prototype: yaml-to-OSCAL transformer

[degenaro]

Contribution is to help kubernetes produce NIST OSCAL, comprising: a folder with README and diagrams, a requirements spread sheet that documents how kubernetes results yaml fields are mapped by the transformer to OSCAL json, a python trestle-based code module that realizes yaml-to-oscal transformations, a Makefile to install prereqs and run the transformer, and OSCAL assessment-results samples.

[linux-foundation-easycla[bot]]

The committers listed above are authorized under a signed CLA.

• :white_check_mark: login: degenaro (5ce29e224b0d59d266cad98025577139cb21a40d, 37c792810bff6058b1a7f0f9c7ef0849cf318e20, 49b2b5cb08769ec42d11303008114facd8333007, 6aecc2c5fed625fbaf0e47cd6313de1b4eb516e2)

[k8s-ci-robot]

Welcome @degenaro!

It looks like this is your first PR to kubernetes-sigs/wg-policy-prototypes 🎉. Please refer to our pull request process documentation to help your PR have a smooth ride to approval.

You will be prompted by a bot to use commands during the review process. Do not be afraid to follow the prompts! It is okay to experiment. Here is the bot commands documentation.

You can also check if kubernetes-sigs/wg-policy-prototypes has its own contribution guidelines.

You may want to refer to our testing guide if you run into trouble with your tests not passing.

If you are having difficulty getting your pull request seen, please follow the recommended escalation practices. Also, for tips and tricks in the contribution process you may want to read the Kubernetes contributor cheat sheet. We want to make sure your contribution gets all the attention it needs!

Thank you, and welcome to Kubernetes. :smiley:

[sunstonesecure-robert]

overall looks great. I think we just need to discuss the administrative errata about how we are going to be custodians of this peripheral to the main Trestle project.

and then a minor nit about whether we want to explicitly indicate in the path the trestle origination, ie instead of oscal-transformer, maybe trestle-oscal-transformer or just trestle-transformer, following similar conventions as *-adapter?

[degenaro]

Thx for the comments. With respect to the "minor nit", I'll add my $.02. The present code takes YAML produced by Kube and produces OSCAL as JSON. It is properly called an oscal-transformer or kube-to-oscal-transformer or kube-yaml-to-oscal-assessment-results-json-transformer or such. The fact the the code takes advantage of the trestle SDK is nice, but not critical to the job at hand. We could image writing, with more difficulty, a GOLANG (or Fortran or Java or...) version that did not rely on trestle, and it too would be an oscal-transformer. That said, if encoding the dependency on trestle in the name is desirable I'm not opposed.

[k8s-ci-robot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: degenaro, JimBugwadia

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files: - ~~[OWNERS](https://github.com/kubernetes-sigs/wg-policy-prototypes/blob/master/OWNERS)~~ [JimBugwadia] Approvers can indicate their approval by writing `/approve` in a comment Approvers can cancel approval by writing `/approve cancel` in a comment

[JimBugwadia]

/lgtm /approved