architecture-as-code icon indicating copy to clipboard operation
architecture-as-code copied to clipboard
verified publisher icon finos

CalmHub: Introduce Controls

Open jpgough-ms opened this issue 11 months ago • 4 comments

Feature Request

Description of Problem:

Calm Hub currently supports architectures, patterns, and schemas. #711 proposes introducing flows.

To support the use of controls, this feature will add controls to CalmHub. The functionality will be a little different to the other functionality, as this should store both control-requirement and control-configuration. There is still some work going on in this space, with issue #687. This issue will need to remain blocked until then.

Potential Solutions:

  • Share the proposed URL structure on this issue for agreement for the best way to store controls requirements and configurations
  • Implementation with unit tests
  • Addition of integration tests

Assigning to @jpgough-ms to keep track of dependencies

jpgough-ms avatar Dec 31 '24 09:12 jpgough-ms

CC: @LeighFinegold

rocketstack-matt avatar Jan 01 '25 11:01 rocketstack-matt

Provisional Design

API Structure

Domains

GET     calm/controls/domains - List all the domains supported by the CALM Hub
POST    calm/controls/domains - Create a new Domain (body)

Common schemas used by this domain and potentially shared with other domains

GET     calm/controls/domains/{domain}/schemas - returns a list of SchemaResponse
GET     calm/controls/domains/{domain}/schemas/{id} - returns a JSON Schema
POST    calm/controls/domains/{domain}/schemas - create a Schema, return a 201 with id and SchemaResponse

Managing Controls

GET     calm/controls/domains/{domain}/controls - return a list of Control
GET     calm/controls/domains/{domain}/controls/{id} - return a Control JSON
GET     calm/controls/domains/{domain}/controls/{id}/requirements - return a list of ControlRequirement
GET     calm/controls/domains/{domain}/controls/{id}/requirements{id} - return a list of ControlRequirement JSON

POST    calm/controls/domains/{domain}/controls?name=&description= - create a new control, body json
POST    calm/controls/domains/{domain}/controls/{id}/requirements?name=&description= - create a new ControlRequirement

Model Objects

Domain - name, description, external links Schema - id, name Control - id, name, description ControlRequirement - id, name, description

jpgough-ms avatar Jan 03 '25 11:01 jpgough-ms

Whilst reviewing the schemas section of this issue with @rocketstack-matt, we think that this is at the wrong level and there is perhaps a better way that we could model this.

This was the previous proposal:

GET     calm/controls/domains/{domain}/schemas - returns a list of SchemaResponse
GET     calm/controls/domains/{domain}/schemas/{id} - returns a JSON Schema
POST    calm/controls/domains/{domain}/schemas - create a Schema, return a 201 with id and SchemaResponse

This will be moved outside of the calm/controls structure and move under the calm/standards/{namespace}. This will be covered this issue, which will be implemented ahead of the controls here: #1231

jpgough-ms avatar May 01 '25 10:05 jpgough-ms

With the standards work now completed, I'll be moving onto

GET     calm/domains/{domain}/controls - return a list of all controls
GET     calm/domains/{domain}/controls/{id}/requirement/versions/ - The list of versions for a requirement
GET     calm/domains/{domain}/controls/{id}/requirement/versions/{version} - The requirement for a given control as JSON
GET     calm/domains/{domain}/controls/{id}/configurations - List of configurations for a requirement
GET     calm/domains/{domain}/controls/{id}/configurations/{id} - The specific control configuration JSON
GET     calm/domains/{domain}/controls/{id}/configurations/{id}/versions - The list of versions for a control
GET     calm//domains/{domain}/controls/{id}/configurations/{id}/versions/{version} - the specific configuration json

jpgough-ms avatar Jul 24 '25 11:07 jpgough-ms