Introduce a new vet subcommand

[Dentrax]

Description

Idea is to create a new vet (or something else) subcommand to run some vetting pipeline for the given apko or melange manifest just before sending to PR. Motivation is to boost local development productivity so we don't waste time on the CI by waiting. Moreover, this would be a CLI version of Wolfi workflows.

Example Usage:

wolfictl vet my-melange-manifest.yaml

We (w/ @developer-guy) thought that we can introduce a new vet subcommand that can do:

• Identify the given manifest (whether its melange or apko)

• Run format check: wolfictl lint yam

• Run lint check: wolfictl lint

• Run update check: wolfictl check update

• Run melange pipeline: (optional)

  • melange keygen, if its first run or keys does not exist
  • Check if all packages are exist on the Wolfi repo
  •  Run melange build with args/flags using Docker/Lima/etc
  • Export generated .apk to temp dir
    • Run CVE scans with Grype/Trivy

• For apko pipeline: (optional)

  • Check if all packages are exist on the Wolfi repo
  • Run terraform fmt
  • Run apko build
  • Run CVE scans with Grype/Trivy