Spike: Investigate options for transferring software dependencies into airgap/egress-limited/controlled environments

[Racer159]

Is your feature request related to a problem? Please describe.

This is a proof of concept of different ways we can manage dependencies for software development in an airgapped environment focused on using open source tools. Scope includes just efficiently managing transferring the dependencies over the airgap along with an SBOM of the packages being moved across the airgap (#47 covers transfer). It could involve writing a custom tool to facilitate this. It could also involve collating multiple lightweight OSS tools together. Each of the following options should be evaluate based on the criteria for success defined below.

Output of this ticket should be working proof of concept and a followup ADR.

As there are so many different programming languages, this POC will focus on only a few, common ones:

1. golang
2. javascript/typescript/npm
3. python/pypi

Describe the solution you'd like

Any solution that will be picked should be the following:

1. Performant to the end user (and scalable)
2. Performant to transfer. The less of a heavy lift this process is the less difficult it will be to do multiple times/regularly
3. Sustainable
4. Have little to no impact of provenance, interaction with the repositories with package managers, etc
5. Positive UX

[Racer159]

Marking this as blocked on #47 since it is likely best done serially