From f3ce772b7116da60064fccf069b79b7dfe5d00d1 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Fri, 4 Aug 2023 09:34:20 -0400 Subject: [PATCH 01/14] Integrated changes based on metaschema-java 1.0.0 refactoring. --- pom.xml | 13 ++---- .../oscal/tools/cli/core/OscalCliVersion.java | 2 +- .../secauto/oscal/tools/cli/core/CLI.java | 8 ++-- .../commands/AbstractRenderSubcommand.java | 2 +- .../assessmentplan/ValidateSubcommand.java | 23 +++++----- .../assessmentresults/ValidateSubcommand.java | 23 +++++----- .../commands/catalog/ValidateSubcommand.java | 22 +++++----- .../ValidateSubcommand.java | 22 +++++----- .../metaschema/MetaschemaCommand.java | 10 ++--- .../oscal/AbstractOscalConvertSubcommand.java | 2 +- .../AbstractOscalValidationSubcommand.java | 8 ++-- .../commands/poam/ValidateSubcommand.java | 25 +++++------ .../commands/profile/ResolveSubcommand.java | 43 +++++++++++-------- .../commands/profile/ValidateSubcommand.java | 22 ++++++++-- .../core/commands/ssp/ValidateSubcommand.java | 22 +++++----- .../cli/core/operations/XMLOperations.java | 20 ++++++--- .../tools/cli/core/NullYamlValuesTest.java | 20 ++++----- 17 files changed, 160 insertions(+), 127 deletions(-) diff --git a/pom.xml b/pom.xml index 7b92afc..686d6ed 100644 --- a/pom.xml +++ b/pom.xml @@ -4,7 +4,7 @@ gov.nist.secauto oss-parent - 27 + 28-SNAPSHOT gov.nist.secauto.oscal.tools.oscal-cli cli-core @@ -78,8 +78,8 @@ - 0.12.2 - 3.0.3 + 1.0.0-SNAPSHOT + 3.0.3-SNAPSHOT https://pages.nist.gov/metaschema-java/ @@ -228,12 +228,7 @@ org.junit.jupiter - junit-jupiter-api - test - - - org.junit.jupiter - junit-jupiter-engine + junit-jupiter test diff --git a/src/main/java-templates/gov/nist/secauto/oscal/tools/cli/core/OscalCliVersion.java b/src/main/java-templates/gov/nist/secauto/oscal/tools/cli/core/OscalCliVersion.java index a447b8c..7d1af53 100644 --- a/src/main/java-templates/gov/nist/secauto/oscal/tools/cli/core/OscalCliVersion.java +++ b/src/main/java-templates/gov/nist/secauto/oscal/tools/cli/core/OscalCliVersion.java @@ -26,7 +26,7 @@ package gov.nist.secauto.oscal.tools.cli.core; -import gov.nist.secauto.metaschema.model.common.util.IVersionInfo; +import gov.nist.secauto.metaschema.core.util.IVersionInfo; public class OscalCliVersion implements IVersionInfo { diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/CLI.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/CLI.java index 1b10921..fecc835 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/CLI.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/CLI.java @@ -28,10 +28,10 @@ import gov.nist.secauto.metaschema.cli.processor.CLIProcessor; import gov.nist.secauto.metaschema.cli.processor.ExitStatus; -import gov.nist.secauto.metaschema.model.MetaschemaVersion; -import gov.nist.secauto.metaschema.model.common.util.IVersionInfo; -import gov.nist.secauto.metaschema.model.common.util.MetaschemaJavaVersion; -import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; +import gov.nist.secauto.metaschema.core.MetaschemaJavaVersion; +import gov.nist.secauto.metaschema.core.model.MetaschemaVersion; +import gov.nist.secauto.metaschema.core.util.IVersionInfo; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; import gov.nist.secauto.oscal.lib.LibOscalVersion; import gov.nist.secauto.oscal.lib.OscalVersion; import gov.nist.secauto.oscal.tools.cli.core.commands.assessmentplan.AssessmentPlanCommand; diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractRenderSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractRenderSubcommand.java index 69242fc..87ed59a 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractRenderSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractRenderSubcommand.java @@ -35,7 +35,7 @@ import gov.nist.secauto.metaschema.cli.processor.command.DefaultExtraArgument; import gov.nist.secauto.metaschema.cli.processor.command.ExtraArgument; import gov.nist.secauto.metaschema.cli.processor.command.ICommandExecutor; -import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; import org.apache.commons.cli.CommandLine; import org.apache.commons.cli.Option; diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/assessmentplan/ValidateSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/assessmentplan/ValidateSubcommand.java index 2824d39..6b58b50 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/assessmentplan/ValidateSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/assessmentplan/ValidateSubcommand.java @@ -26,16 +26,17 @@ package gov.nist.secauto.oscal.tools.cli.core.commands.assessmentplan; -import gov.nist.secauto.metaschema.binding.io.xml.XmlUtil; -import gov.nist.secauto.metaschema.model.common.util.CollectionUtil; -import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; -import gov.nist.secauto.metaschema.model.common.validation.JsonSchemaContentValidator; +import gov.nist.secauto.metaschema.core.model.util.JsonUtil; +import gov.nist.secauto.metaschema.core.model.util.XmlUtil; +import gov.nist.secauto.metaschema.core.util.CollectionUtil; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; import gov.nist.secauto.oscal.lib.OscalBindingContext; import gov.nist.secauto.oscal.tools.cli.core.commands.oscal.AbstractOscalValidationSubcommand; import org.json.JSONObject; import java.io.IOException; +import java.io.InputStream; import java.util.LinkedList; import java.util.List; @@ -52,16 +53,16 @@ public String getDescription() { protected List getOscalXmlSchemas() throws IOException { List retval = new LinkedList<>(); retval.add( - ObjectUtils.requireNonNull( - XmlUtil.getStreamSource( - OscalBindingContext.class.getResource("/schema/xml/oscal-ap_schema.xsd")))); + XmlUtil.getStreamSource(ObjectUtils.requireNonNull( + OscalBindingContext.class.getResource("/schema/xml/oscal-ap_schema.xsd")))); return CollectionUtil.unmodifiableList(retval); } @Override - protected JSONObject getOscalJsonSchema() { - return JsonSchemaContentValidator.toJsonObject( - ObjectUtils.requireNonNull( - OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-ap_schema.json"))); + protected JSONObject getOscalJsonSchema() throws IOException { + try (InputStream is = ObjectUtils.requireNonNull( + OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-ap_schema.json"))) { + return JsonUtil.toJsonObject(is); + } } } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/assessmentresults/ValidateSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/assessmentresults/ValidateSubcommand.java index fb6be56..44d11e5 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/assessmentresults/ValidateSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/assessmentresults/ValidateSubcommand.java @@ -26,16 +26,17 @@ package gov.nist.secauto.oscal.tools.cli.core.commands.assessmentresults; -import gov.nist.secauto.metaschema.binding.io.xml.XmlUtil; -import gov.nist.secauto.metaschema.model.common.util.CollectionUtil; -import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; -import gov.nist.secauto.metaschema.model.common.validation.JsonSchemaContentValidator; +import gov.nist.secauto.metaschema.core.model.util.JsonUtil; +import gov.nist.secauto.metaschema.core.model.util.XmlUtil; +import gov.nist.secauto.metaschema.core.util.CollectionUtil; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; import gov.nist.secauto.oscal.lib.OscalBindingContext; import gov.nist.secauto.oscal.tools.cli.core.commands.oscal.AbstractOscalValidationSubcommand; import org.json.JSONObject; import java.io.IOException; +import java.io.InputStream; import java.util.LinkedList; import java.util.List; @@ -52,16 +53,16 @@ public String getDescription() { protected List getOscalXmlSchemas() throws IOException { List retval = new LinkedList<>(); retval.add( - ObjectUtils.requireNonNull( - XmlUtil.getStreamSource( - OscalBindingContext.class.getResource("/schema/xml/oscal-ar_schema.xsd")))); + XmlUtil.getStreamSource(ObjectUtils.requireNonNull( + OscalBindingContext.class.getResource("/schema/xml/oscal-ar_schema.xsd")))); return CollectionUtil.unmodifiableList(retval); } @Override - protected JSONObject getOscalJsonSchema() { - return JsonSchemaContentValidator.toJsonObject( - ObjectUtils.requireNonNull( - OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-ar_schema.json"))); + protected JSONObject getOscalJsonSchema() throws IOException { + try (InputStream is = ObjectUtils.requireNonNull( + OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-ar_schema.json"))) { + return JsonUtil.toJsonObject(is); + } } } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/catalog/ValidateSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/catalog/ValidateSubcommand.java index f922ebc..54c19f1 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/catalog/ValidateSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/catalog/ValidateSubcommand.java @@ -26,16 +26,17 @@ package gov.nist.secauto.oscal.tools.cli.core.commands.catalog; -import gov.nist.secauto.metaschema.binding.io.xml.XmlUtil; -import gov.nist.secauto.metaschema.model.common.util.CollectionUtil; -import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; -import gov.nist.secauto.metaschema.model.common.validation.JsonSchemaContentValidator; +import gov.nist.secauto.metaschema.core.model.util.JsonUtil; +import gov.nist.secauto.metaschema.core.model.util.XmlUtil; +import gov.nist.secauto.metaschema.core.util.CollectionUtil; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; import gov.nist.secauto.oscal.lib.OscalBindingContext; import gov.nist.secauto.oscal.tools.cli.core.commands.oscal.AbstractOscalValidationSubcommand; import org.json.JSONObject; import java.io.IOException; +import java.io.InputStream; import java.util.LinkedList; import java.util.List; @@ -52,15 +53,16 @@ public String getDescription() { protected List getOscalXmlSchemas() throws IOException { List retval = new LinkedList<>(); retval.add( - ObjectUtils.requireNonNull( - XmlUtil.getStreamSource(OscalBindingContext.class.getResource("/schema/xml/oscal-catalog_schema.xsd")))); + XmlUtil.getStreamSource(ObjectUtils.requireNonNull( + OscalBindingContext.class.getResource("/schema/xml/oscal-catalog_schema.xsd")))); return CollectionUtil.unmodifiableList(retval); } @Override - protected JSONObject getOscalJsonSchema() { - return JsonSchemaContentValidator.toJsonObject( - ObjectUtils.requireNonNull( - OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-catalog_schema.json"))); + protected JSONObject getOscalJsonSchema() throws IOException { + try (InputStream is = ObjectUtils.requireNonNull( + OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-catalog_schema.json"))) { + return JsonUtil.toJsonObject(is); + } } } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/componentdefinition/ValidateSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/componentdefinition/ValidateSubcommand.java index 6dc51d6..d732b03 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/componentdefinition/ValidateSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/componentdefinition/ValidateSubcommand.java @@ -26,16 +26,17 @@ package gov.nist.secauto.oscal.tools.cli.core.commands.componentdefinition; -import gov.nist.secauto.metaschema.binding.io.xml.XmlUtil; -import gov.nist.secauto.metaschema.model.common.util.CollectionUtil; -import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; -import gov.nist.secauto.metaschema.model.common.validation.JsonSchemaContentValidator; +import gov.nist.secauto.metaschema.core.model.util.JsonUtil; +import gov.nist.secauto.metaschema.core.model.util.XmlUtil; +import gov.nist.secauto.metaschema.core.util.CollectionUtil; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; import gov.nist.secauto.oscal.lib.OscalBindingContext; import gov.nist.secauto.oscal.tools.cli.core.commands.oscal.AbstractOscalValidationSubcommand; import org.json.JSONObject; import java.io.IOException; +import java.io.InputStream; import java.util.LinkedList; import java.util.List; @@ -52,15 +53,16 @@ public String getDescription() { protected List getOscalXmlSchemas() throws IOException { List retval = new LinkedList<>(); retval.add( - ObjectUtils.requireNonNull( - XmlUtil.getStreamSource(OscalBindingContext.class.getResource("/schema/xml/oscal-component-definition_schema.xsd")))); + XmlUtil.getStreamSource(ObjectUtils.requireNonNull( + OscalBindingContext.class.getResource("/schema/xml/oscal-component-definition_schema.xsd")))); return CollectionUtil.unmodifiableList(retval); } @Override - protected JSONObject getOscalJsonSchema() { - return JsonSchemaContentValidator.toJsonObject( - ObjectUtils.requireNonNull( - OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-component-definition_schema.json"))); + protected JSONObject getOscalJsonSchema() throws IOException { + try (InputStream is = ObjectUtils.requireNonNull( + OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-component-definition_schema.json"))) { + return JsonUtil.toJsonObject(is); + } } } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/metaschema/MetaschemaCommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/metaschema/MetaschemaCommand.java index f86918a..f7165e0 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/metaschema/MetaschemaCommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/metaschema/MetaschemaCommand.java @@ -29,8 +29,8 @@ import com.google.auto.service.AutoService; import gov.nist.secauto.metaschema.cli.commands.GenerateSchemaCommand; -import gov.nist.secauto.metaschema.cli.commands.ValidateContentWithMetaschemaCommand; -import gov.nist.secauto.metaschema.cli.commands.ValidateMetaschemaCommand; +import gov.nist.secauto.metaschema.cli.commands.ValidateContentUsingModuleCommand; +import gov.nist.secauto.metaschema.cli.commands.ValidateModuleCommand; import gov.nist.secauto.metaschema.cli.processor.command.AbstractParentCommand; import gov.nist.secauto.metaschema.cli.processor.command.ICommand; @@ -42,8 +42,8 @@ public class MetaschemaCommand public MetaschemaCommand() { super(true); addCommandHandler(new GenerateSchemaCommand()); - addCommandHandler(new ValidateMetaschemaCommand()); - addCommandHandler(new ValidateContentWithMetaschemaCommand()); + addCommandHandler(new ValidateModuleCommand()); + addCommandHandler(new ValidateContentUsingModuleCommand()); } @Override @@ -53,6 +53,6 @@ public String getName() { @Override public String getDescription() { - return "Perform an operation on a Metaschema"; + return "Perform an operation on a Module"; } } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalConvertSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalConvertSubcommand.java index 7d50542..78f6876 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalConvertSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalConvertSubcommand.java @@ -26,10 +26,10 @@ package gov.nist.secauto.oscal.tools.cli.core.commands.oscal; -import gov.nist.secauto.metaschema.binding.IBindingContext; import gov.nist.secauto.metaschema.cli.commands.AbstractConvertSubcommand; import gov.nist.secauto.metaschema.cli.processor.CLIProcessor.CallingContext; import gov.nist.secauto.metaschema.cli.processor.command.ICommandExecutor; +import gov.nist.secauto.metaschema.databind.IBindingContext; import gov.nist.secauto.oscal.lib.OscalBindingContext; import org.apache.commons.cli.CommandLine; diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java index 30c1951..01f45b3 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java @@ -26,11 +26,11 @@ package gov.nist.secauto.oscal.tools.cli.core.commands.oscal; -import gov.nist.secauto.metaschema.binding.IBindingContext; import gov.nist.secauto.metaschema.cli.commands.AbstractValidateContentCommand; import gov.nist.secauto.metaschema.cli.processor.CLIProcessor.CallingContext; import gov.nist.secauto.metaschema.cli.processor.command.ICommandExecutor; -import gov.nist.secauto.metaschema.model.common.constraint.IConstraintSet; +import gov.nist.secauto.metaschema.core.model.constraint.IConstraintSet; +import gov.nist.secauto.metaschema.databind.IBindingContext; import gov.nist.secauto.oscal.lib.OscalBindingContext; import org.apache.commons.cli.CommandLine; @@ -51,7 +51,7 @@ public abstract class AbstractOscalValidationSubcommand protected abstract List getOscalXmlSchemas() throws IOException; @NonNull - protected abstract JSONObject getOscalJsonSchema(); + protected abstract JSONObject getOscalJsonSchema() throws IOException; @Override public ICommandExecutor newExecutor(CallingContext callingContext, CommandLine commandLine) { @@ -80,7 +80,7 @@ public List getXmlSchemas() throws IOException { @Override @NonNull - public JSONObject getJsonSchema() { + public JSONObject getJsonSchema() throws IOException { return getOscalJsonSchema(); } } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/poam/ValidateSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/poam/ValidateSubcommand.java index a26c409..a4df6c9 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/poam/ValidateSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/poam/ValidateSubcommand.java @@ -26,16 +26,17 @@ package gov.nist.secauto.oscal.tools.cli.core.commands.poam; -import gov.nist.secauto.metaschema.binding.io.xml.XmlUtil; -import gov.nist.secauto.metaschema.model.common.util.CollectionUtil; -import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; -import gov.nist.secauto.metaschema.model.common.validation.JsonSchemaContentValidator; +import gov.nist.secauto.metaschema.core.model.util.JsonUtil; +import gov.nist.secauto.metaschema.core.model.util.XmlUtil; +import gov.nist.secauto.metaschema.core.util.CollectionUtil; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; import gov.nist.secauto.oscal.lib.OscalBindingContext; import gov.nist.secauto.oscal.tools.cli.core.commands.oscal.AbstractOscalValidationSubcommand; import org.json.JSONObject; import java.io.IOException; +import java.io.InputStream; import java.util.LinkedList; import java.util.List; @@ -52,17 +53,17 @@ public String getDescription() { @Override protected List getOscalXmlSchemas() throws IOException { List retval = new LinkedList<>(); - retval - .add( - ObjectUtils.requireNonNull( - XmlUtil.getStreamSource(OscalBindingContext.class.getResource("/schema/xml/oscal-poam_schema.xsd")))); + retval.add( + XmlUtil.getStreamSource(ObjectUtils.requireNonNull( + OscalBindingContext.class.getResource("/schema/xml/oscal-poam_schema.xsd")))); return CollectionUtil.unmodifiableList(retval); } @Override - protected JSONObject getOscalJsonSchema() { - return JsonSchemaContentValidator.toJsonObject( - ObjectUtils.requireNonNull( - OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-poam_schema.json"))); + protected JSONObject getOscalJsonSchema() throws IOException { + try (InputStream is = ObjectUtils.requireNonNull( + OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-poam_schema.json"))) { + return JsonUtil.toJsonObject(is); + } } } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java index b455e73..663f0a1 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java @@ -26,10 +26,6 @@ package gov.nist.secauto.oscal.tools.cli.core.commands.profile; -import gov.nist.secauto.metaschema.binding.io.DeserializationFeature; -import gov.nist.secauto.metaschema.binding.io.Format; -import gov.nist.secauto.metaschema.binding.io.IBoundLoader; -import gov.nist.secauto.metaschema.binding.io.ISerializer; import gov.nist.secauto.metaschema.cli.processor.CLIProcessor.CallingContext; import gov.nist.secauto.metaschema.cli.processor.ExitCode; import gov.nist.secauto.metaschema.cli.processor.ExitStatus; @@ -39,11 +35,17 @@ import gov.nist.secauto.metaschema.cli.processor.command.DefaultExtraArgument; import gov.nist.secauto.metaschema.cli.processor.command.ExtraArgument; import gov.nist.secauto.metaschema.cli.processor.command.ICommandExecutor; -import gov.nist.secauto.metaschema.model.common.metapath.DynamicContext; -import gov.nist.secauto.metaschema.model.common.metapath.StaticContext; -import gov.nist.secauto.metaschema.model.common.metapath.item.IDocumentNodeItem; -import gov.nist.secauto.metaschema.model.common.util.CustomCollectors; -import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; +import gov.nist.secauto.metaschema.core.metapath.DynamicContext; +import gov.nist.secauto.metaschema.core.metapath.StaticContext; +import gov.nist.secauto.metaschema.core.metapath.item.node.IDocumentNodeItem; +import gov.nist.secauto.metaschema.core.metapath.item.node.INodeItem; +import gov.nist.secauto.metaschema.core.util.CustomCollectors; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; +import gov.nist.secauto.metaschema.databind.io.DeserializationFeature; +import gov.nist.secauto.metaschema.databind.io.Format; +import gov.nist.secauto.metaschema.databind.io.FormatDetector; +import gov.nist.secauto.metaschema.databind.io.IBoundLoader; +import gov.nist.secauto.metaschema.databind.io.ISerializer; import gov.nist.secauto.oscal.lib.OscalBindingContext; import gov.nist.secauto.oscal.lib.model.Catalog; import gov.nist.secauto.oscal.lib.model.Profile; @@ -56,6 +58,7 @@ import java.io.File; import java.io.FileNotFoundException; import java.io.IOException; +import java.io.PrintStream; import java.net.URI; import java.nio.file.Files; import java.nio.file.Path; @@ -211,7 +214,8 @@ protected ExitStatus executeCommand( } else { // attempt to determine the format try { - asFormat = loader.detectFormat(ObjectUtils.notNull(source)); + FormatDetector.Result result = loader.detectFormat(ObjectUtils.notNull(source)); + asFormat = result.getFormat(); } catch (FileNotFoundException ex) { // this case was already checked for return ExitCode.IO_ERROR.exitMessage("The provided source file '" + source + "' does not exist."); @@ -227,6 +231,7 @@ protected ExitStatus executeCommand( } source = source.toAbsolutePath(); + assert source != null; Format toFormat; if (cmdLine.hasOption(TO_OPTION)) { @@ -264,7 +269,7 @@ protected ExitStatus executeCommand( IDocumentNodeItem document; try { - document = loader.loadAsNodeItem(asFormat, loader.toInputSource(ObjectUtils.notNull(source.toUri()))); + document = loader.loadAsNodeItem(asFormat, source); } catch (IOException ex) { return ExitCode.IO_ERROR.exit().withThrowable(ex); } @@ -274,10 +279,12 @@ protected ExitStatus executeCommand( return ExitCode.INVALID_ARGUMENTS.exitMessage("The target file is already a catalog"); } else if (object instanceof Profile) { // this is a profile - StaticContext staticContext = new StaticContext(); URI sourceUri = ObjectUtils.notNull(source.toUri()); - staticContext.setBaseUri(sourceUri); - DynamicContext dynamicContext = staticContext.newDynamicContext(); + + DynamicContext dynamicContext = StaticContext.builder() + .baseUri(sourceUri) + .build() + .newDynamicContext(); dynamicContext.setDocumentLoader(loader); ProfileResolver resolver = new ProfileResolver(); resolver.setDynamicContext(dynamicContext); @@ -292,7 +299,8 @@ protected ExitStatus executeCommand( .withThrowable(ex); } - // DefaultConstraintValidator validator = new DefaultConstraintValidator(dynamicContext); + // DefaultConstraintValidator validator = new + // DefaultConstraintValidator(dynamicContext); // ((IBoundXdmNodeItem)resolvedProfile).validate(validator); // validator.finalizeValidation(); @@ -300,9 +308,10 @@ protected ExitStatus executeCommand( = OscalBindingContext.instance().newSerializer(toFormat, Catalog.class); try { if (destination == null) { - serializer.serialize((Catalog) resolvedProfile.getValue(), ObjectUtils.notNull(System.out)); + @SuppressWarnings("resource") PrintStream stdOut = ObjectUtils.notNull(System.out); + serializer.serialize((Catalog) INodeItem.toValue(resolvedProfile), stdOut); } else { - serializer.serialize((Catalog) resolvedProfile.getValue(), destination); + serializer.serialize((Catalog) INodeItem.toValue(resolvedProfile), destination); } } catch (IOException ex) { return ExitCode.PROCESSING_ERROR.exit().withThrowable(ex); diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ValidateSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ValidateSubcommand.java index 6456b75..a215c16 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ValidateSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ValidateSubcommand.java @@ -26,16 +26,17 @@ package gov.nist.secauto.oscal.tools.cli.core.commands.profile; -import gov.nist.secauto.metaschema.binding.io.xml.XmlUtil; -import gov.nist.secauto.metaschema.model.common.util.CollectionUtil; -import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; -import gov.nist.secauto.metaschema.model.common.validation.JsonSchemaContentValidator; +import gov.nist.secauto.metaschema.core.model.util.JsonUtil; +import gov.nist.secauto.metaschema.core.model.util.XmlUtil; +import gov.nist.secauto.metaschema.core.util.CollectionUtil; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; import gov.nist.secauto.oscal.lib.OscalBindingContext; import gov.nist.secauto.oscal.tools.cli.core.commands.oscal.AbstractOscalValidationSubcommand; import org.json.JSONObject; import java.io.IOException; +import java.io.InputStream; import java.util.LinkedList; import java.util.List; @@ -52,15 +53,28 @@ public String getDescription() { protected List getOscalXmlSchemas() throws IOException { List retval = new LinkedList<>(); retval.add( +<<<<<<< HEAD ObjectUtils.requireNonNull( XmlUtil.getStreamSource(OscalBindingContext.class.getResource("/schema/xml/oscal-profile_schema.xsd")))); +======= + XmlUtil.getStreamSource(ObjectUtils.requireNonNull( + OscalBindingContext.class.getResource("/schema/xml/oscal_profile_schema.xsd")))); +>>>>>>> d612448 (Integrated changes based on metaschema-java 1.0.0 refactoring.) return CollectionUtil.unmodifiableList(retval); } @Override +<<<<<<< HEAD protected JSONObject getOscalJsonSchema() { return JsonSchemaContentValidator.toJsonObject( ObjectUtils.requireNonNull( OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-profile_schema.json"))); +======= + protected JSONObject getOscalJsonSchema() throws IOException { + try (InputStream is = ObjectUtils.requireNonNull( + OscalBindingContext.class.getResourceAsStream("/schema/json/oscal_profile_schema.json"))) { + return JsonUtil.toJsonObject(is); + } +>>>>>>> d612448 (Integrated changes based on metaschema-java 1.0.0 refactoring.) } } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/ssp/ValidateSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/ssp/ValidateSubcommand.java index 15d2e92..64201cb 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/ssp/ValidateSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/ssp/ValidateSubcommand.java @@ -26,16 +26,17 @@ package gov.nist.secauto.oscal.tools.cli.core.commands.ssp; -import gov.nist.secauto.metaschema.binding.io.xml.XmlUtil; -import gov.nist.secauto.metaschema.model.common.util.CollectionUtil; -import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; -import gov.nist.secauto.metaschema.model.common.validation.JsonSchemaContentValidator; +import gov.nist.secauto.metaschema.core.model.util.JsonUtil; +import gov.nist.secauto.metaschema.core.model.util.XmlUtil; +import gov.nist.secauto.metaschema.core.util.CollectionUtil; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; import gov.nist.secauto.oscal.lib.OscalBindingContext; import gov.nist.secauto.oscal.tools.cli.core.commands.oscal.AbstractOscalValidationSubcommand; import org.json.JSONObject; import java.io.IOException; +import java.io.InputStream; import java.util.LinkedList; import java.util.List; @@ -52,15 +53,16 @@ public String getDescription() { protected List getOscalXmlSchemas() throws IOException { List retval = new LinkedList<>(); retval.add( - ObjectUtils.requireNonNull( - XmlUtil.getStreamSource(OscalBindingContext.class.getResource("/schema/xml/oscal-ssp_schema.xsd")))); + XmlUtil.getStreamSource(ObjectUtils.requireNonNull( + OscalBindingContext.class.getResource("/schema/xml/oscal-ssp_schema.xsd")))); return CollectionUtil.unmodifiableList(retval); } @Override - protected JSONObject getOscalJsonSchema() { - return JsonSchemaContentValidator.toJsonObject( - ObjectUtils.requireNonNull( - OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-ssp_schema.json"))); + protected JSONObject getOscalJsonSchema() throws IOException { + try (InputStream is = ObjectUtils.requireNonNull( + OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-ssp_schema.json"))) { + return JsonUtil.toJsonObject(is); + } } } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/operations/XMLOperations.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/operations/XMLOperations.java index d4ec651..50b07a6 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/operations/XMLOperations.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/operations/XMLOperations.java @@ -26,7 +26,8 @@ package gov.nist.secauto.oscal.tools.cli.core.operations; -import gov.nist.secauto.metaschema.binding.io.xml.XmlUtil; +import gov.nist.secauto.metaschema.core.model.util.XmlUtil; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; import net.sf.saxon.jaxp.SaxonTransformerFactory; @@ -52,7 +53,8 @@ private XMLOperations() { public static void renderCatalogHTML(File input, File result) throws IOException, TransformerException { render(input, result, - XmlUtil.getStreamSource(XMLOperations.class.getResource("/xsl/oscal-for-bootstrap-html.xsl"))); + XmlUtil.getStreamSource(ObjectUtils.requireNonNull( + XMLOperations.class.getResource("/xsl/oscal-for-bootstrap-html.xsl")))); } public static void renderProfileHTML(File input, File result) throws IOException, TransformerException { @@ -63,12 +65,14 @@ public static void renderProfileHTML(File input, File result) throws IOException File temp = File.createTempFile("resolved-profile", ".xml"); try { - Transformer transformer = transfomerFactory - .newTransformer(XmlUtil.getStreamSource(XMLOperations.class.getResource("/xsl/profile-resolver.xsl"))); + Transformer transformer = transfomerFactory.newTransformer( + XmlUtil.getStreamSource(ObjectUtils.requireNonNull( + XMLOperations.class.getResource("/xsl/profile-resolver.xsl")))); transformer.transform(new StreamSource(input), new StreamResult(temp)); transformer = transfomerFactory.newTransformer( - XmlUtil.getStreamSource(XMLOperations.class.getResource("/xsl/oscal-for-bootstrap-html.xsl"))); + XmlUtil.getStreamSource(ObjectUtils.requireNonNull( + XMLOperations.class.getResource("/xsl/oscal-for-bootstrap-html.xsl")))); transformer.transform(new StreamSource(temp), new StreamResult(result)); } finally { if (!temp.delete()) { @@ -76,8 +80,10 @@ public static void renderProfileHTML(File input, File result) throws IOException } } - // TransformerHandler resolverHandler = transfomerFactory.newTransformerHandler(resolver); - // TransformerHandler rendererHandler = transfomerFactory.newTransformerHandler(renderer); + // TransformerHandler resolverHandler = + // transfomerFactory.newTransformerHandler(resolver); + // TransformerHandler rendererHandler = + // transfomerFactory.newTransformerHandler(renderer); // // resolverHandler.setResult(new SAXResult(rendererHandler)); // rendererHandler.setResult(new StreamResult(result)); diff --git a/src/test/java/gov/nist/secauto/oscal/tools/cli/core/NullYamlValuesTest.java b/src/test/java/gov/nist/secauto/oscal/tools/cli/core/NullYamlValuesTest.java index 0e637b0..5df4ae3 100644 --- a/src/test/java/gov/nist/secauto/oscal/tools/cli/core/NullYamlValuesTest.java +++ b/src/test/java/gov/nist/secauto/oscal/tools/cli/core/NullYamlValuesTest.java @@ -28,9 +28,9 @@ import static org.junit.jupiter.api.Assertions.assertTrue; -import gov.nist.secauto.metaschema.binding.io.Format; -import gov.nist.secauto.metaschema.binding.io.IBoundLoader; -import gov.nist.secauto.metaschema.model.common.util.ObjectUtils; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; +import gov.nist.secauto.metaschema.databind.io.Format; +import gov.nist.secauto.metaschema.databind.io.IBoundLoader; import gov.nist.secauto.oscal.lib.OscalBindingContext; import gov.nist.secauto.oscal.lib.model.AssessmentResults; @@ -38,7 +38,7 @@ import org.junit.jupiter.api.Test; import java.io.IOException; -import java.net.URISyntaxException; +import java.nio.file.Paths; public class NullYamlValuesTest { private static OscalBindingContext bindingContext; @@ -52,11 +52,11 @@ static void initialize() { @SuppressWarnings("null") @Test - void testLoadYamlNullVar1() throws IOException, URISyntaxException { + void testLoadYamlNullVar1() throws IOException { // the YAML catalog is currently malformed, this will create a proper one for this test AssessmentResults data = loader.load( - ObjectUtils.requireNonNull(NullYamlValuesTest.class.getResource("/yaml-null/example_ar_nullvar-1.yaml"))); + ObjectUtils.requireNonNull(Paths.get("src/test/resources/yaml-null/example_ar_nullvar-1.yaml"))); bindingContext.newSerializer(Format.XML, AssessmentResults.class).serialize(data, System.out); bindingContext.newSerializer(Format.JSON, AssessmentResults.class).serialize(data, System.out); @@ -67,11 +67,11 @@ void testLoadYamlNullVar1() throws IOException, URISyntaxException { @SuppressWarnings("null") @Test - void testLoadYamlNullVar2() throws IOException, URISyntaxException { + void testLoadYamlNullVar2() throws IOException { // the YAML catalog is currently malformed, this will create a proper one for this test AssessmentResults data = loader.load( - ObjectUtils.requireNonNull(NullYamlValuesTest.class.getResource("/yaml-null/example_ar_nullvar-2.yaml"))); + ObjectUtils.requireNonNull(Paths.get("src/test/resources/yaml-null/example_ar_nullvar-2.yaml"))); bindingContext.newSerializer(Format.XML, AssessmentResults.class).serialize(data, System.out); bindingContext.newSerializer(Format.JSON, AssessmentResults.class).serialize(data, System.out); @@ -82,11 +82,11 @@ void testLoadYamlNullVar2() throws IOException, URISyntaxException { @SuppressWarnings("null") @Test - void testLoadYamlNullVar3() throws IOException, URISyntaxException { + void testLoadYamlNullVar3() throws IOException { // the YAML catalog is currently malformed, this will create a proper one for this test AssessmentResults data = loader.load( - ObjectUtils.requireNonNull(NullYamlValuesTest.class.getResource("/yaml-null/example_ar_nullvar-3.yaml"))); + ObjectUtils.requireNonNull(Paths.get("src/test/resources/yaml-null/example_ar_nullvar-3.yaml"))); bindingContext.newSerializer(Format.XML, AssessmentResults.class).serialize(data, System.out); bindingContext.newSerializer(Format.JSON, AssessmentResults.class).serialize(data, System.out); From 0bb6b2b8b6b283b1b6e087ae980ae21295786c81 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 29 Aug 2023 00:47:19 -0400 Subject: [PATCH 02/14] Adjusted schema names to use generated OSCAL schemas bundled with liboscal-java. --- .../commands/profile/ValidateSubcommand.java | 16 ++-------------- 1 file changed, 2 insertions(+), 14 deletions(-) diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ValidateSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ValidateSubcommand.java index a215c16..9a3be48 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ValidateSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ValidateSubcommand.java @@ -53,28 +53,16 @@ public String getDescription() { protected List getOscalXmlSchemas() throws IOException { List retval = new LinkedList<>(); retval.add( -<<<<<<< HEAD - ObjectUtils.requireNonNull( - XmlUtil.getStreamSource(OscalBindingContext.class.getResource("/schema/xml/oscal-profile_schema.xsd")))); -======= XmlUtil.getStreamSource(ObjectUtils.requireNonNull( - OscalBindingContext.class.getResource("/schema/xml/oscal_profile_schema.xsd")))); ->>>>>>> d612448 (Integrated changes based on metaschema-java 1.0.0 refactoring.) + OscalBindingContext.class.getResource("/schema/xml/oscal-profile_schema.xsd")))); return CollectionUtil.unmodifiableList(retval); } @Override -<<<<<<< HEAD - protected JSONObject getOscalJsonSchema() { - return JsonSchemaContentValidator.toJsonObject( - ObjectUtils.requireNonNull( - OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-profile_schema.json"))); -======= protected JSONObject getOscalJsonSchema() throws IOException { try (InputStream is = ObjectUtils.requireNonNull( - OscalBindingContext.class.getResourceAsStream("/schema/json/oscal_profile_schema.json"))) { + OscalBindingContext.class.getResourceAsStream("/schema/json/oscal-profile_schema.json"))) { return JsonUtil.toJsonObject(is); } ->>>>>>> d612448 (Integrated changes based on metaschema-java 1.0.0 refactoring.) } } From 614dc3496b9e61aef2da31d5ef2aa15b325a1878 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Tue, 29 Aug 2023 16:55:41 -0400 Subject: [PATCH 03/14] Reduced unneeded dependencies. --- pom.xml | 24 +++++++++---------- src/main/assembly/bin.xml | 3 +++ .../tools/cli/core/NullYamlValuesTest.java | 9 ++++--- .../core/commands/Issue96ClassLoaderTest.java | 4 ++-- 4 files changed, 23 insertions(+), 17 deletions(-) diff --git a/pom.xml b/pom.xml index 686d6ed..c0bdbb2 100644 --- a/pom.xml +++ b/pom.xml @@ -113,6 +113,7 @@ 2.15.1 1.14.4 3.21.0 + 20230618 2.20.0 4.7.3 12.4 @@ -220,6 +221,12 @@ everit-json-schema ${dependency.everit-json.version} + + + org.json + json + ${dependency.json.version} + com.github.spotbugs spotbugs-annotations @@ -317,8 +324,7 @@ true custom - - ${artifact.groupId}.${artifact.artifactId}-$${artifact.version}.${artifact.extension} + ${artifact.groupId}.${artifact.artifactId}-$${artifact.version}.${artifact.extension} @@ -337,10 +343,8 @@ false flat lib - - @{groupId}@.@{artifactId}@-@{version}@.@{extension}@ - -Dsun.stdout.encoding=UTF-8 - -Dsun.stderr.encoding=UTF-8 + @{groupId}@.@{artifactId}@-@{version}@.@{extension}@ + -Dsun.stdout.encoding=UTF-8 -Dsun.stderr.encoding=UTF-8 true false @@ -418,14 +422,10 @@ add-third-party - - ${project.build.directory}/generated-distro + ${project.build.directory}/generated-distro LICENSE-THIRD-PARTY.txt - The Apache Software License, - Version 2.0|Apache - License, Version 2.0|Apache Public License - 2.0 + The Apache Software License, Version 2.0|Apache License, Version 2.0|Apache Public License 2.0 diff --git a/src/main/assembly/bin.xml b/src/main/assembly/bin.xml index 4e60d18..e4cbca6 100644 --- a/src/main/assembly/bin.xml +++ b/src/main/assembly/bin.xml @@ -14,6 +14,9 @@ /lib ${artifact.groupId}.${artifact.artifactId}-${artifact.version}.${artifact.extension} true + + org.jetbrains:annotations + diff --git a/src/test/java/gov/nist/secauto/oscal/tools/cli/core/NullYamlValuesTest.java b/src/test/java/gov/nist/secauto/oscal/tools/cli/core/NullYamlValuesTest.java index 5df4ae3..ab99c34 100644 --- a/src/test/java/gov/nist/secauto/oscal/tools/cli/core/NullYamlValuesTest.java +++ b/src/test/java/gov/nist/secauto/oscal/tools/cli/core/NullYamlValuesTest.java @@ -53,7 +53,8 @@ static void initialize() { @SuppressWarnings("null") @Test void testLoadYamlNullVar1() throws IOException { - // the YAML catalog is currently malformed, this will create a proper one for this test + // the YAML catalog is currently malformed, this will create a proper one for + // this test AssessmentResults data = loader.load( ObjectUtils.requireNonNull(Paths.get("src/test/resources/yaml-null/example_ar_nullvar-1.yaml"))); @@ -68,7 +69,8 @@ void testLoadYamlNullVar1() throws IOException { @SuppressWarnings("null") @Test void testLoadYamlNullVar2() throws IOException { - // the YAML catalog is currently malformed, this will create a proper one for this test + // the YAML catalog is currently malformed, this will create a proper one for + // this test AssessmentResults data = loader.load( ObjectUtils.requireNonNull(Paths.get("src/test/resources/yaml-null/example_ar_nullvar-2.yaml"))); @@ -83,7 +85,8 @@ void testLoadYamlNullVar2() throws IOException { @SuppressWarnings("null") @Test void testLoadYamlNullVar3() throws IOException { - // the YAML catalog is currently malformed, this will create a proper one for this test + // the YAML catalog is currently malformed, this will create a proper one for + // this test AssessmentResults data = loader.load( ObjectUtils.requireNonNull(Paths.get("src/test/resources/yaml-null/example_ar_nullvar-3.yaml"))); diff --git a/src/test/java/gov/nist/secauto/oscal/tools/cli/core/commands/Issue96ClassLoaderTest.java b/src/test/java/gov/nist/secauto/oscal/tools/cli/core/commands/Issue96ClassLoaderTest.java index f95e1b4..20eb205 100644 --- a/src/test/java/gov/nist/secauto/oscal/tools/cli/core/commands/Issue96ClassLoaderTest.java +++ b/src/test/java/gov/nist/secauto/oscal/tools/cli/core/commands/Issue96ClassLoaderTest.java @@ -34,8 +34,8 @@ class Issue96ClassLoaderTest { /** - * Regression tests for usnistgov/oscal-cli#96. See information at this URL for more details. - * https://github.com/usnistgov/oscal-cli/issues/96 + * Regression tests for usnistgov/oscal-cli#96. See information at this URL for + * more details. https://github.com/usnistgov/oscal-cli/issues/96 */ @Test void testAssessmentPlanClassLoader() { From 46c4db2ff1be5200c05b3eb47340b842887c6d3b Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Thu, 19 Oct 2023 09:22:16 -0400 Subject: [PATCH 04/14] Updated to metaschema-java:1.0.0-M2-SNAPSHOT. --- pom.xml | 2 +- .../tools/cli/core/commands/profile/ResolveSubcommand.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index c0bdbb2..a1c28fa 100644 --- a/pom.xml +++ b/pom.xml @@ -78,7 +78,7 @@ - 1.0.0-SNAPSHOT + 1.0.0-M2-SNAPSHOT 3.0.3-SNAPSHOT diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java index 663f0a1..d3e9488 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java @@ -284,7 +284,7 @@ protected ExitStatus executeCommand( DynamicContext dynamicContext = StaticContext.builder() .baseUri(sourceUri) .build() - .newDynamicContext(); + .dynamicContext(); dynamicContext.setDocumentLoader(loader); ProfileResolver resolver = new ProfileResolver(); resolver.setDynamicContext(dynamicContext); From 8cf9a09c0871e63bdc12c2478902fa4c947989ca Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Fri, 20 Oct 2023 16:06:58 -0400 Subject: [PATCH 05/14] Advanced log4j and json dependency versions. --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index a1c28fa..387c96b 100644 --- a/pom.xml +++ b/pom.xml @@ -113,8 +113,8 @@ 2.15.1 1.14.4 3.21.0 - 20230618 - 2.20.0 + 20231013 + 2.21.0 4.7.3 12.4 6.0.2 From 519a61ed9f19969bb2d550f3b2dabb9c3a5e7cb8 Mon Sep 17 00:00:00 2001 From: David Waltermire Date: Wed, 1 Nov 2023 23:25:49 -0400 Subject: [PATCH 06/14] More metaschema-java refactoring updates. --- .../oscal/AbstractOscalValidationSubcommand.java | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java index 01f45b3..0db1fa6 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java @@ -30,6 +30,8 @@ import gov.nist.secauto.metaschema.cli.processor.CLIProcessor.CallingContext; import gov.nist.secauto.metaschema.cli.processor.command.ICommandExecutor; import gov.nist.secauto.metaschema.core.model.constraint.IConstraintSet; +import gov.nist.secauto.metaschema.core.model.xml.ExternalConstraintsModulePostProcessor; +import gov.nist.secauto.metaschema.core.util.CollectionUtil; import gov.nist.secauto.metaschema.databind.IBindingContext; import gov.nist.secauto.oscal.lib.OscalBindingContext; @@ -69,7 +71,16 @@ private OscalCommandExecutor( @Override protected IBindingContext getBindingContext(@NonNull Set constraintSets) { - return constraintSets.isEmpty() ? OscalBindingContext.instance() : new OscalBindingContext(constraintSets); + IBindingContext retval; + if (constraintSets.isEmpty()) { + retval = OscalBindingContext.instance(); + } else { + ExternalConstraintsModulePostProcessor postProcessor + = new ExternalConstraintsModulePostProcessor(constraintSets); + + retval = new OscalBindingContext(CollectionUtil.singletonList(postProcessor)); + } + return retval; } @Override From 7af201747739ad27fdb94c923920acb695c85b36 Mon Sep 17 00:00:00 2001 From: Dave Waltermire Date: Sun, 26 May 2024 17:32:29 -0400 Subject: [PATCH 07/14] Fixed PMD errors --- pom.xml | 105 ++++++++++++++++-- .../oscal/AbstractOscalConvertSubcommand.java | 2 +- .../AbstractOscalValidationSubcommand.java | 2 +- .../commands/profile/ResolveSubcommand.java | 11 +- 4 files changed, 101 insertions(+), 19 deletions(-) diff --git a/pom.xml b/pom.xml index 387c96b..d9788ac 100644 --- a/pom.xml +++ b/pom.xml @@ -1,5 +1,7 @@ - + 4.0.0 gov.nist.secauto @@ -109,17 +111,23 @@ 1.1.1 - 1.5.0 - 2.15.1 + 1.7.0 + 2.16.1 1.14.4 + 2.4.1 3.21.0 - 20231013 - 2.21.0 - 4.7.3 + 20240303 + 2.23.1 + 7.1.0 + 4.8.3 12.4 - 6.0.2 + 5.2.0 + 5.2.2 4.2 + 3.1.0 + 3.22.0 + 4.8.4.0 @@ -193,7 +201,11 @@ org.fusesource.jansi jansi +<<<<<<< HEAD 2.4.1 +======= + ${dependency.jansi.version} +>>>>>>> 549a44e (Fixed PMD errors) commons-io @@ -216,6 +228,11 @@ data ${dependency.xmlresolver.version} + + org.apache.xmlbeans + xmlbeans + ${dependency.xmlbeans.version} + com.github.erosb everit-json-schema @@ -262,6 +279,27 @@ + + org.apache.maven.plugins + maven-toolchains-plugin + ${plugin.maven-toolchains.version} + + + + toolchain + + + + + + + 11 + temurin + + + + + org.apache.maven.plugins maven-site-plugin @@ -284,13 +322,50 @@ com.github.spotbugs spotbugs-maven-plugin + ${plugin.spotbugs.version} spotbugs-exclude.xml + + org.apache.maven.plugins + maven-pmd-plugin + ${plugin.pmd.version} + + + net.sourceforge.pmd + pmd-core + ${dependency.pmd.version} + + + net.sourceforge.pmd + pmd-java + ${dependency.pmd.version} + + + + + pmd-verify + + check + + + 2 + + true + true + sarif + + + + + + org.apache.maven.plugins + maven-toolchains-plugin + io.github.git-commit-id git-commit-id-maven-plugin @@ -324,7 +399,8 @@ true custom - ${artifact.groupId}.${artifact.artifactId}-$${artifact.version}.${artifact.extension} + + ${artifact.groupId}.${artifact.artifactId}-$${artifact.version}.${artifact.extension} @@ -343,8 +419,10 @@ false flat lib - @{groupId}@.@{artifactId}@-@{version}@.@{extension}@ - -Dsun.stdout.encoding=UTF-8 -Dsun.stderr.encoding=UTF-8 + + @{groupId}@.@{artifactId}@-@{version}@.@{extension}@ + -Dsun.stdout.encoding=UTF-8 + -Dsun.stderr.encoding=UTF-8 true false @@ -422,10 +500,13 @@ add-third-party - ${project.build.directory}/generated-distro + + ${project.build.directory}/generated-distro LICENSE-THIRD-PARTY.txt - The Apache Software License, Version 2.0|Apache License, Version 2.0|Apache Public License 2.0 + The Apache Software License, + Version 2.0|Apache License, Version + 2.0|Apache Public License 2.0 diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalConvertSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalConvertSubcommand.java index 78f6876..43b9f38 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalConvertSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalConvertSubcommand.java @@ -47,7 +47,7 @@ public ICommandExecutor newExecutor(CallingContext callingContext, CommandLine c return new OscalCommandExecutor(callingContext, commandLine); } - private class OscalCommandExecutor + private final class OscalCommandExecutor extends AbstractConversionCommandExecutor { private OscalCommandExecutor( diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java index 0db1fa6..ebc5c21 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java @@ -60,7 +60,7 @@ public ICommandExecutor newExecutor(CallingContext callingContext, CommandLine c return new OscalCommandExecutor(callingContext, commandLine); } - private class OscalCommandExecutor + private final class OscalCommandExecutor extends AbstractValidationCommandExecutor { private OscalCommandExecutor( diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java index d3e9488..3c682b6 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java @@ -281,10 +281,11 @@ protected ExitStatus executeCommand( // this is a profile URI sourceUri = ObjectUtils.notNull(source.toUri()); - DynamicContext dynamicContext = StaticContext.builder() - .baseUri(sourceUri) - .build() - .dynamicContext(); + DynamicContext dynamicContext = new DynamicContext( + StaticContext.builder() + .baseUri(sourceUri) + .defaultModelNamespace(document.getNamespace()) + .build()); dynamicContext.setDocumentLoader(loader); ProfileResolver resolver = new ProfileResolver(); resolver.setDynamicContext(dynamicContext); @@ -308,7 +309,7 @@ protected ExitStatus executeCommand( = OscalBindingContext.instance().newSerializer(toFormat, Catalog.class); try { if (destination == null) { - @SuppressWarnings("resource") PrintStream stdOut = ObjectUtils.notNull(System.out); + @SuppressWarnings({ "resource", "PMD.CloseResource" }) PrintStream stdOut = ObjectUtils.notNull(System.out); serializer.serialize((Catalog) INodeItem.toValue(resolvedProfile), stdOut); } else { serializer.serialize((Catalog) INodeItem.toValue(resolvedProfile), destination); From 92bb9bc69aa29b284654f9d2b05107889ecd8d5d Mon Sep 17 00:00:00 2001 From: Dave Waltermire Date: Sun, 26 May 2024 18:41:04 -0400 Subject: [PATCH 08/14] normalized line endings --- .gitattributes | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .gitattributes diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..400c729 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,5 @@ +# To list all file extensions: +# git ls-files | awk -F . {'print $NF'}|sort -u +# +# Set the default behavior, in case people don't have core.autocrlf set. +* text=auto From 6a50838e1a55c573847bc42d0bb471237a2773a5 Mon Sep 17 00:00:00 2001 From: Dave Waltermire Date: Tue, 28 May 2024 10:58:20 -0400 Subject: [PATCH 09/14] Improved the CLI tests. Moved generated content to a folder in target. --- pom.xml | 4 - .../metaschema/MetaschemaCommand.java | 8 +- .../commands/profile/ResolveSubcommand.java | 81 +++++++----- .../secauto/oscal/tools/cli/core/CLITest.java | 123 +++++++++++++----- ...ap_invalid.yml => example_ap_invalid.yaml} | 0 ...ple_ap_valid.yml => example_ap_valid.yaml} | 0 ...ar_invalid.yml => example_ar_invalid.yaml} | 0 ...ple_ar_valid.yml => example_ar_valid.yaml} | 0 ...valid.yml => example_catalog_invalid.yaml} | 0 ...g_valid.yml => example_catalog_valid.yaml} | 0 ...example_component-definition_invalid.yaml} | 0 ...> example_component-definition_valid.yaml} | 0 ..._invalid.yml => example_poam_invalid.yaml} | 0 ...poam_valid.yml => example_poam_valid.yaml} | 0 ...valid.yml => example_profile_invalid.yaml} | 0 ...e_valid.yml => example_profile_valid.yaml} | 0 ...p_invalid.yml => example_ssp_invalid.yaml} | 0 ...e_ssp_valid.yml => example_ssp_valid.yaml} | 0 18 files changed, 137 insertions(+), 79 deletions(-) rename src/test/resources/cli/{example_ap_invalid.yml => example_ap_invalid.yaml} (100%) rename src/test/resources/cli/{example_ap_valid.yml => example_ap_valid.yaml} (100%) rename src/test/resources/cli/{example_ar_invalid.yml => example_ar_invalid.yaml} (100%) rename src/test/resources/cli/{example_ar_valid.yml => example_ar_valid.yaml} (100%) rename src/test/resources/cli/{example_catalog_invalid.yml => example_catalog_invalid.yaml} (100%) rename src/test/resources/cli/{example_catalog_valid.yml => example_catalog_valid.yaml} (100%) rename src/test/resources/cli/{example_component-definition_invalid.yml => example_component-definition_invalid.yaml} (100%) rename src/test/resources/cli/{example_component-definition_valid.yml => example_component-definition_valid.yaml} (100%) rename src/test/resources/cli/{example_poam_invalid.yml => example_poam_invalid.yaml} (100%) rename src/test/resources/cli/{example_poam_valid.yml => example_poam_valid.yaml} (100%) rename src/test/resources/cli/{example_profile_invalid.yml => example_profile_invalid.yaml} (100%) rename src/test/resources/cli/{example_profile_valid.yml => example_profile_valid.yaml} (100%) rename src/test/resources/cli/{example_ssp_invalid.yml => example_ssp_invalid.yaml} (100%) rename src/test/resources/cli/{example_ssp_valid.yml => example_ssp_valid.yaml} (100%) diff --git a/pom.xml b/pom.xml index d9788ac..9b72734 100644 --- a/pom.xml +++ b/pom.xml @@ -201,11 +201,7 @@ org.fusesource.jansi jansi -<<<<<<< HEAD 2.4.1 -======= - ${dependency.jansi.version} ->>>>>>> 549a44e (Fixed PMD errors) commons-io diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/metaschema/MetaschemaCommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/metaschema/MetaschemaCommand.java index f7165e0..9c1f0a3 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/metaschema/MetaschemaCommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/metaschema/MetaschemaCommand.java @@ -28,9 +28,7 @@ import com.google.auto.service.AutoService; -import gov.nist.secauto.metaschema.cli.commands.GenerateSchemaCommand; -import gov.nist.secauto.metaschema.cli.commands.ValidateContentUsingModuleCommand; -import gov.nist.secauto.metaschema.cli.commands.ValidateModuleCommand; +import gov.nist.secauto.metaschema.cli.commands.MetaschemaCommands; import gov.nist.secauto.metaschema.cli.processor.command.AbstractParentCommand; import gov.nist.secauto.metaschema.cli.processor.command.ICommand; @@ -41,9 +39,7 @@ public class MetaschemaCommand public MetaschemaCommand() { super(true); - addCommandHandler(new GenerateSchemaCommand()); - addCommandHandler(new ValidateModuleCommand()); - addCommandHandler(new ValidateContentUsingModuleCommand()); + MetaschemaCommands.COMMANDS.forEach(this::addCommandHandler); } @Override diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java index 3c682b6..0491681 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/profile/ResolveSubcommand.java @@ -274,49 +274,58 @@ protected ExitStatus executeCommand( return ExitCode.IO_ERROR.exit().withThrowable(ex); } Object object = document.getValue(); + if (object == null) { + return ExitCode.INVALID_ARGUMENTS.exitMessage("The target profile contained no data"); + } + if (object instanceof Catalog) { // this is a catalog - return ExitCode.INVALID_ARGUMENTS.exitMessage("The target file is already a catalog"); - } else if (object instanceof Profile) { - // this is a profile - URI sourceUri = ObjectUtils.notNull(source.toUri()); + return ExitCode.INVALID_ARGUMENTS.exitMessage("The target is already a catalog"); + } - DynamicContext dynamicContext = new DynamicContext( - StaticContext.builder() - .baseUri(sourceUri) - .defaultModelNamespace(document.getNamespace()) - .build()); - dynamicContext.setDocumentLoader(loader); - ProfileResolver resolver = new ProfileResolver(); - resolver.setDynamicContext(dynamicContext); + if (!(object instanceof Profile)) { + // this is something else + return ExitCode.INVALID_ARGUMENTS.exitMessage("The target is not a profile"); + } - IDocumentNodeItem resolvedProfile; - try { - resolvedProfile = resolver.resolve(document); - } catch (IOException | ProfileResolutionException ex) { - return ExitCode.PROCESSING_ERROR - .exitMessage( - String.format("Unable to resolve profile '%s'. %s", document.getDocumentUri(), ex.getMessage())) - .withThrowable(ex); - } + // this is a profile + URI sourceUri = ObjectUtils.notNull(source.toUri()); - // DefaultConstraintValidator validator = new - // DefaultConstraintValidator(dynamicContext); - // ((IBoundXdmNodeItem)resolvedProfile).validate(validator); - // validator.finalizeValidation(); + DynamicContext dynamicContext = new DynamicContext( + StaticContext.builder() + .baseUri(sourceUri) + .defaultModelNamespace(document.getNamespace()) + .build()); + dynamicContext.setDocumentLoader(loader); + ProfileResolver resolver = new ProfileResolver(); + resolver.setDynamicContext(dynamicContext); - ISerializer serializer - = OscalBindingContext.instance().newSerializer(toFormat, Catalog.class); - try { - if (destination == null) { - @SuppressWarnings({ "resource", "PMD.CloseResource" }) PrintStream stdOut = ObjectUtils.notNull(System.out); - serializer.serialize((Catalog) INodeItem.toValue(resolvedProfile), stdOut); - } else { - serializer.serialize((Catalog) INodeItem.toValue(resolvedProfile), destination); - } - } catch (IOException ex) { - return ExitCode.PROCESSING_ERROR.exit().withThrowable(ex); + IDocumentNodeItem resolvedProfile; + try { + resolvedProfile = resolver.resolve(document); + } catch (IOException | ProfileResolutionException ex) { + return ExitCode.PROCESSING_ERROR + .exitMessage( + String.format("Unable to resolve profile '%s'. %s", document.getDocumentUri(), ex.getMessage())) + .withThrowable(ex); + } + + // DefaultConstraintValidator validator = new + // DefaultConstraintValidator(dynamicContext); + // ((IBoundXdmNodeItem)resolvedProfile).validate(validator); + // validator.finalizeValidation(); + + ISerializer serializer + = OscalBindingContext.instance().newSerializer(toFormat, Catalog.class); + try { + if (destination == null) { + @SuppressWarnings({ "resource", "PMD.CloseResource" }) PrintStream stdOut = ObjectUtils.notNull(System.out); + serializer.serialize((Catalog) INodeItem.toValue(resolvedProfile), stdOut); + } else { + serializer.serialize((Catalog) INodeItem.toValue(resolvedProfile), destination); } + } catch (IOException ex) { + return ExitCode.PROCESSING_ERROR.exit().withThrowable(ex); } return ExitCode.OK.exit(); } diff --git a/src/test/java/gov/nist/secauto/oscal/tools/cli/core/CLITest.java b/src/test/java/gov/nist/secauto/oscal/tools/cli/core/CLITest.java index 80351e4..d2fa91b 100644 --- a/src/test/java/gov/nist/secauto/oscal/tools/cli/core/CLITest.java +++ b/src/test/java/gov/nist/secauto/oscal/tools/cli/core/CLITest.java @@ -30,15 +30,18 @@ import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNull; -import gov.nist.secauto.metaschema.binding.io.Format; import gov.nist.secauto.metaschema.cli.processor.ExitCode; import gov.nist.secauto.metaschema.cli.processor.ExitStatus; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; +import gov.nist.secauto.metaschema.databind.io.Format; import gov.nist.secauto.oscal.lib.profile.resolver.ProfileResolutionException; import org.junit.jupiter.params.ParameterizedTest; import org.junit.jupiter.params.provider.Arguments; import org.junit.jupiter.params.provider.MethodSource; +import java.io.IOException; +import java.nio.file.Files; import java.nio.file.Path; import java.nio.file.Paths; import java.util.ArrayList; @@ -61,13 +64,26 @@ void evaluateResult(@NonNull ExitStatus status, @NonNull ExitCode expectedCode, @NonNull Class thrownClass) { status.generateMessage(true); Throwable thrown = status.getThrowable(); - assert thrown != null; assertAll( () -> assertEquals(expectedCode, status.getExitCode(), "exit code mismatch"), - () -> assertEquals(thrownClass, thrown.getClass(), "expected Throwable mismatch")); + () -> assertEquals( + thrownClass, + thrown == null ? null : thrown.getClass(), + "Throwable mismatch")); } - private static Stream providesValues() { + private static String generateOutputPath(@NonNull Path source, @NonNull Format targetFormat) throws IOException { + String filename = ObjectUtils.notNull(source.getFileName()).toString(); + + int pos = filename.lastIndexOf('.'); + filename = filename.substring(0, pos) + "_converted" + targetFormat.getDefaultExtension(); + + Path dir = Files.createDirectories(Path.of("target/oscal-cli-convert")); + + return dir.resolve(filename).toString(); + } + + private static Stream providesValues() throws IOException { final String[] commands = { "ap", "ar", "catalog", "component-definition", "profile", "poam", "ssp" }; final Map> formatEntries = Map.of( Format.XML, Arrays.asList(Format.JSON, Format.YAML), @@ -76,42 +92,83 @@ private static Stream providesValues() { List values = new ArrayList<>(); values.add(Arguments.of(new String[] { "--version" }, ExitCode.OK, null)); - // TODO: Test all data formats once usnistgov/oscal-cli#216 fix merged. - Path path = Paths.get("src/test/resources/cli/example_profile_invalid" + Format.XML.getDefaultExtension()); - values.add( - Arguments.of(new String[] { "profile", "resolve", "--to=" + Format.XML.name().toLowerCase(), path.toString() }, - ExitCode.PROCESSING_ERROR, ProfileResolutionException.class)); - for (String cmd : commands) { + // test helps values.add(Arguments.of(new String[] { cmd, "validate", "-h" }, ExitCode.OK, null)); - // TODO: Update when usnistgov/oscal-cli#210 fix merged. - values.add(Arguments.of(new String[] { cmd, "convert", "-h" }, ExitCode.INVALID_COMMAND, null)); + values.add(Arguments.of(new String[] { cmd, "convert", "-h" }, ExitCode.OK, null)); for (Format format : Format.values()) { - path = Paths.get("src/test/resources/cli/example_" + cmd + "_invalid" + format.getDefaultExtension()); - values.add(Arguments.of(new String[] { cmd, "validate", path.toString() }, ExitCode.FAIL, null)); - path = Paths.get("src/test/resources/cli/example_" + cmd + "_valid" + format.getDefaultExtension()); - values.add(Arguments.of(new String[] { cmd, "validate", path.toString() }, ExitCode.OK, null)); - path = Paths.get("src/test/resources/cli/example_profile_valid" + format.getDefaultExtension()); - List targetFormats = formatEntries.get(format); - for (Format targetFormat : targetFormats) { - path = Paths.get("src/test/resources/cli/example_" + cmd + "_valid" + format.getDefaultExtension()); - String outputPath = path.toString().replace(format.getDefaultExtension(), - "_converted" + targetFormat.getDefaultExtension()); - values.add(Arguments.of(new String[] { cmd, "convert", "--to=" + targetFormat.name().toLowerCase(), - path.toString(), outputPath, "--overwrite" }, ExitCode.OK, null)); + String sourceExtension = format.getDefaultExtension(); + values.add( + Arguments.of( + new String[] { + cmd, + "validate", + Paths.get("src/test/resources/cli/example_" + cmd + "_invalid" + sourceExtension).toString() + }, + ExitCode.FAIL, + null)); + values.add( + Arguments.of( + new String[] { + cmd, + "validate", + Paths.get("src/test/resources/cli/example_" + cmd + "_valid" + sourceExtension).toString() + }, + ExitCode.OK, + null)); + + for (Format targetFormat : formatEntries.get(format)) { + Path path = Paths.get("src/test/resources/cli/example_" + cmd + "_valid" + sourceExtension); + values.add( + Arguments.of( + new String[] { + cmd, + "convert", + "--to=" + targetFormat.name().toLowerCase(), + path.toString(), + generateOutputPath(path, targetFormat), + "--overwrite" + }, + ExitCode.OK, + null)); + // TODO: Update when usnistgov/oscal#217 fix merged. - path = Paths.get("src/test/resources/cli/example_" + cmd + "_invalid" + format.getDefaultExtension()); - outputPath = path.toString().replace(format.getDefaultExtension(), - "_converted" + targetFormat.getDefaultExtension()); - values.add(Arguments.of(new String[] { cmd, "convert", "--to=" + targetFormat.name().toLowerCase(), - path.toString(), outputPath, "--overwrite" }, ExitCode.OK, null)); + path = Paths.get("src/test/resources/cli/example_" + cmd + "_invalid" + sourceExtension); + values.add( + Arguments.of( + new String[] { + cmd, + "convert", + "--to=" + targetFormat.name().toLowerCase(), + path.toString(), + generateOutputPath(path, targetFormat), + "--overwrite" + }, + ExitCode.OK, + null)); } if (cmd == "profile") { - path = Paths.get("src/test/resources/cli/example_profile_valid" + format.getDefaultExtension()); - values - .add(Arguments.of(new String[] { cmd, "resolve", "--to=" + format.name().toLowerCase(), path.toString() }, - ExitCode.OK, null)); + values.add( + Arguments.of( + new String[] { + cmd, + "resolve", + "--to=" + format.name().toLowerCase(), + Paths.get("src/test/resources/cli/example_profile_valid" + sourceExtension).toString() + }, + ExitCode.OK, + null)); + values.add( + Arguments.of( + new String[] { + "profile", + "resolve", + "--to=" + format.name().toLowerCase(), + Paths.get("src/test/resources/cli/example_profile_invalid" + sourceExtension).toString() + }, + ExitCode.PROCESSING_ERROR, + ProfileResolutionException.class)); } } } diff --git a/src/test/resources/cli/example_ap_invalid.yml b/src/test/resources/cli/example_ap_invalid.yaml similarity index 100% rename from src/test/resources/cli/example_ap_invalid.yml rename to src/test/resources/cli/example_ap_invalid.yaml diff --git a/src/test/resources/cli/example_ap_valid.yml b/src/test/resources/cli/example_ap_valid.yaml similarity index 100% rename from src/test/resources/cli/example_ap_valid.yml rename to src/test/resources/cli/example_ap_valid.yaml diff --git a/src/test/resources/cli/example_ar_invalid.yml b/src/test/resources/cli/example_ar_invalid.yaml similarity index 100% rename from src/test/resources/cli/example_ar_invalid.yml rename to src/test/resources/cli/example_ar_invalid.yaml diff --git a/src/test/resources/cli/example_ar_valid.yml b/src/test/resources/cli/example_ar_valid.yaml similarity index 100% rename from src/test/resources/cli/example_ar_valid.yml rename to src/test/resources/cli/example_ar_valid.yaml diff --git a/src/test/resources/cli/example_catalog_invalid.yml b/src/test/resources/cli/example_catalog_invalid.yaml similarity index 100% rename from src/test/resources/cli/example_catalog_invalid.yml rename to src/test/resources/cli/example_catalog_invalid.yaml diff --git a/src/test/resources/cli/example_catalog_valid.yml b/src/test/resources/cli/example_catalog_valid.yaml similarity index 100% rename from src/test/resources/cli/example_catalog_valid.yml rename to src/test/resources/cli/example_catalog_valid.yaml diff --git a/src/test/resources/cli/example_component-definition_invalid.yml b/src/test/resources/cli/example_component-definition_invalid.yaml similarity index 100% rename from src/test/resources/cli/example_component-definition_invalid.yml rename to src/test/resources/cli/example_component-definition_invalid.yaml diff --git a/src/test/resources/cli/example_component-definition_valid.yml b/src/test/resources/cli/example_component-definition_valid.yaml similarity index 100% rename from src/test/resources/cli/example_component-definition_valid.yml rename to src/test/resources/cli/example_component-definition_valid.yaml diff --git a/src/test/resources/cli/example_poam_invalid.yml b/src/test/resources/cli/example_poam_invalid.yaml similarity index 100% rename from src/test/resources/cli/example_poam_invalid.yml rename to src/test/resources/cli/example_poam_invalid.yaml diff --git a/src/test/resources/cli/example_poam_valid.yml b/src/test/resources/cli/example_poam_valid.yaml similarity index 100% rename from src/test/resources/cli/example_poam_valid.yml rename to src/test/resources/cli/example_poam_valid.yaml diff --git a/src/test/resources/cli/example_profile_invalid.yml b/src/test/resources/cli/example_profile_invalid.yaml similarity index 100% rename from src/test/resources/cli/example_profile_invalid.yml rename to src/test/resources/cli/example_profile_invalid.yaml diff --git a/src/test/resources/cli/example_profile_valid.yml b/src/test/resources/cli/example_profile_valid.yaml similarity index 100% rename from src/test/resources/cli/example_profile_valid.yml rename to src/test/resources/cli/example_profile_valid.yaml diff --git a/src/test/resources/cli/example_ssp_invalid.yml b/src/test/resources/cli/example_ssp_invalid.yaml similarity index 100% rename from src/test/resources/cli/example_ssp_invalid.yml rename to src/test/resources/cli/example_ssp_invalid.yaml diff --git a/src/test/resources/cli/example_ssp_valid.yml b/src/test/resources/cli/example_ssp_valid.yaml similarity index 100% rename from src/test/resources/cli/example_ssp_valid.yml rename to src/test/resources/cli/example_ssp_valid.yaml From 0a6d5bff1efcc7604ba3e0561a9be7c28eafa897 Mon Sep 17 00:00:00 2001 From: Dave Waltermire Date: Mon, 3 Jun 2024 16:25:30 -0400 Subject: [PATCH 10/14] Advanced liboscal-java to the 3.0.4-SNAPSHOT version --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 9b72734..caf038c 100644 --- a/pom.xml +++ b/pom.xml @@ -81,7 +81,7 @@ 1.0.0-M2-SNAPSHOT - 3.0.3-SNAPSHOT + 3.0.4-SNAPSHOT https://pages.nist.gov/metaschema-java/ From 8b2e47ecf6f6465d7ea73b4cdd25fa0b420ae2f7 Mon Sep 17 00:00:00 2001 From: Dave Waltermire Date: Sun, 9 Jun 2024 11:41:58 -0400 Subject: [PATCH 11/14] Refactored CLI commands to simplify the command pathways for conversion, profile resolution, and validations to make these commands more CI/CD friendly. --- .../secauto/oscal/tools/cli/core/CLI.java | 6 + .../AbstractOscalConvertSubcommand.java | 26 +- .../AbstractOscalValidationSubcommand.java | 11 +- .../core/commands/AbstractResolveCommand.java | 322 ++++++++++++++++++ .../cli/core/commands/ConvertCommand.java | 98 ++++++ .../cli/core/commands/ResolveCommand.java | 41 +++ .../cli/core/commands/ValidateCommand.java | 71 ++++ .../assessmentplan/ConvertSubcommand.java | 2 +- .../assessmentplan/ValidateSubcommand.java | 4 +- .../assessmentresults/ConvertSubcommand.java | 2 +- .../assessmentresults/ValidateSubcommand.java | 4 +- .../commands/catalog/ConvertSubcommand.java | 2 +- .../commands/catalog/ValidateSubcommand.java | 4 +- .../ConvertSubcommand.java | 2 +- .../ValidateSubcommand.java | 4 +- ...ctDeprecatedOscalValidationSubcommand.java | 65 ++++ .../core/commands/poam/ConvertSubcommand.java | 2 +- .../commands/poam/ValidateSubcommand.java | 4 +- .../commands/profile/ConvertSubcommand.java | 2 +- .../commands/profile/ResolveSubcommand.java | 291 +--------------- .../commands/profile/ValidateSubcommand.java | 4 +- .../core/commands/ssp/ConvertSubcommand.java | 2 +- .../core/commands/ssp/ValidateSubcommand.java | 4 +- src/main/resources/log4j2.xml | 20 +- .../secauto/oscal/tools/cli/core/CLITest.java | 68 +++- .../core/commands/Issue96ClassLoaderTest.java | 2 - 26 files changed, 742 insertions(+), 321 deletions(-) rename src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/{oscal => }/AbstractOscalConvertSubcommand.java (75%) rename src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/{oscal => }/AbstractOscalValidationSubcommand.java (92%) create mode 100644 src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractResolveCommand.java create mode 100644 src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/ConvertCommand.java create mode 100644 src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/ResolveCommand.java create mode 100644 src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/ValidateCommand.java create mode 100644 src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractDeprecatedOscalValidationSubcommand.java diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/CLI.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/CLI.java index fecc835..31208f5 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/CLI.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/CLI.java @@ -34,6 +34,9 @@ import gov.nist.secauto.metaschema.core.util.ObjectUtils; import gov.nist.secauto.oscal.lib.LibOscalVersion; import gov.nist.secauto.oscal.lib.OscalVersion; +import gov.nist.secauto.oscal.tools.cli.core.commands.ConvertCommand; +import gov.nist.secauto.oscal.tools.cli.core.commands.ResolveCommand; +import gov.nist.secauto.oscal.tools.cli.core.commands.ValidateCommand; import gov.nist.secauto.oscal.tools.cli.core.commands.assessmentplan.AssessmentPlanCommand; import gov.nist.secauto.oscal.tools.cli.core.commands.assessmentresults.AssessmentResultsCommand; import gov.nist.secauto.oscal.tools.cli.core.commands.catalog.CatalogCommand; @@ -75,6 +78,9 @@ public static ExitStatus runCli(String... args) { processor.addCommandHandler(new AssessmentResultsCommand()); processor.addCommandHandler(new PlanOfActionsAndMilestonesCommand()); processor.addCommandHandler(new MetaschemaCommand()); + processor.addCommandHandler(new ValidateCommand()); + processor.addCommandHandler(new ConvertCommand()); + processor.addCommandHandler(new ResolveCommand()); return processor.process(args); } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalConvertSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractOscalConvertSubcommand.java similarity index 75% rename from src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalConvertSubcommand.java rename to src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractOscalConvertSubcommand.java index 43b9f38..926fbe8 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalConvertSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractOscalConvertSubcommand.java @@ -24,20 +24,31 @@ * OF THE RESULTS OF, OR USE OF, THE SOFTWARE OR SERVICES PROVIDED HEREUNDER. */ -package gov.nist.secauto.oscal.tools.cli.core.commands.oscal; +package gov.nist.secauto.oscal.tools.cli.core.commands; import gov.nist.secauto.metaschema.cli.commands.AbstractConvertSubcommand; import gov.nist.secauto.metaschema.cli.processor.CLIProcessor.CallingContext; +import gov.nist.secauto.metaschema.cli.processor.ExitStatus; import gov.nist.secauto.metaschema.cli.processor.command.ICommandExecutor; import gov.nist.secauto.metaschema.databind.IBindingContext; +import gov.nist.secauto.metaschema.databind.io.Format; +import gov.nist.secauto.metaschema.databind.io.IBoundLoader; import gov.nist.secauto.oscal.lib.OscalBindingContext; import org.apache.commons.cli.CommandLine; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; + +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.Writer; +import java.net.URI; import edu.umd.cs.findbugs.annotations.NonNull; public abstract class AbstractOscalConvertSubcommand extends AbstractConvertSubcommand { + private static final Logger LOGGER = LogManager.getLogger(AbstractOscalConvertSubcommand.class); @NonNull public abstract Class getOscalClass(); @@ -62,8 +73,17 @@ protected IBindingContext getBindingContext() { } @Override - protected Class getLoadedClass() { - return getOscalClass(); + public ExitStatus execute() { + LOGGER.atWarn().log("This command path is deprecated. Please use 'convert'."); + + return super.execute(); + } + + @Override + protected void handleConversion(URI source, Format toFormat, Writer writer, IBoundLoader loader) + throws FileNotFoundException, IOException { + Class clazz = getOscalClass(); + loader.convert(source, writer, toFormat, clazz); } } } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractOscalValidationSubcommand.java similarity index 92% rename from src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java rename to src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractOscalValidationSubcommand.java index ebc5c21..8b0b6c6 100644 --- a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/oscal/AbstractOscalValidationSubcommand.java +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractOscalValidationSubcommand.java @@ -24,7 +24,7 @@ * OF THE RESULTS OF, OR USE OF, THE SOFTWARE OR SERVICES PROVIDED HEREUNDER. */ -package gov.nist.secauto.oscal.tools.cli.core.commands.oscal; +package gov.nist.secauto.oscal.tools.cli.core.commands; import gov.nist.secauto.metaschema.cli.commands.AbstractValidateContentCommand; import gov.nist.secauto.metaschema.cli.processor.CLIProcessor.CallingContext; @@ -39,6 +39,7 @@ import org.json.JSONObject; import java.io.IOException; +import java.net.URL; import java.util.List; import java.util.Set; @@ -60,10 +61,10 @@ public ICommandExecutor newExecutor(CallingContext callingContext, CommandLine c return new OscalCommandExecutor(callingContext, commandLine); } - private final class OscalCommandExecutor + protected class OscalCommandExecutor extends AbstractValidationCommandExecutor { - private OscalCommandExecutor( + protected OscalCommandExecutor( @NonNull CallingContext callingContext, @NonNull CommandLine commandLine) { super(callingContext, commandLine); @@ -85,13 +86,13 @@ protected IBindingContext getBindingContext(@NonNull Set constra @Override @NonNull - public List getXmlSchemas() throws IOException { + public List getXmlSchemas(URL targetResource) throws IOException { return getOscalXmlSchemas(); } @Override @NonNull - public JSONObject getJsonSchema() throws IOException { + public JSONObject getJsonSchema(JSONObject json) throws IOException { return getOscalJsonSchema(); } } diff --git a/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractResolveCommand.java b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractResolveCommand.java new file mode 100644 index 0000000..fdd8da0 --- /dev/null +++ b/src/main/java/gov/nist/secauto/oscal/tools/cli/core/commands/AbstractResolveCommand.java @@ -0,0 +1,322 @@ +/* + * Portions of this software was developed by employees of the National Institute + * of Standards and Technology (NIST), an agency of the Federal Government and is + * being made available as a public service. Pursuant to title 17 United States + * Code Section 105, works of NIST employees are not subject to copyright + * protection in the United States. This software may be subject to foreign + * copyright. Permission in the United States and in foreign countries, to the + * extent that NIST may hold copyright, to use, copy, modify, create derivative + * works, and distribute this software and its documentation without fee is hereby + * granted on a non-exclusive basis, provided that this notice and disclaimer + * of warranty appears in all copies. + * + * THE SOFTWARE IS PROVIDED 'AS IS' WITHOUT ANY WARRANTY OF ANY KIND, EITHER + * EXPRESSED, IMPLIED, OR STATUTORY, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTY + * THAT THE SOFTWARE WILL CONFORM TO SPECIFICATIONS, ANY IMPLIED WARRANTIES OF + * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND FREEDOM FROM + * INFRINGEMENT, AND ANY WARRANTY THAT THE DOCUMENTATION WILL CONFORM TO THE + * SOFTWARE, OR ANY WARRANTY THAT THE SOFTWARE WILL BE ERROR FREE. IN NO EVENT + * SHALL NIST BE LIABLE FOR ANY DAMAGES, INCLUDING, BUT NOT LIMITED TO, DIRECT, + * INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES, ARISING OUT OF, RESULTING FROM, + * OR IN ANY WAY CONNECTED WITH THIS SOFTWARE, WHETHER OR NOT BASED UPON WARRANTY, + * CONTRACT, TORT, OR OTHERWISE, WHETHER OR NOT INJURY WAS SUSTAINED BY PERSONS OR + * PROPERTY OR OTHERWISE, AND WHETHER OR NOT LOSS WAS SUSTAINED FROM, OR AROSE OUT + * OF THE RESULTS OF, OR USE OF, THE SOFTWARE OR SERVICES PROVIDED HEREUNDER. + */ + +package gov.nist.secauto.oscal.tools.cli.core.commands; + +import gov.nist.secauto.metaschema.cli.processor.CLIProcessor.CallingContext; +import gov.nist.secauto.metaschema.cli.processor.ExitCode; +import gov.nist.secauto.metaschema.cli.processor.ExitStatus; +import gov.nist.secauto.metaschema.cli.processor.InvalidArgumentException; +import gov.nist.secauto.metaschema.cli.processor.OptionUtils; +import gov.nist.secauto.metaschema.cli.processor.command.AbstractTerminalCommand; +import gov.nist.secauto.metaschema.cli.processor.command.DefaultExtraArgument; +import gov.nist.secauto.metaschema.cli.processor.command.ExtraArgument; +import gov.nist.secauto.metaschema.cli.processor.command.ICommandExecutor; +import gov.nist.secauto.metaschema.core.metapath.DynamicContext; +import gov.nist.secauto.metaschema.core.metapath.StaticContext; +import gov.nist.secauto.metaschema.core.metapath.item.node.IDocumentNodeItem; +import gov.nist.secauto.metaschema.core.metapath.item.node.INodeItem; +import gov.nist.secauto.metaschema.core.util.CustomCollectors; +import gov.nist.secauto.metaschema.core.util.ObjectUtils; +import gov.nist.secauto.metaschema.databind.io.DeserializationFeature; +import gov.nist.secauto.metaschema.databind.io.Format; +import gov.nist.secauto.metaschema.databind.io.IBoundLoader; +import gov.nist.secauto.metaschema.databind.io.ISerializer; +import gov.nist.secauto.oscal.lib.OscalBindingContext; +import gov.nist.secauto.oscal.lib.model.Catalog; +import gov.nist.secauto.oscal.lib.model.Profile; +import gov.nist.secauto.oscal.lib.profile.resolver.ProfileResolutionException; +import gov.nist.secauto.oscal.lib.profile.resolver.ProfileResolver; + +import org.apache.commons.cli.CommandLine; +import org.apache.commons.cli.Option; + +import java.io.File; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.PrintStream; +import java.net.URI; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.util.Arrays; +import java.util.Collection; +import java.util.List; +import java.util.Locale; + +import edu.umd.cs.findbugs.annotations.NonNull; + +public abstract class AbstractResolveCommand + extends AbstractTerminalCommand { + @NonNull + private static final List EXTRA_ARGUMENTS = ObjectUtils.notNull(List.of( + new DefaultExtraArgument("file to resolve", true), + new DefaultExtraArgument("destination file", false))); + @NonNull + private static final Option AS_OPTION = ObjectUtils.notNull( + Option.builder() + .longOpt("as") + .hasArg() + .argName("FORMAT") + .desc("source format: xml, json, or yaml") + .build()); + @NonNull + private static final Option TO_OPTION = ObjectUtils.notNull( + Option.builder() + .longOpt("to") + .required() + .hasArg().argName("FORMAT") + .desc("convert to format: xml, json, or yaml") + .build()); + @NonNull + private static final Option OVERWRITE_OPTION = ObjectUtils.notNull( + Option.builder() + .longOpt("overwrite") + .desc("overwrite the destination if it exists") + .build()); + @NonNull + private static final List