A Java tool, providing a command line interface, that performs common operations on Open Security Controls Assessment Language (OSCAL) and Metaschema content.
This open-source, tool offers a convenient way to manipulate OSCAL and Metaschema based content supporting the following operations:
- Converting OSCAL content between the OSCAL XML, JSON, and YAML formats.
- Validating an OSCAL resources to ensure it is well-formed and valid.
- Resolving OSCAL Profiles.
- Validating a Metaschema model definition to ensure it is well-formed and valid.
- Generating XML and JSON Schemas from a Metaschema model definition.
This work is intended to make it easier for OSCAL and Metaschema content authors to work with related content.
This tool is based on the Metaschema Java Tools and OSCAL Java Library projects.
This effort is part of the National Institute of Standards and Technology (NIST) OSCAL Program.
Thank you for interest in contributing to the Metaschema Java framework. For complete instructions on how to contribute code, please read through our CONTRIBUTING.md documentation.
This project is in the worldwide public domain. As stated in CONTRIBUTING.md.
This project can be built with Apache Maven version 3.8.4 or greater.
The following instructions can be used to clone and build this project.
- Clone the GitHub repository.
git clone --recurse-submodules https://github.com/usnistgov/oscal-cli.git
- Build the project with Maven
mvn install
- Make a directory to install oscal-cli and cd into it. The example below uses the directory
/opt/oscal-cli
. Use your preferred directory.
mkdir -p /opt/oscal-cli && cd /opt/oscal-cli
NOTE:
- Download the zipped oscal-cli Java package. Download your preferred version, but we recommend the latest stable release on the Maven Central repository. You may also download development snapshots to evaluate new features or bug fixes merged into develop before they are finalized in a published release.
wget -q https://repo1.maven.org/maven2/gov/nist/secauto/oscal/tools/oscal-cli/cli-core/1.0.1/cli-core-1.0.1-oscal-cli.zip.asc # download the release signature
wget -q https://repo1.maven.org/maven2/gov/nist/secauto/oscal/tools/oscal-cli/cli-core/1.0.1/cli-core-1.0.1-oscal-cli.zip # download the release archive
gpg --keyserver hkps://pgp.mit.edu:443 --recv-keys 6387E83B4828A504 # import or re-import the NIST OSCAL Release Engineering Key
gpg --verify cli-core-1.0.1-oscal-cli.zip.asc # verify the signature for the release with signing key
- Extract oscal-cli into the directory.
unzip cli-core-1.0.1-oscal-cli.zip
- (Recommended) Add oscal-cli's directory to your path.
# temporarily add oscal-cli to your terminal's instance path
PATH=$PATH:/opt/oscal-cli/bin
# add oscal-cli to your environment (e.g., all terminals)
export PATH=$PATH:/opt/oscal-cli/bin
NOTE: You can also add oscal-cli's directory to your path in shell profile to make oscal-cli permamently available.
Run help to make sure everything work
# if oscal-cli directory added to your path
oscal-cli --help
# if you did not add oscal-cli directory to your path
/opt/oscal-cli/bin/oscal-cli --help
Maintainer: NIST OSCAL Team - NIST Information Technology Labratory, Computer Security Division
Email us: oscal@nist.gov
Chat with us: Gitter usnistgov-OSCAL/Lobby