Giters

oscal-compass / compliance-trestle

An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.

Home Page:https://oscal-compass.github.io/compliance-trestle

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

As a user I want to be able to import xml OSCAL artifacts into trestle using trestle import

butler54 opened this issue · comments

commented

Issue description / feature objectives

trestle focuses on json and yaml for OSCAL support, however, 3rd party objects may exist in XML form. Given that NIST are producing XSLT transforms which require XSLT 3.0 the recommendation is that we use this functionality (together with Saxon-HE) via a CLI escape.

Artifacts will be imported into trestle in either json or yaml format.

Note: This functionality will require users to manually install saxon-HE. On absence of the library users should be directed to documentation on how to install themselves.

Completion Criteria

  • Import functions with Saxon-HE when present via CLI wrapping
  • Functionality and requirements are well documented.
  • CI-CD pipeline is updated to test functionality including automatically pulling the appropriate upstream java libraries for testing.

Steps to Reproduce the Problem

Specifications

  • Version / branch:
  • Platform:
  • Subsystem:
commented

Updating based on the conversation around #249.
It should be possible to do this via a similar model to #249 (potentially using the same scripts to download and manage a local saxon copy).

Expectation is that a collaboration with the 10X team may make this fesiable.

commented

Duplicate of #178