Importing FedRAMP component error: invalid component json - Githubissues

GovReady / govready-q

An open source, self-service GRC tool to automate security assessments and compliance.

https://q.govready.com

Other

174 stars 55 forks source link

Importing FedRAMP component error: invalid component json #1775

Open rylew1 opened 1 year ago

rylew1 commented 1 year ago

Bug

Attempting to generate an SSP report based on FedRAMP but we're unable to import the component/controls

To Reproduce

to start the project:

git clone https://github.com/GovReady/govready-q && cd govready-q
# Change to dev_env directory
cd dev_env

#  This will generate dev_env/docker/environment.json
python run.py init

# This will run + reuse previously built artifacts (database, files, etc)
python run.py dev

Steps to reproduce the behavior:

Go to Component Library
Import OSCAL Component
Select FedRAMP_rev4_HIGH-baseline_profile.json as linked below
Gives error: IMPORT HALTED. Invalid Component JSON: 'component-definition'

FedRAMP baseline json we're trying to use:

https://github.com/GSA/fedramp-automation/blob/master/dist/content/baselines/rev4/json/FedRAMP_rev4_HIGH-baseline_profile.json

====================================

Desktop (please complete the following information):

OS: MacOS , running in Docker
Browser: Chrome
Version: 105.0.5195.102 (Official Build) (x86_64)
Virtual Machine: docker
Screen size: 1080

====================================

Expected behavior

Import FEDRamp successfully with all the associated controls

Is our FedRAMP format incorrect or how can we properly import into GovReady?