Add OSCAL Component Definitions as a release artifact

[jpower432]

Share the context

Utilities were added to the content repository to create OSCAL Component definitions from the compliance data stored in YAML. This allows user/devs to create OSCAL Component Definitions for products on an as-needed basis with the profiles and catalogs that exist in the trestle workspace under shared/references/oscal.

Description of problem:

In order to get component definitions from this repository, a user would have to clone the repository and create it through the utilities.

Problems with this:

• Consistency: OSCAL Component Definition would have different UUID when generated from the same commit.
• Ease of Use: Steps including setting up a development environment are required to generate a component definition
• Traceability: It can be difficult to associated the Component Definition with a release or commit because they are regenerated with each run (related to Consistency)

Proposed change:

Choose products and available profile combinations to generate OSCAL component definitions and add it as a release artifact so can be easily imported into an SSP or workspace (e.g. trestle import).

References:

Related to #11106 A repository I created for demonstrate the transformation - https://github.com/jpower432/oscal-authoring-demo

[Mab879]

A folder called component-definitions would be fine in the release artifacts.