Address review comments

Signed-off-by: Joyce Quach <[email protected]>
mitre · Oct 30, 2024 · e350181 · e350181
1 parent 8fb7cb7
commit e350181
Show file tree

Hide file tree

Showing 7 changed files with 40 additions and 15,152 deletions.
diff --git a/.github/workflows/convert-cci-list.yml b/.github/workflows/convert-cci-list.yml
@@ -2,12 +2,17 @@ name: Convert CCI List XML to JSON
 
 on:
   push:
-    branches: ['master']
+    # branches: ['master']
+    branches: ['add-convert-cci-list-workflow']
 
   # Run this workflow at 00:00 every month
   schedule:
     - cron: '0 0 1 * *'
 
+env:
+  # This URL is super brittle with how links constantly get changed.
+  CCI_LIST_ZIP_URL: https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CCI_List.zip
+
 jobs:
   convert-cci-list:
     runs-on: ubuntu-22.04
@@ -26,49 +31,32 @@ jobs:
         run: yarn install --frozen-lockfile
 
       - name: Prepare environment
-        run: apt update && apt install -y unzip
+        run: apt update
 
       - name: Download CCI List
-        run: curl -o U_CCI_List.zip https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CCI_List.zip && unzip U_CCI_List.zip
+        run: curl -o U_CCI_List.zip $CCI_LIST_ZIP_URL && unzip U_CCI_List.zip
+
+      - name: Get publish date of CCI List
+        id: publish-date
+        uses: mavrosxristoforos/[email protected]
+        with:
+          xml-file: '/U_CCI_List/U_CCI_List.xml'
+          xpath: '/cci_list/metadata/publishdate'
 
       - name: Convert CCI List XML to two JSON files
         run: yarn workspace @mitre/hdf-converters cciListXml2json /U_CCI_List/U_CCI_List.xml U_CCI_List.nist.json U_CCI_List.defs.json
 
-      - name: Update CciNistMappingData.ts
+      - name: Update CCI to NIST and CCI to Definition mappings
         run: |
-          touch tmp.ts
-          echo "export const CCI_TO_NIST: Record<string, string> = " >> tmp.ts
-          cat U_CCI_List.nist.json >> tmp.ts
-          echo ";" >> tmp.ts
-          echo "export const CCI_TO_DEFINITION: Record<string, string> = " >> tmp.ts
-          cat U_CCI_List.defs.json >> tmp.ts
-          echo ";" >> tmp.ts
-          cat tmp.ts > libs/hdf-converters/src/mappings/CciNistMappingData.ts
-          rm tmp.ts
+          mv U_CCI_List.nist.json libs/hdf-converters/src/mappings/
+          mv U_CCI_List.defs.json libs/hdf-converters/src/mappings/
 
       - name: Commit changes to CciNistMappingData.ts
+        env:
+          DATETIME: ${{steps.publish-date.outputs}}
         run: |
           git config --local user.email "[email protected]"
           git config --local user.name "MITRE SAF Automation"
           git add libs/hdf-converters/src/mappings/CciNistMappingData.ts
-          git commit -sm "Update CCI List to NIST and definition mappings"
-
-      - name: Push changes to repository
-        uses: ad-m/github-push-action@master
-        with:
-          github_token: ${{secrets.GITHUB_TOKEN}}
-          branch: ${{github.ref}}
-  prettier:
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Checkout the code
-        uses: actions/checkout@v4
-        with:
-          ref: ${{github.head_ref}}
-          fetch-depth: 0
-
-      - name: Prettify code
-        uses: creyD/[email protected]
-        with:
-          only_changed: True
+          git commit -sm "Update CCI List to the current NIST and definition mappings as of $DATETIME"
+          git push
diff --git a/apps/frontend/src/components/cards/controltable/ControlRowHeader.vue b/apps/frontend/src/components/cards/controltable/ControlRowHeader.vue
@@ -227,7 +227,10 @@ export default class ControlRowHeader extends mixins(HtmlSanitizeMixin) {
       if (found) {
         return found;
       }
-    } else if (CCI_TO_NIST[tag.toUpperCase()]) {
+    } else if (
+      CCI_TO_NIST[tag.toUpperCase()] &&
+      CCI_TO_DEFINITION[tag.toUpperCase()]
+    ) {
       return CCI_TO_DEFINITION[tag.toUpperCase()];
     }
     return 'Unrecognized Tag';

diff --git a/libs/hdf-converters/data/converters/cciListXml2json.ts b/libs/hdf-converters/data/converters/cciListXml2json.ts
@@ -41,7 +41,7 @@ if (!pathToInfile || !pathToCci2NistOutfile || !pathToCci2DefinitionsOutfile) {
           const nists: Record<string, string> = {};
           const definitions: Record<string, string> = {};
           // For all CCI items
-          converted.cci_list.cci_items[0].cci_item.forEach((cciItem) => {
+          for (const cciItem of converted.cci_list.cci_items[0].cci_item) {
             // Get the latest reference
             const newestReference = _.maxBy(
               cciItem.references?.[0].reference,
@@ -53,8 +53,11 @@ if (!pathToInfile || !pathToCci2NistOutfile || !pathToCci2DefinitionsOutfile) {
             } else {
               console.error(`No NIST Controls found for ${cciItem.$.id}`);
             }
-          });
-          fs.writeFileSync(pathToCci2NistOutfile, JSON.stringify(nists));
+          }
+          fs.writeFileSync(
+            pathToCci2NistOutfile,
+            JSON.stringify(nists, null, 2)
+          );
           fs.writeFileSync(
             pathToCci2DefinitionsOutfile,
             JSON.stringify(definitions)

diff --git a/libs/hdf-converters/src/mappings/CciNistMapping.ts b/libs/hdf-converters/src/mappings/CciNistMapping.ts
@@ -157,9 +157,9 @@ export class CciNistMapping {
     this.data = [];
 
     if (typeof CCI_TO_NIST === 'object') {
-      Object.entries(CCI_TO_NIST).forEach((item) => {
+      for (const item of Object.entries(CCI_TO_NIST)) {
         this.data.push(new CciNistMappingItem(item[0], item[1]));
-      });
+      }
     }
   }