Renamed 'set-param' in SSP for consistency with the Profile model #609
Conversation
| @@ -171,7 +171,7 @@ | |||
| <description>Set parameters or amend controls in resolution</description> | |||
| <model> | |||
| <assembly ref="set" max-occurs="unbounded"> | |||
There was a problem hiding this comment.
It might be more consistent to use parameter-setting as the assembly name instead of set.
| @@ -1134,10 +1134,10 @@ | |||
| </allowed-values> | |||
| </flag> | |||
| </assembly> | |||
| <assembly ref="set-param" max-occurs="unbounded"> | |||
| <group-as name="set-params" in-json="BY_KEY"/> | |||
| <assembly ref="set" max-occurs="unbounded"> | |||
There was a problem hiding this comment.
It might be more consistent to use parameter-setting as the assembly name instead of set.
| @@ -1258,13 +1258,13 @@ | |||
| </allowed-values> | |||
| </flag> | |||
| </assembly> | |||
| <assembly ref="set-param" max-occurs="unbounded"> | |||
| <group-as name="set-params" in-json="BY_KEY"/> | |||
| <assembly ref="set" max-occurs="unbounded"> | |||
There was a problem hiding this comment.
It might be more consistent to use parameter-setting as the assembly name instead of set.
| </assembly> | ||
| </model> | ||
| </define-assembly> | ||
|
|
||
| <define-assembly name="set-param"> | ||
| <define-assembly name="set"> |
There was a problem hiding this comment.
It might be more consistent to use parameter-setting as the assembly name instead of set.
|
@david-waltermire-nist I like With the fact that the target is a parameter expressed by the In the JSON, we have a group name, which I changed to Perhaps it is not an argument against this change that it would break the data. While we had no |
|
After discussion with @david-waltermire-nist we have settled on Will post again when this issue is done. However, this is a breaking change in the data! so @brianrufgsa probably needs to be in sync wrt the FedRAMP profiles. Also may wish to stage this PR accordingly. |
|
@wendellpiez I am already tracking this and have an issue on the FedRAMP side to address it once the syntax is updated on the NIST/OSCAL side. |
|
@brianrufgsa perfect. We can also produce, run, and make available a transformation for updating the data. |
|
@wendellpiez - I don't think a transformation is necessary for this change. For the FedRAMP sample data in the template, it's just three lines. If a stakeholder has a larger data file I believe a simple search/replace can address it quickly. Find "set-param" and replace with "set-parameter", should work with both XML and JSON, including closing XML tags. I doubt anything else in an OSCAL-based SSP is going to have the string "set-param" in all lower-case in any other context. |
|
Looks like the circleci tests showed a remaining |
|
Cool. This failure now shows the validation errors in the current FedRAMP content (four baselines) as noted. @brianrufgsa as you have noted, the change is straightforward. How shall we coordinate making the change in this branch? I could accept a PR from you or I could make the change myself and have you review it. |
|
@wendellpiez I have some other changes I need to make to the FedRAMP profiles (including the elimination of the FedRAMP catalog). I’ll address all updates early this week. |
|
Fantastic @brianrufgsa please let me know if I can help. |
|
@wendellpiez Do you plan to fix the content validation errors in the build? |
|
@david-waltermire-nist I could do that but @brianrufgsa gives me the impression he would rather do it. (He says he has other changes to make to the data as well.) |
|
@david-waltermire-nist this should now ready except for the conflicted files. @brianrufgsa is it fair to assume these have also been updated to your latest, and should be resolved in favor of your versions? |
|
@wendellpiez correct! These files address the syntax changes as well as the content changes I needed to make. I did not resolve the profiles as I thought @david-waltermire-nist said the CI/CD pipeline now does that automatically for profiles. If that is not in place, I can add the resolved profiles in a separate PR. |
|
@brianrufgsa yeah ... tmk we don't trust our own profile resolution yet to do this unattended. Until profile resolution is being unit tested and we can be sure it will be correct, we need to run it outside the build (and inspect the results carefully). |
|
@wendellpiez OK - I resolved the profiles and added them to your branch as well. CircleCI checks are running now. |
|
Fantastic, thanks again @brianrufgsa |
…anged its grouping name to 'parameter-settings' for clarity.
…ngular name for this assembly. Data not yet updated so THIS BUILD OUGHTA BREAK
…(Thank you robot.)
Responding to Issue #568. The element for parameter setting is now
setin both Profile and SSP models; its grouping name isparameter-settingsin both.All Submissions:
Changes to Core Features: