Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Determine Release and Versioning Strategy for OSCAL Content Releases #105

Open
6 tasks
aj-stein-nist opened this issue May 5, 2022 · 0 comments
Open
6 tasks

Determine Release and Versioning Strategy for OSCAL Content Releases #105

aj-stein-nist opened this issue May 5, 2022 · 0 comments
Labels
Discussion Needed The issue or PR needs to be reviewed by the OSCAL development team. help wanted The NIST OSCAL team needs help from the community with this issue. LoE: Small The issue will require up to 8 hours to address. question The issue contains a question that needs to be answered. Scope: Content A task issue to create or modify OSCAL content and examples. Scope: Repository A task issue for maintenance and configuration of this repository.

Comments

@aj-stein-nist
Copy link
Contributor

aj-stein-nist commented May 5, 2022
edited
Loading

User Story:

As any form of OSCAL stakeholder, to best understand how I can manage the current and future changes to content in this repository, I want to have a defined OSCAL versioning strategy to know how to consume specific versions of the content individually and overtime, while understanding from versioning information the kind and significance of changes.

Goals:

This came up while using the new triage boards for this repo. We don't have any milestones set up, and milestones are used to communicate and organize versions of our releases and estimate dropdate windows.

We discussed pros and cons and some key points this ought to solve.

  • We need a clear versioning and release strategy.
  • There are common approaches like SemVer, does that make sense for the oscal-content repo like it does for the OSCAL repo proper?
  • There are pros/cons from having releases and their versions completely disconnected from the versioning strategy and actual version numbers of OSCAL releases. What do we decide?
    • If we choose to start or keep them connected, how do we handle the very likely future situation where content releases versioned here happen separate of an OSCAL proper release? If connected, that will cause problems.
  • Re versioning strategy (SemVer) or other and connected/disconnected to OSCAL proper releases, what does the community think? This decision point is important to our final decision here.

Dependencies:

  • Discussion in OSCAL Lunch with Devs meeting or other medium.

Acceptance Criteria

  • Team decision on proper strategy with community input.
  • Properly document and configure the release and version strategy.
  • Configure the first milestones for use in the triage process and beyond.
  • A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.
  • The CI-CD build process runs without any reported errors on the PR. This can be confirmed by reviewing that all checks have passed in the PR.
@aj-stein-nist aj-stein-nist added help wanted The NIST OSCAL team needs help from the community with this issue. question The issue contains a question that needs to be answered. Discussion Needed The issue or PR needs to be reviewed by the OSCAL development team. Scope: Content A task issue to create or modify OSCAL content and examples. LoE: Small The issue will require up to 8 hours to address. Scope: Repository A task issue for maintenance and configuration of this repository. labels May 5, 2022
@aj-stein-nist aj-stein-nist mentioned this issue Aug 29, 2022
Merged
5 tasks
@aj-stein-nist aj-stein-nist moved this from Todo to Further Analysis Needed in NIST OSCAL Work Board Sep 21, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Discussion Needed The issue or PR needs to be reviewed by the OSCAL development team. help wanted The NIST OSCAL team needs help from the community with this issue. LoE: Small The issue will require up to 8 hours to address. question The issue contains a question that needs to be answered. Scope: Content A task issue to create or modify OSCAL content and examples. Scope: Repository A task issue for maintenance and configuration of this repository.
Projects
NIST OSCAL Work Board
Status: Further Analysis Needed
Milestone
No milestone
Development

No branches or pull requests
1 participant
@aj-stein-nist