Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Profile resolution fails when removing a control's nested part #59

Closed
Rene2mt opened this issue Aug 20, 2022 · 2 comments · Fixed by #60
Closed

Profile resolution fails when removing a control's nested part #59

Rene2mt opened this issue Aug 20, 2022 · 2 comments · Fixed by #60
Assignees
@david-waltermire
Labels
bug Something isn't working
Milestone
v1.0.4.2 Release

Comments

@Rene2mt
Copy link

Rene2mt commented Aug 20, 2022
edited
Loading

Describe the bug

In a profile, trying to remove a control's nested part throws an error stating 'Unable to apply the remove targeting control "control-id" at "xpath to remove element". The remove did not match a valid tag'. This error occurs when attempting to resolve profiles.

Who is the bug affecting?

OSCAL-CLI users

What is affected by this bug?

Cannot resolve profile.

When does this occur?

OSCAL-CLI users when trying to resolve a profile but remove sub-parts of a control.

How do we replicate the issue?

  1. Use a profile that attempts to remove a control's nested part (e.g. FedRAMP rev 4 LI-SaaS baseline - see https://github.com/GSA/fedramp-automation/blob/2229f10cc0b143410522026b793f4947eebb0872/dist/content/baselines/rev4/xml/FedRAMP_rev4_LI-SaaS-baseline_profile.xml#L514 )
  2. Attempt to resolve the profile as follows:
rene2mt@1556552G-M30682:/mnt/c/oscal-cli/oscal-cli-0.2.0/bin$ ./oscal-cli profile resolve -t=xml /mnt/c/fedramp-automation/src/content/baselines/rev4/xml/FedRAMP_rev4_LI-SaaS-baseline_profile.xml > test.xml
Unable to resolve profile 'file:///mnt/c/fedramp-automation/src/content/baselines/rev4/xml/FedRAMP_rev4_LI-SaaS-baseline_profile.xml'. Unable to apply the remove targeting control 'ac-2' at '/profile/modify[1]/alter[2]/remove[1]'. The remove did not match a valid target
rene2mt@1556552G-M30682:/mnt/c/oscal-cli/oscal-cli-0.2.0/bin$

Expected behavior (i.e. solution)

Profile should resolve with specified control's parts (and/or sub-parts) removed. For example, the following would be removed from the resolved profile.

<remove by-id="ac-2_smt.b"/>

Other Comments

The same profile(s) that cause error with the OSCAL-CLI resolve successfully with the build-cli.
@Rene2mt Rene2mt added the bug Something isn't working label Aug 20, 2022
david-waltermire added a commit to david-waltermire/liboscal-java that referenced this issue Aug 21, 2022
@david-waltermire
Added additional error handling for alter statements to provide context.
0240194 
Fixed bug in remove match handling. Resolves usnistgov#59.
@david-waltermire david-waltermire mentioned this issue Aug 21, 2022
Merged
8 tasks
david-waltermire added a commit that referenced this issue Aug 21, 2022
@david-waltermire
Improved error handling (#60)
6834974 
* Added additional error handling for alter statements to provide context.
* Fixed bug in remove match handling. Resolves #59.
@david-waltermire
Copy link
Collaborator

@Rene2mt Here is an interim build that fixes this issue. Please confirm.

@Rene2mt
Copy link
Author

Rene2mt commented Aug 21, 2022

The fix worked

@david-waltermire david-waltermire self-assigned this Aug 23, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@david-waltermire david-waltermire

Labels
bug Something isn't working
Projects
NIST OSCAL Work Board
Status: Done
Milestone
v1.0.4.2 Release
Development

Successfully merging a pull request may close this issue.

Improved error handling david-waltermire/liboscal-java
2 participants
@david-waltermire @Rene2mt