fix: decompose istio oscal (#826)

## Description

Splits the validations out from the OSCAL Component-Definition. `lula
validate` can work remotely to validate the validations.

Updated the OSCAL Assessment-Result as the baseline has changed from
High to Moderate.

Updated the Istio catalog source url to a tagged version (recent GSA
release)

This pattern allows for easier maintenance and development of the
validations by not reading through 1000s of lines of OSCAL and OSCAL
formatting just to make a small update.

All of the validations under the ./compliance/validations directory are
a pull from the compliance-artifacts repo where OSCAL and Validations
development happen.

## Related Issue

Relates to #797

## Type of change

- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Other (security config, docs update, etc)

## Checklist before merging

- [x] Test, docs, adr added or updated as needed
- [x] [Contributor
Guide](https://github.com/defenseunicorns/uds-template-capability/blob/main/CONTRIBUTING.md)
followed

compliance/validations/istio/all-namespaces-istio-injected/README.md

@@ -0,0 +1,9 @@
+# README.md
+
+**NAME** - all-namespaces-istio-injected
+
+**INPUT** - Collects all namespaces in the Kubernetes cluster.
+
+**POLICY** - Checks that all namespaces are Istio-injected, except for a predefined list of exempted namespaces.
+
+**NOTES** - The exempted namespaces are: `istio-system`, `kube-system`, `default`, `istio-admin-gateway`, `istio-passthrough-gateway`, `istio-tenant-gateway`, `kube-node-lease`, `kube-public`, `uds-crds`, `uds-dev-stack`, `uds-policy-exemptions`, `zarf`.