CloudSecurityAlliance · rajkrishnamurthy · Aug 5, 2022
diff --git a/data/metrics-catalog.template b/data/metrics-catalog.template
@@ -0,0 +1,203 @@
+<html>
+  <head>
+    <link rel="preconnect" href="https://fonts.googleapis.com">
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin="true">
+    <link href="https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&amp;display=swap" rel="stylesheet">
+    <style>
+            body {
+              font-family: "Montserrat", sans-serif;
+              width: 1250px;
+              margin-left: auto;
+              margin-right: auto;
+            }
+            .metric {
+              display: grid;
+              grid-template-columns: 25% auto;
+              gap: 5px;
+              background: #eee;
+              padding: 10px;
+              border-radius: 5px;
+            }
+            .metric .key {
+              font-weight: bold;
+              padding: 12px;
+              color: white;
+            }
+            .metric .value {
+              padding: 12px;
+              background: white;
+            }
+
+            .green {
+              background: #3ba573;
+              border-left: solid 14px #29895c;
+            }
+            .orange {
+              background: #ff9b1a;
+              border-left: solid 14px #fa8526;
+            }
+            .blue {
+              background: #0372c7;
+              border-left: solid 14px #00549e;
+            }
+            code {
+              color: #700;
+              font-size: 125%;
+            }
+            .collapsible {
+              border-radius: 5px 5px 0 0;
+              margin-top: 1em;
+              background-color: #eee;
+              font-weight: bold;
+              color: black;
+              cursor: pointer;
+              padding: 1em;
+              width: 100%;
+              border: none;
+              text-align: left;
+              outline: none;
+              font-size: 125%;
+            }
+            .active, .collapsible:hover {
+              background-color: #aaa;
+            }
+            .collapsible:after {
+              content: "\002B";
+              color: black;
+              font-weight: bold;
+              float: right;
+              margin-left: 5px;
+            }
+            .active:after {
+              content: "\2212";
+            }
+            .content {
+              padding: 0 18px;
+              max-height: 0;
+              overflow: hidden;
+              transition: max-height 0.2s ease-out;
+              background-color: #f7f7f7;
+              border-radius: 0 0 5px 5px;
+            }
+            @media print {
+              .content {
+                max-height: none;
+              }
+            }
+    </style>
+    <script>
+            window.addEventListener("load", (event) => {
+              const coll = document.querySelectorAll(".collapsible");
+              coll.forEach(function(item) {
+                item.addEventListener("click", function() {
+                  this.classList.toggle("active");
+                  let content = this.nextElementSibling;
+                  if (content.style.maxHeight){
+                    content.style.maxHeight = null;
+                  } else {
+                    content.style.maxHeight = content.scrollHeight + "px";
+                  } 
+                });
+              });
+            });
+    </script>
+  </head>
+  <body>
+    <h1><%=@name%>, <%=@version%></h1>
+    <p>Generated on <%=@processDTM%></p>
+    <div>
+    <p>This document has been automatically generated from the YAML source file at <a href=<%= @YAMLMetricsSource %>> <%= @YAMLMetricsSource %> </a></p>
+
+    <p>To make changes to the catalog, please <a href="https://github.com/cloudsecurityalliance/continuous-audit-metrics/edit/main/data/primary-dataset.yml">make changes</a> to the YAML file or <a href="https://github.com/cloudsecurityalliance/continuous-audit-metrics/issues">create an issue</a> on github describing your requested changes.</p>
+
+    <p><strong>The content of this repository, including this file, is <%= @copyright %></strong>. See the LICENSE file for details.</p>
+
+    <h2>Acknowledgments</h2>
+
+    <h3>Authors:</h3>
+    <ul>
+    <li>Jonathan Lewis Christopherson </li>
+    <li>Willy Fabritius</li>
+    <li>Raj Krishnamurthy</li>
+    <li>Daniele Catteddu</li>
+    <li>Kevin Murphy </li>
+    <li>Alain Pannetrat </li>
+    <li>Chris Pedigo </li>
+    <li>Mosi Platt</li>
+    <li>Max Pritikin (co-chair) </li>
+    <li>Anthony Scarfe </li>
+    <li>Carlos Victoria</li>
+    </ul>
+
+    <h3>Contributors:</h3>
+
+    <ul>
+    <li>Christian Banse </li>
+    <li>Michael Bently </li>
+    <li>James Condon </li>
+    <li>John DiMaria </li>
+    <li>Tinsae Erkailo </li>
+    <li>Alexandre Higuchi </li>
+    <li>Michaela Iorga </li>
+    <li>Amanda King </li>
+    <li>Julien Mauvieux </li>
+    <li>Brian Milbier</li>
+    <li>Dili Origbo</li>
+    <li>Judy Owen </li>
+    <li>Massimiliano Rak </li>
+    <li>Louis Seefried </li>
+    <li>Jonathan Villa</li>
+    </ul>
+
+    <h2>Context</h2>
+
+    <p>The Cloud Security Alliance (CSA) has launched an initiative to create a <a href=<%= @url %>>continuous assessment framework for cloud security</a>. As part of that work, CSA is building a <strong>Continuous Audit Metrics Catalog</strong> for the cloud to help organizations assess the security of information systems on a near-continuous basis. </p>
+
+    <p>For a detailed description of the context, purpose and terminology used in this work, we refer the reader to sections 1, 2 and 3 of <a href=<%= @url %>>version 1.0 of the continuous audit metrics catalog</a>.</p>
+    </div>
+    <div>
+      <h3>Table of contents</h3>
+      <% @metrics.each do |metric| %>
+      <% metricid = metric['id'] %>
+        <ul><li><a href="#metric-<%=metricid%>">Metric <%=metricid%></a></li></ul>
+      <% end %>
+    </div>
+    <% @metrics.each do |metric| %>
+      <% metricid = metric['id'] %>
+      <% controlid = metric['primaryControlId'] %>
+      <h2 id="metric-<%=metricid%>" Metric <%=metricid%></h2>
+      <div class="metric">
+        <div class="key green">Primary CCMv4 Control ID</div>
+        <div class="value"><%=controlid%></div>  
+        <div class="key green">Primary Control Description</div>
+        <div class="value"><%=@ccmreferencehash[controlid]['title']%></div>
+        <div class="key green">Related CCMv4 Control IDs</div>
+        <div class="value"><%=@relatedids[metricid]%></div>
+        <div class="key orange">Metric ID</div>
+        <div class="value"><strong><%=metricid%></strong></div>
+        <div class="key orange">Metric Description</div>
+        <div class="value"><%=metric['metricDescription']%></div>
+        <div class="key orange">Expression</div>
+        <div class="value">
+          <div>Formula: <code><%=metric['expression']['formula']%></code></div>
+          <p>Where: 
+            <ul>
+              <% metric['expression']['parameters'].each do |parameter| %>  
+              <li>
+                <code><%=parameter['name']%></code>: <%=parameter['description']%>
+                <ul><li>ID: <%=parameter['id']%></li></ul>
+              </li>
+              <% end %>
+            </ul>
+          </p>
+        </div>  
+        <div class="key orange">Rules</div>
+        <div class="value"><%=@metricsrulesinhtml[metricid]%></div>
+
+
+
+
+      </div>
+    <% end %>
+  </body>
+</html>