Skip to content

Commit

Permalink
Merge pull request #259 from devsecopsmaturitymodel/feat/teamDocs
Browse files Browse the repository at this point in the history 
Feat/team docs
  • Loading branch information
@wurstbrot
wurstbrot authored Nov 23, 2023
2 parents 022f03a + 3b09ba1 commit cc05507
Show file tree
Hide file tree
Showing 4 changed files with 90 additions and 9 deletions.
21 changes: 21 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,6 +85,27 @@ docker run -d -p 80:8080 wurstbrot/dsomm:latest
## Activity Definitions
The definition of the activities are in the [data-repository](https://github.com/devsecopsmaturitymodel/DevSecOps-MaturityModel-data).

## Teams and Groups
To customize these teams, you can create your own [meta.yaml](src/assets/meta.yaml) file with your unique team definitions.

Assessments within the framework can be based on either a team or a specific application, which can be referred to as the context. Depending on how you define the context or teams, you may want to group them together.

Here are a couple of examples to illustrate this, in breakers the DSOMM word:
- Multiple applications (teams) can belong to a single overarching team (application).
- Multiple teams (teams) can belong to a larger department (group).

Feel free to create your own [meta.yaml](src/assets/meta.yaml) file to tailor the framework to your specific needs and mount it in your environment (e.g. kubernetes or docker).
Here is an example to start docker with customized meta.yaml:
```
# Customized meta.yaml
cp src/assets/YAML/meta.yaml .
docker run -v $(pwd)meta.yaml:/usr/share/nginx/html/assets/YAML/meta.yaml -p 8080:8080 wurstbrot/dsomm
# Customized meta.yaml and generated.yaml
cp src/assets/YAML/meta.yaml .
cp $(pwd)/src/assets/YAML/generated/generated.yaml .
docker run -v $(pwd)/meta.yaml:/usr/share/nginx/html/assets/YAML/meta.yaml -v $(pwd)/generated.yaml:/usr/share/nginx/html/assets/YAML/generated/generated.yaml -p 8080:8080 wurstbrot/dsomm
```
# Credits

* The dimension _Test and Verification_ is based on Christian Schneiders [Security DevOps Maturity Model (SDOMM)](https://www.christian-schneider.net/SecurityDevOpsMaturityModel.html). _Application tests_ and _Infrastructure tests_ are added by Timo Pagel. Also, the sub-dimension _Static depth_ has been evaluated by security experts at [OWASP Stammtisch Hamburg](https://www.owasp.org/index.php/OWASP_German_Chapter_Stammtisch_Initiative/Hamburg).
Expand Down
68 changes: 60 additions & 8 deletions src/app/component/activity-description/activity-description.component.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -86,10 +86,7 @@ export class ActivityDescriptionComponent implements OnInit {

ngOnInit() {
this.route.queryParams.subscribe(params => {
this.currentActivity.dimension = params['dimension'];
this.currentActivity.subDimension = params['subDimension'];
this.currentActivity.level = 'level-' + params['level'];
this.currentActivity.activityName = params['activityName'];
this.currentActivity.uuid = params['uuid'];
});

//gets value from sample file
Expand All @@ -106,10 +103,65 @@ export class ActivityDescriptionComponent implements OnInit {
// Function sets data
this.yaml.getJson().subscribe(data => {
this.YamlObject = data;
var data =
this.YamlObject[this.currentActivity.dimension][
this.currentActivity.subDimension
][this.currentActivity.activityName];

var allDimensionNames = Object.keys(this.YamlObject);
for (let i = 0; i < allDimensionNames.length; i++) {
var subdimensionsInCurrentDimension = Object.keys(
this.YamlObject[allDimensionNames[i]]
);

for (let j = 0; j < subdimensionsInCurrentDimension.length; j++) {
var temp: any = {
Dimension: allDimensionNames[i],
SubDimension: subdimensionsInCurrentDimension[j],
};
var activityInCurrentSubDimension: string[] = Object.keys(
this.YamlObject[allDimensionNames[i]][
subdimensionsInCurrentDimension[j]
]
);

for (let a = 0; a < activityInCurrentSubDimension.length; a++) {
var currentActivityName = activityInCurrentSubDimension[a];

try {
console.log(this.currentActivity.uuid, this.currentActivity.uuid);
console.log(
'uuid',
this.YamlObject[allDimensionNames[i]][
subdimensionsInCurrentDimension[j]
][currentActivityName].uuid
);
console.log(
'currentActivityName',
this.YamlObject[allDimensionNames[i]][
subdimensionsInCurrentDimension[j]
][currentActivityName]
);
if (
this.YamlObject[allDimensionNames[i]][
subdimensionsInCurrentDimension[j]
][currentActivityName].uuid == this.currentActivity.uuid
) {
data =
this.YamlObject[allDimensionNames[i]][
subdimensionsInCurrentDimension[j]
][currentActivityName];
this.currentActivity = data;
this.currentActivity.dimension = allDimensionNames[i];
this.currentActivity.subDimension =
subdimensionsInCurrentDimension[j];
this.currentActivity.activityName = currentActivityName;
console.log('found');
break;
}
} catch {
console.log('Level for activity does not exist');
}
}
}
}

this.currentActivity.description = this.defineStringValues(
data['description'],
''
Expand Down
1 change: 1 addition & 0 deletions src/app/component/matrix/matrix.component.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -67,6 +67,7 @@
style="margin-bottom: 1em"
(click)="
navigate(
YamlObject[element.Dimension][element.SubDimension][activity].uuid,
element.Dimension,
element.SubDimension,
i + 1,
Expand Down
9 changes: 8 additions & 1 deletion src/app/component/matrix/matrix.component.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -309,9 +309,16 @@ export class MatrixComponent implements OnInit {

// activity description routing + providing parameters

navigate(dim: string, subdim: string, lvl: Number, activityName: string) {
navigate(
uuid: String,
dim: string,
subdim: string,
lvl: Number,
activityName: string
) {
let navigationExtras: NavigationExtras = {
queryParams: {
uuid: uuid,
dimension: dim,
subDimension: subdim,
level: lvl,
Expand Down

0 comments on commit cc05507

Please sign in to comment.