diff --git a/calm/control-example/control-instance.json b/calm/control-example/control-instance.json deleted file mode 100644 index 843cc2eb..00000000 --- a/calm/control-example/control-instance.json +++ /dev/null @@ -1,14 +0,0 @@ -{ - "$schema": "control-specification.json", - "$id": "control-evidence.json", - "title": "Evidence of pre-production review", - "control-id": "ci-arch-001", - "data-fields": { - "review-date": "2024-08-02", - "reviewed-by": "jpgough-ms", - "docs-link": "https://issue-tracker.com/12345" - }, - "name": "Architecture review pre-production", - "scope-text": "All workloads going to production", - "scope-rego": "input.metadata.target-deployment.environment == Production" -} \ No newline at end of file diff --git a/calm/control-example/one-node-wonder.json b/calm/control-example/one-node-wonder.json index 8c708efe..048c1525 100644 --- a/calm/control-example/one-node-wonder.json +++ b/calm/control-example/one-node-wonder.json @@ -1,6 +1,5 @@ { "$schema": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/draft/2024-08/meta/calm.json", - "id": "one-node-wonder.json", "title": "Demonstration of domain and controls", "nodes": [ { @@ -8,21 +7,20 @@ "node-type": "system", "name": "Example System", "description": "Example System", - "domains": { - "cbom": [ - { - "unique-id": "ci-arch-001", - "description": "Evidence of Pre Production Review", - "requirement-schema": "control-specification.json", - "requirement-instance": "control-instance.json", - "evidence": [ + "controls": { + "cbom": { + "description": "Control requirements for delivering patterns", + "requirements": [ { - "evidence-link": "https://evidence.com/12345", - "evidence-id": "12345" + "control-requirement": { + "$ref": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/control-example/pre-prod-review-specification.json" + }, + "control-config": { + "$ref": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/control-example/pre-prod-review-configuration.json" + } } ] } - ] } } ], diff --git a/calm/control-example/pre-prod-review-configuration.json b/calm/control-example/pre-prod-review-configuration.json new file mode 100644 index 00000000..20ef5070 --- /dev/null +++ b/calm/control-example/pre-prod-review-configuration.json @@ -0,0 +1,9 @@ +{ + "$schema": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/control-example/control-specification.json", + "title": "Evidence of pre-production review", + "control-id": "ci-arch-001", + "name": "Architecture review pre-production", + "scope-text": "All workloads going to production", + "scope-rego": "input.metadata.target-deployment.environment == Production", + "description": "As part of the SDLC requirements, each workload going to production is subject to an architecture review" +} \ No newline at end of file diff --git a/calm/control-example/pre-prod-review-evidence.json b/calm/control-example/pre-prod-review-evidence.json new file mode 100644 index 00000000..292f5618 --- /dev/null +++ b/calm/control-example/pre-prod-review-evidence.json @@ -0,0 +1,8 @@ +{ + "$schema": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/draft/2024-08/meta/control.json#/defs/evidence", + "evidence": { + "unique-id": "pre-prod-review-evidence", + "evidence-path": "https://evidence.com/12345", + "control-configuration-uri": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/control-example/pre-prod-review-configuration.json" + } +} diff --git a/calm/control-example/control-specification.json b/calm/control-example/pre-prod-review-specification.json similarity index 51% rename from calm/control-example/control-specification.json rename to calm/control-example/pre-prod-review-specification.json index 14a7d444..e1c5c2f6 100644 --- a/calm/control-example/control-specification.json +++ b/calm/control-example/pre-prod-review-specification.json @@ -1,7 +1,13 @@ { "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "control-specification.json", + "$id": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/control-example/control-specification.json", "title": "Example Production Control Specification", + "type": "object", + "allOf": [ + { + "$ref": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/draft/2024-08/meta/control-requirement.json" + } + ], "properties": { "control-id": { "const": "ci-arch-001" @@ -9,38 +15,21 @@ "name": { "const": "Architecture review pre-production" }, + "description": { + "const": "As part of the SDLC requirements, each workload going to production is subject to an architecture review" + }, "scope-text": { "const": "All workloads going to production" }, "scope-rego": { "const": "input.metadata.target-deployment.environment == Production" - }, - "data-fields": { - "type": "object", - "properties": { - "review-date": { - "type": "string", - "format": "date" - }, - "reviewed-by": { - "type": "string" - }, - "docs-link": { - "type": "string", - "format": "uri" - } - }, - "required": [ - "review-date", - "reviewed-by", - "docs-link" - ] } }, "required": [ + "scope-text", + "scope-rego", "control-id", "name", - "scope-text", - "scope-rego" + "description" ] } \ No newline at end of file diff --git a/calm/draft/2024-08/meta/control-requirement.json b/calm/draft/2024-08/meta/control-requirement.json new file mode 100644 index 00000000..9cb0b694 --- /dev/null +++ b/calm/draft/2024-08/meta/control-requirement.json @@ -0,0 +1,33 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/draft/2024-08/meta/control-requirement.json", + "title": "Common Architecture Language Model Control Requirement", + "description": "Schema for defining control requirements within the Common Architecture Language Model.", + "type": "object", + "properties": { + "control-id": { + "type": "string", + "description": "The unique identifier of this control, which has the potential to be used for linking evidence" + }, + "name": { + "type": "string", + "description": "The name of the control requirement that provides contextual meaning within a given domain" + }, + "description": { + "type": "string", + "description": "A more detailed description of the control and information on what a developer needs to consider" + } + }, + "required": [ + "control-id", + "name", + "description" + ], + "examples": [ + { + "control-id": "CR-001", + "name": "Access Control", + "description": "Ensure that access to sensitive information is restricted." + } + ] +} \ No newline at end of file diff --git a/calm/draft/2024-08/meta/control.json b/calm/draft/2024-08/meta/control.json new file mode 100644 index 00000000..6e8643d3 --- /dev/null +++ b/calm/draft/2024-08/meta/control.json @@ -0,0 +1,49 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/draft/2024-08/meta/control.json", + "title": "Common Architecture Language Model Controls", + "description": "Controls model requirements for domains. For example, a security domain contains a series of control requirements", + "$defs": { + "control-detail": { + "type": "object", + "properties": { + "control-requirement": { + "$ref": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/draft/2024-08/meta/control-requirement.json", + "description": "The requirement schema that specifies how a control should be defined" + }, + "control-config": { + "$ref": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/draft/2024-08/meta/control-requirement.json", + "description": "The configuration of how the control requirement schema is met" + } + }, + "required": [ + "control-requirement" + ] + }, + "controls": { + "type": "object", + "patternProperties": { + "^[a-zA-Z0-9-]+$": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "A description of a control and how it applies to a given architecture" + }, + "requirements": { + "type": "array", + "items": { + "type": "#/$defs/control-detail", + "description": "The detail of a how a specified control is structured and (if it currently does) is configured to meet the requirement" + } + } + }, + "required": [ + "description", + "requirements" + ] + } + } + } + } +} \ No newline at end of file diff --git a/calm/draft/2024-08/meta/core.json b/calm/draft/2024-08/meta/core.json index b73c3ef5..1128d010 100644 --- a/calm/draft/2024-08/meta/core.json +++ b/calm/draft/2024-08/meta/core.json @@ -18,8 +18,8 @@ "metadata": { "$ref": "#/defs/metadata" }, - "domains": { - "$ref": "domain.json#/defs/domains" + "controls": { + "$ref": "control.json#/defs/controls" } }, "defs": { @@ -56,8 +56,8 @@ "$ref": "interface.json#/defs/interface-type" } }, - "domains": { - "$ref": "domain.json#/defs/domains" + "controls": { + "$ref": "control.json#/defs/controls" }, "metadata": { "$ref": "#/defs/metadata" @@ -128,8 +128,8 @@ "metadata": { "$ref": "#/defs/metadata" }, - "domains": { - "$ref": "domain.json#/defs/domains" + "controls": { + "$ref": "control.json#/defs/controls" } }, "required": [ diff --git a/calm/draft/2024-08/meta/domain.json b/calm/draft/2024-08/meta/domain.json deleted file mode 100644 index 177f5ef0..00000000 --- a/calm/draft/2024-08/meta/domain.json +++ /dev/null @@ -1,62 +0,0 @@ -{ - "$schema": "https://json-schema.org/draft/2020-12/schema", - "$id": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/draft/2024-08/meta/domain.json", - "title": "Common Architecture Language Model Domains", - "defs": { - "domain-requirement": { - "type": "object", - "properties": { - "unique-id": { - "type": "string" - }, - "description": { - "type": "string" - }, - "requirement-schema": { - "type": "string" - }, - "requirement-instance": { - "type": "string" - }, - "evidence": { - "type": "array", - "items": { - "$ref": "#/defs/evidence" - } - } - }, - "required": [ - "unique-id", - "description", - "requirement-schema", - "requirement-instance" - ] - }, - "domains": { - "type": "object", - "patternProperties": { - "^[a-zA-Z0-9_]+$": { - "type": "array", - "items": { - "$ref": "#/defs/domain-requirement" - } - } - } - }, - "evidence": { - "type": "object", - "properties": { - "evidence-id": { - "type": "string" - }, - "evidence-link": { - "type": "string" - } - }, - "required": [ - "evidence-id", - "evidence-link" - ] - } - } -} \ No newline at end of file diff --git a/calm/draft/2024-08/meta/evidence.json b/calm/draft/2024-08/meta/evidence.json new file mode 100644 index 00000000..9257ac7d --- /dev/null +++ b/calm/draft/2024-08/meta/evidence.json @@ -0,0 +1,37 @@ +{ + "$schema": "https://json-schema.org/draft/2020-12/schema", + "$id": "https://raw.githubusercontent.com/finos/architecture-as-code/main/calm/draft/2024-08/meta/evidence.json", + "title": "Common Architecture Language Model Evidence", + "description": "Schema for defining evidence for control requirements within the Common Architecture Language Model.", + "type": "object", + "properties": { + "evidence": { + "type": "object", + "properties": { + "unique-id": { + "type": "string", + "description": "CALM unique-id for future linking and uniquely defining this evidence" + }, + "evidence-paths": { + "type": "array", + "description": "Paths to the evidence relating to a specific control", + "items": { + "type": "string" + } + }, + "control-configuration-uri": { + "type": "string", + "description": "URI for the control configuration this evidence relates to" + } + }, + "required":[ + "unique-id", + "evidence-paths", + "control-configuration-uri" + ] + } + }, + "required": [ + "evidence" + ] +} \ No newline at end of file