From 1670333ac075cda01b94f44c258d952f2731ba0b Mon Sep 17 00:00:00 2001 From: Takumi Yanagawa Date: Tue, 27 Aug 2024 19:06:33 +0900 Subject: [PATCH] fix: search key for rule should be Rule_Id (#28) Signed-off-by: Takumi Yanagawa --- c2p/tools/viewer/viewer.py | 2 +- docs/public/auditree.result.md | 61 +++++++++ .../data/auditree/component-definition.csv | 8 +- .../data/auditree/component-definition.json | 119 ++++++------------ .../data/auditree/csv-to-oscal-cd.config | 2 +- 5 files changed, 108 insertions(+), 84 deletions(-) create mode 100644 docs/public/auditree.result.md diff --git a/c2p/tools/viewer/viewer.py b/c2p/tools/viewer/viewer.py index 2c25e65..1a00a4d 100644 --- a/c2p/tools/viewer/viewer.py +++ b/c2p/tools/viewer/viewer.py @@ -101,7 +101,7 @@ def get_pvp_rule_pair(rule_id): pvp, rule_set = get_pvp_rule_pair(rule_id) if rule_set != None: rule_result = RuleResult(id=f'{rule_id} ({pvp})', description=rule_set['Check_Description']) - o = find_observation(assessment_results.results[0].observations, rule_set['Check_Id']) + o = find_observation(assessment_results.results[0].observations, rule_set['Rule_Id']) if o != None: for subject in o.subjects: result = get_prop_value(subject.props, 'result') diff --git a/docs/public/auditree.result.md b/docs/public/auditree.result.md new file mode 100644 index 0000000..eec9fdc --- /dev/null +++ b/docs/public/auditree.result.md @@ -0,0 +1,61 @@ + + +## Component: GitHub + + +#### Result of control ac-2: + + + +Rule `rule_github_org_member (Auditree)`: +- Check whether the GitHub org is not empty. + +
Details + + + - Subject UUID: de01a6a4-4ebe-4191-b566-e1dc48e8c613 + - Title: Auditree Check: demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty_0_oscal_compass + - Result: failure :x: + - Reason: + ``` + {'oscal-compass': ['There are people in there, but less than 5!']} + ``` + + + - Subject UUID: f933f9fa-fb6e-4a62-a708-2b4cf59009c2 + - Title: Auditree Check: demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty_1_esa + - Result: pass :white_check_mark: + - Reason: + ``` + {} + ``` + +
+ + +--- + +#### Result of control cm-2: + + + +Rule `rule_github_api_version (Auditree)`: +- Check whether there are any supported versions. + +
Details + + + - Subject UUID: 841cc8b0-29a7-46ff-81fb-8f1279b1be7b + - Title: Auditree Check: demo_examples.checks.test_github.GitHubAPIVersionsCheck.test_supported_versions + - Result: failure :x: + - Reason: + ``` + {'Supported GitHub API Versions Warning': ['There is only one supported version. Get with the program: 2022-11-28']} + ``` + +
+ + +--- + + diff --git a/plugins_public/tests/data/auditree/component-definition.csv b/plugins_public/tests/data/auditree/component-definition.csv index b5846d2..23c4bc2 100644 --- a/plugins_public/tests/data/auditree/component-definition.csv +++ b/plugins_public/tests/data/auditree/component-definition.csv @@ -1,6 +1,6 @@ $$Component_Title,$$Component_Description,$$Component_Type,$$Control_Id_List,$$Rule_Id,$$Rule_Description,$Parameter_Id,$Parameter_Description,$Parameter_Value_Alternatives,$Parameter_Value_Default,$$Profile_Source,$$Profile_Description,$Check_Id,$Check_Description,$$Namespace A human readable name for the component.,A description of the component including information about its function.,A category describing the purpose of the component. ALLOWED VALUES interconnection:software:hardware:service:physical:process-procedure:plan:guidance:standard:validation:,A list of textual labels that uniquely identify the controls or statements that the component implements.,A textual label that uniquely identifies a policy (desired state) that can be used to reference it elsewhere in this or other documents.,A description of the policy (desired state) including information about its purpose and scope.,A textual label that uniquely identifies the parameter associated with that policy (desired state) or controls implemented by the policy (desired state).,A description of the parameter including the purpose and use of the parameter.,ONLY for the policy (desired state) parameters: A value or set of values the parameter can take. The catalog parameters values are defined in the catalog. ,"A value recommended by Compliance Team in this profile for the parameter of the control or policy (desired state). If a CIS-benchmark exists, the default default could be the CIS-benchmark recommanded value.",A URL reference to the source catalog or profile for which this component is implementing controls for. A profile designates a selection and configuration of controls from one or more catalogs,A description of the profile.,A textual label that uniquely identifies a check of the policy (desired state) that can be used to reference it elsewhere in this or other documents.,A description of the check of the policy (desired state) including the method (interview or examine or test) and procedure details.,"A namespace qualifying the property's name. This allows different organizations to associate distinct semantics with the same name. Used in conjunction with ""class"" as the ontology concept. " -GitHub,GitHub,Service,cm-2,demo_examples.checks.test_github.GitHubOrgs.test_supported_versions,GitHub API returns any supported version.,,,,,https://github.com/usnistgov/oscal-content/blob/main/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_HIGH-baseline_profile.json,NIST Special Publication 800-53 Revision 5 HIGH IMPACT BASELINE,demo_examples.checks.test_github.GitHubOrgs.test_supported_versions,Check whether there are any supported versions.,http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud -GitHub,GitHub,Service,ac-2,demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty,GitHub org is not empty.,org.gh.orgs,List of organization name,"nasa,esa","nasa,esa",https://github.com/usnistgov/oscal-content/blob/main/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_HIGH-baseline_profile.json,NIST Special Publication 800-53 Revision 5 HIGH IMPACT BASELINE,demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty,Check whether the GitHub org is not empty.,http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud -Auditree,Auditree,Validation,na,demo_examples.checks.test_github.GitHubOrgs.test_supported_versions,GitHub API returns any supported version.,,,,,https://github.com/usnistgov/oscal-content/blob/main/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_HIGH-baseline_profile.json,NIST Special Publication 800-53 Revision 5 HIGH IMPACT BASELINE,demo_examples.checks.test_github.GitHubOrgs.test_supported_versions,Check whether there are any supported versions.,http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud -Auditree,Auditree,Validation,na,demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty,GitHub org is not empty.,,,,,https://github.com/usnistgov/oscal-content/blob/main/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_HIGH-baseline_profile.json,NIST Special Publication 800-53 Revision 5 HIGH IMPACT BASELINE,demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty,Check whether the GitHub org is not empty.,http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud \ No newline at end of file +GitHub,GitHub,Service,ac-2,rule_github_org_member,GitHub org is not empty.,org.gh.orgs,List of organization name,"nasa,esa","nasa,esa",https://github.com/usnistgov/oscal-content/blob/main/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_HIGH-baseline_profile.json,NIST Special Publication 800-53 Revision 5 HIGH IMPACT BASELINE,demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty,Check whether the GitHub org is not empty.,http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud +GitHub,GitHub,Service,cm-2,rule_github_api_version,GitHub API returns any supported version.,,,,,https://github.com/usnistgov/oscal-content/blob/main/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_HIGH-baseline_profile.json,NIST Special Publication 800-53 Revision 5 HIGH IMPACT BASELINE,demo_examples.checks.test_github.GitHubAPIVersionsCheck.test_supported_versions,Check whether there are any supported versions.,http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud +Auditree,Auditree,Validation,na,rule_github_org_member,GitHub org is not empty.,,,,,https://github.com/usnistgov/oscal-content/blob/main/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_HIGH-baseline_profile.json,NIST Special Publication 800-53 Revision 5 HIGH IMPACT BASELINE,demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty,Check whether the GitHub org is not empty.,http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud +Auditree,Auditree,Validation,na,rule_github_api_version,GitHub API returns any supported version.,,,,,https://github.com/usnistgov/oscal-content/blob/main/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_HIGH-baseline_profile.json,NIST Special Publication 800-53 Revision 5 HIGH IMPACT BASELINE,demo_examples.checks.test_github.GitHubAPIVersionsCheck.test_supported_versions,Check whether there are any supported versions.,http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud \ No newline at end of file diff --git a/plugins_public/tests/data/auditree/component-definition.json b/plugins_public/tests/data/auditree/component-definition.json index a078590..2852e31 100644 --- a/plugins_public/tests/data/auditree/component-definition.json +++ b/plugins_public/tests/data/auditree/component-definition.json @@ -1,15 +1,15 @@ { "component-definition": { - "uuid": "fff86296-a55f-4b4c-bec6-f89d0fef3569", + "uuid": "54d90566-7279-4be6-b2a5-423d55b8d5de", "metadata": { - "title": "Sample Component Definition using Auditree as PVP", - "last-modified": "2024-06-02T07:14:14+00:00", + "title": "Component Definition", + "last-modified": "2024-08-25T08:45:01+00:00", "version": "1.0", - "oscal-version": "1.0.4" + "oscal-version": "1.1.2" }, "components": [ { - "uuid": "ec59c356-4df9-412c-97df-52880e4c1c2c", + "uuid": "20578b35-2a8c-4747-b846-a987de62b7b7", "type": "Service", "title": "GitHub", "description": "GitHub", @@ -17,73 +17,73 @@ { "name": "Rule_Id", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_supported_versions", + "value": "rule_github_org_member", "remarks": "rule_set_0" }, { "name": "Rule_Description", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "GitHub API returns any supported version.", + "value": "GitHub org is not empty.", "remarks": "rule_set_0" }, { - "name": "Check_Id", + "name": "Parameter_Id", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_supported_versions", + "value": "org.gh.orgs", "remarks": "rule_set_0" }, { - "name": "Check_Description", + "name": "Parameter_Description", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "Check whether there are any supported versions.", + "value": "List of organization name", "remarks": "rule_set_0" }, { - "name": "Rule_Id", + "name": "Parameter_Value_Alternatives", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty", - "remarks": "rule_set_1" + "value": "nasa,esa", + "remarks": "rule_set_0" }, { - "name": "Rule_Description", + "name": "Check_Id", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "GitHub org is not empty.", - "remarks": "rule_set_1" + "value": "demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty", + "remarks": "rule_set_0" }, { - "name": "Parameter_Id", + "name": "Check_Description", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "org.gh.orgs", - "remarks": "rule_set_1" + "value": "Check whether the GitHub org is not empty.", + "remarks": "rule_set_0" }, { - "name": "Parameter_Description", + "name": "Rule_Id", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "List of organization name", + "value": "rule_github_api_version", "remarks": "rule_set_1" }, { - "name": "Parameter_Value_Alternatives", + "name": "Rule_Description", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "nasa,esa", + "value": "GitHub API returns any supported version.", "remarks": "rule_set_1" }, { "name": "Check_Id", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty", + "value": "demo_examples.checks.test_github.GitHubAPIVersionsCheck.test_supported_versions", "remarks": "rule_set_1" }, { "name": "Check_Description", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "Check whether the GitHub org is not empty.", + "value": "Check whether there are any supported versions.", "remarks": "rule_set_1" } ], "control-implementations": [ { - "uuid": "0c336b5b-9258-4129-8406-805faf2ce198", + "uuid": "699ab81d-e2ce-468d-8e0b-027b26734d02", "source": "https://github.com/usnistgov/oscal-content/blob/main/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_HIGH-baseline_profile.json", "description": "NIST Special Publication 800-53 Revision 5 HIGH IMPACT BASELINE", "set-parameters": [ @@ -97,26 +97,26 @@ ], "implemented-requirements": [ { - "uuid": "30ed7cc3-b00d-45e0-b885-bd981a93654a", - "control-id": "cm-2", + "uuid": "fe8f85f3-2b3e-48d4-8cb4-9d4f199c8274", + "control-id": "ac-2", "description": "", "props": [ { "name": "Rule_Id", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_supported_versions" + "value": "rule_github_org_member" } ] }, { - "uuid": "54de05af-90b2-40ac-8a58-84dd3b42e388", - "control-id": "ac-2", + "uuid": "62081469-ff88-4dc7-a779-32a16a02b6ab", + "control-id": "cm-2", "description": "", "props": [ { "name": "Rule_Id", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty" + "value": "rule_github_api_version" } ] } @@ -125,7 +125,7 @@ ] }, { - "uuid": "b6beb914-7b59-4f87-9a6c-2855052fe7a8", + "uuid": "82825ce5-0184-4b76-aaf0-f5cbddaf7a82", "type": "Validation", "title": "Auditree", "description": "Auditree", @@ -133,78 +133,41 @@ { "name": "Rule_Id", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_supported_versions", - "remarks": "rule_set_2" - }, - { - "name": "Rule_Description", - "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "GitHub API returns any supported version.", + "value": "rule_github_org_member", "remarks": "rule_set_2" }, { "name": "Check_Id", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_supported_versions", + "value": "demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty", "remarks": "rule_set_2" }, { "name": "Check_Description", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "Check whether there are any supported versions.", + "value": "Check whether the GitHub org is not empty.", "remarks": "rule_set_2" }, { "name": "Rule_Id", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty", - "remarks": "rule_set_3" - }, - { - "name": "Rule_Description", - "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "GitHub org is not empty.", + "value": "rule_github_api_version", "remarks": "rule_set_3" }, { "name": "Check_Id", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty", + "value": "demo_examples.checks.test_github.GitHubAPIVersionsCheck.test_supported_versions", "remarks": "rule_set_3" }, { "name": "Check_Description", "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "Check whether the GitHub org is not empty.", + "value": "Check whether there are any supported versions.", "remarks": "rule_set_3" } ], - "control-implementations": [ - { - "uuid": "0d6f2a85-ec23-42c3-b678-a54139fd7190", - "source": "https://github.com/usnistgov/oscal-content/blob/main/nist.gov/SP800-53/rev5/json/NIST_SP-800-53_rev5_HIGH-baseline_profile.json", - "description": "NIST Special Publication 800-53 Revision 5 HIGH IMPACT BASELINE", - "implemented-requirements": [ - { - "uuid": "2a00b1a6-e7c0-4767-b802-71d5831525d3", - "control-id": "na", - "description": "", - "props": [ - { - "name": "Rule_Id", - "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_supported_versions" - }, - { - "name": "Rule_Id", - "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibmcloud", - "value": "demo_examples.checks.test_github.GitHubOrgs.test_members_is_not_empty" - } - ] - } - ] - } - ] + "control-implementations": [] } ] } diff --git a/plugins_public/tests/data/auditree/csv-to-oscal-cd.config b/plugins_public/tests/data/auditree/csv-to-oscal-cd.config index e2e2076..e972bf1 100644 --- a/plugins_public/tests/data/auditree/csv-to-oscal-cd.config +++ b/plugins_public/tests/data/auditree/csv-to-oscal-cd.config @@ -1,7 +1,7 @@ [task.csv-to-oscal-cd] -title = Sample Component Definition using Auditree as PVP +title = Component Definition version = 1.0 csv-file = plugins_public/tests/data/auditree/component-definition.csv output-dir = plugins_public/tests/data/auditree