Adds an oscal directory and GitHub Actions workflow for upstream OSCAL content #11286
Conversation
Adds initial vendor directory for OSCAL content with REV4 and REV5 NIST 800-53 catalogs and FedRAMP High profiles. Adds update-vendor.yaml for automated updates of content Signed-off-by: Jennifer Power <[email protected]>
|
Hi @jpower432. Thanks for your PR. I'm waiting for a ComplianceAsCode member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
Start a new ephemeral environment with changes proposed in this pull request: Fedora Environment Oracle Linux 8 Environment |
|
We store other vendor files (such as the STIG XML files) in |
.github/workflows/update-vendor.yaml
Outdated
| delete-branch: true | ||
| commit-message: "Update vendored OSCAL content" | ||
| add-paths: | | ||
| vendor/ |
There was a problem hiding this comment.
Please add a new line at the end of the file.
.github/workflows/update-vendor.yaml
Outdated
| - name: Update content | ||
| uses: peter-evans/[email protected] | ||
| with: | ||
| base: master |
There was a problem hiding this comment.
Please add a useful title for these PRs.
https://github.com/peter-evans/create-pull-request#action-inputs
.github/workflows/update-vendor.yaml
Outdated
| @@ -0,0 +1,55 @@ | |||
| name: Update vendored OSCAL content | |||
There was a problem hiding this comment.
Per the project style gude please use 4 space indention.
.github/workflows/update-vendor.yaml
Outdated
| uses: peter-evans/[email protected] | ||
| with: | ||
| base: master | ||
| branch: "vendor-update-${{ github.run_id }}" |
There was a problem hiding this comment.
A body on the PR might be useful as well.
jpower432
force-pushed
the
add_vendor_dir
branch
from
3593ca6 to
91304f9
Compare
…tion Moves vendor to shared/references/oscal Updates update-vendor.yml to update-oscal.yml Updates formatting on update-oscal.yml to meet styling requirements Adds PR title and body to PR step in update-oscal.yml Signed-off-by: Jennifer Power <[email protected]>
jpower432
force-pushed
the
add_vendor_dir
branch
from
91304f9 to
dd6de8b
Compare
|
Thanks for the feedback @Mab879. I moved the directory to |
jpower432
changed the title
This updates the NIST references to the latest supported version for trestle. Instead of updating it in multiple places, this adds environment variables to store that information. Signed-off-by: Jennifer Power <[email protected]>
|
Adding information on the last change. The workflow was originally pointing to the to the |
|
/packit retest-failed |
.github/workflows/update-oscal.yml
Outdated
| - usnistgov NIST 800-53 from "${{ matrix.variables.catalog-source }}" | ||
| - GSA FedRAMP OSCAL profiles from "${{ matrix.variables.profile-source }}" | ||
|
|
||
| Auto-generated by [create-pull-request](https://github.com/peter-evans/create-pull-request) GitHub action |
There was a problem hiding this comment.
Could you also provide the path to this GitHub Actions file as well?
shared/references/oscal/REAMDE.adoc
Outdated
There was a problem hiding this comment.
Per the style guide please use Markdown unless there is a compelling reason.
There was a problem hiding this comment.
I missed that detail in the guide. I will convert to Markdown.
Signed-off-by: Jennifer Power <[email protected]>
Updates the "auto-generated message" to point to the actions worflow file and updates the environment variable reference in the matrix variables to ensure the correct values are used when referencing the content sources. Signed-off-by: Jennifer Power <[email protected]>
|
Code Climate has analyzed commit 8e0b2ae and detected 0 issues on this pull request. Too many changed lines in diff View more on Code Climate. |
|
/packit retest-failed |
jpower432
changed the title
vojtapolasek
added
Highlight
Description:
Adds initial vendor directory for OSCAL content with REV4 and REV5 NIST 800-53 catalogs and FedRAMP High profiles. Adds update-vendor.yaml for automated updates of content
Rationale:
Allow upstream OSCAL content to be updated, reviewed, and stored to aid to generating OSCAL component definitions.
Partially address issue #11106
Review Hints:
This is part one to a two part feature add. The update-vendor.yaml was tested/verified locally using
act.