PURLDB: Collect and return Alpine package metadata on demand for a PURL

[pombredanne]

We should get the details from an Alpine project on demand.
We should also enrich a binary with actual source scans like discussed prior in related issues and PRs.

• ScanCode.io: Collect the distro of a container to create proper Alpine package PURL

See also:

• Use proper apk package type for Alpine scancode-toolkit#3726
• meta issue: Improve Alpine package reported license scancode.io#194
• Add AlpinePackages pipeline scancode.io#272
• Enhance Alpine package scan results #307
• Implement Alpine APKBUILD parser in packagedcode scancode-toolkit#2541
• Improve Alpine package declared license detection scancode-toolkit#2543
• Collect and parse as-installed Alpine Linux packages scancode-toolkit#2061
• Alpine packages can have no files  scancode-toolkit#2766
• Properly detect Alpine virtual packages scancode-toolkit#2774
• Detect Alpine Linux APK packages scancode-toolkit#1803

Some relevant references:

• This is a possible repo: http://dl-cdn.alpinelinux.org/alpine/edge/community/
• A tool https://github.com/privazio/alpine_release_info
• Parsing the YAML index file may be the way, for instance:
  • http://nl.alpinelinux.org/alpine/v3.6/releases/s390x/latest-releases.yaml
• https://github.com/knqyf263/apkindex-archive is an historical index archive