Skip to main content

Tool to run compliance control checks as unit tests

Project description

OS Compatibility Python Compatibility pre-commit Code validation Upload Python Package

auditree-framework

Tool to run compliance control checks as unit tests and build up a body of evidence.

This framework gives you the tools you need to create an auditable body of evidence, and is designed to be "DevSecOps" friendly. Collection & validation of evidence is modelled as python unit tests, evidence is stored & versioned in a git repository, notifications can be configured to send to Slack, create issues, contact PagerDuty, or just write files into git. The goal is to enable the digital transformation of compliance activities, and make these everyday operational tasks for the team managing the system.

Installation

Prerequisites

  • Supported for execution on OSX and LINUX.
  • Supported for execution with Python 3.6 and above.

If you haven't already you need to generate a new ssh key for your Github account as per this guide

Check out the code

git clone git@github.com:ComplianceAsCode/auditree-framework
cd auditree-framework

For users

python3 -m venv venv
. venv/bin/activate
make install

For developers

python3 -m venv venv
. venv/bin/activate
make develop

Code style and formatting

This repository uses black for code formatting and flake8 for code styling. It also uses pre-commit hooks that are integrated into the development process and the CI. When you run make develop you are ensuring that the pre-commit hooks are installed and updated to their latest versions for this repository. This ensures that all delivered code has been properly formatted and passes the linter rules. See the pre-commit configuration file for details on black and flake8 configurations.

Since black and flake8 are installed as part of the pre-commit hooks, running black and flake8 manually must be done through pre-commit. See examples below:

make code-format
make code-lint

...will run black and flake8 on the entire repo and is equivalent to:

pre-commit run black --all-files
pre-commit run flake8 --all-files

...and when looking to limit execution to a subset of files do similar to:

pre-commit run black --files compliance/*
pre-commit run flake8 --files compliance/*

Unit tests

To run the frameworks test suite, use:

make test

Build Documentation

Documentation sources live in doc-source, and are also auto-generated from the source codes doc strings. The auto-generated documentation (compliance*rst, modules.rst) is ignored by git & should not be modified directly - make changes in the python code.

To build the documentation locally run:

make docs

This will update the files in doc with the latest documentation. These files should not be modified by hand.

Try it

Successfully complete the steps below and you should be able to find your local evidence locker in your $TMPDIR/compliance folder. There you will find a raw folder that contains all of the raw evidence fetched by the fetchers found in the demo/demo_examples/fetchers folder along with a reports folder that contains the reports generated by the checks found in the demo/demo_examples/checks folder.

$ touch ~/.credentials
  • Set up your environment:
cd demo
python -m venv
. ./venv/bin/activate
pip install -r requirements.txt
  • Run the fetchers:
compliance --fetch --evidence local -C auditree_demo.json -v
  • Run the checks:
compliance --check demo.arboretum.accred,demo.custom.accred --evidence local -C auditree_demo.json -v

Contribute

Help us to improve the Auditree framework. See CONTRIBUTING.

Ecosystem

We are building a set of common fetchers/checks in Arboretum. If you have a library of checks, please let us know & we'll link here.

We have a data gathering and reporting tool called Harvest which lets you process your evidence locker and generate reports over the data held.

We have a tool called Prune which lets you mark evidence as no longer being collected, in a suitably tracked manner.

We have a tool called Plant which lets you add evidence to evidence lockers without the use of fetchers or checks.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

auditree-framework-2.0.0.tar.gz (63.1 kB view details)

Uploaded Source

Built Distribution

auditree_framework-2.0.0-py2.py3-none-any.whl (78.9 kB view details)

Uploaded Python 2 Python 3

File details

Details for the file auditree-framework-2.0.0.tar.gz.

File metadata

  • Download URL: auditree-framework-2.0.0.tar.gz
  • Upload date:
  • Size: 63.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/4.0.2 CPython/3.8.16

File hashes

Hashes for auditree-framework-2.0.0.tar.gz
Algorithm Hash digest
SHA256 95efd34aa149d230af024adb3407a671b7d71fdd3dea30b3b740988bee810d00
MD5 3616545ebc6172cfdafa01e64271c09b
BLAKE2b-256 fa5719506a5966f349b80dad13ca930cf68a70682f20196ac60d938f495b2f2e

See more details on using hashes here.

File details

Details for the file auditree_framework-2.0.0-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for auditree_framework-2.0.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 cb4223778c3a688a799215402644e5bff5330fec6782afa16821ee7d3fb13485
MD5 981b520ef81e321ce9c441a7de57cca7
BLAKE2b-256 902eabbb7b2a16dbe731067dbfa532fa35877094f4bf4803b13d7207d80def35

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page