Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CROSSPOST] OSCAL Example Control Set #120

Open
1 of 17 tasks
gregelin opened this issue Jul 25, 2022 · 6 comments
Open
1 of 17 tasks

[CROSSPOST] OSCAL Example Control Set #120

gregelin opened this issue Jul 25, 2022 · 6 comments
Labels
enhancement The issue adds a new feature, capability, or artifact to the repository. User Story The issue is a user story for a development task.

Comments

@gregelin
Copy link

gregelin commented Jul 25, 2022
edited by aj-stein-nist
Loading

User Story:

As an OSCAL developer, I want the example content repository to include the example set of controls proposed in OSCAL issue #1383.

Goals:

Purpose of this issue is to create example content in relation to OSCAL issue #1383. Please visit that issue for more information and discussion.

  • Update README to explain contribution process to explain:
    • Document what the MVP requirements are for "correct" for this content and how it will drive the contribution process (added in [CROSSPOST] OSCAL Example Control Set #120 (comment))
    • How to contribute new content
      • Define what content to contribute in this and subsequent issues
    • How do I validate new content I want to contribute before I ask for review:
      • locally?
      • GitHub Actions?
    • Explain src/->.. CI/CD process and its configuration in src/config, document that accordingly
  • Consider changes to CONTRIBUTING.md to make it more novice-friendly
  • Review oscal-content's src/examples sub-directories and consider clean-up and/or clarification of extraneous content like validate.sh and ssp.sch Clean Up Extraneous Example Content #136
  • Discuss with Greg and determine community needs regarding:
    • Source development with OSCAL XML and not OSCAL JSON and/or OSCAL YAML?
    • TBD
  • Commit reference profile with 5 example controls

Dependencies:

usnistgov/OSCAL#1383

References:

Acceptance Criteria

  • All readme documentation affected by the changes in this issue have been updated.
  • A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.
  • The CI-CD build process runs without any reported errors on the PR. This can be confirmed by reviewing that all checks have passed in the PR.

{The items above are general acceptance criteria for all User Stories. Please describe anything else that must be completed for this issue to be considered resolved.}
@gregelin gregelin added enhancement The issue adds a new feature, capability, or artifact to the repository. User Story The issue is a user story for a development task. labels Jul 25, 2022
@gregelin gregelin mentioned this issue Jul 25, 2022
Open
7 tasks
@aj-stein-nist
Copy link
Contributor

@david-waltermire-nist, since I marked usnistgov/OSCAL#1383 provisionally as further discussion needed, and this is a cross-post, will do the same here as well.

@aj-stein-nist
Copy link
Contributor

aj-stein-nist commented Aug 29, 2022
edited
Loading

Greg has set up a fork and branch we will begin work to merge it back into the upstream content here with pull requests, tracking against the issue above.

@aj-stein-nist
Copy link
Contributor

Just a note for my own clarification: Greg and I set up usnistgov/OSCAL#1434 to cover some of the needed diagram improvements for the OSCAL repo. We should take that feedback and make a new diagram here to explain similar things for this oscal-content repo and keep those improvements in mind here with fresh content.

@aj-stein-nist
Copy link
Contributor

aj-stein-nist commented Aug 29, 2022
edited
Loading

Re discussion with Dave:

  • schema validity
  • passes constraint checking (from oscal-cli and improvements needed there TBD)
  • conforms to OSCAL idioms (yet TBD)

@aj-stein-nist aj-stein-nist linked a pull request Aug 30, 2022 that will close this issue
Update README.md to explain contributing #131
Closed
7 tasks
@aj-stein-nist aj-stein-nist mentioned this issue Aug 31, 2022
Merged
5 tasks
@aj-stein-nist
Copy link
Contributor

@gregelin I talked with Dave and he prefer we back out cleaning up the old docs, scripts, and Schematron in the ./src/examples/ssp directory until he specifically has time to review with us in the NIST team and make sure nothing falls throughthe cracks. I opened a separate issue and we on the NIST side will prioritize that and work it separately.

Thanks for your time today, I will make a PR with recommendations for docs improvements and an explanatory CI/CD diagram as part of this effort before our next Tuesday meeting.

Also, slightly related but likely of potential interest re seeing CI/CD outputs before merge as part of the remote build process in GH Actions: #133.

gregelin added a commit to GovReady/oscal-content that referenced this issue Sep 13, 2022
@gregelin
[WIP] Initial draft example control set profile usnistgov#120
c3b4d47
@gregelin
Copy link
Author

gregelin commented Oct 11, 2022 via email

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement The issue adds a new feature, capability, or artifact to the repository. User Story The issue is a user story for a development task.
Projects
NIST OSCAL Work Board
Status: Needs Triage
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update README.md to explain contributing GovReady/oscal-content
2 participants
@gregelin @aj-stein-nist