profile dev updates #283
Merged
profile dev updates #283
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Aaron Lippold <[email protected]>
✅ Deploy Preview for mitre-saf-training ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Signed-off-by: Aaron Lippold <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
…es, and then what is each kind of update Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
aaronlippold
commented
Dec 12, 2024
|
|
||
| 4. **Use Vendor-Managed Standard Releases:** When setting up a test suite, prioritize using vendor-managed standard releases for software installations and baseline configurations. This should be the starting point for both 'vanilla' and 'hardening' workflows. This approach ensures that your initial and ongoing testing, hardening, and validation closely mirror the real-world usage scenarios of your end-users. | ||
| <table> | ||
| <thead> |
There was a problem hiding this comment.
Why isn't this a markdown table?
There was a problem hiding this comment.
cause markdown tables can't do headers on both the top and left hand sides at the same time properly. admittedly i hoped doing the html table syntax instead would make that better, but it doesn't seem altogether that different.
Signed-off-by: Amndeep Singh Mann <[email protected]>
…aining into profile-dev-updates
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
Signed-off-by: Amndeep Singh Mann <[email protected]>
aaronlippold
commented
Dec 13, 2024
There was a problem hiding this comment.
Copilot reviewed 13 out of 28 changed files in this pull request and generated 2 comments.
Files not reviewed (15)
- src/courses/profile-dev-test/13.md: Evaluated as low risk
- src/courses/profile-dev-test/19.md: Evaluated as low risk
- src/courses/profile-dev-test/11.md: Evaluated as low risk
- src/courses/profile-dev-test/10.md: Evaluated as low risk
- src/courses/profile-dev-test/02.md: Evaluated as low risk
- src/courses/profile-dev-test/07.md: Evaluated as low risk
- src/courses/profile-dev-test/09.md: Evaluated as low risk
- src/courses/profile-dev-test/16.md: Evaluated as low risk
- src/courses/profile-dev-test/15.md: Evaluated as low risk
- src/courses/profile-dev-test/12.md: Evaluated as low risk
- src/courses/profile-dev-test/03.md: Evaluated as low risk
- src/courses/profile-dev-test/05.md: Evaluated as low risk
- src/courses/profile-dev-test/20.md: Evaluated as low risk
- src/courses/profile-dev-test/04.md: Evaluated as low risk
- src/courses/profile-dev-test/06.md: Evaluated as low risk
Comments suppressed due to low confidence (6)
src/courses/profile-dev-test/18.md:14
- The phrase 'minimizing incorrect results' should be 'minimizing false results' to maintain consistency.
minimizing incorrect results.
src/courses/profile-dev-test/08.md:4
- The word 'Secruity' is misspelled. It should be 'Security'.
title: Secruity Benchmarks vs Traditional Software
src/courses/profile-dev-test/14.md:26
- The word 'hopfully' is misspelled. It should be 'hopefully'.
hopfully finding that the actual InSpec code from the previous benchmark is very close to the needed InSpec code for the same 'requirement' in the new Benchmark.
src/courses/profile-dev-test/14.md:24
- [nitpick] The phrase 'Create a spreadsheet to track your requirement mappings during the alignment process' could be more specific. Suggest providing a concrete example or template for the spreadsheet.
Create a spreadsheet to track your requirement mappings during the alignment process.
src/courses/profile-dev-test/14.md:153
- The phrase 'This control is Not Applicable to containers' should be 'This control is not applicable to containers' to maintain consistency in capitalization.
only_if('This control is Not Applicable to containers', impact: 0.0) {
src/courses/profile-dev-test/21.md:12
- The word 'automatcally' should be 'automatically' and 'setting' should be 'settings'.
Each of the subsequent kitchen files will inherit the shared settings from this file automatlly and merge them with the setting in the child kitchen file.
| tag nist: ['SI-11 b'] | ||
| tag 'host' | ||
|
|
||
| only_if('This control is Not Applicable to containers', impact: 0.0) { |
There was a problem hiding this comment.
The phrase 'This control is Not Applicable to containers' should be 'This control is not applicable to containers' to maintain consistency in capitalization.
Suggested change
| only_if('This control is Not Applicable to containers', impact: 0.0) { | |
| only_if('This control is not applicable to containers', impact: 0.0) { |
Copilot is powered by AI, so mistakes are possible. Review output carefully before use.
| galaxy_ignore_certs: true | ||
| requirements_path: spec/ansible/roles/requirements.yml | ||
| requirements_collection_path: spec/ansible/roles/requirements.yml | ||
| ansible_extra_flags: <%= ENV['ANSIBLE_EXTRA_FLAGS'] %> |
There was a problem hiding this comment.
The variable 'ansible_extra_flags' should be enclosed in quotes to avoid potential issues with special characters.
Suggested change
| ansible_extra_flags: <%= ENV['ANSIBLE_EXTRA_FLAGS'] %> | |
| ansible_extra_flags: "<%= ENV['ANSIBLE_EXTRA_FLAGS'] %>" |
Copilot is powered by AI, so mistakes are possible. Review output carefully before use.
Signed-off-by: Will <[email protected]>
wdower
reviewed
Dec 13, 2024
| The `converge` stage uses Ansible Playbooks from the Ansible Lockdown project to apply hardening configurations, specifically the RHEL8-STIG playbook, and RedHat managed containers. | ||
| The `converge` stage applies system configurations using infrastructure as code (IaC) tools. This crucial stage transforms your environment from a base state to your desired configuration. | ||
|
|
||
| ::: info Let 'em cook |
Signed-off-by: Will <[email protected]>
wdower
approved these changes
Dec 13, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.