fix: incorporates PR feedback on update-vendor.yml and directory loca…

…tion Moves vendor to shared/references/oscal Updates update-vendor.yml to update-oscal.yml Updates formatting on update-oscal.yml to meet styling requirements Adds PR title and body to PR step in update-oscal.yml Signed-off-by: Jennifer Power <[email protected]>
ComplianceAsCode · Nov 17, 2023 · dd6de8b · dd6de8b
1 parent 5b30405
commit dd6de8b
Show file tree

Hide file tree

Showing 14 changed files with 76,484 additions and 216,340 deletions.
diff --git a/.github/workflows/update-oscal.yml b/.github/workflows/update-oscal.yml
@@ -0,0 +1,62 @@
+name: Update vendored OSCAL content
+
+on:
+    workflow_dispatch:
+    schedule:
+        # Run weekly at 05:00 on Sunday
+        - cron: "0 5 * * 0"
+
+jobs:
+    update-oscal:
+        name: Update content
+        runs-on: ubuntu-latest
+        permissions:
+            contents: write
+            pull-requests: write
+        strategy:
+            matrix:
+                variables:
+                    - catalog-source: "https://raw.githubusercontent.com/usnistgov/oscal-content/v1.0.0/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_catalog.json"
+                      profile-source: "https://raw.githubusercontent.com/GSA/fedramp-automation/master/dist/content/rev5/baselines/json/FedRAMP_rev5_HIGH-baseline_profile.json"
+                      profile-name: "fedramp_rev5_high"
+                      catalog-name: "nist_rev5_800_53"
+                    - catalog-source: "https://raw.githubusercontent.com/usnistgov/oscal-content/v1.0.0/nist.gov/SP800-53/rev4/json/NIST_SP-800-53_rev4_catalog.json"
+                      profile-source: "https://raw.githubusercontent.com/GSA/fedramp-automation/master/dist/content/rev4/baselines/json/FedRAMP_rev4_HIGH-baseline_profile.json"
+                      profile-name: "fedramp_rev4_high"
+                      catalog-name: "nist_rev4_800_53"
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v4
+            - name: Install Python
+              uses: actions/setup-python@v4
+              with:
+                  python-version: '3.9'
+            - name: Install python deps
+              run: pip3 install requests compliance-trestle==2.4.0
+            - name: Update catalogs
+              run: |
+                  rm -rf "catalogs/${{ matrix.variables.catalog-name }}"
+                  trestle import -f "${{ matrix.variables.catalog-source }}" -o "${{ matrix.variables.catalog-name }}"
+              working-directory: ./shared/references/oscal
+            - name: Update profiles
+              run: |
+                  rm -rf "profiles/${{ matrix.variables.profile-name }}"
+                  trestle import -f "${{ matrix.variables.profile-source }}" -o "${{ matrix.variables.profile-name }}"
+                  trestle href --name "${{ matrix.variables.profile-name }}" -hr "trestle://catalogs/${{ matrix.variables.catalog-name }}/catalog.json"
+              working-directory: ./shared/references/oscal
+            - name: Update content
+              uses: peter-evans/[email protected]
+              with:
+                  base: master
+                  branch: "oscal-update-${{ github.run_id }}"
+                  delete-branch: true
+                  commit-message: "Update OSCAL content in shared/references/oscal"
+                  title: "Update upstream OSCAL content from usnistogv and GSA"
+                  body: |
+                      Updates upstream OSCAL content
+                      - usnistgov NIST 800-53 from "${{ matrix.variables.catalog-source }}"
+                      - GSA FedRAMP OSCAL profiles from "${{ matrix.variables.profile-source }}"
+                    
+                      Auto-generated by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action
+                  add-paths: |
+                      shared/references/oscal/
diff --git a/.github/workflows/update-vendor.yaml b/.github/workflows/update-vendor.yaml
diff --git a/.gitignore b/.gitignore
@@ -81,4 +81,4 @@ ocp4/profiles/test.profile
 coverage.xml
 
 # Trestle specfic
-vendor/.trestle/cache
+shared/references/oscal/.trestle/cache
diff --git a/vendor/.trestle/.keep → shared/references/oscal/.trestle/.keep b/vendor/.trestle/.keep → shared/references/oscal/.trestle/.keep
diff --git a/vendor/.trestle/config.ini → shared/references/oscal/.trestle/config.ini b/vendor/.trestle/config.ini → shared/references/oscal/.trestle/config.ini
diff --git a/shared/references/oscal/REAMDE.adoc b/shared/references/oscal/REAMDE.adoc
@@ -0,0 +1,5 @@
+= OSCAL Content
+
+This `oscal` directory contains a link:https://ibm.github.io/compliance-trestle/[compliance-trestle] managed workspace to import upstream catalog and profile content into generated link:https://pages.nist.gov/OSCAL-Reference/models/v1.1.1/component-definition/json-outline/[OSCAL Component Definition].
+
+
diff --git a/...or/catalogs/nist_rev4_800_53/catalog.json → ...al/catalogs/nist_rev4_800_53/catalog.json b/...or/catalogs/nist_rev4_800_53/catalog.json → ...al/catalogs/nist_rev4_800_53/catalog.json
@@ -59,13 +59,13 @@
         {
           "role-id": "creator",
           "party-uuids": [
-            "93122cb0-95bc-4fdb-8b48-85ff60f9509b"
+            "c6d77a50-e52e-4399-8a57-896d4807952f"
           ]
         },
         {
           "role-id": "contact",
           "party-uuids": [
-            "93122cb0-95bc-4fdb-8b48-85ff60f9509b"
+            "c6d77a50-e52e-4399-8a57-896d4807952f"
           ]
         }
       ]
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,5 @@
		= OSCAL Content

		This `oscal` directory contains a link:https://ibm.github.io/compliance-trestle/[compliance-trestle] managed workspace to import upstream catalog and profile content into generated link:https://pages.nist.gov/OSCAL-Reference/models/v1.1.1/component-definition/json-outline/[OSCAL Component Definition].