Fast Track Finding - non-zero exit code

Background

The current behavior in the Check CVEs job allows the job to succeed when unapproved "fast-trackable" findings are returned. The issue is that from the pipeline overview UI, it appears that there were no new findings for an image, since the contributors will only see green checkmarks. This job should throw a non-zero exit code, but allow this exit code to fail. This way the users will see an orange exclamation symbol, alerting them to fast-tracked findings, which will require justifications in VAT.

AC

• When fast-tracked findings are returned, throw non-zero exit code from parsing script. This code must be unique to fast-tracked findings, so it can be allowed to fail
• Update Check CVE yaml to allow this exit code to fail

DoD

• Test staging pipeline with project that has only fast track failures
  • The pipeline should now show an allowed failure (orange exclamation)
• Confirm that pipelines with findings that cannot be fast tracked, still fails
• Confirm that pipelines with no unapproved findings continue to pass as they currently do