Update check-cves stage to query VAT DB directly

Purpose

This high priority issue has come down the pipe requiring that we no longer use they greylist file as our source of truth. This means we'll need to cut out the portion of our pipeline that checks the whitelisted cves contained in the greylist file (check-cves) and replace it with a temporary solution involing directly querying the VAT databse for a given container's whitelisted CVEs.

Plan

1. Get VAT db queries from Irma
2. Validate that these queries gather the information that we need (A.K.A match the data in the existing greylist files)
3. Update check-cves stage to no longer pull and check scan results against greylist files
4. Update check-cves stage to use Irma's queries to gather VAT db whitelist info and marshal it into a json object
5. Compare this json object against the scan results to achieve pass/fail logic