-
Notifications
You must be signed in to change notification settings - Fork 23
Revamp project to work with latest OSCAL #88
Revamp project to work with latest OSCAL #88
Conversation
ddc3075
to
799cef8
Compare
/cc @anweiss |
Thanks for this @isimluk! Will take a look and comment back. |
Hey @isimluk sorry for the delay on getting this merged in. I'm waiting on the repo admins to adjust the permissions of the repo so I can proceed with the review. CC @justincormack |
No worries. This is not completed yet. From the project governance perspective: why did the repo moved from github.com/opencontrol/oscalkit where multiple vendors had access to? It seems that this repo progression / development slowed after the transition. ? |
@isimluk we managed to fix the merging issues so can merge once reviewed and ready. I took a cursory glance at your proposed changes and everything is LGTM thus far. Appreciate some of the cleanup on the As far as project governance, this is still being worked out. I agree with you in that the project would be better served under a more security-/compliance-focused community, whether that be |
Thanks @anweiss, will let you know when this is mergeable. |
b964a28
to
99988c5
Compare
@anweiss, I think You can merge this any time you see a fit now.
Note, there are failures here and there (since the standard changed). I will continue working on those. We also have to add support for new oscal functionalities. So, it is safe to expect more to come. |
99988c5
to
0b40a04
Compare
5f14c1d
to
cb5bdfe
Compare
Hey @isimluk, since there still are some commits being pushed up, ping me once you're ready for another review :) excellent work so far! appreciate all the contributions! |
Thank You @anweiss. I will keep this PR in mergeable state so it can be merged any time. In my mind, this can be merged any time as it represents improvement over what we already have in the repo. Nevertheless, there is so much work to be done, so I will continue adding patches until it is merged and then I will simply open follow-up PR. The upside of merging this early is that it may be easier for me to receive early feedback on this work from the greater oscal community. |
@isimluk looks like you're using some new functions introduced in Go 1.12 (e.g. |
This completes the required metadata in oscal:ssp. Next step is to actually convert each control one by one.
for each open control on the input
This is especially useful when processing multiple files at once by `oscalkit validate`.
Co-Authored-By: anweiss <[email protected]>
5c3360d
to
c0f2bd1
Compare
Done. |
baebb81
to
0ec5f78
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@isimluk getting really close to merging. Would you mind also addressing the failing tests? Thanks!
@isimluk since we don't yet have CI updated to automatically generate the type bindings (which would be ideal per #90 (comment)), could you add the generated bindings to this PR in the interim? |
Last time I checked github actions are not allowed under docker organization. |
I think tests were failing even before I came. There is lot of scaffolding (like these Dockerfiles) that seems inefficient and only increase complexity. How would You think If I kept my fork growing separately in the mean time to see which parts are useful and which are really not? |
Correct. So for now, let's just include the generated bindings in the PR. Or we can open another PR after this is merged with the updated bindings. |
Fair enough. In that case, we'll disregard the failing tests for now until we get a better gauge on things. |
As @anweiss suggested. Thanks!
0ec5f78
to
97c7ad1
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM ... @isimluk let me know if we're good to merge ...
Thanks! We are good to merge. But expect me to come up with more updates in near future. |
this brings
oscalkit info
commandoscalkit validate
to be fully automatedoscalkit convert html
to get html version of the catalogoscalkit convert opencontrol <compliance-masonry-url> <outputdir>
Original Description (Dec 2019)
This is show case work in progress.
I am interested to learn if this project is interested in revamp or not. Please advise. Thanks!