Skip to content

API: Build Profile by Props (imports + controls + tests) #313

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
AKAbdulHanif wants to merge 12 commits into
base: main
Choose a base branch
from
+494 −5
Open

API: Build Profile by Props (imports + controls + tests) #313

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
9d2ced1
feat(profile): add BuildByProps endpoint to profiles handler (local b…
AKAbdulHanif Jan 20, 2026
39bff26
feat(profile): accept kebab-case keys in BuildByProps request
AKAbdulHanif Jan 20, 2026
e355737
feat(profile): BuildByProps creates import and back-matter; validates…
AKAbdulHanif Jan 21, 2026
9af60d3
fix(profile): persist import include-controls and back-matter resourc…
AKAbdulHanif Jan 21, 2026
cdf2737
fix(profile): avoid duplicate imports/back-matter; persist associatio…
AKAbdulHanif Jan 21, 2026
d421143
fix(profile): prevent duplicate include-controls groups by creating a…
AKAbdulHanif Jan 21, 2026
2bd76b8
test(api): add integration test for BuildByProps to assert import and…
AKAbdulHanif Jan 22, 2026
9310392
Merge branch 'main' into feat/profile-prop-matching-api
AKAbdulHanif Jan 25, 2026
a34181b
lint(api): fix error string casing and remove debug print in integrat…
AKAbdulHanif Jan 25, 2026
ffabb16
ci(api): fix golangci-lint inputs; commit generated swagger docs to s…
AKAbdulHanif Jan 26, 2026
69b5dd9
lint(api): use strings.EqualFold for case-insensitive prop name/ns co…
AKAbdulHanif Jan 26, 2026
f1fc759
Merge branch 'main' into feat/profile-prop-matching-api
AKAbdulHanif Jan 27, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,8 @@ jobs:
uses: golangci/golangci-lint-action@v7
with:
version: ${{ env.GOLANGCI_VERSION }}
skip-pkg-cache: true
skip-build-cache: true
skip-cache: true
skip-save-cache: true
args: --timeout=30m

check-diff:
Expand Down
63 changes: 63 additions & 0 deletions docs/docs.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11704,6 +11704,69 @@ const docTemplate = `{
]
}
},
"/oscal/profiles/build-props": {
"post": {
"description": "Generates a Profile selecting controls from a catalog based on prop matching rules. Returns the created Profile and the matched control IDs.",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Profile"
],
"summary": "Build Profile by Control Props",
"parameters": [
{
"description": "Prop matching request",
"name": "request",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/oscal.ProfileHandler"
Copy link

Copilot AI Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

docs.go embeds the generated OpenAPI template and currently references #/definitions/oscal.ProfileHandler as the request schema for /oscal/profiles/build-props, but that definition is empty. After adding named request/response structs in the handler, regenerate the swagger artifacts so this embedded template includes the correct schema refs.

Suggested change
"$ref": "#/definitions/oscal.ProfileHandler"
"type": "object"

Copilot uses AI. Check for mistakes.
}
}
],
"responses": {
"201": {
"description": "Created",
"schema": {
"$ref": "#/definitions/handler.GenericDataResponse-oscal_ProfileHandler"
Copy link

Copilot AI Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The embedded swagger template also uses handler.GenericDataResponse-oscal_ProfileHandler for the 201 response, which won’t describe the actual response fields for BuildByProps. Regenerate swagger after defining a named response type so the template reflects the real payload schema.

Suggested change
"$ref": "#/definitions/handler.GenericDataResponse-oscal_ProfileHandler"
"$ref": "#/definitions/oscal.ProfileHandler"

Copilot uses AI. Check for mistakes.
}
},
"400": {
"description": "Bad Request",
"schema": {
"$ref": "#/definitions/api.Error"
}
},
"401": {
"description": "Unauthorized",
"schema": {
"$ref": "#/definitions/api.Error"
}
},
"404": {
"description": "Not Found",
"schema": {
"$ref": "#/definitions/api.Error"
}
},
"500": {
"description": "Internal Server Error",
"schema": {
"$ref": "#/definitions/api.Error"
}
}
},
"security": [
{
"OAuth2Password": []
}
]
}
},
"/oscal/profiles/{id}": {
"get": {
"description": "Get an OSCAL profile with the uuid provided",
Expand Down
63 changes: 63 additions & 0 deletions docs/swagger.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11698,6 +11698,69 @@
]
}
},
"/oscal/profiles/build-props": {
"post": {
"description": "Generates a Profile selecting controls from a catalog based on prop matching rules. Returns the created Profile and the matched control IDs.",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"tags": [
"Profile"
],
"summary": "Build Profile by Control Props",
"parameters": [
{
"description": "Prop matching request",
"name": "request",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/oscal.ProfileHandler"
}
Comment on lines +11720 to +11722
Copy link

Copilot AI Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The generated swagger JSON for this endpoint references #/definitions/oscal.ProfileHandler as the request schema, but that definition is empty. After introducing named BuildByProps request/response types in the handler, regenerate swagger so this $ref points at the actual request schema.

Copilot uses AI. Check for mistakes.
}
],
"responses": {
"201": {
"description": "Created",
"schema": {
"$ref": "#/definitions/handler.GenericDataResponse-oscal_ProfileHandler"
Copy link

Copilot AI Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The generated swagger JSON 201 response schema currently points to handler.GenericDataResponse-oscal_ProfileHandler, which is based on an empty oscal.ProfileHandler schema rather than the real BuildByProps response body. Regenerate swagger after defining a named response type so clients see profileId, controlIds, and profile in the schema.

Suggested change
"$ref": "#/definitions/handler.GenericDataResponse-oscal_ProfileHandler"
"type": "object",
"properties": {
"profileId": {
"type": "string"
},
"controlIds": {
"type": "array",
"items": {
"type": "string"
}
},
"profile": {
"type": "object"
}
}

Copilot uses AI. Check for mistakes.
}
},
"400": {
"description": "Bad Request",
"schema": {
"$ref": "#/definitions/api.Error"
}
},
"401": {
"description": "Unauthorized",
"schema": {
"$ref": "#/definitions/api.Error"
}
},
"404": {
"description": "Not Found",
"schema": {
"$ref": "#/definitions/api.Error"
}
},
"500": {
"description": "Internal Server Error",
"schema": {
"$ref": "#/definitions/api.Error"
}
}
},
"security": [
{
"OAuth2Password": []
}
]
}
},
"/oscal/profiles/{id}": {
"get": {
"description": "Get an OSCAL profile with the uuid provided",
Expand Down
41 changes: 41 additions & 0 deletions docs/swagger.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13789,6 +13789,47 @@ paths:
summary: Get Resolved Profile
tags:
- Profile
/oscal/profiles/build-props:
post:
consumes:
- application/json
description: Generates a Profile selecting controls from a catalog based on
prop matching rules. Returns the created Profile and the matched control IDs.
parameters:
- description: Prop matching request
in: body
name: request
required: true
schema:
$ref: '#/definitions/oscal.ProfileHandler'
Copy link

Copilot AI Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The request body schema $ref is #/definitions/oscal.ProfileHandler, which is an empty object definition. This makes the OpenAPI for /oscal/profiles/build-props unusable for clients. After switching to named request/response structs in the handler, regenerate swagger so this points to the real BuildByProps request schema.

Suggested change
$ref: '#/definitions/oscal.ProfileHandler'
$ref: '#/definitions/oscal.BuildByPropsRequest'

Copilot uses AI. Check for mistakes.
produces:
- application/json
responses:
"201":
description: Created
schema:
$ref: '#/definitions/handler.GenericDataResponse-oscal_ProfileHandler'
Comment on lines +13808 to +13811
Copy link

Copilot AI Jan 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The 201 response schema $ref is #/definitions/handler.GenericDataResponse-oscal_ProfileHandler, which is derived from an empty oscal.ProfileHandler schema rather than the actual response payload (profileId/controlIds/profile). Define a named response type in code and regenerate swagger so the response schema matches reality.

Copilot uses AI. Check for mistakes.
"400":
description: Bad Request
schema:
$ref: '#/definitions/api.Error'
"401":
description: Unauthorized
schema:
$ref: '#/definitions/api.Error'
"404":
description: Not Found
schema:
$ref: '#/definitions/api.Error'
"500":
description: Internal Server Error
schema:
$ref: '#/definitions/api.Error'
security:
- OAuth2Password: []
summary: Build Profile by Control Props
tags:
- Profile
/oscal/roles:
get:
description: Retrieves all roles.
Expand Down
Loading