Enhance compliance and summary and the threshold.yml to define the expected status of a control or controls and create a baseline of status, counts from an existing results file

mitre / inspec_tools

A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and data

https://inspec-tools.mitre.org/

Other

91 stars 30 forks source link

Enhance compliance and summary and the threshold.yml to define the expected status of a control or controls and create a baseline of status, counts from an existing results file #142

Closed aaronlippold closed 2 years ago

aaronlippold commented 4 years ago

The use case is I have a pr for a control and it went from failed to passed or error to pass or skipped...

Secondary use case I want to be able to process a result file as a ‘base’ status list grouped in the pass fail na ... bucks so that as we push a pr we update the threshold file for the control we fixed and it’s new status.

Cli flag support may also be useful where we pass the expected status of a control.

aaronlippold commented 4 years ago

@rbclark @Bialogs @rx294 given the work we did with --json-summary is this a short walk. Having this ability to have compliance grok the expected status - pass, failed, NA, Skipped,Error - will help us close the loop on automated CI/CD driven gold disk creation.

camdenmoors commented 2 years ago

Added in saf generate:threshold of the SAF CLI