Try to pull base image hardening_manifest.yaml from development if not present in master

This template is ONLY used for enhancement requests. Bug reporting or new feature request issues should use the other template options for issue submission.

Current Behavior

When we pull the hardening_manifest.yaml files for base images, we're only attempting to pull from the master branch. This is making it difficult for CHT users who want to run pipelines for a new container that uses an unapproved base image.

Purpose

Allow the CHT team to run tests for new containers that use an unapproved base image while they're waiting for the base image to be approved.

Plan

• Find out which stages pull base image hardening manifests (probably just check-cves and csv-output)
• If the base image hardening manifest doesn't exist on the master branch, attempt to pull it from the development branch
• Test

Acceptance Criteria

• Pull base image hardening manifests from master by default
• Successfully pull base image hardening manifests from development if they don't exist on master