Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixing missing data governance on service data #234

Merged
merged 1 commit into from
Jun 2, 2023
Merged

Fixing missing data governance on service data #234

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 14 additions & 12 deletions schema/bom-1.5.proto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -147,6 +147,8 @@ message DataFlow {
repeated string source = 5;
// The URI, URL, or BOM-Link of the components or services the data is sent to
repeated string destination = 6;
// Data Governance
optional DataGovernance governance = 7;
}

// Specifies the flow direction of the data. Valid values are: inbound, outbound, bi-directional, and unknown. Direction is relative to the service. Inbound flow states that data enters the service. Outbound flow states that data leaves the service. Bi-directional states that data flows both ways, and unknown states that the direction is not known.
Expand Down Expand Up @@ -1109,20 +1111,20 @@ message ComponentData {
// Provides the ability to document name-value parameters used for configuration.
repeated Property properties = 3;
}
}

message DataGovernance {
// Data custodians are responsible for the safe custody, transport, and storage of data.
repeated DataGovernanceResponsibleParty custodians = 1;
// Data stewards are responsible for data content, context, and associated business rules.
repeated DataGovernanceResponsibleParty stewards = 2;
// Data owners are concerned with risk and appropriate access to data.
repeated DataGovernanceResponsibleParty owners = 3;
message DataGovernance {
// Data custodians are responsible for the safe custody, transport, and storage of data.
repeated DataGovernanceResponsibleParty custodians = 1;
// Data stewards are responsible for data content, context, and associated business rules.
repeated DataGovernanceResponsibleParty stewards = 2;
// Data owners are concerned with risk and appropriate access to data.
repeated DataGovernanceResponsibleParty owners = 3;

message DataGovernanceResponsibleParty {
oneof choice {
OrganizationalEntity organization = 1;
OrganizationalContact contact = 2;
}
message DataGovernanceResponsibleParty {
oneof choice {
OrganizationalEntity organization = 1;
OrganizationalContact contact = 2;
}
}
}
Expand Down
53 changes: 31 additions & 22 deletions schema/bom-1.5.schema.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1313,6 +1313,11 @@
"Credit card information being exchanged in between the web app and the database"
]
},
"governance": {
"type": "object",
"title": "Data Governance",
"$ref": "#/definitions/dataGovernance"
},
"source": {
"type": "array",
"items": {
Expand Down Expand Up @@ -2548,28 +2553,32 @@
"governance": {
"type": "object",
"title": "Data Governance",
"description": "",
"additionalProperties": false,
"properties": {
"custodians": {
"type": "array",
"title": "Data Custodians",
"description": "Data custodians are responsible for the safe custody, transport, and storage of data.",
"items": { "$ref": "#/definitions/dataGovernanceResponsibleParty" }
},
"stewards": {
"type": "array",
"title": "Data Stewards",
"description": "Data stewards are responsible for data content, context, and associated business rules.",
"items": { "$ref": "#/definitions/dataGovernanceResponsibleParty" }
},
"owners": {
"type": "array",
"title": "Data Owners",
"description": "Data owners are concerned with risk and appropriate access to data.",
"items": { "$ref": "#/definitions/dataGovernanceResponsibleParty" }
}
}
"$ref": "#/definitions/dataGovernance"
}
}
},
"dataGovernance": {
"type": "object",
"title": "Data Governance",
"additionalProperties": false,
"properties": {
"custodians": {
"type": "array",
"title": "Data Custodians",
"description": "Data custodians are responsible for the safe custody, transport, and storage of data.",
"items": { "$ref": "#/definitions/dataGovernanceResponsibleParty" }
},
"stewards": {
"type": "array",
"title": "Data Stewards",
"description": "Data stewards are responsible for data content, context, and associated business rules.",
"items": { "$ref": "#/definitions/dataGovernanceResponsibleParty" }
},
"owners": {
"type": "array",
"title": "Data Owners",
"description": "Data owners are concerned with risk and appropriate access to data.",
"items": { "$ref": "#/definitions/dataGovernanceResponsibleParty" }
}
}
},
Expand Down
85 changes: 43 additions & 42 deletions schema/bom-1.5.xsd
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1826,6 +1826,7 @@ limitations under the License.
<xs:documentation>Specifies the data classification.</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="governance" type="bom:dataGovernance" minOccurs="0" maxOccurs="1" />
<xs:element name="source" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation>The URI, URL, or BOM-Link of the components or services the data came in from.</xs:documentation>
Expand Down Expand Up @@ -3008,48 +3009,7 @@ limitations under the License.
</xs:documentation>
</xs:annotation>
</xs:element>
<xs:element name="governance" minOccurs="0" maxOccurs="1">
<xs:complexType>
<xs:sequence>
<xs:element name="custodians" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation>
Data custodians are responsible for the safe custody, transport, and storage of data.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="custodian" type="bom:organizationOrIndividualType" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="stewards" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation>
Data stewards are responsible for data content, context, and associated business rules.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="steward" type="bom:organizationOrIndividualType" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="owners" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation>
Data owners are concerned with risk and appropriate access to data.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="owner" type="bom:organizationOrIndividualType" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="governance" type="bom:dataGovernance" minOccurs="0" maxOccurs="1" />
</xs:sequence>
<xs:attribute name="bom-ref" type="bom:refType">
<xs:annotation>
Expand All @@ -3061,6 +3021,47 @@ limitations under the License.
</xs:attribute>
</xs:complexType>

<xs:complexType name="dataGovernance">
<xs:sequence>
<xs:element name="custodians" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation>
Data custodians are responsible for the safe custody, transport, and storage of data.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="custodian" type="bom:organizationOrIndividualType" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="stewards" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation>
Data stewards are responsible for data content, context, and associated business rules.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="steward" type="bom:organizationOrIndividualType" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="owners" minOccurs="0" maxOccurs="1">
<xs:annotation>
<xs:documentation>
Data owners are concerned with risk and appropriate access to data.
</xs:documentation>
</xs:annotation>
<xs:complexType>
<xs:sequence>
<xs:element name="owner" type="bom:organizationOrIndividualType" minOccurs="0" maxOccurs="unbounded"/>
</xs:sequence>
</xs:complexType>
</xs:element>
</xs:sequence>
</xs:complexType>

<xs:complexType name="organizationOrIndividualType">
<xs:choice>
<xs:element name="organization" type="bom:organizationalEntity" minOccurs="0" maxOccurs="1" />
Expand Down
9 changes: 9 additions & 0 deletions tools/src/test/resources/1.5/valid-saasbom-1.5.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,15 @@
"description": "Traffic to/from stock service to microservice-1",
"classification": "PII",
"flow": "bi-directional",
"governance": {
"owners": [
{
"organization": {
"name": "Customer Name"
}
}
]
},
"source": [
"urn:cdx:3e671687-395b-41f5-a30f-a58921a69b79/1#stock-ticker-service"
],
Expand Down
9 changes: 9 additions & 0 deletions tools/src/test/resources/1.5/valid-saasbom-1.5.textproto
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,15 @@ services {
value: "Customer"
name: "Consumer to Stock Service",
description: "Traffic to/from consumer to service"
governance: {
owners: [
{
organization: {
name: "Customer Name"
}
}
]
},
source: "https://0.0.0.0"
destination: "https://0.0.0.0"
}
Expand Down
9 changes: 9 additions & 0 deletions tools/src/test/resources/1.5/valid-saasbom-1.5.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,15 @@
<data>
<dataflow name="Consumer to Stock Service" description="Traffic to/from consumer to service">
<classification flow="bi-directional">Customer</classification>
<governance>
<owners>
<owner>
<organization>
<name>Customer Name</name>
</organization>
</owner>
</owners>
</governance>
<source>
<url>https://0.0.0.0</url>
</source>
Expand Down