Fix validating of security MR pipelines
This fixes a bug where a pipeline with an allowed failure would still
result in the MR being assigned back to the author. This would happen
when a build failed that is only allowed to fail on dev, as in this case
the pipeline status was still "failed", thus resulting in
!pipeline.passed?
evaluating to true.