Architecture for supporting multiple STIGs

[rdwj]

Design the data model and CLI interface to support multiple STIG benchmarks beyond the Application Security and Development STIG.

Target STIGs (future):

• Container Platform SRG
• Web Server STIG (Apache, NGINX)
• Application Server STIG (Tomcat, JBoss/EAP, WebSphere)
• Database STIG (PostgreSQL, Oracle, SQL Server)
• RHEL 9 STIG (for Sanicode's own deployment compliance)

Acceptance Criteria:

• Data model supports multiple STIG benchmarks with independent mapping databases
• CLI supports --stig flag to select benchmark: stigcode export ckl --stig app-security --input results.sarif
• CKL export generates separate checklists per STIG benchmark
• Mapping database structure supports per-STIG versioning
• Document contribution guide for adding new STIG support