-
Notifications
You must be signed in to change notification settings - Fork 60
62 lines (51 loc) · 2.28 KB
/
convert-cci-list.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
name: Convert CCI List XML to JSON
on:
push:
# branches: ['master']
branches: ['add-convert-cci-list-workflow']
# Run this workflow on the 1st day at 00:00 every month
# schedule:
# - cron: '0 0 1 * *'
env:
# This URL is super brittle with how links constantly get changed.
CCI_LIST_ZIP_URL: https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_CCI_List.zip
jobs:
convert-cci-list:
runs-on: ubuntu-22.04
steps:
- name: Checkout the code
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '18'
check-latest: true
cache: 'yarn'
- name: Install project dependencies
run: yarn install --frozen-lockfile
- name: Download CCI List
run: |
curl -o U_CCI_List.zip $CCI_LIST_ZIP_URL && unzip U_CCI_List.zip
- name: Get publish date of CCI List
id: publish-date
uses: mavrosxristoforos/[email protected]
with:
xml-file: 'U_CCI_List.xml'
xpath: '/*[local-name()="cci_list"]/*[local-name()="metadata"]/*[local-name()="publishdate"]'
namespaces: '{"ns": "http://iase.disa.mil/cci"}'
- name: Set directory environment variables for next step
run: |
echo "ROOT_DIRECTORY=$(pwd)" >> $GITHUB_ENV
echo "OUTPUT_DIRECTORY=$(pwd)/libs/hdf-converters/src/mappings" >> $GITHUB_ENV
- name: Convert CCI List XML to CCI->NIST, CCI->Definitions, and NIST->CCI JSON files
run: yarn workspace @mitre/hdf-converters cciListXml2json -i $ROOT_DIRECTORY/U_CCI_List.xml -n $OUTPUT_DIRECTORY/U_CCI_List.nist.json -d $OUTPUT_DIRECTORY/U_CCI_List.defs.json -c $OUTPUT_DIRECTORY/U_CCI_List.cci.json
- name: Commit changes to produced JSON files
# run: |
# git config --local user.email "[email protected]"
# git config --local user.name "MITRE SAF Automation"
# git add $OUTPUT_DIRECTORY/U_CCI_List.nist.json $OUTPUT_DIRECTORY/U_CCI_List.defs.json $OUTPUT_DIRECTORY/U_CCI_List.cci.json
# git commit -sm "Update CCI List to the current NIST and definition mappings as of $DATETIME"
# git push
run: echo $DATETIME && git status
env:
DATETIME: ${{steps.publish-date.outputs.info}}