Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support 'export' option #267

Closed
wants to merge 25 commits into from
Closed

Support 'export' option #267

wants to merge 25 commits into from

Conversation

andybrucenet
Copy link

Goal: Output from compliance-masonry can be pipelined into a toolchain such as docxtemplater.

Process:

  1. Create local compliance folder containing opencontrols.yaml, local policies, possibly local copy of SSP Template to use.
  2. Run ‘compliance-masonry get’ as per usual
  3. Run ‘compliance-masonry export’ – the new verb I added. Output can be to STDOUT or a result document in either JSON or YAML, flattened or not.

"Flatten" Notes:

The export command supports --flattened - so what does that mean? Basically, consider that a project could include components like RHEL7, OpenShift-v3, as well as project-specific (e.g. AU_policy component). In the generated output, the satisfied controls narratives / properties are located under the specific component (e.g. AC-2 (9) perhaps under RHEL7, AU-3 maybe under OpenShift-v3, and possibly AU-1 under local AU_policy component). This makes setting up a generic SSP Word template impossible, because there is no way to know a priori what flattened key a specific satisfied control would have. To handle this, the export verb looks for all satisfied controls and builds some meta-control definitions like controls:AU-1:XXX where the XXX is simply all the attributes stolen from the appropriate compliance-masonry output.

Hope this is a useful idea / PR!

Andy Bruce added 23 commits August 11, 2017 00:18
Adding new verb for JSON extract
58b6e19
Support for 'extract'
dd02d21 
Output can be to stdout or named file.
Output format supports JSON and YAML

JSON output required quite a few hacks (YAML worked smoothly out of the
box). The problem is that MarshalJSON on the interfaces (such as
Component) simply failed due to UnsupportedType error (with no clue as
to which type was the problem). I ended up with helper functions to work
around the problem, but hopefully done in such a way that updates to the
schema will require only minimal changes. Specifically,
'lib/certifications/certification.go' has a helper function to take
Certification interface and coerce it into a specific type; from that
point, JSON output worked as expected.
Merge branch 'master' of https://github.com/opencontrol/compliance-ma…
22e3e9e 
…sonry
Cleanup
77e10f8
Updated DEPENDS
bbf0b1e
Update usage
e9b98cd
Typos
6290323
More typos
2f52030
Flatten support added
4452842
Added control normalization to flattened JSON
ca8f222 
Coalesces all controls for a given identified prefix (e.g. 'AC-2 (9)')
into a deterministic location in the generated JSON. Example:
Control Prefix: 'data:components:RHEL7:satisfies:AC-2 (9)'
-> becomes: 'controls:AC-2 (9)'

All subelements are included in the normalized keyset;
e.g. 'data:components:RHEL7:satisfies:AC-2 (9):control_key'
becomes 'controls:AC-2 (9):control_key'.

This makes it possible to create output Word documents with replaceable
text that will not be affected by the sourced component.
Renamed 'extract' -> 'export'; refactored code
4bef01a 
Related export function groups go into their own dedicated source file.
Add config.KeySeparator to normalized flattened key
025c625
Remove bogus error recover() code
f2360bb
Added first set of export tests.
dad958d
Documentation updates
4a8eb99
Formatting...
387c78e
More formatting...
fceab9e
Updated similar to fedramp-templater
4d137ff
Update version to 1.1.3
ea466c1
Add normalized component info to controls
126758c
Use my local andybrucenet repo for publish
e2b083c
Quick fixes from CircleCI integration
be90d4d 
1. Explicitly install golint in Makefile
2. Do not infer --verbose for --debug
Send all export test output to /tmp
f20f902
@andybrucenet
Copy link
Author

Removed the extraneous output from export tests.

@shawndwells
Copy link
Member

@andybrucenet not sure if you're still interested, but would be great to see this PR rebased. Lots of great capability in this!

redhatrises added a commit to redhatrises/compliance-masonry that referenced this pull request Jun 11, 2018
@redhatrises
Add export option
e59ee75 
- Fixes opencontrol#267
@redhatrises redhatrises mentioned this pull request Jun 11, 2018
Merged
redhatrises added a commit to redhatrises/compliance-masonry that referenced this pull request Jun 11, 2018
@redhatrises
Add export option
4039564 
- Fixes opencontrol#267
redhatrises added a commit to redhatrises/compliance-masonry that referenced this pull request Jun 11, 2018
@redhatrises
Add export option
9181641 
- Fixes opencontrol#267
@shawndwells
Copy link
Member

Hi @andybrucenet - Much of this was incorporated into #292. What do you think? Should export be extended further?

Going to close this PR for now. New ones that extend export would be great!

redhatrises added a commit to redhatrises/compliance-masonry that referenced this pull request Jun 11, 2018
@redhatrises
Add export option
e937da2 
- Fixes opencontrol#267
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@andybrucenet @shawndwells