Introduce `--offline` and `--api-server` for admin & `ceremony` add support for API

[MVrachev]

Description

As discussed with @kairoaraujo I have also introduced the --offline and --api-server admin level options in this pr as well.

In this pr I added "--offline" and "--api-server" as admin-level command options which will be reused by all admin subcommands. This allows for a single place of exception handling for those two arguments and consistent behavior across commands. This allowed the removal of "--bootstrap" in ceremony and "--api-server" options for both "ceremony" and "sign".

The "--offline" option allows you to have a local setting.SERVER configuration but still run the commands in a disconnected manner for testing.

Additionally, with "--api-server" and the "--save" (option for "send") or "output" (argument for ceremony) you can upload the payload to the RSTUF API and save the result of the command locally.

Tests for all tests are added and documentation is updated.

Additionally, in this pr I implement some of the missing features from our new admin ceremony.

The features included here are:

• Add an --api-server option for communication with existing RSTUF API deployment.
• Check bootstrap status before pushing to the API.
• Push resulting payload to API POST /api/v1/bootstrap
• Replace --save option with --output argument.
• Automatically save if --bootstrap is used even if --output file argument is not provided. The saved location is a default one - ceremony_payload.json.
• Wait for the task to finish and report back to the CLI user.
• Add timeout option for RSTUF API requests.
• Don't allow threshold < 2.
• Add tests to:
  1. make sure the online key is not any of the root keys.
  2. make sure at least threshold number of keys must be described with their public keys.

Signed-off-by: Martin Vrachev martin.vrachev@broadcom.com

Related to #533.

Types of changes

• [ ] Bug fix (non-breaking change which fixes an issue)
• [x] New feature (non-breaking change which adds functionality)
• [x] Breaking change (fix or feature that would cause existing functionality not to work as expected)

Additional requirements

• [x] Tests have been added for the bug fix or new feature
• [x] Docs have been added for the bug fix or new feature

Code of Conduct

By submitting this PR, you agree to follow our Code of Conduct.

• [x] I agree to follow this project's Code of Conduct

[codecov[bot]]

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Project coverage is 98.84%. Comparing base (47d0a69) to head (8472b56). Report is 88 commits behind head on main.

:exclamation: Current head 8472b56 differs from pull request most recent head 3f1a803

Please upload reports for the commit 3f1a803 to get more accurate results.

Additional details and impacted files

```diff @@ Coverage Diff @@ ## main #602 +/- ## ========================================== - Coverage 98.90% 98.84% -0.07% ========================================== Files 20 26 +6 Lines 1367 1900 +533 ========================================== + Hits 1352 1878 +526 - Misses 15 22 +7 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

[MVrachev]

As discussed with @kairoaraujo I have also introduced the --offline and --api-server admin level options in this pr as well in my last two commits.

[lukpueh]

Can we try to keep diffs to a minimum? I understand that it sometimes just isn't feasible, but this PR definitely mixes some unrelated things.

[lukpueh]

Also, a consistent/accurate PR description would be helpful, e.g.:

Automatically save if --bootstrap is used even if --output file argument is not provided. The saved location is a default one - ceremony_payload.json.

vs.

This allowed the removal of "--bootstrap" in ceremony and "--api-server" options for both "ceremony" and "sign".

[lukpueh]

This is going in the right direction. Here are a few comments on args/opts:

• Moving --api-server to the admin base command is an improvement.

• I'm unsure about --offline. It is only used by 3 out of 5 admin commands, and it means different things for those:

  • For ceremony it means don't write to the API.
  • For sign and update, it means don't read from or write to the API.

• --offline affects the behavior of opts/args for local file input/output, in an IMO non-intuitive way. If --offline is passed, sign and update require an input parameter, and the output parameter no longer determines, if a file is written or not.

• Generally, the opts/args related to local files don't feel consistent or intuitive to me.

  • ceremony has an optional positional OUTPUT path argument
  • sign (and likely update) has an optional positional SIGNING_JSON_INPUT_FILE path argument, and a --save (OUTPUT) option

I think we should...

• consistently use options for both input and output files
• maybe scope --offline to the API write operation only, and call it --dry-run, then it would also feel save to not write to a local file per default.
• e.g.:

rstuf [--api-server] admin ceremony [--out [PATH]] [--dry-run]

Perform ceremony and send result to API to trigger bootstrap.

* If `--out [PATH]` is passed, result is written to local PATH (in addition to
  being sent to API).

* If `--dry-run` is passed, result is not sent to API. You can pass `--out
  [PATH]` to store the result locally. `--api-server` will be ignored and may
  be omitted.

rstuf [--api-server] admin metadata {sign, update} [--in PATH] [--out [PATH]] [--dry-run]

Perform sign/metadata update for pending event and send result to API.

* If `--in PATH` is passed, input is not read from API but from local PATH.

* If `--out [PATH]` is passed, result is written to local PATH (in addition to
  being sent to API).

* If `--dry-run` is passed, result is not sent to API. You can pass `--out
  [PATH]` to store the result locally. 

* If `--in` and `--dry-run` is passed, `--api-server` will be ignored and 
  may be omitted.

(I'm open to naming suggestions)

[MVrachev]

607 will replace the first 4 commits of this pr and Ceremony: mandate threshold > 2 & add tests commit.

Please, review it before this one as this pr will be on top of it.

[MVrachev]

This pr is superseded by: https://github.com/repository-service-tuf/repository-service-tuf-cli/pull/607 and https://github.com/repository-service-tuf/repository-service-tuf-cli/pull/612.