Beginner Class Updates #261
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
karikarshivani
commented
Nov 26, 2024
karikarshivani
commented
Nov 26, 2024
✅ Deploy Preview for mitre-saf-training ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Copilot
AI
left a comment
Copilot
AI
left a comment
There was a problem hiding this comment.
Copilot reviewed 5 out of 9 changed files in this pull request and generated 1 suggestion.
Files not reviewed (4)
- src/courses/beginner/05.md: Evaluated as low risk
- src/courses/beginner/06.md: Evaluated as low risk
- src/courses/beginner/09.md: Evaluated as low risk
- src/courses/beginner/README.md: Evaluated as low risk
Comments skipped due to low confidence (4)
src/courses/beginner/10.md:191
- [nitpick] Rephrase to 'Copying and pasting controls from a profile instead of creating an overlay can cause important updates to be missed.' for clarity.
Copying and pasting controls from a profile, instead of creating an overlay, can lead to important updates not being reflected.
src/courses/beginner/04.md:33
- The target and target ID were truncated. They should be restored to their full values.
Target: docker://31e4ea1be052a9bcc13700
src/courses/beginner/04.md:180
- Corrected 'mutiline' to 'multiline'.
The InSpec shell understands the structure of blocks. This enables you to run multiline code. As an example, run the entire `describe` block like this which will run the entire block of code in the InSpec Shell and return the result.
src/courses/beginner/04.md:458
- Corrected 'intalled' to 'installed'.
Check that the nginx package is installed, this time on the target container.
Copilot
AI
left a comment
Copilot
AI
left a comment
There was a problem hiding this comment.
Copilot reviewed 5 out of 9 changed files in this pull request and generated 1 suggestion.
Files not reviewed (4)
- src/courses/beginner/README.md: Evaluated as low risk
- src/courses/beginner/09.md: Evaluated as low risk
- src/courses/beginner/07.md: Evaluated as low risk
- src/courses/beginner/03.md: Evaluated as low risk
Comments skipped due to low confidence (5)
src/courses/beginner/04.md:180
- The word 'mutiline' is misspelled. It should be 'multiline'.
The InSpec shell understands the structure of blocks. This enables you to run mutiline code.
src/courses/beginner/04.md:458
- The word 'intalled' is misspelled. It should be 'installed'.
Check that the nginx package is intalled, this time on the target container.
src/courses/beginner/05.md:352
- [nitpick] The link text 'Secure your Infrastructure' should be 'Secure Your Infrastructure' to match the title case used in other parts of the document.
You won't correct this issue in this module, but later you can check out the Chef [Secure your Infrastructure](https://learn.chef.io/tracks/integrated-compliance#/) tutorial course to learn more about how to correct compliance failures using Chef.
src/courses/beginner/02.md:83
- Changing 'tag' to 'desc' is incorrect. It should remain 'tag'.
desc "check", "To view the worker_processes directive value enter the
src/courses/beginner/02.md:96
- Changing 'tag' to 'desc' is incorrect. It should remain 'tag'.
desc "fix", "Edit the configuration file and set the value of
src/courses/beginner/06.md
Outdated
| @@ -105,7 +105,7 @@ control 'nginx-version' do | |||
| end | |||
| ``` | |||
|
|
|||
| For our next control we require specific modules | |||
| The next control checks whether certain NGINX modules are installed. Inputs make it easy for us to define the modules that are requiured using the `inspec.yml` file. By setting this input, it enables us to easily reference these same values in other controls, if desired. | |||
There was a problem hiding this comment.
The word 'requiured' is misspelled. It should be 'required'.
Suggested change
| The next control checks whether certain NGINX modules are installed. Inputs make it easy for us to define the modules that are requiured using the `inspec.yml` file. By setting this input, it enables us to easily reference these same values in other controls, if desired. | |
| The next control checks whether certain NGINX modules are installed. Inputs make it easy for us to define the modules that are required using the `inspec.yml` file. By setting this input, it enables us to easily reference these same values in other controls, if desired. |
Copilot is powered by AI, so mistakes are possible. Review output carefully before use.
Signed-off-by: Shivani Karikar <[email protected]>
Signed-off-by: Shivani Karikar <[email protected]>
Signed-off-by: Shivani Karikar <[email protected]>
Signed-off-by: Shivani Karikar <[email protected]>
aaronlippold
force-pushed
the
dec24-beginner
branch
from
8366bdf to
5225b71
Compare
Signed-off-by: Will <[email protected]>
Signed-off-by: Will <[email protected]>
Signed-off-by: Will <[email protected]>
wdower
approved these changes
Dec 4, 2024
Amndeep7
requested changes
Dec 4, 2024
| @@ -139,7 +129,7 @@ When this flag is passed, the control level status outcomes of the profile execu | |||
|
|
|||
There was a problem hiding this comment.
I think that the enhanced outcomes info should be in its own separate subsection. not a 'details' tab underneath the reporter flags. it should also be a little bit longer to elaborate what the difference is before/after (specifically before = pass/fail/err only whereas we likely also want to see the NA and NR separated out too). we should also say that most of our example inspec exec invocations don't use it due to the simplicity of the controls and in order to manage the length of the lines that need to be copy pasted, but in real world circumstances we'd expect folks to use this flag.
src/courses/beginner/10.md
Outdated
| If there are only a handful of controls that should be executed from an included profile, it’s not necessary to skip all the unneeded controls, or worse, copy/paste those controls bit-for-bit into your profile. | ||
|
|
||
| :::warning Keep profiles in sync! | ||
| Copying and pasting controls from a profile, instead of creating an overlay, can lead to important updates not being reflected. Overlays keep the profile changes in sync as they pull the latest updates. |
There was a problem hiding this comment.
Suggested change
| Copying and pasting controls from a profile, instead of creating an overlay, can lead to important updates not being reflected. Overlays keep the profile changes in sync as they pull the latest updates. | |
| Copying and pasting controls from a profile, instead of creating an overlay, can lead to important updates from the upstream profile not being reflected in the new one. Overlays keep the profile changes in sync as they pull the latest updates from upstream before running. |
src/courses/beginner/11.md
Outdated
| @@ -8,42 +8,56 @@ headerDepth: 3 | |||
|
|
|||
| ## From STIG to Profile | |||
|
|
|||
| You have seen in some of our examples in this class that a robust profile's controls will include a large number of metadata tags: | |||
| Recall from our initial example of an InSpec control from the beginning of this class that a real control will be tied back to an upstream piece of security guidance documentation, like a CIS Benchmark or a STIG. This alignment is done by adding tags to the control code -- the more the better. | |||
There was a problem hiding this comment.
Suggested change
| Recall from our initial example of an InSpec control from the beginning of this class that a real control will be tied back to an upstream piece of security guidance documentation, like a CIS Benchmark or a STIG. This alignment is done by adding tags to the control code -- the more the better. | |
| Recall from our initial example of an InSpec control that a real control will be tied back to an upstream piece of security guidance documentation, like a CIS Benchmark or a STIG. All the context and metadata for that guidance can be added to the control's code via InSpec specific syntax. |
Co-authored-by: Amndeep Singh Mann <[email protected]> Signed-off-by: Shivani Karikar <[email protected]>
Co-authored-by: Amndeep Singh Mann <[email protected]> Signed-off-by: wdower <[email protected]>
Co-authored-by: Amndeep Singh Mann <[email protected]> Signed-off-by: wdower <[email protected]>
Co-authored-by: Amndeep Singh Mann <[email protected]> Signed-off-by: wdower <[email protected]>
wdower
approved these changes
Dec 4, 2024
Co-authored-by: Amndeep Singh Mann <[email protected]> Signed-off-by: wdower <[email protected]>
Signed-off-by: Will <[email protected]>
wdower
approved these changes
Dec 4, 2024
Amndeep7
approved these changes
Dec 4, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.