Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Post dec24 updates - phase 2 #285

Open
wants to merge 39 commits into
base: main
Choose a base branch
from
Open

Post dec24 updates - phase 2 #285

wants to merge 39 commits into from

Conversation

aaronlippold
Copy link
Member

@aaronlippold aaronlippold commented Dec 9, 2024

Landing Page

  • Let's work out how to make the landing page more our own

Animated GIFs [hold for discussion]

USER

  • Fixed the link to RHEL 8 baseline on Section 5.3.1 to point to mitre baseline vs CMSGov.
  • Added enhanced-outcomes to first full inspec exec example.
    • Let's add --enhanced-outcomes as a standard part of all our inspec exec commands <-remaining references need to be re-run (cannot change command without generating the updated output). Fixed 8.2/8.3
  • (todo) Fix and update grammar throughout section 6.
  • (todo) Remove unneeded quotes from section 7.3 yml example
  • (todo) fix the nignx hardening instructions to clarify the the cd nginx hardening - the hardening script does this for us so let's make it less confusing.
  • (todo) update section 12.5 to:
    • split out the command to a seperate command ( saf attest create .... )
    • add the -i flag to provide the hardened HDF results file so they can 'search' for the example control
  • (todo) Update section 12.6 to bold or make the command more clear to the student
    ^ unclear what this is referencing
  • (todo) add a note / issue on the saf cli attest create to do data validation on user input so that we ensure data they enter can be processed by the saf attest apply command. #3214
  • Update the SAF CLI README to use the term OHDF vs HDF
  • Review all the SAF project documnetation to ensure we use OHDF and not HDF
  • User 06
    • Change ./lab-setup.sh to ./build-lab.sh
    • Consider adding --enhanced-outcomes flag
    • In the 'Want to give it a try?' section, maybe we can add a note about how all the metadata doesn't come through in the cli output but we will see its value in Heimdall
  • 6.3 - remove Chef license acceptance (moved to Cinc)
  • 8.2 - add enhanced outcomes
  • add flag to apply attestation to --skip-failures

BEGINNER

  • update the tree nginx command in section 2 to not have a weird profile subdir in it
  • beginner 03 Change the lab env my_nginx folder name to my_nginx_answer_key to allow the init command to run
  • an explanation of when overlays are actually necessary (organizational + deployment) and explanation of the process that you usually wanna try to avoid using them in the first place if you can make your og profile smart enough to handle all that stuff via inputs file and other env checks (like inspec's built in "am i in a container" one)

GUIDANCE

  • Guidance 2.1.1 A resource recommendation by a student: https://ncp.nist.gov/repository
  • Guidance 03
    • Maybe the chart in 3.3 can be replaced with a mermaid chart to standardize the content (also make it more readable) <- will make new chart when charts.mitre.org stops being down - Pat
    • FYI there is a mis spelling in 3.1, line 2 "creating". TY
  • 8.3.1 "do not use words such as"... the double quotes for should/shall/etc get a little messed

ADVANCED

  • go through and ensure that all classes consistently number/don't number the headers
  • rename master branch to main branch in the git example in advanced
  • make sure that by the end of the beginner class, the students have a copy of the inputs file that is the same name as the one that is expected in advanced (inputs-linux.yml)
  • fix typo 'to to' in pg 9, 'the first step'
  • Update section 10 and 9 to use multi-line commands for readability - example commit
  • update the Docker Compose example to use the compose file for the nginx and rhel containers for simplicity's sake
  • Change redhat8 running container list output to redhat9 rhel8 --> rhel9 #298
  • 03 inputs-linux.yml seems to be the name mentioned in the Review section under The Controls, however the exec command uses inputs.yml as the name rhel8 --> rhel9 #298
  • New sensitive profile section - working sensitive profile, describe blocks, inputs and command resource redacting examples
  • Clean up the git test example + its resources in the lab so that all names are consistent, there's no weird artifacts also tarred, etc.

DELTA

  • Break each workflow into a section and then have a full walkthrough for that section so that students can 'self serve' like the other courses. @DMedina6
  • Add animated gifs showing each of the functions running - even if its a bit of a mock so users have a 'warm fuzzy' and 'ohh ahh` feeling [see links above]
  • explain inspec json
  • Use full flag names in examples instead of single character
  • put delta examples into training lab env so students can run the commands themselves via copy/paste
  • Add screencaps and more descriptive commands

Profile Development and Maintenance

  • ...

RESOURCES & ASSETS

  • It seems like it's possible to put assets in-line with your markdown (i.e. we have mostly been putting it in src/assets) or in a statically accessible / public place (.vuepress/public). Let's move everything to the former location other than what we absolutely need to have publicly available like the favicon: https://vuepress.vuejs.org/guide/assets.html#relative-urls
    ^ I don't see anything in .vuepress/public that would need to be moved to src/assets - Pat
  • Resources 02 Add a note that Copy the main only is optional to check
  • SAF validation lifecycle graphic - Validate has InSpec instead of Inspec
    • fix on website
  • Issue with loading vendor STIG guide from assets in resources page

Joyce's comments

User:

p-oneil and others added 27 commits December 2, 2024 12:50
Signed-off-by: Shivani Karikar <[email protected]>
Signed-off-by: Shivani Karikar <[email protected]>
Signed-off-by: Shivani Karikar <[email protected]>
Copy link

netlify bot commented Dec 9, 2024

Deploy Preview for mitre-saf-training ready!

Name Link
🔨 Latest commit 5cb9cba
🔍 Latest deploy log https://app.netlify.com/sites/mitre-saf-training/deploys/675684962c01e5000873b3f9
😎 Deploy Preview https://deploy-preview-285--mitre-saf-training.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
Lighthouse
Lighthouse
1 paths audited
Performance: 89 (🟢 up 15 from production)
Accessibility: 97 (no change from production)
Best Practices: 92 (no change from production)
SEO: 100 (no change from production)
PWA: -
View the detailed breakdown and full score reports

To edit notification comments on pull requests, go to your Netlify site configuration.

Copy link

netlify bot commented Dec 9, 2024

Deploy Preview for mitre-saf-training ready!

Name Link
🔨 Latest commit 21303f6
🔍 Latest deploy log https://app.netlify.com/sites/mitre-saf-training/deploys/675c27bc71097b0008bca6f2
😎 Deploy Preview https://deploy-preview-285--mitre-saf-training.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
Lighthouse
Lighthouse
1 paths audited
Performance: 72 (🔴 down 8 from production)
Accessibility: 97 (no change from production)
Best Practices: 92 (no change from production)
SEO: 100 (no change from production)
PWA: -
View the detailed breakdown and full score reports

To edit notification comments on pull requests, go to your Netlify site configuration.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot wasn't able to review any files in this pull request.

@aaronlippold
Copy link
Member Author

@p-oneil and team, how are we doing at knocking down this list?
@Amndeep7
@wdower
@karikarshivani

@aaronlippold
Copy link
Member Author

We also seem to have some merge conflicts.

@p-oneil
Copy link
Contributor

p-oneil commented Dec 16, 2024

@p-oneil and team, how are we doing at knocking down this list? @Amndeep7 @wdower @karikarshivani

@aaronlippold Let's discuss as a go-back at standup - have some quick questions about how to resolve a few.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants