Update "fedramp-version" allowed-values constraint

[Rene2mt]

Constraint Task

This task is to update the "fedramp-version" allowed-values constraint, previously implemented in PR #800, adjusting the allowed-values to accept semver versions, as specified on the Developer Hub site and in ADR 10.

NOTE - need to identify list of upcoming / planned version numbers (e.g., 3.0.0-rc1, 3.0.0-rc2, etc.)

Intended Outcome

The reason for this update is ADR 10 which deprecates the use of spoke-versioning.

Syntax Type

This is a FedRAMP constraint in the FedRAMP-specific namespace.

Allowed Values

FedRAMP allowed values must be defined or verified.

Metapath(s) to Content

/*/metadata/prop[@name='fedramp-version' and @ns='http://fedramp.gov/ns/oscal']

Purpose of the OSCAL Content

No response

Dependencies

No response

Acceptance Criteria

• All OSCAL adoption content affected by the change in this issue have been updated in accordance with the Documentation Standards.
  • Explanation is present and accurate
  • sample content is present and accurate
  • Metapath is present, accurate, and does not throw a syntax exception using oscal-cli metaschema metapath eval -e "expression".
• All constraints associated with the review task have been created
• The appropriate example OSCAL file is updated with content that demonstrates the FedRAMP-compliant OSCAL presentation.
• The constraint conforms to the FedRAMP Constraint Style Guide.
  • All automated and manual review items that identify non-conformance are addressed; or technical leads (David Waltermire; AJ Stein) have approved the PR and “override” the style guide requirement.
• Known good test content is created for unit testing.
• Known bad test content is created for unit testing.
• Unit testing is configured to run both known good and known bad test content examples.
• Passing and failing unit tests, and corresponding test vectors in the form of known valid and invalid OSCAL test files, are created or updated for each constraint.
• A Pull Request (PR) is submitted that fully addresses the goals section of the User Story in the issue.
• This issue is referenced in the PR.

Other information

No response

[aj-stein-gsa]

@Rene2mt, is this separate of #833 work? I know I have lagged on that, so this ambiguity is on me. 😦

[Rene2mt]

Hey @aj-stein-gsa. It is related, but this one is specifically just updating the "fedramp-version" allowed-value constraint, although this could be included in issue #833.

One thing I wasn't sure is once #833 is implemented, do we still even need the "fedramp-version" allowed value constraint?

[aj-stein-gsa]

We need @aj-stein-gsa to finish the above as discussed in #1130 (comment) to work this, but we definitely need to finish it before the milestone release.