Add has-inventory-items #899
Conversation
|
Related issue #881. |
aj-stein-gsa
force-pushed
the
add-has-inventory-items
branch
from
8dd545f
to
c8b4d3e
Compare
| | has-network-architecture | | ||
| | has-network-architecture-diagram | | ||
| | has-network-architecture-diagram-caption | | ||
| | has-network-architecture-diagram-description | | ||
| | has-network-architecture-diagram-link | | ||
| | has-network-architecture-diagram-link-rel | | ||
| | has-network-architecture-diagram-link-rel-allowed-value | | ||
| | has-published-date | |
There was a problem hiding this comment.
Not sure why these constraints (has-published-date, responsible-party-prepared-by, responsible-party-prepared-by-location-valid, role-defined-prepared-by) were deleted from the feature file. Are you able to run make test and commit the changes to the feature file so that these get added back.
There was a problem hiding this comment.
I helped him rebase and it seems I did a so-so job.
| <context> | ||
| <metapath target="/system-security-plan/system-implementation"/> | ||
| <constraints> | ||
| <expect id="has-inventory-items" target="." test="count(inventory-item) >= 2" level="ERROR"> |
There was a problem hiding this comment.
Issue #881 proposed that this constraint should check if there is at least 1 inventory item. Is there a reason that we are checking for at least 2?
There was a problem hiding this comment.
According to Brian, "FedRAMP requires at least two instances of a system":
#881 (comment)
There was a problem hiding this comment.
That's fair. Ignore my previous comments then. The constraint message will need to be adjusted to align with what the constraint is testing
Committer Notes
has-inventory-itemsconstraint, which checks that a FedRAMP SSP contains two or more inventory items.ssp-all-VALID.xmlfile, add the second<inventory-item>node to make the SSP valid.All Submissions:
By submitting a pull request, you are agreeing to provide this contribution under the CC0 1.0 Universal public domain dedication.