Please refer to ComplianceAsCode/content instead.
Entries from OpenControl were migrated to the controls structure:
e.g.
This repository contains control responses to NIST-800-53 security controls. Human readable overview is available at http://atopathways.redhatgov.io/ato/products/select/NIST-800-53
Some of the content is still work in progress!
Instructions on how to prepare your development host:
Users can use GoComply/fedramp tool to genereate OSCAL formatted FedRAMP SSPs out of the OpenControl formatted here. Example:
podman run \ --rm -t --security-opt label=disable \ -v $(pwd):/shared-dir \ quay.io/gocomply/gocomply sh -c "\ cd /shared-dir && \ gocomply_fedramp opencontrol https://github.com/ComplianceAsCode/redhat oscal.xml/" find oscal.xml/ -type f The results of this process can be reviewed online under ComplianceAsCode/oscal project.
Compliance masonry command from OpenControl project may be used to fetch opencontrol dependencies of this project and validate the repository conformance with OpenControl standard.
podman run \ --rm -t --security-opt label=disable \ -v $(pwd):/shared-dir \ quay.io/gocomply/gocomply sh -c "\ cd /shared-dir && \ git clone --depth 1 https://github.com/complianceascode/redhat ComplianceAsCode.redhat && \ cd ComplianceAsCode.redhat && \ masonry get --verbose && \ masonry validate" find ComplianceAsCode.redhat/opencontrols/ -type f