The InSpec Assessor Lab is a GitHub environment that makes it quick and easy for you to start learning and working on executing your own InSpec profiles.
It is also a great, quick, and easy way to test and demonstrate what you have learned or collaborate with others to get help with what you are working on.
The repository is setup to be very low overhead, we use a simple build-lab.sh
script to quickly add the tools you need to get started easily, along with two containers to act as testing targets.
- CodeSpaces Linux Base Community Image
- InSpec Omnitruk install of the latest InSpec
curl https://omnitruck.chef.io/install.sh | sudo bash -s -- -c stable -P inspec
- MITRE SAF CLI
- MITRE Heimdall Lite
- Docker Compose File which starts:
- RedHat UBI8 Container
- NGINX Web Server Container
To use the lab:
-
Make sure you've signed in to your GitHub Account
-
On the SAF Training repo, click the green 'Use this template' dropdown button and select 'Create a new repository'
-
Check to make sure your username is the owner of the new repository and enter a name for your repository. We recommend using the name
saf-training-lab-environment
for ease. Additionally, feel free to make your repository public, if it isn't already. -
Click the 'Create repository from template' button at the bottom
Note
If the button is greyed out, check to make sure you've selected your username as the owner, and named the repository.
-
Wait for your repository to open up, then click the 'Code' drop down button
-
After clicking the 'Code' button, a drop down menu should display, with a 'Local' and a 'Codespace' option. Select the 'Codespace' tab, then click the button that says 'Create codespace on main'
Note
Please make sure to read the Codespace section of this README, as GitHub has updated their policy about Codespaces.
-
A new tab in your browser should open up with your Codespace. It should open up the README.md file, with a terminal at the bottom.
-
In the terminal, run the
build-lab.sh
script:source ./build-lab.sh
Once the script finishes your terminal should display something like the following, right before your username and the path to your codespace:
Your environment should have the MITRE SAF CLI installed as
saf
, InSpec installed asinspec
, and two running docker containers tagged as 'nginx' and 'redhat8'. -
Once complete, you can verify the setup in your environment with the
test-lab.sh
script:./test-lab.sh
Which should return something like the following:
_______________________________________________________________________________________________________________ Verify the script returns the following information: * A "MITRE SAF" version number. * An "InSpec" version number. * Two running containers: - nginx - redhat _______________________________________________________________________________________________________________ Collecting verification information... * MITRE SAF Version: @mitre/saf/1.2.34 linux-x64 node-v20.8.1 * InSpec Version: 5.22.29 * Docker is running the following container(s): CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES c114494b9812 redhat/ubi8 "/bin/bash" 38 minutes ago Up 38 minutes redhat8 944568b8768c nginx:latest "/docker-entrypoint.…" 38 minutes ago Up 38 minutes 80/tcp nginx _______________________________________________________________________________________________________________ Verification complete.
Note
Previously, the SAF Training courses utilized GitHub Codespaces as a way for users to learn and work on executing InSpec profiles. GitHub has updated their policy so that Codespaces can be used for a certain amount of time before the user gets billed. If you have a free GitHub account, you're given 120 core hours per month. This means that if you use a 2-core machine, and your codespace runs for 8 hours, you've used up 16 (2 mulitplied by 8 = 16) core hours out of the 120. You can read more about it here: https://docs.github.com/en/codespaces/overview#using-github-codespaces
All of your active Codespaces can be found here: https://github.com/codespaces
From the above link, you can access all of your codespaces, and stop the codespace as well.
Docker Container Restart May be Needed
Occasionally, you may have to restart your Docker containers:
- Run:
docker ps
- If your containers are not running, then just run:
build-lab.sh
- Run:
docker ps
ortest-lab.sh
to verify that your containers are running in your environment.
Your repository is yours to command, you have full sudo
access and can install any software or services you like, run databases, web-servers, etc. and expose any ports that you might need to do your work.
https://www.digitalocean.com/community/tutorials/how-to-create-a-pull-request-on-github
Go for it and if for some reason you break your environment, just start a new one.
© 2018-2023 The MITRE Corporation.
Approved for Public Release; Distribution Unlimited. Case Number 18-3678.
MITRE hereby grants express written permission to use, reproduce, distribute, modify, and otherwise leverage this software to the extent permitted by the licensed terms provided in the LICENSE.md file included with this project.
This software was produced for the U. S. Government under Contract Number HHSM-500-2012-00008I, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General.
No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation.
For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA 22102-7539, (703) 983-6000.