Add three SSP metadata role constraints #676
Conversation
…atibility breaking changes introduced in the 1.2.1 oscal content release. This approach uses a local catalog that contains these fixes.
Co-authored-by: Rene Tshiteya <rene-claude.tshiteya@gsa.gov>
…ersion Local version of SP800-53rev5.1.1 that contains the correct labels
Adding the March 7 Data Bites presentation
Add files via upload
Uploading April's Data Bites presentation
Uploading the most recent Data Bites presentation
Add files via upload
Adding recent Data Bites presentations
* Fix OSCAL version * Move submodule to v1.0.6 * Remove USWDS * Fix validation errors in rev 4 templates
* Add files via upload Adding recent Data Bites presentations * Add files via upload
Fix invalid error (<prop name="privilege-level" value="privileged"/>)
This reverts commit 89f6c35.
Fix invalid error (<prop name="privilege-level" value="privileged"/>)
This reverts commit 89f6c35.
…itriZhurkin/fedramp-automation into feature/external-constraints
Add **validations** as one of the "This relates to..." options
Add the following constraints: 1. role-defined-authorizing-official-poc 2. role-defined-information-system-security-officer 3. role-defined-system-poc-other
| let scenarioLines = getScenarioLineNumbers(featureFile, constraintId,testFiles); | ||
| const scenarioLines = getScenarioLineNumbers(featureFile, constraintId,testFiles); | ||
|
|
||
| if (scenarioLines.length === 0) { | ||
| console.error(`No scenarios found for constraintId: ${constraintId}`); | ||
| execSync("npm run test:coverage",{stdio:'ignore'}); | ||
| scenarioLines = getScenarioLineNumbers(featureFile, constraintId,testFiles); | ||
| if(scenarioLines.length===0){ | ||
| execSync("npm run test:coverage",{stdio:'inherit'}); | ||
| return false; | ||
| } | ||
| } |
There was a problem hiding this comment.
Non-blocking: can we explain why these changes were made and what the intended goal is? These changes seem separate of a constraint update, so I want to check we know what we're doing here and if it is necessary now.
There was a problem hiding this comment.
Hmm, I'm not sure where these changes came from. I have not modified the dev-constraint.cjs file.
There was a problem hiding this comment.
If you know how to revert individual file changes from a commit, please do so. Otherwise, I read out the diff output to make a suggestion, just accept this change and I think you will get it back to the way it was. Let me know. If successful, there will be no change on this file afterward.
| let scenarioLines = getScenarioLineNumbers(featureFile, constraintId,testFiles); | |
| const scenarioLines = getScenarioLineNumbers(featureFile, constraintId,testFiles); | |
| if (scenarioLines.length === 0) { | |
| console.error(`No scenarios found for constraintId: ${constraintId}`); | |
| execSync("npm run test:coverage",{stdio:'ignore'}); | |
| scenarioLines = getScenarioLineNumbers(featureFile, constraintId,testFiles); | |
| if(scenarioLines.length===0){ | |
| execSync("npm run test:coverage",{stdio:'inherit'}); | |
| return false; | |
| } | |
| } | |
| let scenarioLines = getScenarioLineNumbers(featureFile, constraintId,testFiles); | |
| if (scenarioLines.length === 0) { | |
| console.error(`No scenarios found for constraintId: ${constraintId}`); | |
| execSync("npm run test:coverage",{stdio:'ignore'}); | |
| scenarioLines = getScenarioLineNumbers(featureFile, constraintId,testFiles); | |
| if(scenarioLines.length===0){ | |
| return false; | |
| } | |
| } |
There was a problem hiding this comment.
I don't even see that file in my commit, and I couldn't find when it had been changed in history.
There was a problem hiding this comment.
AJ,
I think Paul had made these changes some time ago, and when I pulled the repo yesterday, it overwrote dev-constraint.cjs on my local system.
Then, when I pushed my constraints today, the push also picked up the modified dev-constraint.cjs file.
It's a bit confusing now, which version of dev-constraint.cjs is correct. Might wanna wait for Paul's input on that puppy.
There was a problem hiding this comment.
Perhaps it is a rebase issue (where you made a branch of your PR code from a copy of feature/external-constraints, but slightly old). So do not worry about it, I can look. I will resolve this when it is approved so I do not forget to check. Re the code I don't want to change functionality and revert the Javascript because it may bork the tests for you and others if not careful, so I totally agree.
There was a problem hiding this comment.
yes looks like an out dated version of the dev constraint script, that line is meant to handle the case where a new constraint is made but the full test runner hasn't been run and the feature file needs to be updated. but its best to rebase or leave as is on the feature/external-constraints, it shouldn't alter how the tests run at all since it is a different path
| </expect> | ||
| <expect id="role-defined-system-poc-other" target="metadata" test="role[@id eq 'system-poc-other']" level="ERROR"> | ||
| <message>SSP metadata must have the system other POC role.</message> | ||
| </expect> |
There was a problem hiding this comment.
This PR looks good and the others roles make sense, I looked up current docs and will need to do some history study in old Schematron and pre-website docs, I have never seen a requirement for this role before. I see you noted the same in the spreadsheet. Can we discuss this tomorrow morning?
There was a problem hiding this comment.
I also have doubts about this system-poc-other role.
I couldn't find it in the rev 5 documentation at all. Wonder if it has been deprecated.
* Create 0006-testing-harness-approach.md * Create adr_template.md * Update adr_template.md Add instructions in ADR template * Update ADR-006 with decision * Update and finalize ADR 6 since it is defacto adopted We can always make a new ADR, but I have been here a few weeks and our Cucumber testing infra is largely built out, so at this point it makes sense to mark it accepted and clear up the review queue for other PRs that are less established. --------- Co-authored-by: A.J. Stein <alexander.stein@gsa.gov>
|
I am going to close this out in favor of #686. Thanks for the update, Dimtri. |
Committer Notes
Add the following three constraints:
All Submissions:
By submitting a pull request, you are agreeing to provide this contribution under the CC0 1.0 Universal public domain dedication.