fix: Remove use of http aligning with zero trust principles. (#770)

* fix: Remove use of http aligning with zero trust principles.

Signed-off-by: Chris Butler <[email protected]>

* fix:correct typo

Signed-off-by: Chris Butler <[email protected]>

* chore: Exclude OSCAL automatically generated code from duplication metrics.

Signed-off-by: Chris Butler <[email protected]>

.github/workflows/python-test.yml

@@ -144,8 +144,9 @@ jobs:
         args: >
           -Dsonar.python.coverage.reportPaths=coverage.xml
           -Dsonar.tests=tests/
-          -Dsonar.sources=trestle/
+          -Dsonar.sources=trestle/ 
           -Dsonar.verbose=true
           -Dsonar.python.version=3.7
           -Dsonar.projectKey=compliance-trestle
           -Dsonar.organization=compliance-trestle
+          -Dsonar.cpd.exclusions=trestle/oscal/*.py

3rd-party-schema-documents/IBM_assessment_result_interchange_SCC/README.md

@@ -76,23 +76,23 @@ The inventory should be included in *local-definitions* if observations are bein
                "props": [
                    {
                        "name": "Computer Name",
-                       "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                       "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                        "value": "cmp-wn-2106.demo.tanium.local"
                    },
                    {
                        "name": "Tanium Client IP Address",
-                       "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                       "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                        "value": "192.168.0.120",
                        "class": "scc_inventory_item_id"
                    },
                    {
                        "name": "IP Address",
-                       "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                       "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                        "value": "['fe80::cd44:4154:61e8:53ae', '192.168.0.120']"
                    },
                    {
                        "name": "Count",
-                       "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                       "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                        "value": "1"
                    }
                ],
@@ -132,53 +132,53 @@ The inventory should be included in *local-definitions* if observations are bein
        "props": [
            {
                "name": "Check ID",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "CIS Red Hat Enterprise Linux 8 Benchmark;1.0.0-1;Level 1 - Server;1;xccdf_org.cisecurity.benchmarks_rule_1.1.1.1_Ensure_mounting_of_cramfs_filesystems_is_disabled"
            },
            {
                "name": "Check ID Benchmark",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "CIS Red Hat Enterprise Linux 8 Benchmark",
                "class": "scc_predefined_profile"
            },
            {
                "name": "Check ID Version",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "1.0.0-1",
                "class": "scc_check_version"
            },
            {
                "name": "Check ID Version",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "1.0.0-1",
                "class": "scc_predefined_profile_version"
            },
            {
                "name": "Check ID Level",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "Level 1 - Server"
            },
            {
                "name": "Rule ID",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "xccdf_org.cisecurity.benchmarks_rule_1.1.1.1_Ensure_mounting_of_cramfs_filesystems_is_disabled",
                "class": "scc_goal_description"
            },
            {
                "name": "Rule ID",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "xccdf_org.cisecurity.benchmarks_rule_1.1.1.1_Ensure_mounting_of_cramfs_filesystems_is_disabled",
                "class": "scc_check_name_id"
            },
            {
                "name": "State",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "fail",
                "class": "scc_result"
            },
            {
                "name": "Timestamp",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "2021-05-11T22:34:03+00:00",
                "class": "scc_timestamp"
            }
@@ -221,19 +221,19 @@ The inventory should be included in *local-definitions* if observations are bein
            "props": [
                {
                    "name": "Profile",
-                   "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                   "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                    "value": "Windows 10 - NIST 800-53",
                    "class": "scc_predefined_profile"
                },
                {
                    "name": "Version",
-                   "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                   "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                    "value": "version: 1",
                    "class": "scc_predefined_profile_version"
                },
                {
                    "name": "Custom ID",
-                   "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                   "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                    "value": "800-53: IA-5",
                }
            ],

CONTRIBUTING.md

@@ -87,7 +87,7 @@ e.g.
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#     http://www.apache.org/licenses/LICENSE-2.0
+#     https://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,

README.md

@@ -91,7 +91,7 @@ Consult [contributors](https://github.com/IBM/compliance-trestle/graphs/contribu
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#     http://www.apache.org/licenses/LICENSE-2.0
+#     https://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,

docs/cli.md

@@ -550,7 +550,7 @@ data:
   exit-code: "2"
   results: |
     <?xml version="1.0" encoding="UTF-8"?>
-    <TestResult xmlns="http://checklists.nist.gov/xccdf/1.2" 
+    <TestResult xmlns="https://checklists.nist.gov/xccdf/1.2" 
                 id="xccdf_org.open-scap_testresult_xccdf_org.ssgproject.content_profile_cis"
                 start-time="2020-08-03T02:26:26+00:00" end-time="2020-08-03T02:26:26+00:00"
                 version="0.1.52"
@@ -564,7 +564,7 @@ data:
                 <fact name="urn:xccdf:fact:scanner:name" type="string">OpenSCAP</fact>
                 <fact name="urn:xccdf:fact:scanner:version" type="string">1.3.3</fact>
               </target-facts>
-              <target-id-ref system="http://scap.nist.gov/schema/asset-identification/1.1" name="asset0" href=""/>
+              <target-id-ref system="https://scap.nist.gov/schema/asset-identification/1.1" name="asset0" href=""/>
               <platform idref="cpe:/a:redhat:openshift_container_platform:4.1"/>
               <platform idref="cpe:/a:machine"/>
               <set-value idref="xccdf_org.ssgproject.content_value_ocp_data_root">/kubernetes-api-resources</set-value>
@@ -1182,7 +1182,7 @@ output-overwrite = true
 
 org-name = International Business Machines
 org-remarks = IBM
-namespace = http://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibm-cloud
+namespace = https://ibm.github.io/compliance-trestle/schemas/oscal/cd/ibm-cloud
 property-name-to-class = goal_name_id:scc_goal_name_id, goal_version:scc_goal_version
 catalog-url = https://github.com/usnistgov/oscal-content/blob/master/nist.gov/SP800-53/rev4/json/NIST_SP-800-53_rev4_catalog.json
 catalog-title = NIST Special Publication 800-53 Revision 4

docs/index.md

@@ -83,7 +83,7 @@ Consult [contributors](https://github.com/IBM/compliance-trestle/graphs/contribu
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#     http://www.apache.org/licenses/LICENSE-2.0
+#     https://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,

docs/license.md

@@ -1,7 +1,7 @@
 ```text
                                  Apache License
                            Version 2.0, January 2004
-                        http://www.apache.org/licenses/
+                        https://www.apache.org/licenses/
 
    TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
 
@@ -193,7 +193,7 @@
    you may not use this file except in compliance with the License.
    You may obtain a copy of the License at
 
-       http://www.apache.org/licenses/LICENSE-2.0
+       https://www.apache.org/licenses/LICENSE-2.0
 
    Unless required by applicable law or agreed to in writing, software
    distributed under the License is distributed on an "AS IS" BASIS,

docs/reference/third-party-result-schema-SCC.md

@@ -76,23 +76,23 @@ The inventory should be included in *local-definitions* if observations are bein
                "props": [
                    {
                        "name": "Computer Name",
-                       "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                       "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                        "value": "cmp-wn-2106.demo.tanium.local"
                    },
                    {
                        "name": "Tanium Client IP Address",
-                       "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                       "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                        "value": "192.168.0.120",
                        "class": "scc_inventory_item_id"
                    },
                    {
                        "name": "IP Address",
-                       "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                       "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                        "value": "['fe80::cd44:4154:61e8:53ae', '192.168.0.120']"
                    },
                    {
                        "name": "Count",
-                       "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                       "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                        "value": "1"
                    }
                ],
@@ -132,53 +132,53 @@ The inventory should be included in *local-definitions* if observations are bein
        "props": [
            {
                "name": "Check ID",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "CIS Red Hat Enterprise Linux 8 Benchmark;1.0.0-1;Level 1 - Server;1;xccdf_org.cisecurity.benchmarks_rule_1.1.1.1_Ensure_mounting_of_cramfs_filesystems_is_disabled"
            },
            {
                "name": "Check ID Benchmark",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "CIS Red Hat Enterprise Linux 8 Benchmark",
                "class": "scc_predefined_profile"
            },
            {
                "name": "Check ID Version",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "1.0.0-1",
                "class": "scc_check_version"
            },
            {
                "name": "Check ID Version",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "1.0.0-1",
                "class": "scc_predefined_profile_version"
            },
            {
                "name": "Check ID Level",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "Level 1 - Server"
            },
            {
                "name": "Rule ID",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "xccdf_org.cisecurity.benchmarks_rule_1.1.1.1_Ensure_mounting_of_cramfs_filesystems_is_disabled",
                "class": "scc_goal_description"
            },
            {
                "name": "Rule ID",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "xccdf_org.cisecurity.benchmarks_rule_1.1.1.1_Ensure_mounting_of_cramfs_filesystems_is_disabled",
                "class": "scc_check_name_id"
            },
            {
                "name": "State",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "fail",
                "class": "scc_result"
            },
            {
                "name": "Timestamp",
-               "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+               "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                "value": "2021-05-11T22:34:03+00:00",
                "class": "scc_timestamp"
            }
@@ -221,19 +221,19 @@ The inventory should be included in *local-definitions* if observations are bein
            "props": [
                {
                    "name": "Profile",
-                   "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                   "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                    "value": "Windows 10 - NIST 800-53",
                    "class": "scc_predefined_profile"
                },
                {
                    "name": "Version",
-                   "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                   "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                    "value": "version: 1",
                    "class": "scc_predefined_profile_version"
                },
                {
                    "name": "Custom ID",
-                   "ns": "http://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
+                   "ns": "https://ibm.github.io/compliance-trestle/schemas/oscal/ar/tanium",
                    "value": "800-53: IA-5",
                }
            ],