search

devsecopsmaturitymodel / DevSecOps-MaturityModel

GNU General Public License v3.0
491 stars 288 forks source link

Cannot edit heatmap with custom teams #305

Closed cosad3s closed 3 months ago

cosad3s commented 3 months ago

I have added to my meta.yaml custom team:

---
#
# Various strings and messages
#
strings:
  en: &en
    references:
      samm2:
        label: OWASP SAMM VERSION 2
        description: |-
          Software Assurance Maturity Model
          The Software Assurance Maturity Model (SAMM) is an open framework to help organizations formulate
          and implement a strategy for software security that is tailored
          to the specific risks facing the organization.
          https://owaspsamm.org/blog/2020/01/31/samm2-release/
      iso27001-2017:
        label: ISO 27001:2017
        description: |-
          ISO 27001:2017
      iso27001-2022:
        label: ISO 27001:2022
        description: |-
          ISO 27001:2022
    labels: ['Very Low', 'Low', 'Medium', 'High', 'Very High']
    KnowledgeLabels:
      [
        'Very Low (one discipline)',
        'Low (one discipline)',
        'Medium (two disciplines)',
        'High (two disciplines)',
        'Very High (three or more disciplines)',
      ]
    hardness: ['Very soft', 'Soft', 'Medium', 'High', 'Very high']
    maturity_levels:
      [
        'Level 1: Basic understanding of security practices',
        'Level 2: Adoption of basic security practices',
        'Level 3: High adoption of security practices',
        'Level 4: Very high adoption of security practices',
        'Level 5: Advanced deployment of security practices at scale',
      ]
teams: [
  'MyTeam',
  ]
teamGroups:
  MyTribe: [
    'MyTeam',
    ]

And for generated.yaml, I tried to: 

      teamsImplemented:
        MyTeam: false

The docker image is launched with docker run -v $(pwd)/meta.yaml:/srv/assets/YAML/meta.yaml -v $(pwd)/generated.yaml:/srv/assets/YAML/generated/generated.yaml -p 8080:8080 wurstbrot/dsomm

The heat map seems always to be empty / uneditable, except if the teams are named "A", "B" (default teams), etc. Capture d'écran 2024-07-11 174529

Notes

  • Maybe the file teams.yaml should also be removed ? I cannot see any usage in the source code
  • In the console log, even if teams are defined and displayed, references to teams A, B, C ... seem still to be used somewhere: image
0x41head commented 3 months ago

This issue happens because we maintain the state by saving it in local storage. Simply deleting the local storage should fix this issue.

cosad3s commented 3 months ago

Oh that's it! Indeed, I have deleted the local storage and the heatmap is correctly updated! Thanks! 💯

So maybe there is something to improve there about LocalStorage update regarding the meta.yaml configuration?

github-actions[bot] commented 3 months ago

This issue has been automatically marked as stale because it has not had recent activity. :calendar: It will be closed automatically in one week if no further activity occurs.

github-actions[bot] commented 3 months ago

This issue was closed because it has been stalled for 7 days with no activity.

vbakke commented 2 weeks ago

Can we please re-open this issue? Being able to set team names that match an organisation is vital for adoption of the DSOMM as a viable tool.