and Kubernetes configuration / KUBERNETES_MASTER)

[github-actions]

All contributors have signed the CLA ✍️ ✅
_{Posted by the CLA Assistant Lite bot.}

[mondoo-code-review]

New scan status reporting in MondooAuditConfig status works correctly with good test coverage.

[MaxRink]

I have read the Mondoo CLA Document and I hereby sign the CLA

[mondoo-code-review]

Scan status reporting now correctly distinguishes running-with-prior-failure from pure running, and avoids redundant API calls for external cluster status updates.

[MaxRink]

/review

[MaxRink]

recheck

[github-actions]

Test Results

0 tests  ±0   0 ✅ ±0   0s ⏱️ ±0s
0 suites ±0   0 💤 ±0 
0 files   ±0   0 ❌ ±0 

Results for commit 4f3eab5. ± Comparison against base commit 70733ca.

♻️ This comment has been updated with latest results.

[mondoo-code-review]

Helm CRD files synced to match operator CRD definitions — no functional issues.

[mondoo-code-review]

CI spell-check action downgraded from v0.0.26 to v0.0.25 to use a non-advisory version; no functional code changes.

[mondoo-code-review]

New scan status reporting in MondooAuditConfig status works correctly across all scan types.

[mondoo-code-review]

Removes the unsafe spell-check comment job, addressing the previous version downgrade concern by eliminating the job entirely.

[mondoo-code-review]

CI config updates: restores spell-check to v0.0.26 and adds 403 to accepted link-check status codes.

[mondoo-code-review]

New scan status reporting in MondooAuditConfig status works correctly across all scan types.

[mondoo-code-review]

Spell-check workflow updated to acknowledge a security advisory for check-spelling v0.0.26.

[mondoo-code-review]

New scan status reporting in MondooAuditConfig status works correctly across all three scan controllers.

[mondoo-code-review]

Correctly handles initial DaemonSet state by reporting Pending instead of Running when no nodes are scheduled yet.

[mondoo-code-review]

Removes unused 403 status code from link-check config, no functional impact on the operator.