Validate label and maintainer values in the hardening manifest

Current Behavior

Currently, the only validation we do for the hardening manifest is to check if the hm matches the schema.

Purpose

We'd like to extend our validation of the hardening manifest to confirm that the labels and maintainers values don't contain FIXME and that the type label is either opensource or commercial.

Plan

• Create an MR for each container in the following list to resolve FIXME or invalid type issues
  • https://repo1.dso.mil/dsop/kinetica/pathfinder/weather-kinetica
  • https://repo1.dso.mil/dsop/kinetica/pathfinder/weather-ingestor
  • https://repo1.dso.mil/dsop/kinetica/pathfinder/pfdatamanager
  • https://repo1.dso.mil/dsop/kinetica/pathfinder/flightplan-decoder
  • https://repo1.dso.mil/dsop/kinetica/pathfinder/flightplan-forwarder
  • https://repo1.dso.mil/dsop/opensource/pipeline-test-project/cxlite
  • https://repo1.dso.mil/dsop/kinetica/pathfinder/decoder
  • https://repo1.dso.mil/dsop/kinetica/pathfinder/packet-forwarder-decoder
  • https://repo1.dso.mil/dsop/neo4j-enterprise/neo4j
  • https://repo1.dso.mil/dsop/cypress/base-nodejs12
  • https://repo1.dso.mil/dsop/kubeflow/common/gatekeeper-0.5.0
  • https://repo1.dso.mil/dsop/opensource/pipeline-test-project/base
  • https://repo1.dso.mil/dsop/kubeflow/katib/suggestion-nasrl-57c6abf76193
  • https://repo1.dso.mil/dsop/kubeflow/katib/katib-frontend-170bd2c7c8f1
  • https://repo1.dso.mil/dsop/opensource/pipeline-test-project/ubi8-minimal
  • https://repo1.dso.mil/dsop/kubeflow/kfserving-0.2.2/storage-initializer-0.2.2
  • https://repo1.dso.mil/dsop/opensource/pipeline-test-project/kubectl
  • https://repo1.dso.mil/dsop/opensource/php/php73
  • https://repo1.dso.mil/dsop/opensource/mysql/mysql-5.7
  • https://repo1.dso.mil/dsop/opensource/minio/mc
• Add code to the pipeline to hard fail if FIXMEs are found in labels or maintainers in the hm
• Update the hm schema to only allow opensource or commercial for the type label

Acceptance Criteria

• FIXME and invalid type labels are rejected if present in the hardening manifest
• All schema and code changes are tested with a pipeline-test-project

Unit and Integration Tests

• Write or update any unit or integration tests

Related MRs

!708 (merged)
!707 (merged)