feat(core): subject condition set CLI CRUD

[jakedoublev]

Adds CRUD for subject condition sets, with the JSON relation of []*policy.SubjectSets passed via a string flag or found in a .json file with the filepath/name provided in a flag on CREATE, and validation that only one is provided at once. On UPDATE, only a JSON string is allowed.

There is an open pflags issue (since 2022) which is the library under Cobra's flags implementation which affects the Subject Condition Sets (SCSs) flag API: spf13/pflag#370.

Unfortunately, this issue means we cannot allow a slice of individual SCSs passed via CLI as we do with --label where each individual label passed with --label populates a []string of all labels. In this case, if we attempt --subject-set <single subject set json> to populate a []string where each index is a JSON string for a single SCS, we get an error flag: parse error on line 1, column 3: bare " in non-quoted-field. Because of this, we must expect all SCSs being created via JSON in the CLI to already be joined into the single array and passed as a single string flag --subject-sets <json array of all subject sets in the SCS>.

There is already support added in this PR for reading from a JSON file to create the SCS, and any time there is JSON in the CLI it is likely it will be added via script instead of manually.

See new issue around admin UX of testing Subject Condition Sets before creating.

Note

This PR was going to introduce reading Subject Sets from a YAML file as well, but yaml struct tags are not generated in the proto-built types. If this is needed, it should be discussed further and separately how the platform could expose YAML tags so consumers do not reimplement them repeatedly and potentially mistakenly. Perhaps a new proto plugin could be utilized.

[jakedoublev]

See demo in: #79 (comment)