<span class="idiff addition">This template is **ONLY** used for reporting bugs. New feature request or pipeline enhancement issues should use the other template options for issue submission.

## Current Behavior
For new projects, a hardening_manifest.yaml file is expected to be created, but maintainers should not create a greylist file. In our implementation of backwards compatibility for the greylist, we load the greylist file for source and base images to gather the name and version, which allows us to query the VAT for cves and approval status. This causes the lint stage (and presumably the justifier and check-cves) stages to fail for new projects because they attempt to load a greylist that doesn&#39;t exist, and should not be created. 
&lt;!--- What happens instead of the expected behavior? --&gt;

## Live Example
https://repo1.dso.mil/dsop/ivx/yet-another-cloudwatch-exporter/-/jobs/1326921
&lt;!--- Provide a link to a live example(s) of the bug --&gt;

## Expected Behavior
The greylist file should only be used for name and version for a source or parent image if no hardening_manifest.yaml exists. 
&lt;!--- What should happen instead? --&gt;

## Possible Solution
Only load the greylist if the hardening_manifest doesn&#39;t exist

Relevant MR: 
https://repo1.dso.mil/ironbank-tools/ironbank-pipeline/-/merge_requests/330
&lt;!--- Not required, but suggest a fix/reason for the bug --&gt;</span>