We need to end to end test the RHCC matching logic for Hummingbird images to check the whole pipeline works as expected.

Things to be aware of:

• Basic labels.json file processing is working
• VEX updater parsing Hummingbird OCI advisories correctly
• False-positive mitigation is working (rpm provenance information being surfaced correctly).
• TBD: the from_dnf_hint could be used to match RPMs but:
  • The repository in the content set would need to be in the repository_to_cpe map
  • The VEX advisories need to correctly surface that repository CPE.