From 7f86feeaa3626c9ee9021dd04e443f96fb0f8f42 Mon Sep 17 00:00:00 2001 From: George Vauter Date: Thu, 31 Oct 2024 19:23:35 -0400 Subject: [PATCH] docs: remove TEMPLATES diretory and update github tutorial to reference trestle-demo workflows --- TEMPLATES/README.md | 8 --- .../github/trestlebot-autosync-catalog.yml | 31 ----------- .../github/trestlebot-autosync-profile.yml | 31 ----------- TEMPLATES/github/trestlebot-autosync-ssp.yml | 32 ----------- ...trestlebot-create-component-definition.yml | 49 ----------------- .../github/trestlebot-rules-transform.yml | 53 ------------------- docs/tutorials/github.md | 15 ++---- 7 files changed, 4 insertions(+), 215 deletions(-) delete mode 100644 TEMPLATES/README.md delete mode 100644 TEMPLATES/github/trestlebot-autosync-catalog.yml delete mode 100644 TEMPLATES/github/trestlebot-autosync-profile.yml delete mode 100644 TEMPLATES/github/trestlebot-autosync-ssp.yml delete mode 100644 TEMPLATES/github/trestlebot-create-component-definition.yml delete mode 100644 TEMPLATES/github/trestlebot-rules-transform.yml diff --git a/TEMPLATES/README.md b/TEMPLATES/README.md deleted file mode 100644 index a36d6800..00000000 --- a/TEMPLATES/README.md +++ /dev/null @@ -1,8 +0,0 @@ -# Templates - - -This directory contains workflow templates using `trestle-bot` to facilitate an editing workflow for different OSCAL models and integration with CI/CD providers. - -`trestle-bot` provides a ready-made integrations for GitLab CI/CD and GitHub Actions though it can be used in multiple contexts using additional flags. - -> Adding GitLab CI/CD workflows is on the ROADMAP \ No newline at end of file diff --git a/TEMPLATES/github/trestlebot-autosync-catalog.yml b/TEMPLATES/github/trestlebot-autosync-catalog.yml deleted file mode 100644 index a78aa6ef..00000000 --- a/TEMPLATES/github/trestlebot-autosync-catalog.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -name: Trestle-bot autosync catalog updates - -on: - push: - branches: - - main - paths: - - 'catalogs/**' - - 'markdown/catalogs/**' - -concurrency: - group: ${{ github.ref }}-${{ github.workflow }} - cancel-in-progress: true - -jobs: - autosync: - name: Autosync catalog content - runs-on: ubuntu-latest - permissions: - contents: write - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Run autosync - id: autosync - uses: RedHatProductSecurity/trestle-bot/actions/autosync@main - with: - markdown_path: "markdown/catalogs" - oscal_model: "catalog" - file_pattern: "*.json,markdown/*" diff --git a/TEMPLATES/github/trestlebot-autosync-profile.yml b/TEMPLATES/github/trestlebot-autosync-profile.yml deleted file mode 100644 index dfeff2ba..00000000 --- a/TEMPLATES/github/trestlebot-autosync-profile.yml +++ /dev/null @@ -1,31 +0,0 @@ ---- -name: Trestle-bot autosync profile updates - -on: - push: - branches: - - main - paths: - - 'profiles/**' - - 'markdown/profiles/**' - -concurrency: - group: ${{ github.ref }}-${{ github.workflow }} - cancel-in-progress: true - -jobs: - autosync: - name: Autosync profile content - runs-on: ubuntu-latest - permissions: - contents: write - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Run autosync - id: autosync - uses: RedHatProductSecurity/trestle-bot/actions/autosync@main - with: - markdown_path: "markdown/profiles" - oscal_model: "profile" - file_pattern: "*.json,markdown/*" diff --git a/TEMPLATES/github/trestlebot-autosync-ssp.yml b/TEMPLATES/github/trestlebot-autosync-ssp.yml deleted file mode 100644 index 71aa4fba..00000000 --- a/TEMPLATES/github/trestlebot-autosync-ssp.yml +++ /dev/null @@ -1,32 +0,0 @@ -name: Trestle-bot autosync ssp updates -on: - push: - branches: - - main - paths: - - 'profiles/**' - - 'catalogs/**' - - 'component-definitions/**' - - 'system-security-plans/**' - - 'markdown/**' - -concurrency: - group: ${{ github.ref }}-${{ github.workflow }} - cancel-in-progress: true - -jobs: - autosync: - name: Autosync ssp content - runs-on: ubuntu-latest - permissions: - contents: write - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Run autosync - id: autosync - uses: RedHatProductSecurity/trestle-bot/actions/autosync@main - with: - markdown_path: "markdown/system-security-plans" - oscal_model: "ssp" - file_pattern: "*.json,markdown/*" \ No newline at end of file diff --git a/TEMPLATES/github/trestlebot-create-component-definition.yml b/TEMPLATES/github/trestlebot-create-component-definition.yml deleted file mode 100644 index 4c4bf0f7..00000000 --- a/TEMPLATES/github/trestlebot-create-component-definition.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -name: Trestle-bot create component-definition - -on: - workflow_dispatch: - inputs: - profile_name: - description: Name of the Trestle profile to use for the component definition - required: true - component_definition_name: - description: Name of the component definition to create - required: true - component_title: - description: Name of the component to create in the generated component definition - required: true - component_type: - description: Type of the component (e.g. service, policy, physical, validation, etc.) - required: false - default: "service" - component_description: - description: Description of the component to create - required: true - -jobs: - create-component-definition: - name: Create component definition - runs-on: ubuntu-latest - permissions: - contents: write - pull-requests: write - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Create component definition and open pull request - id: generate-cd - uses: RedHatProductSecurity/trestle-bot/actions/create-cd@main - with: - profile_name: ${{ github.event.inputs.profile_name }} - component_definition_name: ${{ github.event.inputs.component_definition_name}} - component_title: ${{ github.event.inputs.component_title }} - component_type: ${{ github.event.inputs.component_type }} - component_description: ${{ github.event.inputs.component_description }} - markdown_path: "markdown/component-definitions" - branch: "create-component-definition-${{ github.run_id }}" - target_branch: "main" - file_pattern: "*.json,markdown/*,rules/*" - commit_message: "adds component ${{ github.event.inputs.component_title }} in ${{ github.event.inputs.component_definition_name }}" - pull_request_title: "Add component ${{ github.event.inputs.component_title }} to ${{ github.event.inputs.component_definition_name }}" - github_token: ${{ secrets.GITHUB_TOKEN }} diff --git a/TEMPLATES/github/trestlebot-rules-transform.yml b/TEMPLATES/github/trestlebot-rules-transform.yml deleted file mode 100644 index 761f2c6f..00000000 --- a/TEMPLATES/github/trestlebot-rules-transform.yml +++ /dev/null @@ -1,53 +0,0 @@ ---- -name: Trestle-bot rules-transform and autosync - -on: - push: - branches: - - main - paths: - - 'profiles/**' - - 'catalogs/**' - - 'component-definitions/**' - - 'markdown/**' - - 'rules/**' - -concurrency: - group: ${{ github.ref }}-${{ github.workflow }} - cancel-in-progress: true - -jobs: - check_rules: - runs-on: ubuntu-latest - outputs: - rules_changed: ${{ steps.changes.outputs.rules }} - steps: - - uses: actions/checkout@v4 - - uses: dorny/paths-filter@v3 - id: changes - with: - filters: | - rules: - - 'rules/**' - rules-transform-and-autosync: - name: Rules Transform and AutoSync - runs-on: ubuntu-latest - permissions: - contents: write - needs: check_rules - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: AutoSync - id: autosync - uses: RedHatProductSecurity/trestle-bot/actions/autosync@main - with: - markdown_path: "markdown/component-definitions" - oscal_model: "compdef" - commit_message: "Autosync component definition content [skip ci]" - - name: Rules Transform - if: needs.check_rules.outputs.rules_changed == 'true' - uses: RedHatProductSecurity/trestle-bot/actions/rules-transform@main - with: - markdown_path: "markdown/component-definitions" - commit_message: "Auto-transform rules [skip ci]" \ No newline at end of file diff --git a/docs/tutorials/github.md b/docs/tutorials/github.md index 5c08868e..1c17cb02 100644 --- a/docs/tutorials/github.md +++ b/docs/tutorials/github.md @@ -87,20 +87,13 @@ wget https://raw.githubusercontent.com/usnistgov/oscal-content/release-v1.0.5-up sed -i 's/NIST_SP-800-53_rev5_catalog.json/trestle:\/\/catalogs\/nist_rev5_800_53\/catalog.json/g' profiles/nist_rev5_800_53/profile.json ``` -4. Ready-made CI/CD workflows can be copied from the `TEMPLATES` directory within the upstream `trestle-bot` repository into the local trestle workspace. These are the trestlebot actions that will run as changes are made to the repo contents. +4. Ready-made CI/CD workflows can be copied from the `.github/workflows/` directory within the upstream `trestle-demo` repository into the local trestle workspace. These are the trestlebot actions that will run as changes are made to the repo contents. - * If trestlebot init was run earlier using a trestle-bot container image, then the upstream trestle-bot repository will first need to be cloned locally into a separate directory. -``` -cd .. -git clone https://github.com/RedHatProductSecurity/trestle-bot.git -cd ../ -``` - - * Copy the required template workflows from the separate `trestle-bot` repository into the new workspace repository. + * Copy the required template workflows from the `trestle-demo` repository into the new workspace repository. ``` mkdir -p .github/workflows -cp ../trestle-bot/TEMPLATES/github/trestlebot-create-component-definition.yml .github/workflows -cp ../trestle-bot/TEMPLATES/github/trestlebot-rules-transform.yml .github/workflows +wget -O .github/workflows/trestlebot-rules-transform.yml https://raw.githubusercontent.com/RedHatProductSecurity/trestle-demo/refs/heads/main/.github/workflows/trestlebot-rules-transform.yml +wget -O .github/workflows/trestlebot-create-component-definition.yml https://raw.githubusercontent.com/RedHatProductSecurity/trestle-demo/refs/heads/main/.github/workflows/trestlebot-create-component-definition.yml ``` 5. Trestle-bot initial content is now created locally within the new trestle authoring workspace. This content can now be pushed to the remote GitHub repository.