Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor test data for constraints for conflicting test requirements #691

Open
1 of 18 tasks
aj-stein-gsa opened this issue Sep 13, 2024 · 2 comments · May be fixed by #700
Open
1 of 18 tasks

Refactor test data for constraints for conflicting test requirements #691

aj-stein-gsa opened this issue Sep 13, 2024 · 2 comments · May be fixed by #700
Assignees
@Gabeblis
Labels
g: fedramp integration testing tech-debt

Comments

@aj-stein-gsa
Copy link
Contributor

aj-stein-gsa commented Sep 13, 2024
edited
Loading

This is a ...

improvement - something could be better

This relates to ...

  • the FedRAMP OSCAL Registry
  • the FedRAMP OSCAL baselines
  • the Guide to OSCAL-based FedRAMP Content
  • the Guide to OSCAL-based FedRAMP System Security Plans (SSP)
  • the Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)
  • the Guide to OSCAL-based FedRAMP Security Assessment Results (SAR)
  • the Guide to OSCAL-based FedRAMP Plan of Action and Milestones (POA&M)
  • the FedRAMP SSP OSCAL Template (JSON or XML Format)
  • the FedRAMP SAP OSCAL Template (JSON or XML Format)
  • the FedRAMP SAR OSCAL Template (JSON or XML Format)
  • the FedRAMP POA&M OSCAL Template (JSON or XML Format)
  • the FedRAMP OSCAL Validations

User Story

As a FedRAMP developer, to better add or change tests for the constraints, I would like a tests to be able to effectively run with the right amount of test data, especially when two or more tests have conflicting test requirements that cannot exist (or not exist) in a singular test data file.

Goals

  • Make tests and test data more manageable
  • Make tests and their state operate independently
  • Limit cognitive load and minimize conflicts (cognitive, tooling issues a la git merge) to reduce friction on development and maintenance of rules

Dependencies

N/A

Acceptance Criteria

  • An architectural decision record (ADR) is made to explain what will stay the same or change given dev team discussions on the topic
  • Tooling and CI/CD change issues will be added to the list below once the ADR has been review and team plans completion steps.

Once the second sublist is complete, this architecture decision will be complete and read to merge.

Other information

Today, the FR Automation Team devs had a meeting and posed an interesting challenge with the tests as they exist today in the feature branch, soon to be develop branch tests. When performing negative tests when an assembly or field should not exist, and an improper value must be tested, having all the tests target a single exhaustive list of invalid test vectors in one large SSP file exhibits certain challenges. We have decided to review this approach, consider alternative options, and act accordingly.
@aj-stein-gsa
Copy link
Contributor Author

@Gabeblis thanks for volunteering to pick this one up. I hope the goals and background are clear for the ADR portion of this.

@aj-stein-gsa aj-stein-gsa mentioned this issue Sep 13, 2024
Open
7 tasks
@Gabeblis
Copy link

@Gabeblis thanks for volunteering to pick this one up. I hope the goals and background are clear for the ADR portion of this.

Thank you!

@Gabeblis Gabeblis linked a pull request Sep 18, 2024 that will close this issue
Introduce test data optimization ADR #700
Draft
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Gabeblis Gabeblis

Labels
g: fedramp integration testing tech-debt
Projects
FedRAMP Automation
Status: 🔖 Ready
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Introduce test data optimization ADR Gabeblis/fedramp-automation
2 participants
@Gabeblis @aj-stein-gsa