Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: Adds a schedule trigger to update-upstreams and updates Actions to use the trestlebot container image #67

Closed
wants to merge 3 commits into from
Closed

chore: Adds a schedule trigger to update-upstreams and updates Actions to use the trestlebot container image #67

wants to merge 3 commits into from

Conversation

jpower432
Copy link
Member

@jpower432 jpower432 commented Jan 5, 2024
edited
Loading

What Changed?

  • Adds a schedule trigger for automated updates of third party content

Closes PSCE-304

Stacked with #68

Tested

Review Hints

  • In order to test this I needed to update the FedRAMP REF in the workflow to the comment before the latest. The content was updated to OSCAL version 1.1.1 which is not supported by compliance-trestle yet. The is a temporary workaround until the content version is supported.

@jpower432
chore: removes requirements.txt and uses published trestlebot contain…
8c98707 
…er image

For trestlebot operations not supported as GitHub Actions, using the container images
for trestlebot would be preferred over installing it directly to ensure the
environment is reproducible.

Signed-off-by: Jennifer Power <[email protected]>
@jpower432
chore: adds a schedule trigger to update upstreams workflow
767454b 
To make sure the third party content is updated regularly, a
schedule trigger is added here.

Signed-off-by: Jennifer Power <[email protected]>
@jpower432 jpower432 marked this pull request as ready for review January 5, 2024 21:21
beatrizmcouto
beatrizmcouto reviewed Jan 8, 2024
View reviewed changes
.github/workflows/update-upstream.yml

env:
FEDRAMP_PROFILE_NAME: "fedramp_rev5_high"
NIST_CATALOG_NAME: "nist_rev5_800_53"
FEDRAMP_REPO_REF: "master"
FEDRAMP_REPO_REF: "d9cbac30174fa9d52540eba34425bdb5c18ff4d8"
NIST_REPO_REF: "690f517daaf3a6cbb4056d3cde6eae2756765620"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's decide what to do after the community meeting

beatrizmcouto
beatrizmcouto reviewed Jan 8, 2024
View reviewed changes
Copy link

@beatrizmcouto beatrizmcouto left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's wait for tomorrow until after the community meeting to decide what to do

@jpower432
Copy link
Member Author

@beatrizmcouto Leaving this PR as is for now, but moving the container image changes to a new PR so we can keep the on-hold changes to a minimum.

@jpower432
Copy link
Member Author

Closing in favor of #69

@jpower432 jpower432 closed this Jan 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@beatrizmcouto beatrizmcouto beatrizmcouto left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jpower432 @beatrizmcouto