Skip to content

EOP-OMB/opal

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

837 Commits

.github

.github

 
 

catalog

catalog

 
 

common

common

 
 

component

component

 
 

ctrl_profile

ctrl_profile

 
 

docs

docs

 
 

opal

opal

 
 

sample_data

sample_data

 
 

ssp

ssp

 
 

templates

templates

 
 

vendor

vendor

 
 

.dockerignore

.dockerignore

 
 

.gitignore

.gitignore

 
 

Dockerfile

Dockerfile

 
 

SECURITY.md

SECURITY.md

 
 

conftest.py

conftest.py

 
 

license.md

license.md

 
 

manage.py

manage.py

 
 

playbook.yml

playbook.yml

 
 

pytest-cov.cfg

pytest-cov.cfg

 
 

pytest.ini

pytest.ini

 
 

qodana.yaml

qodana.yaml

 
 

readme.md

readme.md

 
 

requirements.txt

requirements.txt

 
 

requirements_test.txt

requirements_test.txt

 
 

startup.sh

startup.sh

 
 

version.txt

version.txt

 
 

Repository files navigation

The OSCAL Model Reference can be found at, https://pages.nist.gov/OSCAL/reference/latest/complete/

OSCAL Policy Administration Library (opal)

Provides a simple web application for managing System Security Plans and related documents. The data model is based on the OSCAL standard and objects can be imported and exported in OSCAL compliant JSON.

The OSCAL Model Reference can be found at, https://pages.nist.gov/OSCAL/reference/latest/complete/

  1. Python >=3.8
  2. apache
  3. postgres client if using a postgres database

Deployment Instructions

Running a local development version using sqlite

  1. Clone the repository to your local directory
    git clone https://github.com/eop-omb/opal.git
  2. Change to the new directory
    cd opal
  3. The default environment variables are set to work well in a containerized environment. To run locally you will want to set some environment variables. You cna use the provided defaults.env file to get started.
    cp opal/defaults.env opal/.env
  4. It is recommended to run the application from a virtual environment. To do so navigate to the application directory in a terminal and enter the following commands:
    python3 -m venv venv
    source venv/bin/activate
  5. Install the required python modules by running:
    pip install -r requirements.txt
  6. Run the initial migration to create the database objects:
    python manage.py makemigrations
    python manage.py migrate
  7. Create a superuser:
    python manage.py createsuperuser
  8. Start the Server
    python manage.py runserver

Start the app in a docker container using sqlite

  1. Clone the repository to your local directory git clone https://github.com/eop-omb/opal.git
  2. Build the image
    docker build -t opal .
  3. Run the container
    docker run --rm -it --name opal -p 8000:8000 -e LOG_LEVEL=DEBUG opal

Run OPAL with a Postgres database including persistent storage using docker-compose

  1. Clone the repository to your local directory git clone https://gitlab.max.gov/max-security/opal.git
  2. Run the docker-compose. YAML file in the docs/docker-compose/ folder
    cd docs/docker-compose docker-compose up

Setting environment variables

OPAL is designed to run well in a containerized environment. It is recommended to set any desired environment variables using your chosen container orchestration solution (kubernetes, docker-compose, etc.). You can also set environment variables in a .env file which should be placed in the opal subdirectory. All variables are optional and will be populated with reasonable defaults if not provided.

NOTE: defaults will be applied if the environment variable is NOT provided, but if you provide an empty string or something similar the application will not overwrite that with the default value.

You can find a list of all environment variables and their defaults in the opal/settings.py file.

About

OSCAL Policy Administration Library (OPAL) provides a simple web application for managing System Security Plans. The data modle is based on the OSCAL standard.

Topics

ssp security-tools oscal

Resources

Readme

License

View license

Security policy

Security policy
Activity
Custom properties

Stars

24 stars

Watchers

6 watching

Forks

12 forks
Report repository

Releases 18

2.7.5.5 Latest
Mar 29, 2024
+ 17 releases

Packages

No packages published

Contributors 7

Languages