-
Notifications
You must be signed in to change notification settings - Fork 1
Importing, Publishing, and Managing Trust Policy Content
This page is part of the TPAT User Guide.
NOTE: This page is under active development. You probably will not find it very useful yet. 🙂
[TODO: Write intro content.]
[TODO]
The TPAT has two artifact repositories: Development and Production (screen shot).
The Development repository is private. It is for trust policy content that is still under development.
The Production repository is public. It is for trust policy content that is ready to be published.
You can toggle between them like this…
[TODO]
[TODO]
Note that at all times, Development is equal to Production PLUS whatever else you have imported but not yet published.
[TODO]
(make a diagram showing the process)
(explain / screen shot)
(explain / screen shot)
(explain / screen shot)
(explain / screen shot)
(TODO)
(explain / screen shot)
You can clear the content of a repository if you want to make changes and re-import.
You can wipe all content in both repositories.
You can also reset development to match production.
(explain / screen shot)
You can import multiple source files to the TPAT in a serial fashion, i.e., one after another.
If you do, the TPAT will do a series of sanity-checks for semantic consistency among your artifacts.
Specific errors that it checks for are…
It also checks for specific non-error conditions that could be problematic for you, and issues warnings; these conditions are…
(explain / screen shot)
You can import multiple source files at one time… (maybe we leave this undocumented for now?)
You do this by bundling them into a ZIP file.
If you do, you can (must?) include a properties file in the ZIP archive.
TBD - What advice can we provide? E.g., what should we say about the following:
- How to handle cases in which your TIPs depend on remotely hosted TIPs and/or TDs
- How to handle cases in which your TDs and/or TIPs are being used for assessments and issued trustmarks – i.e., what are the best practices for managing the contents of the prod repo over time?
Previous: Authoring Trust Policy Content with a TPAT Authoring Template
This content was developed by the Georgia Tech Research Institute under the Trustmark Initiative.