The InSpec Assessor Lab is a GitHub environment that makes it quick and easy for you to start learning and working on executing your own InSpec profiles.

It is also a great, quick, and easy way to test and demonstrate what you have learned or collaborate with others to get help with what you are working on.

The repository is setup to be very low overhead, we use a simple build-lab.sh script to quickly add the tools you need to get started easily, along with two containers to act as testing targets.

• CodeSpaces Linux Base Community Image
  • https://github.com/microsoft/vscode-dev-containers/tree/main/containers/codespaces-linux
• InSpec Omnitruk install of the latest InSpec
  • curl https://omnitruck.chef.io/install.sh | sudo bash -s -- -c stable -P inspec
• MITRE SAF CLI
  • https://saf-cli.mitre.org
• Docker Compose File which starts:
  • RedHat UBI8 Container
  • NGINX Web Server Container

To use the lab:

1. Make sure you've signed in to your GitHub Account

2. On the SAF Training repo, click the green 'Use this template' dropdown button and select 'Create a new repository'

   

   

3. Check to make sure your username is the owner of the new repository and enter a name for your repository. We recommend using the name saf-training-lab-environment for ease. Additionally, feel free to make your repository public, if it isn't already.

4. Click the 'Create repository from template' button at the bottom

   Note

   If the button is greyed out, check to make sure you've selected your username as the owner, and named the repository.

   

5. Wait for your repository to open up, then click the 'Code' drop down button

   

6. After clicking the 'Code' button, a drop down menu should display, with a 'Local' and a 'Codespace' option. Select the 'Codespace' tab, then click the button that says 'Create codespace on main'

   Note

   Please make sure to read the Codespace section of this README, as GitHub has updated their policy about Codespaces.

   

7. A new tab in your browser should open up with your Codespace. It should open up the README.md file, with a terminal at the bottom.

   

8. In the terminal, run the build-lab.sh script:

   source ./build-lab.sh

   Once the script finishes your terminal should display something like the following, right before your username and the path to your codespace:

   

   Your environment should have the MITRE SAF CLI installed as saf, InSpec installed as inspec, and two running docker containers tagged as 'nginx' and 'redhat8'.

9. Once complete, you can verify the setup in your environment with the test-lab.sh script:

   ./test-lab.sh

   Which should return something like the following:

   _______________________________________________________________________________________________________________
   
   Verify the script returns the following information:
   * A "MITRE SAF" version number.
   * An "InSpec" version number.
   * Two running containers:
     - nginx
     - redhat
   
   _______________________________________________________________________________________________________________
   
   Collecting verification information...
   
   * MITRE SAF Version: @mitre/saf/1.2.34 linux-x64 node-v20.8.1
   * InSpec Version: 5.22.29
   * Docker is running the following container(s):
   CONTAINER ID   IMAGE          COMMAND                  CREATED          STATUS          PORTS     NAMES
   c114494b9812   redhat/ubi8    "/bin/bash"              38 minutes ago   Up 38 minutes             redhat8
   944568b8768c   nginx:latest   "/docker-entrypoint.…"   38 minutes ago   Up 38 minutes   80/tcp    nginx
   
   _______________________________________________________________________________________________________________
   
   Verification complete.
   

   

Note

Previously, the SAF Training courses utilized GitHub Codespaces as a way for users to learn and work on executing InSpec profiles. GitHub has updated their policy so that Codespaces can be used for a certain amount of time before the user gets billed. If you have a free GitHub account, you're given 120 core hours per month. This means that if you use a 2-core machine, and your codespace runs for 8 hours, you've used up 16 (2 mulitplied by 8 = 16) core hours out of the 120. You can read more about it here: https://docs.github.com/en/codespaces/overview#using-github-codespaces

All of your active Codespaces can be found here: https://github.com/codespaces

From the above link, you can access all of your codespaces, and stop the codespace as well.

Docker Container Restart May be Needed

Occasionally, you may have to restart your Docker containers:

1. Run: docker ps
2. If your containers are not running, then just run: build-lab.sh
3. Run: docker ps or test-lab.sh to verify that your containers are running in your environment.

Your repository is yours to command, you have full sudo access and can install any software or services you like, run databases, web-servers, etc. and expose any ports that you might need to do your work.

https://www.digitalocean.com/community/tutorials/how-to-create-a-pull-request-on-github

Go for it and if for some reason you break your environment, just start a new one.

© 2018-2023 The MITRE Corporation.

Approved for Public Release; Distribution Unlimited. Case Number 18-3678.

MITRE hereby grants express written permission to use, reproduce, distribute, modify, and otherwise leverage this software to the extent permitted by the licensed terms provided in the LICENSE.md file included with this project.

This software was produced for the U. S. Government under Contract Number HHSM-500-2012-00008I, and is subject to Federal Acquisition Regulation Clause 52.227-14, Rights in Data-General.

No other use other than that granted to the U. S. Government, or to those acting on behalf of the U. S. Government under that Clause is authorized without the express written permission of The MITRE Corporation.

For further information, please contact The MITRE Corporation, Contracts Management Office, 7515 Colshire Drive, McLean, VA 22102-7539, (703) 983-6000.