Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Profile Resolution always gives full paths for resolution source in the link with rel="source-profile" #78

Open
3 tasks
aj-stein-nist opened this issue Nov 18, 2022 · 0 comments
Open
3 tasks

Profile Resolution always gives full paths for resolution source in the link with rel="source-profile" #78

aj-stein-nist opened this issue Nov 18, 2022 · 0 comments
Labels
enhancement New feature or request
Milestone
Future

Comments

@aj-stein-nist
Copy link
Collaborator

aj-stein-nist commented Nov 18, 2022
edited
Loading

User Story:

As a developer or engineer using the OSCAL CLI for profile resolution, in order to more effectively use a local environment without context that changes every run in managed environments where filesytems and paths can have random paths parts I cannot control, I would like to have the relative path of the source-profile links.

Goals:

I would like profile resolution of a resolved catalog to be friendly for local development where I do not want to leak information about my local developer machine for operational security, but also remote CI/CD where it is harder to control path names that are often random, UUID-generated (with mktemp or other procedures) to avoid path collisions. Leaking this information is a problem as it is not consistent (remote CI/CD) or yields information I do not want public (local).

Currently from using oscal-cli profile resolve today with 0.3.1, I get the following. For context, I ran this command from with the current directory (in Linux): /home/username/path/to/oscal/files when running oscal-cli profile resolve profile.yaml resolved-catalog.yaml.

---
catalog:
  uuid: f7b6594d-361c-4ba8-bfe6-4266861b3a87
  metadata:
    title: Example for usnistgov/oscal-cli#78
    last-modified: 2022-11-18T15:46:16.777677Z
    version: 0.0.1-alpha
    oscal-version: 1.0.4
    props:
    - name: resolution-tool
      value: libOSCAL-Java
    links:
    - href: file:///home/username/path/to/oscal/files/profile.yaml
      rel: source-profile

I would rather prefer, at all times or an optional runtime argument:

---
catalog:
  uuid: f7b6594d-361c-4ba8-bfe6-4266861b3a87
  metadata:
    title: Example for usnistgov/oscal-cli#78
    last-modified: 2022-11-18T15:46:16.777677Z
    version: 0.0.1-alpha
    oscal-version: 1.0.4
    props:
    - name: resolution-tool
      value: libOSCAL-Java
    links:
    - href: ./profile.yaml
      rel: source-profile

Dependencies:

N/A

Acceptance Criteria

  • All website and readme documentation affected by the changes in this issue have been updated.
  • A Pull Request (PR) is submitted that fully addresses the goals of this User Story. This issue is referenced in the PR.
  • The CI-CD build process runs without any reported errors on the PR. This can be confirmed by reviewing that all checks have passed in the PR.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
NIST OSCAL Work Board
Status: Needs Triage
Milestone
Future
Development

No branches or pull requests
1 participant
@aj-stein-nist