requirement refs map to capability groups

2026-05-07 13:46:17 +02:00
parent 0b90004a6e
commit 5a6091fd2a
12 changed files with 331 additions and 5 deletions
--- a/src/guide_board/execution.py
+++ b/src/guide_board/execution.py
@@ -9,6 +9,7 @@ from typing import Any

 from guide_board.artifacts import build_artifact_manifest
 from guide_board.io import write_json
+from guide_board.mapping import build_mapping_records, summarize_mappings
 from guide_board.planning import build_run_plan
 from guide_board.runners import run_step
 from guide_board.schema import assert_valid
@@ -37,6 +38,8 @@ def run_assessment(
        assert_valid(finding, "finding")

    artifact_manifest = build_artifact_manifest(run_dir, run_id, evidence)
+    mapping_records = build_mapping_records(root, run_id, plan, evidence)
+    mapping_summary = summarize_mappings(mapping_records)

    assessment_package = _assessment_package(
        run_id,
@@ -44,6 +47,7 @@ def run_assessment(
        evidence,
        findings,
        artifact_manifest,
+        mapping_summary,
        created_at,
    )
    assert_valid(assessment_package, "assessment-package")
@@ -57,7 +61,15 @@ def run_assessment(
        "assessment_profile_ref": plan["assessment_profile_snapshot"]["id"],
    }

-    _write_run_directory(run_dir, run_metadata, plan, evidence, findings, assessment_package)
+    _write_run_directory(
+        run_dir,
+        run_metadata,
+        plan,
+        evidence,
+        findings,
+        mapping_records,
+        assessment_package,
+    )
    return {
        "status": run_metadata["status"],
        "run_id": run_id,
@@ -175,6 +187,7 @@ def _assessment_package(
    evidence: list[dict[str, Any]],
    findings: list[dict[str, Any]],
    artifact_manifest: list[dict[str, Any]],
+    mapping_summary: dict[str, Any],
    created_at: str,
 ) -> dict[str, Any]:
    summary = dict(Counter(item["result"] for item in evidence))
@@ -188,6 +201,7 @@ def _assessment_package(
        "extensions": plan["extension_snapshots"],
        "source_lock": plan["source_lock"],
        "summary": summary,
+        "mapping_summary": mapping_summary,
        "findings": findings,
        "evidence_refs": [item["id"] for item in evidence],
        "artifact_manifest": artifact_manifest,
@@ -203,6 +217,7 @@ def _write_run_directory(
    plan: dict[str, Any],
    evidence: list[dict[str, Any]],
    findings: list[dict[str, Any]],
+    mapping_records: list[dict[str, Any]],
    assessment_package: dict[str, Any],
 ) -> None:
    write_json(run_dir / "run.json", run_metadata)
@@ -215,7 +230,7 @@ def _write_run_directory(
    )
    write_json(run_dir / "normalized" / "evidence.json", {"evidence": evidence})
    write_json(run_dir / "normalized" / "findings.json", {"findings": findings})
-    write_json(run_dir / "normalized" / "mappings.json", {"mappings": []})
+    write_json(run_dir / "normalized" / "mappings.json", {"mappings": mapping_records})
    write_json(run_dir / "reports" / "assessment-package.json", assessment_package)
    (run_dir / "reports").mkdir(parents=True, exist_ok=True)
    (run_dir / "reports" / "report.md").write_text(
@@ -230,6 +245,7 @@ def _markdown_report(run_metadata: dict[str, Any], package: dict[str, Any]) -> s
    )
    if not summary_lines:
        summary_lines = "- no evidence produced"
+    mapping_lines = _mapping_summary_lines(package)

    return "\n".join(
        [
@@ -243,6 +259,10 @@ def _markdown_report(run_metadata: dict[str, Any], package: dict[str, Any]) -> s
            "",
            summary_lines,
            "",
+            "## Mappings",
+            "",
+            mapping_lines,
+            "",
            "## Boundary",
            "",
            package["certification_boundary"],
@@ -251,6 +271,20 @@ def _markdown_report(run_metadata: dict[str, Any], package: dict[str, Any]) -> s
    )


+def _mapping_summary_lines(package: dict[str, Any]) -> str:
+    targets = package.get("mapping_summary", {}).get("targets", [])
+    if not targets:
+        return "- no mapped evidence"
+    lines = []
+    for target in targets:
+        results = ", ".join(
+            f"{status}: {count}"
+            for status, count in sorted(target.get("results", {}).items())
+        )
+        lines.append(f"- {target['label']} ({target['target_id']}): {results}")
+    return "\n".join(lines)
+
+
 def _run_status(evidence: list[dict[str, Any]]) -> str:
    if any(item["result"] == "fail" for item in evidence):
        return "failed"