Fix GitOps policy-software resolution to fall back to hash when URL lookup fails

[cdcme]

Fixes #40841

Summary

The root cause of the URL mismatch described in the issue is unknown. We couldn't reproduce it and couldn't find a deterministic code path that explains it.

What we fix in this PR is a code defect that turns an unknown transient condition into a hard failure. When a policy has both a URL and a hash (which is always the case for package_path references), and the URL lookup fails for any reason, a continue statement prevented the hash-based fallback from ever running.

[codecov]

Codecov Report

❌ Patch coverage is 73.52941% with 9 lines in your changes missing coverage. Please review.
✅ Project coverage is 66.82%. Comparing base (17bfa99) to head (011f9a9).
⚠️ Report is 26 commits behind head on main.

Files with missing lines	Patch %	Lines
server/service/client.go	73.52%	7 Missing and 2 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main   #42816      +/-   ##
==========================================
+ Coverage   66.81%   66.82%   +0.01%     
==========================================
  Files        2541     2544       +3     
  Lines      203971   204241     +270     
  Branches     9278     9278              
==========================================
+ Hits       136285   136491     +206     
- Misses      55340    55400      +60     
- Partials    12346    12350       +4     

Flag	Coverage Δ
backend	68.62% <73.52%> (+0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[claude]

Claude Code Review

This repository is configured for manual code reviews. Comment @claude review to trigger a review and subscribe this PR to future pushes, or @claude review once for a one-time review.

_{Tip: disable this comment in your organization's Code Review settings.}

[iansltx]

Minor feedback here, and this probably makes sense as an improvement, but I'm concerned that we never seem to have gotten a snapshot of the policy YAML that exhibited this bug, so this is a speculative fix. Might not stop us from merging + closing the bug because we're definitely fixing a cause of this particular error, particularly since the bug was filed about a month ago, but we've gotten in trouble with speculative/partial fixes before.

[iansltx]

Why can't we nil-check this and skip the cases where dereferencing Other would create a nil panic?

[iansltx]

This feels like debug-level logging where most of these values will be blank. Since each policy handles at most one software install, seems like referring to the policy by its name/filename would allow for more quickly narrowing down the issue.