search

oscal-compass / compliance-trestle

An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.
https://oscal-compass.github.io/compliance-trestle
Apache License 2.0
169 stars 61 forks source link

Content upload to openpages via OSCAL as a trestle task #247

Closed butler54 closed 2 years ago

butler54 commented 3 years ago

Issue description / feature objectives

Assumptions:

Approach: Given an OSCAL object (e.g. a profile) and a desired Openpages host (+ credentials over http basic auth)

trestle task must first: 1) Build the assembly of OSCAL objects together. 2) For each of the dependencies from catalogs up check whether those dependencies are in openpages - this is to be done via the href structure (e.g. is it pointing to the provided host name?) 3) If not upload the content capturing the UUID it is stored in and log. 4) rewrite upstream objects referring to the object now in openpages. 5) Upload those new objects.

Example cli trestle tasks oscal-upload --file my_profile.json --host https://my_open_pages_host.com

example href from profile 


ORIGINAL:
href: "file://catalogs/soc2.json"

NEW:
href: "https://my_open_pages_host.com/api/path/to/UUID_FOR_OBJECT"
vikas-agarwal76 commented 3 years ago

https://my_open_pages_host.com/api/path/34343-sdsfd-3434

vikas-agarwal76 commented 3 years ago

@butler54 I have the APIs ready for OpenPages. Will share details separately.

butler54 commented 3 years ago

Okay given current status this is going in the icebox for now.

butler54 commented 2 years ago

Closing out with no active demand for this.