Releases: opencontrol/compliance-masonry
v1.1.6
Changelog
3c528a0 Update docs versioning for new release
71269b8 Merge pull request #337 from rahearn/patch-1
7917bad Update for newer release format
448ef66 Update installation instructions to v1.1.5 release
f561e7b Merge pull request #334 from riskpeep/dev-sort-order
c3a7f6b Added naturalSort to verifications and justificastions. Added sort by key for components Added tests for verifications and justifications Removed declared but unused openControl var in parse_test.go so tests pass Added TestGetAllComponent to increase code coverage
1891cff Merge pull request #335 from redhatrises/appveyor_rfix
495347e Fix sed package in appveyor
v1.1.5
Changelog
b3f60cb Merge pull request #328 from shawndwells/update-appveyor
0e1d831 update AppVeyor build key
aeb8770 Merge pull request #327 from redhatrises/packaging_fixes
c2b89f6 Update use of set.v0 to latest code
783ae08 Merge pull request #326 from redhatrises/goreleaser_32bit
e51d75d Add more goreleaser info to meet packaging requirements
4c3d7fd Add 32bit builds to GoReleaser
1b29763 Merge pull request #325 from redhatrises/remove_vektra_errors
ce0da76 Remove vektra plugins
f5254aa Use GO stdlib errors instead of vektra errors
c64e676 Merge pull request #324 from redhatrises/remove_metaleap_plugins
0cbc9a4 Remove metaleap code and replace with built in code
c5b89cc Merge pull request #323 from redhatrises/fix_file_perms_name
5aa7472 Fix file names and permissions
60895be Merge pull request #321 from redhatrises/win_msi
cfa8c47 Merge pull request #320 from redhatrises/osx_image_remove_x
9ccd263 Update AppVeyor to build MSI
67d0f76 Add Windows MSI build files and Windows License
ba806e7 OSX DMG image should not be executable
ef105ba Merge pull request #318 from redhatrises/enable_dmg_build
ebff005 Add OSX DMG build capability in Travis for releases
b120519 Merge pull request #317 from redhatrises/fix_version
8480f3f Merge pull request #314 from redhatrises/add_osx_travis
caa9299 Enable Travis CI builds for OSX DMG creation
427a3b5 Fix GIT version in Makefile
3f8739b Merge pull request #313 from redhatrises/fix_spaces
7415a50 Fix gitbook test data spacing
a4643c1 Add space after comments hashtag
v1.1.4
Changelog
8cf30c6 Merge pull request #311 from redhatrises/location_cleanup
2cd5299 More GOLANG location cleanups
65026da Merge pull request #310 from redhatrises/fix_brew_env_path
33c0b1c Fix date command in Makefile to work on multiple OSes
d14742c More goreleaser fixes
e41d49e Merge pull request #309 from redhatrises/fix_archive
7a8def8 Fix goreleaser archiving
f8d2c89 Merge pull request #308 from redhatrises/automate_binary_creation
543114f Enable automating binary builds with goreleaser when new tag is pushed
8f11f13 Merge pull request #305 from redhatrises/fix_export
49d69fb Update export.go arg variables
721c996 Merge pull request #304 from redhatrises/goreleaser_updates
c47ef9a Merge pull request #307 from redhatrises/suppress_export_logging_test_output
c36f37c Merge pull request #306 from redhatrises/fix_234
a97d385 Error in duplicate key in Map is detected
fcaf9a0 Suppress Export Test Log Output
ce8b798 goreleaser updates
181bf0c Fix Export typos
43c0366 Merge pull request #303 from redhatrises/fix_cm_path
f800fa3 Make sure to account if compliance-masonry path is in a subdirectory
80a4e06 Merge pull request #302 from redhatrises/files_repos
e3dbd76 Enable the use of files for components and don't fail on same repo
d4d39a8 Merge pull request #300 from redhatrises/add_code_license
bb78974 Merge pull request #299 from redhatrises/add_release_readme
e859546 Add License reference to code
094de48 Add latest release to README
178c513 Merge pull request #298 from redhatrises/update_mock_Test
17724c0 Merge pull request #296 from redhatrises/fix_global_commands
fc5426d Merge pull request #297 from redhatrises/exclude_mocks
6109840 Re-generate mock tests
06d51e6 Exclude mocks/ directories from codeclimate
80e14a5 Have Global Options run before command and sub-command processing
97dfc06 Merge pull request #292 from redhatrises/export_option
e937da2 Add export option
57dff90 Merge pull request #288 from redhatrises/use_goreleaser
dba6b2f Merge pull request #291 from redhatrises/masonry_exe
f4728e7 Rename executable to masonry
553bce0 Merge pull request #290 from redhatrises/cli_fixes
2cf623a Create test_masonry.go for Masonry func
891c33b Fix codeclimate issues for CLI PR
bbdd6f8 Add some Appveyor dependencies
71e2e5c Remove diff.go from build and CI files
616b199 Break a part CLI and CLI tests into their respective packages
b245899 Use GORELEASER
3ef42d3 Merge pull request #289 from redhatrises/go_standards
8be8db8 Merge pull request #287 from redhatrises/add_archive_targets
1197aa5 Merge pull request #286 from redhatrises/remove_goxc
c0508fb Update fixture path and test build path
9711e59 Update appveyor config for new file structure
ae47371 Update circleci for new file structure
e470074 Update import paths for new file structure
1584f6e Update file structure to closer match GO standards
c7c89da Update Makefile
c39e74c Remove GOXC
3c56329 Merge pull request #284 from redhatrises/add_makefile
8919c99 Add Makefile
3094a26 Merge pull request #283 from redhatrises/gofmt_code
a2e62dd gofmt code updates
4d3353e Merge pull request #282 from redhatrises/remove_gopkg
f75ee38 Remove Go Deps
a1a0fda Merge pull request #281 from redhatrises/update_tests
04b2f75 Add curl to circlci
91661c1 Use Codecov instead of errcheck
4046335 Update codeclimate.yml configuration
e87d1ac Update parse_test.go for latest code changes
c6b20ef Remove dotdotdot since Go 1.9 now ignores the vendor folder
7c37eab Update CIRCLECI and AppVeyor test configurations
5785ebc Merge pull request #279 from redhatrises/add_version_file
c02fd4d Update versioning and add version const
e6d9608 Merge pull request #277 from redhatrises/add_rpm_spec
e636ad9 Add RPM spec file
75f03f3 Merge pull request #276 from redhatrises/add_vendor_deps
d32692b Add vendor dependency folder to make building easier
04796b1 Merge pull request #275 from redhatrises/fix_context_dir_path
5006d55 Fix location of contextdir path code
d66325f Merge pull request #274 from redhatrises/add_context_dir
7915de0 Add contextdir for multi-directory git handling
fbc7f10 Merge pull request #272 from EnclaveData/replace_go_utils_ufs_with_metaleap_go_util
9162c3f updated after running go fmt on tools/fs/fs.og
b1ef96e replaced the 3 calls to go-utils/ufs with metaleap/go-util .. only difference was adding an empty string in call to CopyAll for skipFileSuffix
cafffbc Merge pull request #265 from phillbaker/fix-spelling
0209009 Fix reursively spelling.
1e7c2d3 Merge pull request #260 from opencontrol/dep
f61c02a remove the dependencies from the repository
1e66281 switch from glide to dep for managing dependencies
8bc10e4 update dependencies
ede97f4 Merge pull request #258 from andybrucenet/master
44cae87 Merge pull request #259 from geezyx/master
81da731 Fix incorrect comment
c0edb66 Update standard v1.0.0 to include "description" field
bb08539 Added openssl for git ssh support
0329d7e Merge pull request #254 from shawndwells/always_use_sudo
3a86bd1 Update Linux install commands with sudo
84402b6 Merge pull request #251 from opencontrol/errcheck
a1cd8df Merge pull request #250 from opencontrol/lint-vet
4ad73aa add missing test dependency
b90bb89 install GCC during build
4f9f997 check if there's a certificationErr before appending it
abc8767 fix linting warnings
e75c6ab fix missing error handling
27ac6b0 add errcheck to Circle CI
6b149e7 fix 'go vet' error
70577fd Merge pull request #249 from opencontrol/test-update
b5d0809 skip the cache when installing from apk
7c76252 upgrade to Go 1.8
1d14914 update CircleCI configuration to version 2
3399408 Merge pull request #247 from anweiss/docker
84971d9 Docker support
5b41cc5 Merge pull request #245 from opencontrol/goxc-link
f022ac7 fix link to goxc
8d489d5 Merge pull request #243 from mikfreedman/patch-1
11854e0 fix typo
336f078 Merge pull request #240 from opencontrol/gap-analysis-caveat
5e49a04 add disclaimer about gap analysis
30c1ee2 Merge pull request #237 from opencontrol/simplify-install
b6910a2 Merge pull request #236 from opencontrol/split-docs
3769712 Merge pull request #235 from opencontrol/simplify-install
ad7f25a lead readers between documentation pages
71d4e1e tweaks to developer docs
4da571e move developer documentation to its own file
04c2fef split the documentation to separate pages
44d5109 re-add developer installation documentation
d481510 simplify install instructions
e82c819 Merge pull request #232 from opencontrol/install-instructions
2073055 fix link to SVG
60fdaec Merge pull request #233 from opencontrol/compliance-literate-doc
848a545 clean up Masonry for the Compliance Literate doc
19ff2d7 make bulleted list of documentation links in the readme
b71b49b add Masonry for the Compliance Literate doc
82c15c4 Add binary installation instructions
d30ae01 Merge pull request #230 from openprivacy/master
396bdfa The --update-vendored and --strip-vcs flags are deprecated. They now work by default.
19c1fb3 Merge pull request #229 from jackielii/patch-1
ba59512 shadowed err
variable created
837cf8e Merge pull request #228 from opencontrol/add-plugin-example
ee6b64c Add different levels of tests for example plugin
0bd1b9d Add plugin example
e885314 Merge pull request #227 from opencontrol/add-mocks
52aa685 Fix lib readme with badge and typo
1116873 Add auto-generated mocks and README
40b7371 Merge pull request #226 from opencontrol/add-workspace
62d5371 Merge pull request #225 from opencontrol/cleanup
6513ee2 Merge pull request #217 from opencontrol/move-opencontrol-interface
2c4ca48 Merge pull request #216 from opencontrol/add-result-package
38f90d6 Merge pull request #215 from opencontrol/move-certifications-interface
506cd61 Create Workspace and make LocalWorkspace private
5a1890f Go Vet, Go Fmt, and Golint
9cbd029 Fix lines that are too long
abc61fc Dot import table package
67eedb4 go fmt
435ed88 Table tests for GetResources
e4151ef Clean up GetRemoteResources and GetLocalResources tests, add helpers
4c60e46 Update Entry to VCSEntry in test
274fe42 Add some more comments to getremoteresources
02d7b92 split up getlocalresources
a62bc59 Fix line length
0d727ba go fmt the commands/get/resources package
2da7896 add getAllRemoteResources and getAllLocalResources
4f6dd7e Add values to downloadrepo tests
a9bbeb8 Refactor opencontrol to fit the rest of the YAMLs
f898b26 Move justification to result package.
1f65776 Run Go Fmt
ab936bb Move certifications tests to _test package
c91ae07 Add buildStandardsSummary
85e8419 Use strings.Join
a5c34ee Fix comment on certification interface
f09e086 Add helpers
09c20ce Add comments and fix test
d20619d Fix codeclimate issues
3879ebe Correct certification struct
b53084e Move certifications to common
abd21ce Merge pull request #214 from opencontrol/move-standards-interface
cbe89a9 Merge pull request #213 from opencontrol/move-components-interface
0e1d033 Increase test coverage for standards
7f1c5cc Add standard mock
5c45296 Move standards and control to common interface
feaefef Increase coverage for loading component
a3b45a4 Address comments to clarify variables and logic
7f619a8 Fix final lint errors for components refactor
fd312f9 Add tests for untested components methods
9bba792 Generate component mock
237bbfc Fix lint problems for component refactor
c1ba001 Move Components interface to common package
a0746d3 Merge pull request #211 from opencontrol/code-climate
6986fa8 Merge pull request #210 from opencontrol/remove-docx
64819af add Code Climate configuration
0fdf751 reference the fedramp-templater
f8b161e remove docx templating logic
26ad09b Merge pull request #207 from opencontrol/rename-config-to-opencontrol
a389408 Merge pull request #206 from opencontrol/rename-opencontrol-to-workspace
9b0636b Merge pull request #205 from opencontrol/rename-models-to-lib
c8c7ef0 Rename BaseSchema to OpenControl interface
0360eca Move parse for opencontrol to root of package
3960156 Add test suite for moved around packages
a9eaa8d Fix tests
1b3ed48 Renamed config to opencontrol pt.1
e61f355 Rename opencont...
1.1.3
Recompiled binaries to support macOS High Sierra. Manually created using goxc
. There are no code changes between this release and the previous 1.1.2
release besides the patch number in the version number.
See the diff below.
diff --git a/.goxc.json b/.goxc.json
index 8fae8fe..9dcf20f 100644
--- a/.goxc.json
+++ b/.goxc.json
@@ -7,7 +7,7 @@
"go-test"
],
"BuildConstraints": "linux,windows,darwin",
- "PackageVersion": "1.1.2",
+ "PackageVersion": "1.1.3",
"TaskSettings": {
"publish-github": {
"owner": "opencontrol",
diff --git a/masonry-go.go b/masonry-go.go
index 865f1f2..a44c153 100644
--- a/masonry-go.go
+++ b/masonry-go.go
@@ -26,7 +26,7 @@ func NewCLIApp() *cli.App {
app := cli.NewApp()
app.Name = "Compliance Masonry"
app.Usage = "Open Control CLI Tool"
- app.Version = "1.1.2"
+ app.Version = "1.1.3"
app.Flags = []cli.Flag{
cli.BoolFlag{
Name: "verbose",
1.1.2
Built by goxc
1.1.1
Adds support for control_origin
and rendering the control origination to gitbook if specified
From the component.yaml in schemas, this is the v3.0.0 component.yaml masonry currently supports (still supports older versions as well)
name: Name of the component
key: Key of the component (defaults to the filename if not present)
documentation_complete: Manual check if the documentation is complete (for gap analysis)
schema_version: 3.0.0
references:
- name: Name of the reference ie. EC2 website
path: Relative path of local file or URL ie. diagrams/diagram-1.png
type: Type of reference ie. Image, URL
- name: Name of the reference ie. EC2 website
path: Relative path of local file or URL ie. diagrams/diagram-1.png
type: Type of reference ie. Image, URL
verifications:
- key: Key of verification
name: Name of verification
path: Relative path of local file or URL ie. diagrams/diagram-1.png
type: Type of reference ie. Image, URL
- key: Key of verification
name: Name of verification
path: Relative path of local file or URL ie. diagrams/diagram-1.png
type: Type of reference ie. Image, URL
satisfies:
- standard_key: Standard Key (NIST-800-53)
control_key: Control Key (CM-2)
narrative:
- key: The optional key that represents a particular section of the control. If the key is not specified, assume the string in the following text represents the entire control
text: The narrative text for the particular section / entire control if there is no key specified
implementation_status: Manual status of implementation (for gap analysis)
control_origin: The text representing the control origination
parameters:
- key: "The key for a particular parameter of the specific control"
text: "The parameter text for a particular parameter of a specific control"
covered_by:
- verification_key: The specific verification ID that the reference links, no component or system is needed for internal references
- system_key: System name of the verification (can link to other systems / components)
component_key: System name of the verification (can link to other systems / components)
verification_key: The specific verification ID that the reference links to
1.1.0
Enables support the version 3.0.0 of component.yaml
Enables support to parse both versions (2.0 and 3.0.0) and respectively render the information according to what one version may or may not have.
In addition to rendering the newly formatted narrative
section of the component.yaml, it will render the responsible_role
and parameters
For Gitbook:
The Narrative Key is printed as a header
The Narrative Text is printed afterwards under the narrative key.
Responsible Role is printed after the Component Name.
Parameters are printed after the responsible role
For Docx:
There are new templating functions:
{{getResponsibleRole "standard" "control"}}
- Will get the responsible role.
{{getAllControlSections “standard” "control”}}
- Will get all the narratives for a control
{{getControlSection “standard” “control” “section-key”}}
- Will get the narrative for that given section of that control.
`{{getParameter “standard” “control” “parameter-key”}}`` - Will get the parameter for that given parameter key of that control.
BUG FIXES:
- Fixed weird
Deprecation
error message that would occur when running commands
1.0.1
1.0.0
After evaluating the original Compliance Masonry for a few months we've uncovered a few pain points:
- Setup - Compliance Masonry is difficult to set up due to Python 2 v 3 issues and Windows compatibility. Go can be compiled so users don't have to build from source.
- Encoding errors in Python 2, the script can be unwieldy due to Python utf-8 encoding errors.
- Size, in order to solve installation issues we've dockerized Compliance Masonry, but the size of the docker images is quite large. Go would be smaller.
- Too inflexible: currently application developers have to either fork or reproduce the docs in opencontrols format. There should be a way to "import" documentation and also "compile" docs from multiple sources.
New Direction
Configuration VS Code
All opencontrols docs will be stored in components.yaml
files. The organization for these files will not change from the older version found here. There will be, however, an opencontrols.yaml
, which helps users define dependencies and define exportable "modules".
system_name: Application
components: # Components that can be exported
- ./somecomponent
- ./someothercomponent
dependencies: # Dependencies to import
certification: github.com/18F/LATO #LATO Certifications
components:
- github.com/18F/cg-complinace # Cloud.Gov
standards:
- standard: github.com/18F/NIST-800-53 # NIST-800-53 standards
The opencontrols.yaml
will serve as a packages.json file for node. Essentially the file allows for configuration, while the component.yaml files are for the actual code/documentation. Also, components, standards, and certifications that are imported will live in the opencontrols/
directory just like imports from npm live in the node_modules/
directory.
Import Model
Systems are amalgams of components and pointers to other components.
Versioning
The opencontrols.yaml
will allow for versioning of all dependencies using github's versioning feature.
Go
Go can be cross-compiled, is great for CLI tooling, and struct feature is perfect for validation.
Path flexibility
- Added a try and except to catch multiple types of paths.
- Removing elements with high complexity.