You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
the Guide to OSCAL-based FedRAMP System Security Plans (SSP)
the Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)
the Guide to OSCAL-based FedRAMP Security Assessment Results (SAR)
the Guide to OSCAL-based FedRAMP Plan of Action and Milestones (POA&M)
the FedRAMP SSP OSCAL Template (JSON or XML Format)
the FedRAMP SAP OSCAL Template (JSON or XML Format)
the FedRAMP SAR OSCAL Template (JSON or XML Format)
the FedRAMP POA&M OSCAL Template (JSON or XML Format)
the FedRAMP OSCAL Validations
User Story
As a FedRAMP developer, to better add or change tests for the constraints, I would like a tests to be able to effectively run with the right amount of test data, especially when two or more tests have conflicting test requirements that cannot exist (or not exist) in a singular test data file.
Goals
Make tests and test data more manageable
Make tests and their state operate independently
Limit cognitive load and minimize conflicts (cognitive, tooling issues a la git merge) to reduce friction on development and maintenance of rules
Dependencies
N/A
Acceptance Criteria
An architectural decision record (ADR) is made to explain what will stay the same or change given dev team discussions on the topic
Tooling and CI/CD change issues will be added to the list below once the ADR has been review and team plans completion steps.
Once the second sublist is complete, this architecture decision will be complete and read to merge.
Other information
Today, the FR Automation Team devs had a meeting and posed an interesting challenge with the tests as they exist today in the feature branch, soon to be develop branch tests. When performing negative tests when an assembly or field should not exist, and an improper value must be tested, having all the tests target a single exhaustive list of invalid test vectors in one large SSP file exhibits certain challenges. We have decided to review this approach, consider alternative options, and act accordingly.
The text was updated successfully, but these errors were encountered:
This is a ...
improvement - something could be better
This relates to ...
User Story
As a FedRAMP developer, to better add or change tests for the constraints, I would like a tests to be able to effectively run with the right amount of test data, especially when two or more tests have conflicting test requirements that cannot exist (or not exist) in a singular test data file.
Goals
Dependencies
N/A
Acceptance Criteria
ALL-VALID.xml
andALL-INVALID.xml
in Refactor test data for constraints for conflicting test requirements #691Once the second sublist is complete, this architecture decision will be complete and read to merge.
Other information
Today, the FR Automation Team devs had a meeting and posed an interesting challenge with the tests as they exist today in the feature branch, soon to be develop branch tests. When performing negative tests when an assembly or field should not exist, and an improper value must be tested, having all the tests target a single exhaustive list of invalid test vectors in one large SSP file exhibits certain challenges. We have decided to review this approach, consider alternative options, and act accordingly.
The text was updated successfully, but these errors were encountered: