Add modify-add feature

[minhaj10p]

Description

Attempts to process manipulation attributes in the profile modify section.
Linking to #12.

Feature set

1. Concurrent import chain traversal is enabled to fetch the root catalog for each import
2. Recursively searches the import chain for the controls/subcontrols referenced by the root profile for add manipulation attribute
3. Appends parts with the same class instead of adding a new part

[minhaj10p]

@anweiss
This method traverses the entire import tree and finds the catalog concurrently. The first goroutine that finds it pushes it to the channel and all other goroutines get killed thanks to the context package.
Let me know if this approach works better in stead of the old fashioned LNR tree parsing

[anweiss]

@heavypackets @justincormack for review

[minhaj10p]

Currently this PR is shutting down unit tests as import chain traversal isn't possible without file system.
If you can approve, we can commit mock profiles to pass those tests.

[anweiss]

@minhaj10p would it be possible to include the mocks in this PR?

[minhaj10p]

@minhaj10p would it be possible to include the mocks in this PR?

Sure. I can create a folder and put some profiles in it. Another thing just occurred to me is that we always put the manipulation attributes in the same profile so it never has to go in the find the manipulation attribute in the import chain. I can try and see if that works.

[minhaj10p]

@anweiss Tests updated. All are passing now with 73.0% code coverage

[minhaj10p]

@anweiss Let me know if theres anything you need changed in this pull request. Thanks.

[anweiss]

@minhaj10p please add a space after // in all comments.

[anweiss]

@heavypackets @justincormack for review

[anweiss]

@minhaj10p I tested this on my end with the FedRAMP High profile, and it looks like it's appending some erroneous structs. For example:

Parts: []catalog.Part{
	catalog.Part{
		Id:    "ir-9_smt",
		Class: "statement",
		Title: "",
	},

	catalog.Part{
		Id:    "ir-9_gdn",
		Class: "guidance",
		Title: "",
	},

	catalog.Part{
		Id:    "ir-9_obj",
		Class: "objective",
		Title: "",
	},

	catalog.Part{
		Id:    "",
		Class: "assessment",
		Title: "",
	},

	catalog.Part{
		Id:    "",
		Class: "assessment",
		Title: "",
	},

	catalog.Part{
		Id:    "",
		Class: "assessment",
		Title: "",
	},

	catalog.Part{
		Id:    "",
		Class: "justification",
		Title: "",
	},
},

Note the empty "assessment" and "justification" parts.

Also as far as the Prose, you should be able to just include it in your template.

[minhaj10p]

@minhaj10p I tested this on my end with the FedRAMP High profile, and it looks like it's appending some erroneous structs. For example:

Parts: []catalog.Part{
	catalog.Part{
		Id:    "ir-9_smt",
		Class: "statement",
		Title: "",
	},

	catalog.Part{
		Id:    "ir-9_gdn",
		Class: "guidance",
		Title: "",
	},

	catalog.Part{
		Id:    "ir-9_obj",
		Class: "objective",
		Title: "",
	},

	catalog.Part{
		Id:    "",
		Class: "assessment",
		Title: "",
	},

	catalog.Part{
		Id:    "",
		Class: "assessment",
		Title: "",
	},

	catalog.Part{
		Id:    "",
		Class: "assessment",
		Title: "",
	},

	catalog.Part{
		Id:    "",
		Class: "justification",
		Title: "",
	},
},

Note the empty "assessment" and "justification" parts.

Also as far as the Prose, you should be able to just include it in your template.

@anweiss
These erroneous looking part's are coming from the NIST-80053 catalog where the parts have no ids and only classes

         <part class="assessment">
            <prop class="method">EXAMINE</prop>
            <part class="objects">
               <p>Incident response policy</p>
               <p>procedures addressing information spillage</p>
               <p>incident response plan</p>
               <p>records of information spillage alerts/notifications, list of personnel who should receive alerts of information spillage</p>
               <p>list of actions to be performed regarding information spillage</p>
               <p>other relevant documents or records</p>
            </part>
         </part>
         <part class="assessment">
            <prop class="method">INTERVIEW</prop>
            <part class="objects">
               <p>Organizational personnel with incident response responsibilities</p>
               <p>organizational personnel with information security responsibilities</p>
            </part>
         </part>
         <part class="assessment">
            <prop class="method">TEST</prop>
            <part class="objects">
               <p>Organizational processes for information spillage response</p>
               <p>automated mechanisms supporting and/or implementing information spillage response actions and related communications</p>
            </part>
         </part>

I haven't been able to implement nested part in our code generation.
The last part with justification class comes from the profile with no id in the profile.
They look erroneous probably because it doesn't have the Prose section populated.

It looks somewhat like this if just included in the template

	catalog.Part{
		Id:  "ir-9_obj",
		Class: "objective",
		Title: "",
		Prose: "{{ } [] [p] [{{http://csrc.nist.gov/ns/oscal/1.0 p} [] [] [] [] [] [] [] [] [] [] [] Determine if the organization:  }] [] [] []
        }",

[anweiss]

@minhaj10p ah ok. That makes sense. I'll try to see what I can come up with re. nested parts and prose to help you out on this.

[minhaj10p]

@anweiss if you merge this, let me know so I can rebase the other dependent branches.

[anweiss]

@minhaj10p after speaking internally with @justincormack, we can go ahead and merge this. Thanks again for your patience.

[anweiss]

LGTM