Merge pull request #65 from vbakke/feat/meta-on-top

Adopt the new filename `model.yaml`

Author: vbakke

.github/workflows/main.yml

@@ -58,9 +58,9 @@ jobs:
           docker run -d --name=yaml --entrypoint="/bin/sleep" wurstbrot/dsomm-yaml-generation:${{ steps.get-version.outputs.version }} 60 
           docker cp yaml:/var/www/html/generated/model.yaml generated/model.yaml 
           docker cp yaml:/var/www/html/generated/dependency-tree.md generated/dependency-tree.md           
-      - name: Replace version placeholder in activities.yaml
+      - name: Replace version placeholder in model.yaml
         run: |
-          sed -i "s/__VERSION_PLACEHOLDER__/${{ steps.get-version.outputs.version }}/g" src/assets/YAML/activities.yaml
+          sed -i "s/__VERSION_PLACEHOLDER__/${{ steps.get-version.outputs.version }}/g" src/assets/YAML/model.yaml
       - name: Commit all changed files back to the repository
         uses: planetscale/ghcommit-action@v0.1.6
         with:

.gitignore

@@ -48,5 +48,5 @@ Thumbs.db
 # Generated
 /src/assets/YAML/generated/generated.yaml
 /generated/model.yaml
-dependency-tree.md
+/generated/dependency-tree.md
 url-test-results.txt

README.md

@@ -1,6 +1,6 @@
 # OWASP DevSecOps Maturity Model Data
 
-This GitHub project ([DevSecOps-MaturityModel-data](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data)) contains the source for the model itself, used by the DSOMM applciation [DevSecOps-MaturityModel](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel). 
+This GitHub project ([DevSecOps-MaturityModel-data](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data)) contains the source for the DSOMM *model*. The model is used by the DSOMM applciation [DevSecOps-MaturityModel](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel). 
 
 The source files include dimensions, activities, descriptions, measures, and other model data used by the application.
 
@@ -12,7 +12,7 @@ Contributions that improve the DSOMM model are welcome. Please edit the source f
 
 ### Testing
 
-After making changes, generate a new `activities.yaml` and use it in a local DSOMM application to verify there are no technical issues.
+After making changes, generate a new `model.yaml` and start a local DSOMM application to verify there are no technical issues. (See below.)
 
 
 ## Usage
@@ -28,11 +28,7 @@ Depending on your platform use either `generateDimensions.bash` (Linux) or `gene
 
    `cd yaml-generation`
 
-3. Install dependencies:
-
-   `./generateDimensions.bash --install`
-
-4. Generate `activities.yaml`:
+3. Generate `model.yaml`:
 
    `./generateDimensions.bash`
 
@@ -42,27 +38,23 @@ Depending on your platform use either `generateDimensions.bash` (Linux) or `gene
 
 To start a local DSOMM instance on http://localhost:8080, run:
 
-   `./generateDimensions.bash --start-dsomm`
+  - `./generateDimensions.bash --start-dsomm`
+
+  This will down the latest DSOMM docker image and spin it up as a docker container.
 
 
 ### Test referenced URLs
 
 To test all URLs referenced by `implementations.yaml` and save results to `url-test-results.txt`, run:
 
-   `./generateDimensions.bash --test-urls`
+  - `./generateDimensions.bash --test-urls`
 
 
 ### Using Podman instead of Docker
 
 If you prefer Podman over Docker, set the environement variable `DOCKER_CMD` to `podman`, or edit the script for you operating system.
 
 
-## Development
-cd yaml-generation
-docker run --rm -v $(pwd):/app composer install
-cd ..
-docker run   -ti -v $(pwd)/yaml-generation:/var/www/html/yaml-generation  -v $(pwd)/src/assets/YAML/:/var/www/html/src/assets/YAML/ wurstbrot/dsomm-yaml-generation
-
 ## Credits
 
 - The "Test and Verification" dimension is based on Christian Schneider's Security DevOps Maturity Model (SDOMM).

generated/README.md

@@ -0,0 +1 @@
+GitHub Actions will update these generated files.

yaml-generation/generateDimensions.bash

@@ -1,9 +1,9 @@
 #!/bin/bash
 
 # Usage:
-#    ./generateDimensions.bash --install     First time, install composer dependencies
-#    ./generateDimensions.bash               Generate activities.yaml
-#    ./generateDimensions.bash --test-urls   Test URLs in implementations.yaml
+#    ./generateDimensions.bash                 Generate model.yaml
+#    ./generateDimensions.bash --test-urls     Test URLs in implementations.yaml
+#    ./generateDimensions.bash --start-dsomm   Run local DSOMM with generated model.yaml
 
 cd "$(dirname "$0")"/..
 
@@ -17,12 +17,13 @@ MSYS_NO_PATHCONV=1 $DOCKER_CMD run -ti --rm --volume "${PWD}:/app" wurstbrot/dso
 
 if [ "$1" = "--start-dsomm" ]; then
     echo "Starting local DSOMM application..."
-    MSYS_NO_PATHCONV=1 $DOCKER_CMD run -ti --rm --volume "${PWD}/src/assets/YAML/generated/generated.yaml:/srv/assets/YAML/generated/generated.yaml" -p 8080:8080 wurstbrot/dsomm
+    MSYS_NO_PATHCONV=1 $DOCKER_CMD run -ti --rm --volume "${PWD}/generated/model.yaml:/srv/assets/YAML/default/model.yaml" -p 8080:8080 wurstbrot/dsomm
+
 elif [ "$1" = "--test-urls" ]; then
     echo "Test URLs in implementations.yaml..."
     MSYS_NO_PATHCONV=1 $DOCKER_CMD run -e TEST_REFERENCED_URLS=true -ti --rm --volume "${PWD}:/app" wurstbrot/dsomm-yaml-generation bash -c 'cd /app/ && php yaml-generation/generateDimensions.php' | tee url-test-results.txt
 
 else
-    echo "Generating activities.yaml..."
-    MSYS_NO_PATHCONV=1 $DOCKER_CMD run -ti --rm --volume "${PWD}:/app" wurstbrot/dsomm-yaml-generation bash -c 'cd /app/ && php yaml-generation/generateDimensions.php'
+    echo "Generating model.yaml..."
+    MSYS_NO_PATHCONV=1 $DOCKER_CMD run -e USERNAME=${USER:-$USERNAME} -ti --rm --volume "${PWD}:/app" wurstbrot/dsomm-yaml-generation bash -c 'cd /app/ && php yaml-generation/generateDimensions.php'
 fi

yaml-generation/generateDimensions.bat

@@ -1,9 +1,9 @@
 @echo off
 
 REM Usage:
-REM    ./generateDimensions.bash --install     First time, install composer dependencies
-REM    ./generateDimensions.bash               Generate activities.yaml
-REM    ./generateDimensions.bash --test-urls   Test URLs in implementations.yaml
+REM    ./generateDimensions.bash                 Generate model.yaml
+REM    ./generateDimensions.bash --test-urls     Test URLs in implementations.yaml
+REM    ./generateDimensions.bash --start-dsomm   Run local DSOMM with generated model.yaml
 
 setlocal
 REM Change working directory to the project root
@@ -19,15 +19,15 @@ echo Installing composer dependencies...
 
 if "%~1"=="--start-dsomm" (
     echo Start local DSOMM application...
-    %DOCKER_CMD% run -ti --rm --volume "%CD%/src/assets/YAML/generated/generated.yaml:/srv/assets/YAML/generated/generated.yaml" -p 8080:8080 wurstbrot/dsomm
+    %DOCKER_CMD% run -ti --rm --volume "%CD%/generated/model.yaml:/srv/assets/YAML/default/model.yaml" -p 8080:8080 wurstbrot/dsomm
 
 ) else if "%~1"=="--test-urls" (
     echo Test URLs in implementations.yaml...
     %DOCKER_CMD% run -e TEST_REFERENCED_URLS=true -ti --rm --volume "%CD%:/app" wurstbrot/dsomm-yaml-generation bash -c "cd /app/ && php yaml-generation/generateDimensions.php" | tee url-test-results.txt
 
 ) else (
-    echo Generate activities.yaml...
-    %DOCKER_CMD% run -e %argument% -ti --rm --volume "%CD%:/app" wurstbrot/dsomm-yaml-generation bash -c "cd /app/ && php yaml-generation/generateDimensions.php"
+    echo Generate model.yaml...
+    %DOCKER_CMD% run -e USERNAME=%USERNAME% -ti --rm --volume "%CD%:/app" wurstbrot/dsomm-yaml-generation bash -c "cd /app/ && php yaml-generation/generateDimensions.php"
 
 )
 

yaml-generation/generateDimensions.php

@@ -7,6 +7,12 @@
 $inputFolder = "src/assets/YAML";
 $implementationReferenceFile = "$inputFolder/default/implementations.yaml";
 
+if (getenv('GITHUB_ACTIONS')) {
+    $publisher = 'https://github.com/' . getenv('GITHUB_REPOSITORY');
+} else {
+    $publisher = getenv('USERNAME');
+}
+
 $files = glob("$inputFolder/default/*/*.yaml");
 $dimensions = array();
 foreach ($files as $filename) {
@@ -157,7 +163,6 @@
 }
 
 
-
 // Post-process to add activity name as comment for `dependsOn`
 $dimensionsString = yaml_emit($dimensionsAggregated);
 preg_match_all('/\{!([0-9a-z-]{30,})!\}/', $dimensionsString, $matches);
@@ -173,7 +178,7 @@
     'meta' => array(
         'version' => '__VERSION_PLACEHOLDER__',
         'released' => date('Y-m-d'),
-        'publisher' => 'https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data/'
+        'publisher' => $publisher
     )
 );
 $modelString = yaml_emit_with_header($metaDocument, $dimensionsAggregated);