Compatibility between hyperGRC opencontrol format and compliance-masonry

GovReady / hyperGRC

hyperGRC is a lightweight, in-browser tool for managing compliance-as-code repositories in OpenControl format.

GNU General Public License v3.0

22 stars 9 forks source link

Compatibility between hyperGRC opencontrol format and compliance-masonry #14

Open openprivacy opened 5 years ago

openprivacy commented 5 years ago

hyperGRC extended the opencontrol file layout used by compliance-masonry to enable each component to have separate files for each control. Either:

a pull-request to compliance-masonry should be made that enables it to read in this alternate layout
a script should be created created that converts one format to the other
we should abandon this useful format

JJediny commented 5 years ago

Speaking for myself

But I'm finding it best to have a 1 to 1 ratio of a single yaml file for an entire component.yaml; the control families are arbitrary. When you assume most components at most have 20-30-40 controls relevant the file size isn't a factor. Its also helpful to read them all together to see how the text relates etc etc and that way taxonomy of filenames is never an issue.