Add issue-893 Constraints
#949
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
14 tasks
wandmagic
previously approved these changes
Dec 2, 2024
aj-stein-gsa
requested changes
Dec 2, 2024
aj-stein-gsa
previously approved these changes
Dec 3, 2024
Gabeblis
force-pushed
the
constraints/issue-893
branch
from
9be50f2 to
ee37077
Compare
|
@Rene2mt @aj-stein-gsa This PR just needed a rebase. Can you please give a quick re-review? |
Rene2mt
previously approved these changes
Dec 3, 2024
Gabeblis
force-pushed
the
constraints/issue-893
branch
from
ee37077 to
9d66a97
Compare
aj-stein-gsa
approved these changes
Dec 3, 2024
wandmagic
approved these changes
Dec 3, 2024
wandmagic
added a commit
to wandmagic/fedramp-automation
that referenced
this pull request
Dec 11, 2024
commit f010473 Author: wandmagic <156969148+wandmagic@users.noreply.github.com> Date: Tue Dec 10 15:08:00 2024 -0500 re-introduce implemented-requirements constraints (GSA#981) * re-introduce implemented-requirements constraints * add doc available check for health url * fix spacing * Update src/validations/constraints/fedramp-external-constraints.xml Co-authored-by: Gabeblis <gabriel.rodriguez@gsa.gov> * Update src/validations/constraints/fedramp-external-constraints.xml Co-authored-by: Gabeblis <gabriel.rodriguez@gsa.gov> --------- Co-authored-by: Gabeblis <gabriel.rodriguez@gsa.gov> commit c0ad00e Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Mon Dec 9 17:17:47 2024 -0500 Adjust link for all profiles (GSA#979) commit 8561600 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Mon Dec 9 11:27:48 2024 -0500 Add Components To `information-type-800-60-v2r1` Allowed Values (GSA#973) * Add Leveraged Authorizations and External, Interconnected, and Unauthorized Systems components to information-type allowed values * Adjust constraint target commit 788b67e Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Mon Dec 9 09:32:35 2024 -0500 Fix constraint targets (GSA#974) commit 9d7946c Author: A.J. Stein <alexander.stein@gsa.gov> Date: Fri Dec 6 17:10:04 2024 -0500 [chore] Update container image to cli v2.4.0 (GSA#971) commit b2c9712 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Fri Dec 6 15:26:04 2024 -0500 Add `used-by-link-references-component` constraint (GSA#972) * Add 'used-by-link-references-component' constraint * Fix message Co-authored-by: Kylie Hunter <kylie.hunter@gsa.gov> * fix message Co-authored-by: DimitriZhurkin <dimitri.zhurkin@noblis.org> --------- Co-authored-by: Kylie Hunter <kylie.hunter@gsa.gov> Co-authored-by: DimitriZhurkin <dimitri.zhurkin@noblis.org> commit 3dac668 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Fri Dec 6 13:43:16 2024 -0500 Add `component-has-used-by-link` constraint (GSA#970) * Add constraint 'protocol-has-used-by-link' * Fix message * Change constraint id * Fix message (last time) * Update src/validations/constraints/content/ssp-component-has-used-by-link-INVALID.xml Co-authored-by: A.J. Stein <aj@gsa.gov> --------- Co-authored-by: A.J. Stein <aj@gsa.gov> commit c3db2b2 Author: DimitriZhurkin <dimitri.zhurkin@noblis.org> Date: Thu Dec 5 13:07:39 2024 -0700 Add inter-boundary-component-has-direction constraint (GSA#930) (GSA#968) commit 5d6710f Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Thu Dec 5 13:32:28 2024 -0500 Fix dev-constraint.js bug (GSA#967) commit a7f9022 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Thu Dec 5 13:23:21 2024 -0500 Add exists() to tests and remove duplicate constraint and fix system-implementation context (GSA#966) Remove duplicate constraint and fix system-implementation context commit 780b38a Author: wandmagic <156969148+wandmagic@users.noreply.github.com> Date: Thu Dec 5 12:50:29 2024 -0500 Hotfix/deprecate all valid (GSA#960) * deprecate ssp-all-valid * Update src/validations/constraints/content/ssp-has-network-architecture-diagram-link-href-target-VALID-1.xml Co-authored-by: A.J. Stein <aj@gsa.gov> * Update src/validations/constraints/content/ssp-has-authorization-boundary-diagram-link-href-target-VALID-1.xml Co-authored-by: A.J. Stein <aj@gsa.gov> * Update src/validations/constraints/content/ssp-has-data-flow-diagram-link-href-target-VALID-1.xml Co-authored-by: A.J. Stein <aj@gsa.gov> * Update src/validations/constraints/content/ssp-has-network-architecture-diagram-link-href-target-VALID-1.xml Co-authored-by: A.J. Stein <aj@gsa.gov> * Update fedramp-ssp-example.oscal.xml --------- Co-authored-by: A.J. Stein <aj@gsa.gov> commit 2c0e4de Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Thu Dec 5 10:21:00 2024 -0500 Change cia-has-selected test (GSA#965) commit 9a8e155 Author: wandmagic <156969148+wandmagic@users.noreply.github.com> Date: Wed Dec 4 15:30:29 2024 -0500 Update fedramp-ssp-example.oscal.xml (GSA#959) commit 5f7ce81 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 23:38:31 2024 +0000 change example ssp location commit 56f399e Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 23:23:59 2024 +0000 Edit content to make constraints pass commit d521a22 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 19:12:01 2024 +0000 Delete extra ssp commit 8cfb601 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 17:39:38 2024 +0000 Add example ssp to content file and edit constraint script to point yaml pass file to example ssp commit ff8f812 Author: ~ . ~ <paul.n.wand@gsa.gov> Date: Tue Dec 3 13:50:22 2024 -0500 fix ssp to pass tests commit 85ec424 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 17:17:18 2024 +0000 Add example ssp to content file and edit constraint script to point yaml pass file to example ssp commit 7312686 Author: Kylie Hunter <kylie.hunter@gsa.gov> Date: Mon Nov 25 16:15:01 2024 -0700 Add connection-security prop constraint for GSA#931 commit 6ccb539 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 16:39:47 2024 -0500 Add `issue-893` Constraints (GSA#949) * Add component-has-non-provider-responsible-role and tests * Add constraints and tests * Edit message commit dd3be5f Author: wandmagic <156969148+wandmagic@users.noreply.github.com> Date: Tue Dec 3 16:39:32 2024 -0500 remove rev4 constraints (GSA#954) commit 113c4f5 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 15:42:43 2024 -0500 Fix Bug Issue GSA#940 (GSA#951) commit c6f8e8f Author: wandmagic <156969148+wandmagic@users.noreply.github.com> Date: Tue Dec 3 13:08:35 2024 -0500 implementation point constraint (GSA#936) * implementation point constraint * add help uri * improve constraint * add extra fail content * Update src/validations/constraints/content/ssp-all-VALID.xml Co-authored-by: DimitriZhurkin <dimitri.zhurkin@noblis.org> * Update fedramp-external-constraints.xml Co-authored-by: Rene Tshiteya <rene-claude.tshiteya@gsa.gov> * implementation point constraint * add help uri * improve constraint * add extra fail content * Update src/validations/constraints/content/ssp-all-VALID.xml Co-authored-by: DimitriZhurkin <dimitri.zhurkin@noblis.org> * Update fedramp-external-constraints.xml Co-authored-by: Rene Tshiteya <rene-claude.tshiteya@gsa.gov> * add needed props to all valid * rebase Co-Authored-By: A.J. Stein <aj@gsa.gov> * Update src/validations/constraints/fedramp-external-constraints.xml Co-authored-by: A.J. Stein <aj@gsa.gov> --------- Co-authored-by: DimitriZhurkin <dimitri.zhurkin@noblis.org> Co-authored-by: Rene Tshiteya <rene-claude.tshiteya@gsa.gov> Co-authored-by: A.J. Stein <aj@gsa.gov> commit 1377478 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Tue Dec 3 08:57:37 2024 -0500 Add `component-responsible-role-references-party` constraint (GSA#945) * Add constraint 'component-responsible-role-references-party' and tests * correct test * Rename constraint and adjust help-url * Edit message Co-authored-by: A.J. Stein <aj@gsa.gov> --------- Co-authored-by: A.J. Stein <aj@gsa.gov> commit a8461fb Author: ~ . ~ <paul.n.wand@gsa.gov> Date: Mon Dec 2 11:09:13 2024 -0500 pin server + update oscal-js version commit b82c417 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Mon Dec 2 14:07:05 2024 -0500 Add `leveraged-authorization-has-valid-impact-level` Constraint (GSA#913) * Add leveraged-authorization constraint * rename constraint * fix constraint test * correct constraint test * Change 'http' to 'https' * Add level commit 1db5f97 Author: Gabeblis <gabriel.rodriguez@gsa.gov> Date: Mon Dec 2 13:13:17 2024 -0500 Constraints/cleanup constraints file (GSA#946) * clean up fedramp-external-constraints.xml * fix * Add message to fully-operational-date-type
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Committer Notes
Purpose
This PR introduces two constraints
component-has-non-provider-responsible-roleandnon-provider-responsible-role-references-user, which ensures that each component dealing with leveraged systems, interconnections, or authorized services has at least one non-provider role and each non-provider responsible role references at least one user/authorized-privilege/function-performed via the "privilege-uuid" property/extension respectively.Changes
Added Constraints:
component-has-non-provider-responsible-role: Ensures that each component dealing with leveraged systems, interconnections, or authorized services has at least one non-provider role.non-provider-responsible-role-references-user: each non-provider responsible role references at least one user/authorized-privilege/function-performed via the "privilege-uuid" property/extension.Test Data:
Added YAML Files
All Submissions:
By submitting a pull request, you are agreeing to provide this contribution under the CC0 1.0 Universal public domain dedication.