From 56598dc604dd85fe2877b762adc9f8756452e9f5 Mon Sep 17 00:00:00 2001
From: Damien Burks <damien.burks@citi.com>
Date: Sun, 8 Dec 2024 17:13:42 -0600
Subject: [PATCH] fixing issues with inaccurate git log reporting

---
 delivery-tooling/update-metadata.go   |  19 ++--
 services/storage/object/metadata.yaml | 137 ++++++++++++--------------
 2 files changed, 72 insertions(+), 84 deletions(-)

diff --git a/delivery-tooling/update-metadata.go b/delivery-tooling/update-metadata.go
index 3be014c7..943baaa0 100644
--- a/delivery-tooling/update-metadata.go
+++ b/delivery-tooling/update-metadata.go
@@ -16,8 +16,8 @@ import (
 )
 
 var (
-	MetadataFilepath   string
 	BuildDirectoryPath string
+	MetadataFilePath   string
 
 	// baseCmd represents the base command when called without any subcommands
 	updateMetadataCmd = &cobra.Command{
@@ -37,14 +37,14 @@ var (
 			servicesDir := viper.GetString("services-dir")
 			buildTarget := viper.GetString("build-target")
 
-			buildDirectoryPath := filepath.Join(servicesDir, buildTarget)
-			MetadataFilepath = filepath.Join(buildDirectoryPath, "metadata.yaml")
+			BuildDirectoryPath = filepath.Join(servicesDir, buildTarget)
+			MetadataFilePath = filepath.Join(BuildDirectoryPath, "metadata.yaml")
 
 			err := updateMetadata()
 			if err != nil {
 				fmt.Println(err)
 			} else {
-				fmt.Printf("Metadata has been updated successfully: %s\n", MetadataFilepath)
+				fmt.Printf("Metadata has been updated successfully: %s\n", MetadataFilePath)
 			}
 		},
 	}
@@ -70,12 +70,11 @@ func updateMetadata() (err error) {
 	// Create a new GitHub client
 	client := github.NewClient(tc)
 
-	// Prepare the options to filter commits by the specified path (directory)
+	// Fetch the list of commits from the repository
+	cleanedPath := strings.Replace(filepath.ToSlash(BuildDirectoryPath), "../", "", 1)
 	opts := &github.CommitsListOptions{
-		Path: BuildDirectoryPath,
+		Path: cleanedPath,
 	}
-
-	// Fetch the list of commits from the repository
 	commits, _, err := client.Repositories.ListCommits(ctx, repoOwner, repoName, opts)
 	if err != nil {
 		log.Fatalf("Error fetching commits: %v", err)
@@ -137,7 +136,7 @@ func updateMetadata() (err error) {
 		log.Fatalf("Error marshaling YAML: %v", err)
 	}
 
-	err = os.WriteFile(MetadataFilepath, metadataData, os.FileMode(0666))
+	err = os.WriteFile(MetadataFilePath, metadataData, os.FileMode(0666))
 	if err != nil {
 		log.Fatalf("Error writing to the YAML file: %v", err)
 	}
@@ -148,7 +147,7 @@ func updateMetadata() (err error) {
 
 func getMetadataYaml() Metadata {
 	// Read the YAML file
-	yamlFile, err := os.ReadFile(MetadataFilepath)
+	yamlFile, err := os.ReadFile(MetadataFilePath)
 	if err != nil {
 		log.Fatalf("Error reading YAML file: %v", err)
 	}
diff --git a/services/storage/object/metadata.yaml b/services/storage/object/metadata.yaml
index 6c5defa6..e061a470 100644
--- a/services/storage/object/metadata.yaml
+++ b/services/storage/object/metadata.yaml
@@ -1,80 +1,69 @@
 title: Object Storage
 id: CCC.ObjStor
 description: |
-  Object storage is a data storage architecture that manages data as objects,
-  rather than as files or blocks. Each object contains the data itself,
-  metadata, and a unique identifier, making it ideal for storing large amounts
-  of unstructured data such as multimedia files, backups, and archives. It is
-  highly scalable and often used in cloud environments due to its flexibility
-  and accessibility.
+    Object storage is a data storage architecture that manages data as objects,
+    rather than as files or blocks. Each object contains the data itself,
+    metadata, and a unique identifier, making it ideal for storing large amounts
+    of unstructured data such as multimedia files, backups, and archives. It is
+    highly scalable and often used in cloud environments due to its flexibility
+    and accessibility.
 release_details:
-  - version: "2025.01"
-    assurance_level: None
-    threat_model_url: None
-    threat_model_author: None
-    red_team: None
-    red_team_exercise_url: None
-    release_manager:
-      name: Damien Burks
-      github_id: damienjburks
-      company: Citi
-      summary: Initial Release - Object Storage
-    change_log:
-      - Formatting changes for VPC and Object Storage (#578)
-      - Add in fixes to VPC test requirements (#580)
-      - corrected location of cmb docs (#576)
-      - Polished ObjStor Test Requirements (#577)
-      - Polished VPC test requirements (#579)
-      - Revise common TRs (#575)
-      - Rephrase control test requirements (#522)
-      - Creation of initial RDMS controls.yaml file (#573)
-      - Updating testing requirements for VPC (#523)
-      - Add in fixes to control definitions (#570)
-      - db backup restore threat (#565)
-      - Fixing Broken Link for Link Checker (#569)
-      - Try to ignore .github from link checker (#568)
-      - Exlude .github folder from link checker (#567)
-      - Create threats.yaml for devtools/build (#546)
-      - Created controls.yaml for Container Registry (#525)
-      - Detailed secret management features (#519)
-      - Fixing YAML Checker (#563)
-      - updated RDMS feature set (#561)
-      - Create threats.yaml for batchproc (#547)
-      - Disallow PRs to be merged with broken links (#560)
-      - "#534: Add yaml linter (#543)"
-      - Update common-controls.yaml to add key management policy (#550)
-      - Correct prompt for common controls, update controls schema, fix broken links. (#499)
-      - Change GitHub Actions trigger from pull_request to pull_request_target (#551)
-      - Created/Updated controls.yaml for AppIntegration/Message (#507)
-      - New threats.yaml for AppIntegration/Message (#489)
-      - Adding db-user authN threat (#521)
-      - New controls.yaml for Compute/Serverless (#483)
-      - New threats.yaml for Compute/Serverless (#484)
-    contributors:
-      - name: Sonali Mendis
-        github_id: smendis-scottlogic
-        company: Scott Logic
-      - name: Michael Lysaght
-        github_id: mlysaght2017
-        company: Citi
-      - name: Eddie Knight
-        github_id: eddie-knight
-        company: Sonatype
-      - name: Ian Walker-Smith
-        github_id: ianwalkersmithciticom
-        company: Citi
-      - name: Damien Burks
+    - version: "2025.01"
+      assurance_level: None
+      threat_model_url: None
+      threat_model_author: None
+      red_team: None
+      red_team_exercise_url: None
+      release_manager:
+        name: Damien Burks
         github_id: damienjburks
         company: Citi
-      - name: sshiells-scottlogic
-        github_id: sshiells-scottlogic
-        company: Scott Logic
-      - name: kazmik23
-        github_id: kazmik23
-        company: Google
-      - name: Dave Ogle
-        github_id: dogle-scottlogic
-        company: Scott Logic
-      - name: Juan Estrella
-        github_id: TheJuanAndOnly99
-        company: FINOS
+        summary: Initial Release - Object Storage
+      change_log:
+        - Formatting changes for VPC and Object Storage (#578)
+        - Polished ObjStor Test Requirements (#577)
+        - Add in fixes to control definitions (#570)
+        - '#534: Add yaml linter (#543)'
+        - Add in updates to soft and hard delete bucket controls (#528)
+        - October Release Candidate - Object Storage (#445)
+        - Add in fixes to object storage threats, controls, features (#436)
+        - Typofix on control IDs (#432)
+        - Object storage final polish (#419)
+        - Adding Contributors key to metadata schema (#409)
+        - Object Storage Controls Revision (#394)
+        - GenAI taxonomy (#393)
+        - Updates to the structure of the metadata yaml (#383)
+        - Schema updates (#377)
+        - Handling common entries for features, threats, & controls (#327)
+        - Convert Object Storage development files from MD to YAML (#325)
+        - Add in new object storage controls on encryption for impact and replication to untrusted destinations (#305)
+        - Convert existing taxonomies to the new yaml format (#319)
+        - Fix broken links (#317)
+        - Added CCC.OS.C6 Control (#298)Looks good
+        - Extend Object Storage Controls (#263)
+        - Creation of Global Markdown Formatting and Linting GitHub Actions (#223)
+        - Draft Proposal for Threat Catalog and Control Catalog Taxonomy  (#153)
+        - Signed URLs added
+        - addressed review comments by @rgriffiths-scottlogic
+        - address review comments by stevie from scott logic and further improvements
+        - updates
+        - initial version of the object store taxonomy
+      contributors:
+        - name: Sonali Mendis
+          github_id: smendis-scottlogic
+          company: Scott Logic
+        - name: Eddie Knight
+          github_id: eddie-knight
+          company: Sonatype
+        - name: Michael Lysaght
+          github_id: mlysaght2017
+          company: Citi
+        - name: Dave Ogle
+          github_id: dogle-scottlogic
+          company: Scott Logic
+        - name: Damien Burks
+          github_id: damienjburks
+          company: Citi
+        - name: Naseer Mohammad
+          github_id: nas-hub
+          company: Google