From 04b2f87234fdcdfaa1303c125925a640be7ef6f3 Mon Sep 17 00:00:00 2001 From: Jennifer Power Date: Wed, 5 Feb 2025 14:56:00 -0500 Subject: [PATCH 1/4] build(deps): bump trestle to 3.7.0 Signed-off-by: Jennifer Power --- poetry.lock | 28 ++++++++++++++-------------- pyproject.toml | 2 +- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/poetry.lock b/poetry.lock index 6abac934..40672919 100644 --- a/poetry.lock +++ b/poetry.lock @@ -1,4 +1,4 @@ -# This file is automatically @generated by Poetry 1.8.5 and should not be changed by hand. +# This file is automatically @generated by Poetry 1.8.3 and should not be changed by hand. [[package]] name = "annotated-types" @@ -85,20 +85,20 @@ cryptography = "*" [[package]] name = "babel" -version = "2.16.0" +version = "2.17.0" description = "Internationalization utilities" optional = false python-versions = ">=3.8" files = [ - {file = "babel-2.16.0-py3-none-any.whl", hash = "sha256:368b5b98b37c06b7daf6696391c3240c938b37767d4584413e8438c5c435fa8b"}, - {file = "babel-2.16.0.tar.gz", hash = "sha256:d1f3554ca26605fe173f3de0c65f750f5a42f924499bf134de6423582298e316"}, + {file = "babel-2.17.0-py3-none-any.whl", hash = "sha256:4d0b53093fdfb4b21c92b5213dba5a1b23885afa8383709427046b21c366e5f2"}, + {file = "babel-2.17.0.tar.gz", hash = "sha256:0c54cffb19f690cdcc52a3b50bcbf71e07a808d1c80d549f2459b9d2cf0afb9d"}, ] [package.dependencies] pytz = {version = ">=2015.7", markers = "python_version < \"3.9\""} [package.extras] -dev = ["freezegun (>=1.0,<2.0)", "pytest (>=6.0)", "pytest-cov"] +dev = ["backports.zoneinfo", "freezegun (>=1.0,<2.0)", "jinja2 (>=3.0)", "pytest (>=6.0)", "pytest-cov", "pytz", "setuptools", "tzdata"] [[package]] name = "bcrypt" @@ -186,13 +186,13 @@ uvloop = ["uvloop (>=0.15.2)"] [[package]] name = "certifi" -version = "2024.12.14" +version = "2025.1.31" description = "Python package for providing Mozilla's CA Bundle." optional = false python-versions = ">=3.6" files = [ - {file = "certifi-2024.12.14-py3-none-any.whl", hash = "sha256:1275f7a45be9464efc1173084eaa30f866fe2e47d389406136d332ed4967ec56"}, - {file = "certifi-2024.12.14.tar.gz", hash = "sha256:b650d30f370c2b724812bee08008be0c4163b163ddaec3f2546c1caf65f191db"}, + {file = "certifi-2025.1.31-py3-none-any.whl", hash = "sha256:ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe"}, + {file = "certifi-2025.1.31.tar.gz", hash = "sha256:3d5da6925056f6f18f119200434a4780a94263f10d1c21d032a6f6b2baa20651"}, ] [[package]] @@ -1546,13 +1546,13 @@ pyyaml = ">=5.1" [[package]] name = "mkdocs-material" -version = "9.5.50" +version = "9.6.2" description = "Documentation that simply works" optional = false python-versions = ">=3.8" files = [ - {file = "mkdocs_material-9.5.50-py3-none-any.whl", hash = "sha256:f24100f234741f4d423a9d672a909d859668a4f404796be3cf035f10d6050385"}, - {file = "mkdocs_material-9.5.50.tar.gz", hash = "sha256:ae5fe16f3d7c9ccd05bb6916a7da7420cf99a9ce5e33debd9d40403a090d5825"}, + {file = "mkdocs_material-9.6.2-py3-none-any.whl", hash = "sha256:71d90dbd63b393ad11a4d90151dfe3dcbfcd802c0f29ce80bebd9bbac6abc753"}, + {file = "mkdocs_material-9.6.2.tar.gz", hash = "sha256:a3de1c5d4c745f10afa78b1a02f917b9dce0808fb206adc0f5bb48b58c1ca21f"}, ] [package.dependencies] @@ -2819,7 +2819,7 @@ files = [ [[package]] name = "ssg" -version = "0.1.76.dev634+60a184a06f" +version = "0.1.76.dev1128+fcf8a7b21c" description = "Library used while building and maintaining the ComplianceasCode/content project" optional = false python-versions = ">=3" @@ -2835,7 +2835,7 @@ setuptools = "*" type = "git" url = "https://github.com/ComplianceasCode/content" reference = "HEAD" -resolved_reference = "2edb02336a89cbf2b339fa58230ca7cf72148e03" +resolved_reference = "fcf8a7b21c47204f1212e4adb43f4301e27e36dc" [[package]] name = "toml" @@ -3045,4 +3045,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.0" python-versions = "^3.8.1" -content-hash = "6602f1fbafb8bd67d51f1cb71dee5f1d6c4c04eeb43867d28749c2470b169421" +content-hash = "792532aede758a8b60c76d0eb9e6bd2274108a9038ff8690b6337bc0fd505dc1" diff --git a/pyproject.toml b/pyproject.toml index c2903173..a3ca908a 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -24,7 +24,7 @@ trestlebot = "trestlebot.cli.root:root_cmd" [tool.poetry.dependencies] python = '^3.8.1' gitpython = "^3.1.41" -compliance-trestle = "^3.5.0" +compliance-trestle = "^3.7.0" github3-py = "^4.0.1" python-gitlab = "^4.2.0" ruamel-yaml = "^0.18.5" From 04530f7f493ca61f8da4ff0216d91d90a5845975 Mon Sep 17 00:00:00 2001 From: Jennifer Power Date: Wed, 5 Feb 2025 15:01:43 -0500 Subject: [PATCH 2/4] fix: fixes typo in sync_cac_content_profile task Signed-off-by: Jennifer Power --- trestlebot/tasks/sync_cac_content_profile_task.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/trestlebot/tasks/sync_cac_content_profile_task.py b/trestlebot/tasks/sync_cac_content_profile_task.py index 23b5e35c..36b1b559 100644 --- a/trestlebot/tasks/sync_cac_content_profile_task.py +++ b/trestlebot/tasks/sync_cac_content_profile_task.py @@ -145,7 +145,7 @@ def create_oscal_profile( self.oscal_catalog, name_update, resolved_controls ) if not written: - logger.info(f"No updated for profile {name_update}") + logger.info(f"No update for profile {name_update}") def execute(self) -> int: # calling to get_control_ids _by_level and checking for valid control file name From ccc36726b8b1ef4706b36de9115cca766328bd48 Mon Sep 17 00:00:00 2001 From: Jennifer Power Date: Wed, 5 Feb 2025 17:32:54 -0500 Subject: [PATCH 3/4] feat: adds framework property to control implementation To capture the original profile name in the CaC content, a property is added to the control implementation that can be used in complytime. Signed-off-by: Jennifer Power --- tests/trestlebot/cli/test_create_cmd.py | 2 +- .../cli/test_sync_cac_content_cmd.py | 7 +++++- trestlebot/cli/commands/autosync.py | 2 +- trestlebot/cli/commands/init.py | 2 +- trestlebot/cli/commands/version.py | 2 +- trestlebot/const.py | 7 ++++++ trestlebot/tasks/sync_cac_content_task.py | 22 ++++++++++++++++--- trestlebot/transformers/trestle_rule.py | 2 +- 8 files changed, 37 insertions(+), 9 deletions(-) diff --git a/tests/trestlebot/cli/test_create_cmd.py b/tests/trestlebot/cli/test_create_cmd.py index c081645f..524b953a 100644 --- a/tests/trestlebot/cli/test_create_cmd.py +++ b/tests/trestlebot/cli/test_create_cmd.py @@ -1,7 +1,7 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright (c) 2024 Red Hat, Inc. -""" Unit test for create commands ssp and cd""" +"""Unit test for create commands ssp and cd""" import pathlib from typing import Tuple diff --git a/tests/trestlebot/cli/test_sync_cac_content_cmd.py b/tests/trestlebot/cli/test_sync_cac_content_cmd.py index 8b128841..ba1ebc89 100644 --- a/tests/trestlebot/cli/test_sync_cac_content_cmd.py +++ b/tests/trestlebot/cli/test_sync_cac_content_cmd.py @@ -1,7 +1,7 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright (c) 2024 Red Hat, Inc. -""" Unit test for sync-cac-content command""" +"""Unit test for sync-cac-content command""" import pathlib from typing import Tuple @@ -152,6 +152,11 @@ def test_sync_product(tmp_repo: Tuple[str, Repo]) -> None: # Check control_implementations are attached ci = component.control_implementations[0] assert ci.source == "trestle://profiles/simplified_nist_profile/profile.json" + + assert len(ci.props) == 1 + assert ci.props[0].name == "Framework_Short_Name" + assert ci.props[0].value == "example" + set_parameters = ci.set_parameters assert len(set_parameters) == 2 set_params_ids = [] diff --git a/trestlebot/cli/commands/autosync.py b/trestlebot/cli/commands/autosync.py index 921752cc..da9769ca 100644 --- a/trestlebot/cli/commands/autosync.py +++ b/trestlebot/cli/commands/autosync.py @@ -1,7 +1,7 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright (c) 2024 Red Hat, Inc. -""" Autosync command""" +"""Autosync command""" import logging import sys diff --git a/trestlebot/cli/commands/init.py b/trestlebot/cli/commands/init.py index 28cb4336..b26d6796 100644 --- a/trestlebot/cli/commands/init.py +++ b/trestlebot/cli/commands/init.py @@ -1,7 +1,7 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright (c) 2024 Red Hat, Inc. -"""" +""" " Module for Trestle-bot init command """ import argparse diff --git a/trestlebot/cli/commands/version.py b/trestlebot/cli/commands/version.py index bec415cc..7ed59474 100644 --- a/trestlebot/cli/commands/version.py +++ b/trestlebot/cli/commands/version.py @@ -1,4 +1,4 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright (c) 2024 Red Hat, Inc. -""" Version command """ +"""Version command""" diff --git a/trestlebot/const.py b/trestlebot/const.py index 991dcd9f..a2db81c3 100644 --- a/trestlebot/const.py +++ b/trestlebot/const.py @@ -56,3 +56,10 @@ # Trestlebot init constants TRESTLEBOT_CONFIG_DIR = ".trestlebot" TRESTLEBOT_KEEP_FILE = ".keep" + +# Props + +# TODO(jpower432): Propose upstream as to be populated +# by the profile or catalog "name" based on trestle workspace +# conventions. +FRAMEWORK_SHORT_NAME = "Framework_Short_Name" diff --git a/trestlebot/tasks/sync_cac_content_task.py b/trestlebot/tasks/sync_cac_content_task.py index 3fa7029c..db2ade2c 100644 --- a/trestlebot/tasks/sync_cac_content_task.py +++ b/trestlebot/tasks/sync_cac_content_task.py @@ -14,7 +14,12 @@ from ssg.products import load_product_yaml, product_yaml_path from ssg.profiles import _load_yaml_profile_file, get_profiles_from_products from trestle.common.common_types import TypeWithProps -from trestle.common.const import IMPLEMENTATION_STATUS, REPLACE_ME, TRESTLE_HREF_HEADING +from trestle.common.const import ( + IMPLEMENTATION_STATUS, + REPLACE_ME, + TRESTLE_GENERIC_NS, + TRESTLE_HREF_HEADING, +) from trestle.common.list_utils import as_list, none_if_empty from trestle.common.model_utils import ModelUtils from trestle.core.generators import generate_sample_model @@ -107,6 +112,8 @@ def __init__( self.controls: List[Control] = list() self.rules_by_id: Dict[str, RuleInfo] = dict() + self.cac_profile_id = os.path.basename(cac_profile).split(".profile")[0] + self.profile_href: str = "" self.profile_path: str = "" self.catalog_helper = CatalogControlResolver() @@ -116,9 +123,8 @@ def __init__( def _collect_rules(self) -> None: """Collect all rules from the product profile.""" profiles = get_profiles_from_products(self.cac_content_root, [self.product]) - cac_profile_id = os.path.basename(self.cac_profile).split(".profile")[0] for profile in profiles: - if profile.profile_id == cac_profile_id: + if profile.profile_id == self.cac_profile_id: self.rules = profile.rules break @@ -376,6 +382,16 @@ def _create_control_implementation(self) -> ControlImplementation: all_implement_reqs.append(implemented_req) ci.implemented_requirements = all_implement_reqs self._add_set_parameters(ci) + + # Add framework prop for complytime consumption. This should be the + # orginating CaC profile name. + ci.props = as_list(ci.props) + frameworkProp = generate_sample_model(Property) + frameworkProp.name = const.FRAMEWORK_SHORT_NAME + frameworkProp.value = self.cac_profile_id + frameworkProp.ns = TRESTLE_GENERIC_NS + ci.props.append(frameworkProp) + return ci def _add_control_implementations( diff --git a/trestlebot/transformers/trestle_rule.py b/trestlebot/transformers/trestle_rule.py index b771aa10..85ec720b 100644 --- a/trestlebot/transformers/trestle_rule.py +++ b/trestlebot/transformers/trestle_rule.py @@ -130,7 +130,7 @@ def get_default_rule() -> TrestleRule: # Adapted from https://docs.pydantic.dev/latest/errors/errors/ def location_to_dot_separation( - location: Tuple[Union[str, int], ...] + location: Tuple[Union[str, int], ...], ) -> str: # pragma: no cover """Convert a tuple of strings and integers to a dot separated string.""" path: str = "" From e8a4725fd7dcfd5e7e5bbd229070db53ea8ec6dc Mon Sep 17 00:00:00 2001 From: Jennifer Power Date: Thu, 13 Feb 2025 07:17:41 -0500 Subject: [PATCH 4/4] chore: update trestlebot/cli/commands/init.py Co-authored-by: Qingmin Duanmu --- trestlebot/cli/commands/init.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/trestlebot/cli/commands/init.py b/trestlebot/cli/commands/init.py index b26d6796..df34146c 100644 --- a/trestlebot/cli/commands/init.py +++ b/trestlebot/cli/commands/init.py @@ -1,7 +1,7 @@ # SPDX-License-Identifier: Apache-2.0 # Copyright (c) 2024 Red Hat, Inc. -""" " +""" Module for Trestle-bot init command """ import argparse