Watchmaker

**Summary**:

* Provides several new FAQs to address recent changes and SCAP findings
* Provides update on discontinuation of CentOS Stream 8 and possible work-around
* ash-linux-formula
- Addresses findings related to UEFI-enabled systems
- Removes remote log entry injected by scap content
* name-computer-formula
- Provides options to skip either the forward or reverse nsupdate
* scap-formula
- Updates openscap content to 0.1.72

**Summary**:

* ash-linux-formula
- (EL8) Populates fapolicyd default rules so system remains functional after
applying new stig controls
* ash-linux-formula
- (EL8) Updates systemd boot.mount options for compatibility with UEFI
* scap-formula
- (Linux) Updates openscap content to v0.1.71
- Updates DISA content to latest as of Jan 2024

**Summary**:

* join-domain-formula
- (Linux) Adds a `clean` state to simplify removing a system from the domain
* name-computer-formula
- (Linux) Creates DNS records using nsupdate when `nameserver` and `dns_domain`
are provided
* scap-formula
- (Linux) Updates ComplianceAsCode scap content to v0.1.70

**Summary**:

* Updates Watchmaker default config to use Salt 3006.4
* Documents invalid finding in EL8 for remote access monitoring methods
* ash-linux-formula
- Addresses several EL8 Cat2 findings from recent SCAP scans
* join-domain-formula
- (Linux) Adds cron config that refreshes AD computer object attributes

**Summary**:

* Fixes clobbering of `computer-name` grain when `computer-name-pattern` is also
provided. This prevented the `name-computer-formula` from setting the name
specified by the user
* Updates FAQ to include vendor guidance for EL8.8+
* Adds guidance on OpenSSH key signing requirements for EL8
* ash-linux-formula
- Adds handler to address pam faillock findings on EL8

**Summary**:

* Add watchmaker config argument `computer_name_pattern`, and exit with error
if provided `computer_name` does not match. Also writes grain for use with
name-computer-formula
* Updates default watchmaker config to use salt 3006.2
* Documents customization options for the watchmaker salt content
* Documents workarounds for known "gotchas" when applying EL7 and EL8 STIG controls
* ash-linux-formula
- Supports customization for mapping users to different SELinux contexts
- Removes el7 and EL8 STIG handlers that are now provided by SCAP remediation
content
- Consolidates all separate EL8 PAM handlers to states based on new authselect
capabilities
* join-domain-formula
- Adds support for `tries` option that retries a failed join domain action
- Integrates with ash-linux PAM handlers to apply STIG controls, if available
* trellix-agent-formula
- Refactors firewalld states around newer salt functionality
* name-computer-formula
- Supports reading pattern from salt grain