Adding basic framework for the CLI, no changes to old cli.

[shaynakapadia]

Summary

This MR adds the basic setup for the new non-interactive surfactant cli.

If merged this pull request will

• add a surfactant cli load command
• add a surfactant cli save command
• add a new subfolder surfactant/cmd/cli_commands that contains the cli classes related to each subcommand (base, save, load)
• Initial structure to provide serialization for SBOMs (right now it just saves it as json (pickling does not work right now))

Proposed changes

The changes here will migrate the existing cli interface to the new structure. Proposed workflow is below:

surfactant cli load sbom.json # Loads the sbom into surfactant, surfactantn saves it in ~/.surfactant in a serialized form
surfactant cli find --containerPath=^123* # Loads from serialized form and finds subset that matches args
surfactant cli add --installPath 123/ /bin/ # Adds new install path based on containerpath
surfactant cli merge # merges changes to the subset from find back into the main sbom
surfactant cli find --uuid 123 # Find one entry to edit based on uuid
surfactant cli edit --components="IsAGRAF" # Editing an array by picking the element, this one edits a specific component in this entry
Current Value: {"name": "IsAGRAF", "Vendor": "Rockwell Collins Automation"}
New Value: {"name": "IsAGRAF", "Vendor": ["Rockwell Collins Automation"], "version": "1.2.3"} 
surfactant cli edit --name # Edit a string value
Current Value: oldname.out
New Value: 1.2.3.CPO.out
surfactant cli merge # Merge changes back into the rest of the SBOM
surfactant cli save new_sbom.json # save edited sbom to a new file

[nightlark]

It will be interesting to see how the performance for (de)serializing larger SBOMs is -- it looks like that will need to happen for every command that gets ran?

[shaynakapadia]

It will be interesting to see how the performance for (de)serializing larger SBOMs is -- it looks like that will need to happen for every command that gets ran?

Ran some timing on the surfactant cli load cmd, which both serializes and deserializes. Not sure why 72.7 MB and the 134 MB is going slower than the larger ones, but could be the nesting or something. Right now the serialization isn't really serialization, its just writing json to file. I was running into issues with python pickle, so am working on figuring out a workaround.

SBOM Size	Avg Time
134 KB	0.720 sec
783 KB	0.708 sec
5.8 MB	1.356 sec
11.5 MB	3.641 sec
72.7 MB	2.806 sec