Implementation Examples

build/ci-cd/config/content

@@ -1,4 +1,5 @@
 # path to source|format of source|model of source|format(s) to convert to
+src/content/ssp-draft/example-alt.json|json|ssp|xml
 src/content/fedramp.gov/xml/*catalog.xml|xml|catalog|json
 src/content/fedramp.gov/xml/*profile.xml|xml|profile|json
 src/content/nist.gov/SP800-53/rev4/xml/*catalog.xml|xml|catalog|json

build/ci-cd/config/metaschema

@@ -3,5 +3,3 @@ src/metaschema/oscal_catalog_metaschema.xml|xml,json|xml,json|xml,json
 src/metaschema/oscal_profile_metaschema.xml|xml,json|xml,json|xml,json
 src/metaschema/oscal_component_metaschema.xml|xml,json|xml,json|xml,json
 src/metaschema/oscal_ssp_metaschema.xml|xml,json|xml,json|xml,json
-
-

build/ci-cd/copy-and-convert-content.sh

@@ -110,15 +110,31 @@ while IFS="|" read path format model converttoformats || [[ -n "$path" ]]; do
         newpath="${newpath/\/$format\///$altformat/}" # change path from old to new format dir
         newpath="${newpath%.*}" # strip extension
 
-        dest="$WORKING_DIR/${newpath}-min.${altformat}"
-        dest_relative=$(realpath --relative-to="${WORKING_DIR}" "$dest")
         converter="$WORKING_DIR/$altformat/convert/oscal_${model}_${format}-to-${altformat}-converter.xsl"
         converter_relative=$(realpath --relative-to="${WORKING_DIR}" "$converter")
 
-        if [ "$VERBOSE" = "true" ]; then
-          echo "${P_INFO}Generating ${altformat^^} file '${P_END}${dest_relative}${P_INFO}' from '${P_END}${file_relative}${P_INFO}' using converter '${P_END}${converter_relative}${P_INFO}'.${P_END}"
-        fi
-        result=$(xsl_transform "$converter" "$file" "$dest" 2>&1)
+
+        case $format in
+        xml)
+          dest="$WORKING_DIR/${newpath}-min.${altformat}"
+          dest_relative=$(realpath --relative-to="${WORKING_DIR}" "$dest")
+          if [ "$VERBOSE" = "true" ]; then
+            echo "${P_INFO}Generating ${altformat^^} file '${P_END}${dest_relative}${P_INFO}' from '${P_END}${file_relative}${P_INFO}' using converter '${P_END}${converter_relative}${P_INFO}'.${P_END}"
+          fi
+          result=$(xsl_transform "$converter" "$file" "$dest" 2>&1)
+          ;;
+        json)
+          dest="$WORKING_DIR/${newpath}.${altformat}"
+          dest_relative=$(realpath --relative-to="${WORKING_DIR}" "$dest")
+          if [ "$VERBOSE" = "true" ]; then
+            echo "${P_INFO}Generating ${altformat^^} file '${P_END}${dest_relative}${P_INFO}' from '${P_END}${file_relative}${P_INFO}' using converter '${P_END}${converter_relative}${P_INFO}'.${P_END}"
+          fi
+          result=$(xsl_transform "$converter" "" "$dest" "-it" "json-file=${file}" 2>&1)
+          ;;
+        *)
+          echo "${P_WARN}Conversion from '${format} to '${altformat^^}' is unsupported for '${P_END}${file_relative}${P_OK}'.${P_END}"
+          continue;
+        esac
         cmd_exitcode=$?
         if [ $cmd_exitcode -ne 0 ]; then
           echo "${P_ERROR}Content conversion to ${altformat^^} failed for '${P_END}${file_relative}${P_ERROR}' using converter '${P_END}${converter_relative}${P_ERROR}'.${P_END}"

build/ci-cd/generate-schema.sh

@@ -14,7 +14,7 @@ HELP=false
 
 usage() {                                      # Function: Print a help message.
   cat << EOF
-Usage: $0 [options]
+Usage: $0 [options] [metaschema paths]
 
 -h, --help                        Display help
 -w DIR, --working-dir DIR         Generate artifacts in DIR
@@ -63,103 +63,116 @@ if [ "$VERBOSE" = "true" ]; then
   echo "${P_INFO}Using working directory:${P_END} ${WORKING_DIR}"
 fi
 
-exitcode=0
-shopt -s nullglob
-shopt -s globstar
-while IFS="|" read path gen_schema gen_converter gen_docs || [[ -n "$path" ]]; do
-  shopt -s extglob
-  [[ "$path" =~ ^[[:space:]]*# ]] && continue
-  # remove leading space
-  path="${path##+([[:space:]])}"
-  # remove trailing space
-  gen_docs="${gen_docs%%+([[:space:]])}"
-  shopt -u extglob
-
-  ([ -z "$path" ] || [ -z "$gen_schema" ]) && continue;
-
-  files_to_process="$OSCALDIR"/"$path"
-
-  IFS= # disable word splitting
-  for metaschema in $files_to_process
-  do
-    filename=$(basename -- "$metaschema")
-    extension="${filename##*.}"
-    filename="${filename%.*}"
-    base="${filename/_metaschema/}"
-    metaschema_relative=$(realpath --relative-to="${OSCALDIR}" "$metaschema")
-
-    #split on commas
-    IFS=, read -a formats <<< "$gen_schema"
-    for format in "${formats[@]}"; do
-      if [ -z "$format" ]; then
-        # skip blanks
-        continue;
-      fi
-
-      # Run the XSL template for the format
-      case $format in
-      xml)
-        transform="$OSCALDIR/build/metaschema/$format/produce-xsd.xsl"
-        schema="$WORKING_DIR/$format/schema/${base}_schema.xsd"
-        ;;
-      json)
-        transform="$OSCALDIR/build/metaschema/$format/produce-json-schema.xsl"
-        schema="$WORKING_DIR/$format/schema/${base}_schema.json"
-        ;;
-      *)
-        echo "${P_WARN}Unsupported schema format '${format^^}' schema for '$metaschema'.${P_END}"
-        continue;
-        ;;
-      esac
-      schema_relative=$(realpath --relative-to="${WORKING_DIR}" "$schema")
+declare -a paths
+declare -a formats
+if [ "$#" -ne 0 ]; then
+  paths=("$@")
+  for i in "${!paths[@]}"; do
+    formats[$i]="xml,json"
+  done
+else
+  while IFS="|" read path gen_schema gen_converter gen_docs || [[ -n "$path" ]]; do
+    [[ "$path" =~ ^[[:space:]]*# ]] && continue
+    # remove leading space
+    path="${path##+([[:space:]])}"
+
+    ([ -z "$path" ] || [ -z "$gen_schema" ]) && continue;
+
+    path_absolute="$OSCALDIR"/"$path"
+
+    IFS_OLD=$IFS
+    IFS= # disable word splitting
+    for metaschema in $path_absolute
+    do
+      paths+=("$metaschema")
+      formats+=("$gen_schema")
+    done
+    IFS=$IFS_OLD
+  done < "$OSCALDIR/build/ci-cd/config/metaschema"
+fi
 
+exitcode=0
+for i in "${!paths[@]}"; do
+  metaschema="${paths[$i]}"
+  gen_schema="${formats[$i]}"
+
+  filename=$(basename -- "$metaschema")
+  extension="${filename##*.}"
+  filename="${filename%.*}"
+  base="${filename/_metaschema/}"
+  metaschema_relative=$(realpath --relative-to="${OSCALDIR}" "$metaschema")
+
+  #split on commas
+  IFS_OLD=$IFS
+  IFS=, #read -a formats <<< "$gen_schema"
+  for format in ${gen_schema}; do
+    if [ -z "$format" ]; then
+      # skip blanks
+      continue;
+    fi
+
+    # Run the XSL template for the format
+    case $format in
+    xml)
+      transform="$OSCALDIR/build/metaschema/$format/produce-xsd.xsl"
+      schema="$WORKING_DIR/$format/schema/${base}_schema.xsd"
+      ;;
+    json)
+      transform="$OSCALDIR/build/metaschema/$format/produce-json-schema.xsl"
+      schema="$WORKING_DIR/$format/schema/${base}_schema.json"
+      ;;
+    *)
+      echo "${P_WARN}Unsupported schema format '${format^^}' schema for '$metaschema'.${P_END}"
+      continue;
+      ;;
+    esac
+    schema_relative=$(realpath --relative-to="${WORKING_DIR}" "$schema")
+
+    if [ "$VERBOSE" = "true" ]; then
+      echo "${P_INFO}Generating ${format^^} schema for '${P_END}${metaschema_relative}${P_INFO}' as '${P_END}${schema_relative}${P_INFO}'.${P_END}"
+    fi
+
+    result=$(xsl_transform "$transform" "$metaschema" "$schema" 2>&1)
+    cmd_exitcode=$?
+    if [ $cmd_exitcode -ne 0 ]; then
+      echo "${P_ERROR}Generation of ${format^^} schema failed for '${P_END}${metaschema_relative}${P_ERROR}'.${P_END}"
+      echo "${P_ERROR}${result}${P_END}"
+      exitcode=1
+    else
       if [ "$VERBOSE" = "true" ]; then
-        echo "${P_INFO}Generating ${format^^} schema for '${P_END}${metaschema_relative}${P_INFO}' as '${P_END}${schema_relative}${P_INFO}'.${P_END}"
+        echo "${P_OK}Generation of ${format^^} schema passed for '${P_END}${metaschema_relative}${P_OK}'.${P_END}"
       fi
+    fi
 
-      result=$(xsl_transform "$transform" "$metaschema" "$schema" 2>&1)
+    # validate generated schema
+    case $format in
+    xml)
+      result=$(xmllint --noout --schema "$OSCALDIR/build/ci-cd/support/XMLSchema.xsd" "$schema" 2>&1)
       cmd_exitcode=$?
-      if [ $cmd_exitcode -ne 0 ]; then
-        echo "${P_ERROR}Generation of ${format^^} schema failed for '${P_END}${metaschema_relative}${P_ERROR}'.${P_END}"
-        echo "${P_ERROR}${result}${P_END}"
-        exitcode=1
-      else
-        if [ "$VERBOSE" = "true" ]; then
-          echo "${P_OK}Generation of ${format^^} schema passed for '${P_END}${metaschema_relative}${P_OK}'.${P_END}"
-        fi
-      fi
+      ;;
+    json)
+      result=$(validate_json "$OSCALDIR/build/ci-cd/support/json-schema-schema.json" "$schema")
+      cmd_exitcode=$?
+      ;;
+    *)
+      echo "${P_WARN}Unsupported validation of ${format^^} schema for '${P_END}${schema_relative}${P_WARN}'.${P_END}"
+      cmd_exitcode=0
+      ;;
+    esac
 
-      # validate generated schema
-      case $format in
-      xml)
-        result=$(xmllint --noout --schema "$OSCALDIR/build/ci-cd/support/XMLSchema.xsd" "$schema" 2>&1)
-        cmd_exitcode=$?
-        ;;
-      json)
-        result=$(validate_json "$OSCALDIR/build/ci-cd/support/json-schema-schema.json" "$schema")
-        cmd_exitcode=$?
-        ;;
-      *)
-        echo "${P_WARN}Unsupported validation of ${format^^} schema for '${P_END}${schema_relative}${P_WARN}'.${P_END}"
-        cmd_exitcode=0
-        ;;
-      esac
-
-      if [ $cmd_exitcode -ne 0 ]; then
-        echo "${P_ERROR}Schema validation failed for '${P_END}${schema_relative}${P_ERROR}'.${P_END}"
-        echo "${P_ERROR}${result}${P_END}"
-        exitcode=1
+    if [ $cmd_exitcode -ne 0 ]; then
+      echo "${P_ERROR}Schema validation failed for '${P_END}${schema_relative}${P_ERROR}'.${P_END}"
+      echo "${P_ERROR}${result}${P_END}"
+      exitcode=1
+    else
+      if [ "$VERBOSE" = "true" ]; then
+        echo "${P_OK}Schema validation passed for '${P_END}${schema_relative}${P_OK}'.${P_END}"
       else
-        if [ "$VERBOSE" = "true" ]; then
-          echo "${P_OK}Schema validation passed for '${P_END}${schema_relative}${P_OK}'.${P_END}"
-        else
-          echo "${P_OK}Schema generation passed for '${P_END}${metaschema_relative}${P_OK}' as '${P_END}${schema_relative}${P_OK}', which is valid.${P_END}"
-        fi
+        echo "${P_OK}Schema generation passed for '${P_END}${metaschema_relative}${P_OK}' as '${P_END}${schema_relative}${P_OK}', which is valid.${P_END}"
       fi
-    done
+    fi
   done
+  IFS=$IFS_OLD
 done < "$OSCALDIR/build/ci-cd/config/metaschema"
-shopt -u nullglob
-shopt -u globstar
 
 exit $exitcode

build/ci-cd/include/schematron-init.sh

@@ -29,25 +29,40 @@ build_schematron() {
 }
 
 validate_with_schematron() {
-    local compiled_schematron="$1"
-    local source_file="$2"
-    local svrl_result="$3"
+    local compiled_schematron="$1"; shift
+    local source_file="$1"; shift
+    local svrl_result="$1"; shift
+    local extra_params=($@)
+
+    set -- "${compiled_schematron}"
+
+    if [ ! -z "$source_file" ]; then
+      set -- "$@" "${source_file}"
+    fi
+
+    if [ ! -z "$svrl_result" ]; then
+      set -- "$@" "${svrl_result}"
+    fi
 
     # generate the SVRL result
-    xsl_transform "$compiled_schematron" "$source_file" "$svrl_result"
+    xsl_transform "$@" "${extra_params[@]}"
     cmd_exitcode=$?
     if [ $cmd_exitcode -ne 0 ]; then
         echo "Processing Schematron '$compiled_schematron' failed for target file '$source_file'"
         return 3
     fi
+
     # check if the SVRL result contains errors
-    if grep --quiet "failed-assert" "$svrl_result"; then
+    if [ ! -z "$svrl_result" ]; then
+      if grep --quiet "failed-assert" "$svrl_result"; then
         echo "The file '$source_file' has the following Schematron errors:"
+
         # display the errors
         xsl_transform "$OSCALDIR/build/ci-cd/svrl-to-plaintext.xsl" "$svrl_result"
         echo ""
         return 1
-    else
+      else
         echo "File '$source_file' passed Schematron validation."
+      fi
     fi
 }

build/ci-cd/validate-metaschema.sh

@@ -108,6 +108,7 @@ if [ $cmd_exitcode -ne 0 ]; then
 fi
 # the following is needed by the compiled template
 cp "${metaschema_lib}/metaschema-compose.xsl" "${SCRATCH_DIR}"
+cp "${metaschema_lib}/oscal-datatypes-check.xsl" "${SCRATCH_DIR}"
 
 exitcode=0
 shopt -s nullglob