From cf1c9f30f6b2ef5ed72e1b80d7f76f8e2c2b9dcb Mon Sep 17 00:00:00 2001 From: Sophia Wang Date: Tue, 25 Mar 2025 11:40:43 +0800 Subject: [PATCH 1/3] Filter updated control files Signed-off-by: Sophia Wang --- content_test_filtering.py | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/content_test_filtering.py b/content_test_filtering.py index 465b2ab..863e195 100644 --- a/content_test_filtering.py +++ b/content_test_filtering.py @@ -1,5 +1,5 @@ #!/usr/bin/python3 -import logging +import json, logging from sys import stderr from ctf import cli, diff_analysis, connect_to_labels, ContentTests, DiffLogging from ctf.diff import git_wrapper @@ -30,7 +30,7 @@ changed_files = git_wrapper.git_diff_files(options.base_branch, new_branch=options.branch, pr_number=options.pr_number) - + controls_files = [] # Analyze each file separately and make set of tests for each one while True: if not changed_files: # Finish when all files are analysed @@ -43,6 +43,10 @@ if file_record["filepath"].startswith(".github"): continue + # Filter the updated control files + if "controls/" in file_record["filepath"]: + controls_files.append(file_record["filepath"]) + try: diff_structure = diff_analysis.analyse_file(file_record) except diff_analysis.UnknownAnalysisFileType: @@ -55,11 +59,19 @@ already_analysed.append(file_record["filepath"]) # If change affected any other file -> analyse it changed_files.extend(diff_structure.affected_files) - list_of_tests = connect_to_labels.get_labels(tests, options.output) if options.output == "json": logs.print_json(list_of_tests) else: logs.print_all_logs(list_of_tests, output_format=options.output_format) - + # Save the updated controls to a file for syncing OSCAL catalog + logger.debug(f"The updated controls: {controls_files}") + if options.output == "json": + controls_updates = {"controls": controls_files} + try: + with open('controls_updates.json', 'w', encoding='utf-8') as file: + json.dump(controls_updates, file, ensure_ascii=False, indent=4) + logger.debug("Controls saved to controls_updates.json successfully.") + except Exception as e: + logger.error(f"Error saving controls updates: {e}") logger.debug("Finished") From 9006a8a146c4070916cc820307e8ead7803e7dbb Mon Sep 17 00:00:00 2001 From: Sophia Wang Date: Wed, 26 Mar 2025 11:30:37 +0800 Subject: [PATCH 2/3] save the controls updates to the same output file Signed-off-by: Sophia Wang --- content_test_filtering.py | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/content_test_filtering.py b/content_test_filtering.py index 863e195..d2a6cf9 100644 --- a/content_test_filtering.py +++ b/content_test_filtering.py @@ -43,9 +43,10 @@ if file_record["filepath"].startswith(".github"): continue - # Filter the updated control files + # Filter the updated control files for syncing OSCAL catalog if "controls/" in file_record["filepath"]: - controls_files.append(file_record["filepath"]) + control_file = file_record["filepath"].split('/')[-1] + controls_files.append(control_file) try: diff_structure = diff_analysis.analyse_file(file_record) @@ -62,16 +63,10 @@ list_of_tests = connect_to_labels.get_labels(tests, options.output) if options.output == "json": logs.print_json(list_of_tests) + logger.debug(f"The updated controls: {controls_files}") + if controls_files: + controls_updates = [{"controls": controls_files}] + logs.print_json(controls_updates) else: logs.print_all_logs(list_of_tests, output_format=options.output_format) - # Save the updated controls to a file for syncing OSCAL catalog - logger.debug(f"The updated controls: {controls_files}") - if options.output == "json": - controls_updates = {"controls": controls_files} - try: - with open('controls_updates.json', 'w', encoding='utf-8') as file: - json.dump(controls_updates, file, ensure_ascii=False, indent=4) - logger.debug("Controls saved to controls_updates.json successfully.") - except Exception as e: - logger.error(f"Error saving controls updates: {e}") logger.debug("Finished") From bda9d6e78658889a2e4aa3cfb9fcb2e4f8893953 Mon Sep 17 00:00:00 2001 From: Sophia Wang Date: Tue, 22 Apr 2025 16:37:17 +0800 Subject: [PATCH 3/3] add option to print control updates Signed-off-by: Sophia Wang --- README.md | 1 + content_test_filtering.py | 2 +- ctf/cli.py | 2 ++ 3 files changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index ac0dfef..cee5a0c 100644 --- a/README.md +++ b/README.md @@ -52,6 +52,7 @@ Both options have common optional arguments: Output from the tool. --profile Print only profile tests. --rule Print only rule tests. + --control Print the updates of control files. ``` ### Remote vs local analysis diff --git a/content_test_filtering.py b/content_test_filtering.py index d2a6cf9..b36e4df 100644 --- a/content_test_filtering.py +++ b/content_test_filtering.py @@ -64,7 +64,7 @@ if options.output == "json": logs.print_json(list_of_tests) logger.debug(f"The updated controls: {controls_files}") - if controls_files: + if controls_files and options.control_output: controls_updates = [{"controls": controls_files}] logs.print_json(controls_updates) else: diff --git a/ctf/cli.py b/ctf/cli.py index ae58dfe..506a7af 100644 --- a/ctf/cli.py +++ b/ctf/cli.py @@ -37,6 +37,8 @@ def parse_args(): action="store_true", help="Print only profile tests.") common_parser.add_argument("--rule", dest="rule_output", default=False, action="store_true", help="Print only rule tests.") + common_parser.add_argument("--control", dest="control_output", default=False, + action="store_true", help="Print control updates.") parser.set_defaults(pr_number=None, branch=None)