Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(generate)!: initial generate ssp command #812

Merged
merged 30 commits into from
Dec 13, 2024
Merged

feat(generate)!: initial generate ssp command #812

merged 30 commits into from
Dec 13, 2024

Conversation

meganwolf0
Copy link
Collaborator

@meganwolf0 meganwolf0 commented Nov 20, 2024
edited
Loading

Description

Initial generate ssp command

  • Adds lula generate system-security-plan with required profile and optional component path(s)
  • (Breaking) Modifies the library ssp functionality to incorporate profile control resolution, instead of depending on controls defined by the component definitions (more information in below doc)
  • Updates the docs/oscal/system-security-plan.md to reflect logic followed in the generate ssp command

Follow-on issues include:

Related Issue

Fixes #803

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Other (security config, docs update, etc)

Checklist before merging

@meganwolf0 meganwolf0 changed the title generate(ssp): initial generate ssp command feat(generate): initial generate ssp command Nov 21, 2024
meganwolf0 and others added 21 commits November 21, 2024 10:16
@meganwolf0
feat(ssp): updated lib to handle variadic compdefn
2751b5f
@meganwolf0
Merge branch 'main' into 803-generate-ssp-command
3dd9d9c
@meganwolf0
feat(profile): resolve all controls in profile
6d5ac2b
@meganwolf0
fix: network fcn
faf7fc0
@meganwolf0
feat(profile): update tests
d645086
@meganwolf0
Merge branch '813-get-all-controls-from-imported-profile' into 803-ge…
db3dbb4 
…nerate-ssp-command
@meganwolf0
feat: profile-catalog links
d0f4e4b
@meganwolf0
feat: updated profile resolve to map the source
73ae30a
@meganwolf0
Merge branch 'main' into 813-get-all-controls-from-imported-profile
45081c2
@meganwolf0
Merge branch '813-get-all-controls-from-imported-profile' into 803-ge…
dfe4671 
…nerate-ssp-command
@meganwolf0
feat: ssp generation updates, tests
df2aa74
@meganwolf0
fix: update generate
37ad20e
@meganwolf0
Merge branch 'main' into 813-get-all-controls-from-imported-profile
b23f8ca
@meganwolf0
fix: add control logic broke too soon
0c16fa2
@meganwolf0
Merge branch '813-get-all-controls-from-imported-profile' into 803-ge…
a791254 
…nerate-ssp-command
@meganwolf0
fix: minor cleanups
ae1f974
@meganwolf0
test: addl unit and e2e
0ffc90a
@meganwolf0
docs: cli cmds, test cleanup
8fe52a2
@meganwolf0
docs: updated ssp doc
9f964ea
@meganwolf0
Merge remote-tracking branch 'origin/main' into 803-generate-ssp-command
14446af
@meganwolf0
fix: merging existing models, test, update docs
d1ad70c
@meganwolf0 meganwolf0 changed the title feat(generate): initial generate ssp command feat(generate)!: initial generate ssp command Dec 5, 2024
@meganwolf0 meganwolf0 marked this pull request as ready for review December 5, 2024 15:49
@meganwolf0 meganwolf0 requested a review from a team as a code owner December 5, 2024 15:49
mildwonkey
mildwonkey reviewed Dec 9, 2024
View reviewed changes
Copy link
Contributor

@mildwonkey mildwonkey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't necessarily feel qualified to approve this (the oscal concepts are still so new to me), but I also don't have any objections and it all looks reasonable to me :) I left some comments but nothing that requires changes; feel free to dismiss 'em ❤️

docs/cli-commands/lula_generate_system-security-plan.md Show resolved Hide resolved
docs/oscal/system-security-plan.md Show resolved Hide resolved
src/test/e2e/cmd/generate_ssp_test.go Show resolved Hide resolved
brandtkeller
brandtkeller reviewed Dec 11, 2024
View reviewed changes
Copy link
Member

@brandtkeller brandtkeller left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Few minor comments thus far - have a little more tracing to do - otherwise looking great.

@brandtkeller
Copy link
Member

(few conflicts to resolve when you have a minute)

@meganwolf0
Copy link
Collaborator Author

Update

  • Resolved conflicts on main (with oscalTypes)
  • Fixed some doc words
  • Modified flag/var name for component -> components in generate SSP
  • template -> artifact in short help for both SSP and Profile (Do we want to update generate component text as well OR is there another word we should give these things?)

Note - the help.golden files are kind of annoying since we have to re-generate the cli-docs + re-run the tests to generate the help docs when some command text words change... just throwing out the question of if those golden checks on help are valuable?

brandtkeller
brandtkeller requested changes Dec 12, 2024
View reviewed changes
Copy link
Member

@brandtkeller brandtkeller left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

besides a typo I feel like this looks great and really sets us up well for AP generation.

src/cmd/generate/system-security-plan.go Outdated Show resolved Hide resolved
mildwonkey
mildwonkey approved these changes Dec 13, 2024
View reviewed changes
Copy link
Contributor

@mildwonkey mildwonkey left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎉

@brandtkeller brandtkeller merged commit 74fd193 into main Dec 13, 2024
10 checks passed
@brandtkeller brandtkeller deleted the 803-generate-ssp-command branch December 13, 2024 23:43
@github-actions github-actions bot mentioned this pull request Dec 13, 2024
Merged
mildwonkey pushed a commit that referenced this pull request Dec 16, 2024
@meganwolf0 @brandtkeller
@CloudBeard @mildwonkey
feat(generate)!: initial generate ssp command (#812)
4d6b932 
* generate(ssp): initial generate ssp command

* feat(ssp): updated lib to handle variadic compdefn

* feat(profile): resolve all controls in profile

* fix: network fcn

* feat(profile): update tests

* feat: profile-catalog links

* feat: updated profile resolve to map the source

* feat: ssp generation updates, tests

* fix: update generate

* fix: add control logic broke too soon

* fix: minor cleanups

* test: addl unit and e2e

* docs: cli cmds, test cleanup

* docs: updated ssp doc

* fix: merging existing models, test, update docs

* docs: updated docs, msgs

* Update src/cmd/generate/system-security-plan.go

Co-authored-by: Brandt Keller <[email protected]>

---------

Co-authored-by: Brandt Keller <[email protected]>
Co-authored-by: Andy Mills <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brandtkeller brandtkeller brandtkeller approved these changes

@mildwonkey mildwonkey mildwonkey approved these changes

Assignees
No one assigned
Labels
None yet
Projects
Lula and Friends
Status: ✅ Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Generate SSP Command
4 participants
@meganwolf0 @brandtkeller @mildwonkey @CloudBeard