Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move web content from OSCAL, and other streamlining. #1824

Closed
wants to merge 9 commits into from

Conversation

Compton-US
Copy link
Contributor

@Compton-US Compton-US commented Jun 28, 2023

Committer Notes

In support of Issue #1802

Currently in rapid prototype mode with the team.

  • Website content moved to OSCAL-Pages project. This project will build and publish the public website.
  • Reference content moved to OSCAL-Reference project. This project will build and publish the developer documentation. AKA OSCAL Reference.
  • OSCAL repo in this branch has been reduced to only the model content.

Remaining to determine:

  • Linking up the websites so that it is least disruptive to the public.
  • The generated xml and json content has been removed from this branch. We need to talk about this, and what is the "right" way moving forward. I think there are a number of options and opinions to consider.
  • Figuring out the entry point into the public website. (linking, landing page, etc)

Benefits:

  • Less activity on the OSCAL project unrelated to models.
  • Will make it easier for the community to monitor.
  • More focused workstreams between model development, website content/education and experiments with models.
  • Depending on how we publish the schemas-and-converters artifact, may make it easier for the public to access and use releases of OSCAL with less tooling.
  • Reference will be in position to be updated and enhanced over time for development use.
  • Public website can update at-will without impacting the OSCAL model project.

All Submissions:

By submitting a pull request, you are agreeing to provide this contribution under the CC0 1.0 Universal public domain dedication.

(For reviewers: The wiki has guidance on code review and overall issue review for completeness.)

Changes to Core Features:

  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • Have you written new tests for your core changes, as applicable?
  • Have you included examples of how to use your new feature(s)?
  • [x ] Have you updated all OSCAL website and readme documentation affected by the changes you made? Changes to the OSCAL website can be made in the docs/content directory of your branch.

@nikitawootten-nist
Copy link
Contributor

Hi Chris, as part of this PR I'd like to propose some additional removals/changes:

  • src/assets: Layer diagrams can be retired or moved to the OSCAL Pages site?
  • src/content: Already marked as moved to oscal-content repo'
  • src/metaschema/examples: A better place for this is in the metaschema repo
  • src/utils: Should be reorganized:
    • util: Contents should be absorbed into src/utils (no need for src/utils/util)
  • git-cheat-sheet.md: Can be moved safely to the wiki
  • slides-2023-02-09.pdf: Should be removed

Copy link
Contributor

@aj-stein-nist aj-stein-nist left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is looking good so far. I have added a few minor comments. In addition, I am not sure deleting xml/README.md and json/README.md is aggressive enough for a recursive delete if this makes sense, let me know.

.github/workflows/link-check.yml Show resolved Hide resolved
@@ -28,29 +26,3 @@ jobs:
commit_resources: true
secrets:
access_token: ${{ secrets.COMMIT_TOKEN }}
validate-website-reference:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Question, unclear if it is blocking: we need to determine how we will generate schemas in these pipelines even if they are not committed inline anymore, and that means adapting metaschema-xslt, in this PR branch or another.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure if this has been addressed or not, or if it is still a potential issue -- @nikitawootten-nist ?

Copy link
Contributor

@nikitawootten-nist nikitawootten-nist Jul 10, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we are planning on removing auto-comitting actions as stated in the ADR, we should probably do the following:

  1. Streamline the schema and converter generation to be as simple to invoke as possible (another makefile?)
  2. Modify the existing action to build the schemas and converters without committing for PRs
  3. Also make the action upload schema artifacts on release

For existing releases we'll have to manually upload the correct artifacts (which is simple but a bit tedious, thankfully we only have a few releases so it shouldn't be too painful)

Should we align the ADR draft to support this?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This work has been summarized in a follow-on issue: #1847

.github/workflows/workflow-validate-repo-markdown.yml Outdated Show resolved Hide resolved
@iMichaela
Copy link
Contributor

iMichaela commented Jul 8, 2023

@aj-stein-nist and @Compton-NIST:
The file ./versioning-and-branching.md in the https://github.com/usnistgov/OSCAL/tree/feature-1802-oscal-pages branch reads:

All individual work will be done in branches in a personal fork of this repository.
Personal branches should be named using the convention <issue #>-brief-dashed-name.
Once work is complete on a personal branch, the branch should be interactively rebased to tidy any commits. Then a PR should be opened against the target feature-* branch or the develop branch if the changes are to be included in the next release.

During my chat with AJ today around #1798, he indicated that working on a personal fork is no longer mandated. Should this file be updated?

Similar guidance exists in the CONTRIBUTING.md file, the block starting at line 72.

@wendellpiez
Copy link
Contributor

If given the option I intend to continue to work in a personal fork.

However, I did not interpret the new guideline as discouraging this, only as not requiring it. However I note that work when not individual does not have to go in a personal fork, the alternative presumably being a feature branch in the main repo.

Maybe we only need guidance on when to create a feature branch vs work in a fork. 🌻

@Compton-US Compton-US changed the title [DRAFT] Move web content from OSCAL, and other streamlining. Move web content from OSCAL, and other streamlining. Jul 10, 2023
Copy link
Contributor

@nikitawootten-nist nikitawootten-nist left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've noticed a significant regression and the work I had done in #1666 and #1754 is not present:

  • src/utils/resolver-2018 which I had previously deleted has reappeared.
  • The profile resolution stylesheets no longer have the helper script and readme updates
  • The src/utils/testing scripts that I included in XSpec test suites script & CI #1754 is not present

iMichaela
iMichaela previously approved these changes Jul 10, 2023
Copy link
Contributor

@iMichaela iMichaela left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the fantastic work done to split the OSCAL repo into multiple content-specific repos. Kudos! I approve the PR moving the website. I have some small comments, that, if not addressed now, we can address them later when doing a fine tunning.

| [OSCAL](https://github.com/usnistgov/OSCAL/) | The main OSCAL project that contains the source code for the OSCAL models. |
| [OSCAL-Pages](https://github.com/usnistgov/OSCAL-Pages/) | The project that contains the public OSCAL website content. |
| [OSCAL-Reference](https://github.com/usnistgov/OSCAL-Reference/) | The project that contains the model documentation and developer reference content. |
| [OSCAL-Content](https://github.com/usnistgov/oscal-content/) | The project that contains examples of OSCAL model content. |
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For consistency reasons, do we want to rename oscal-content to become OSCAL-Content? Or maybe OSCAL-content and make all other projects follow the same convention? Consistency is what I am looking for, so we need to remember the convention and not specifics.


#### Content in OSCAL-Pages repository:

A `published-pages` branch will also exist in OSCAL-Pages that contains the latest deployed content that is sent to the OSCAL repository. Additionally, there is a `nist-pages` branch in the OSCAL-Pages project that contains a blank page. This branch could be used to test a deployment of the website at `pages.nist.gov/OSCAL-Pages`, but it is important to be aware that this site could be indexed by search engines and cause confusion, as well as broken links.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the main branch used for? Should a description be documented?


#### Streamlined Build Process

The new reference repository operates off of one GitHub Actions Workflow that produces the documentation from `metaschema` and uses `Hugo` to publish the website. All of the scripted aspects of the model interpretation are executed using `make`, and the `Makefile` is located in the root of the repository.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I am assuming the metaschema listed is the previous src/metaschema which appears to remain in the OSCAL repository. Is this the proposed approach in this ADR?

1. We will separate one large repository into three distinct repositories.
- Links to any content that is moved will break.

2. We remove the schemas and converters from the repository.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The ADR does not document where the removed schemas and converters are relocated after removing them from the OSCAL repo.

- OSCAL
- We should notify the public of the pending release, and the changes noted in this ADR.
- For developers (and products) that link directly to content in the OSCAL repository, they may update their links to point to tagged releases, rather than using source files in the main branch. Future dependencies linking directly to source code in the OSCAL repository, particularly `main`, should be discouraged since this could impact the ability of the development team to improve source code as necessary to build OSCAL.
- Future links to schemas and converters should use release assets (see [v1.0.6](https://github.com/usnistgov/OSCAL/releases/tag/v1.0.6) for an example of assets). We currently produce zip archives as a part of releases. We intend to also include the schemas and converters directly in the release assets without having to extract from the zip file. **This will be implemented in a future sprint.**
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Guidance for submitting issues against different schemas is not captured in this ADR.

@@ -83,10 +83,6 @@ The OSCAL project uses a typical GitHub fork and pull request [workflow](https:/
This repository consists of the following directories and files pertaining to the OSCAL project:

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing decisions subdirectory from the list of subdirectories.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The file indicates that the NIST team is maintaining FedRAMP baselines... I think we should update the information:

The NIST team is also maintaining OSCAL content that is updated to the latest OSCAL revision. The [OSCAL content repository](https://github.com/usnistgov/oscal-content/) provides OSCAL examples, in addition to:

The [NIST SP 800-53 revision 5 catalog](https://github.com/usnistgov/oscal-content/tree/main/nist.gov/SP800-53/rev5) and the security and privacy [NIST SP 800-53B baselines](https://github.com/usnistgov/oscal-content/tree/main/nist.gov/SP800-53/rev5).
The [NIST SP 800-53 revision 4 catalog](https://github.com/usnistgov/oscal-content/tree/main/nist.gov/SP800-53/rev4) and the [three NIST SP 800-53 revision 4 baselines](https://github.com/usnistgov/oscal-content/tree/main/nist.gov/SP800-53/rev4).
The [FedRAMP SP 800-53 revision 4 baselines](https://github.com/GSA/fedramp-automation/tree/master/dist/content/rev4/baselines).

- Content was deleted and distributed between OSCAL-Pages and OSCAL-Reference.
- Unnecessary scripts and code were pruned from the repo.
- Workflows were reduced as necessary.
- Content was deleted and distributed between OSCAL-Pages and OSCAL-Reference.
- Unnecessary scripts and code were pruned from the repo.
- Workflows were reduced as necessary.
@Compton-US
Copy link
Contributor Author

I'm going to close this and reopen with the feature branch that was not squashed so that we have a more clean rebase to the updated develop branch.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

6 participants