Make sure compliance-trestle demos are running correctly - Trestle as Foundation Examples

[AleJo2995]

Compliance trestle demos repo is outdated and needs refreshment and review.

It is needed to go through the Trestle as Foundation Examples review it runs correctly as the documentation specifies concretely for this one.

Compliance-trestle version used for the generation of the demos is too outdated now vs the current one, so as part of the revision, it should be ideal to run the demo with the latest version and see if anything has changed or needs refreshment.

If there is anything needed to be done there by the demo, please submit a PR against the repo to be reviewed and tracked.

[AleJo2995]

Moving comments from @Ma1h01 in the original issue on main repo:

After following the demo, I found three issues that prevented the demo from being executed successfully.

1. 

   The demo runs with the trestle version 1.1.0. This resulted in an import issue as the old version imports the ModelField from pydantic.fields, which is not supported in the currently used pedantic version. Simply changing the version of the installed trestle can resolve the issue.

2. ControlSelection and ReviewedControls are moved to the trestle.oscal.common module but imported from the old module trestle.oscal.assessment_results in k8s-to-oscal.py. Updating the import statement can resolve the issue.

3. Two sample YAML files don't have the labels fields, which results in KeyError expectation, and a None value is passed to an object monitored by pydantic; thus, fails the entire execution.

[AleJo2995]

Thanks for the comments @Ma1h01 . Answers:

• For item 2, is there a PR for moving the import statement? If so, please link it to this issue. Thanks
• For item 3 - which are the files that have no label fields?

[Ma1h01]

I didn't make a PR because this demo appears in another repo, and I don't have the access.
These two YAML files(file 1, file 2) don't have the labels field.
Should I go ahead make a PR?

[AleJo2995]

@vikas-agarwal76 , @Ma1h01 has commented me that this demo does not seem to be working as expected for some of the things above. The problem relies on the modification of another repo which we don't particularly have a voice on. Should we keep this demo still alive?

[vikas-agarwal76]

@AleJo2995 Please connect with @degenaro on this. He developed the Kubernetes converter.

[AleJo2995]

@degenaro any comments here?

[degenaro]

You can make a fork and submit PR changes to get repo working.