inspec/www/tutorial/app/responses/instructions.json

[["InSpec Introduction","<p>Welcome to the interactive InSpec demo. You will learn how to use the command line and shell and get an introduction to all aspects of the language.</p>\n\n<p>To navigate this demo, type <code>next</code> to move forward and <code>prev</code> to move back.\nUse <code>clear</code> to clear the terminal screen.</p>\n"],["InSpec Help","<p>InSpec is called via</p>\n\n<p><code>\ninspec\n</code></p>\n\n<p>Try it out!  You will see the help menu. You can also view it with:</p>\n\n<p><code>\ninspec help\n</code></p>\n"],["InSpec Help Subcommands","<p>This list of subcommands may be intimidating at first. It is easy to get help on any of these commands via <code>inspec help &lt;COMMAND&gt;</code>. Let&#39;s try it out for a few:</p>\n\n<p><code>\ninspec help version\n</code></p>\n\n<p><code>\ninspec help detect\n</code></p>\n\n<p><code>\ninspec help exec\n</code></p>\n"],["InSpec Version","<p>The easiest subcommand is <code>inspec version</code>. It tells you which version of InSpec is running.</p>\n"],["InSpec Check","<p>The most frequent use of InSpec is to execute profiles. You can find the <code>examples/profile</code> in the InSpec repository. Before executing it for the first time, let&#39;s verify if it is valid profile</p>\n\n<p><code>\ninspec check examples/profile\n</code></p>\n\n<p>This command is not only used for syntax testing and linting, but can also provide information on valid profiles including its version and control overview.</p>\n"],["InSpec Exec","<p>Let&#39;s try testing some profiles! To run the profile and test the local machine, type:</p>\n\n<p><code>\ninspec exec examples/profile\n</code></p>\n\n<p>The result is shown in the report.</p>\n"],["InSpec Exec SSH","<p>InSpec can also test your remote machines! Let&#39;s assume there is node <code>host.node</code> registered with SSH configured for user <code>bob</code> with a keyfile in the current directory (<code>bob.rsa</code>). You can run the same profile against this node via:</p>\n\n<p><code>\ninspec exec examples/profile -t ssh://bob@host.node -i bob.rsa\n</code></p>\n"],["InSpec Exec SSH (More Options)","<p>The wonderful <code>-t</code> option (or <code>--target</code>) is a shorthand for specifying all fields separately:</p>\n\n<p><code>\ninspec exec examples/profile -b ssh --host host.node --user bob -i bob.rsa\n</code></p>\n\n<p>For more options try:</p>\n\n<p><code>\ninspec help exec\n</code></p>\n"],["InSpec Exec WinRm","<p>We can also scan Windows machines. Let&#39;s assume <code>windows.node</code> is configured with WinRM access for user <code>alice</code> with a password <code>pass</code>. The command will now read:</p>\n\n<p><code>\ninspec exec examples/profile -t winrm://alice:pass@windows.node\n</code></p>\n"],["InSpec Exec WinRm SSL","<p>The previous example is not quite realistic. Most Windows nodes with WinRM are configured to use SSL. Let&#39;s assume the user also has a self-signed certificate. It would now read</p>\n\n<p><code>\ninspec exec examples/profile -t winrm://alice:pass@windows.node --ssl --self-signed\n</code></p>\n"],["InSpec Exec Docker","<p>InSpec also supports scanning containers. Let&#39;s try it with Docker and pick a container</p>\n\n<p><code>\ninspec exec examples/profile -t docker://abcdef123\n</code></p>\n"],["InSpec Detect","<p>InSpec is able to verify local and remote nodes before running tests. This is a utility command to check connections and get information on the target</p>\n\n<p><code>\ninspec detect\n</code></p>\n\n<p><code>\ninspec detect -t ssh://bob@host.node -i bob.rsa\n</code></p>\n"],["InSpec Shell Introduction","<p>Let&#39;s explore the InSpec shell. It&#39;s an integrated utility to test and debug the InSpec language. Before we start it interactively, let&#39;s try the command execution mode. It runs code and resources and prints the result.</p>\n\n<p>First, we start with the OS detection:</p>\n\n<p><code>\ninspec shell -c &#39;os.params&#39;\n</code></p>\n\n<p>Another example is to test an existing resource:</p>\n\n<p><code>\ninspec shell -c &#39;sshd_config.Protocol&#39;\n</code></p>\n"],["InSpec Shell with Remotes","<p>These commands also work with remote targets</p>\n\n<p><code>\ninspec shell -c &#39;sshd_config.Protocol&#39; -t ssh://bob@host.node -i bob.rsa\n</code></p>\n\n<p><code>\ninspec shell -c &#39;os.params&#39; -t docker://abcdef123\n</code></p>\n"],["Interactive InSpec Shell","<p>It&#39;s time to see the interactive shell! Type</p>\n\n<p><code>\ninspec shell\n</code></p>\n\n<p>You can still use <code>next</code> and <code>prev</code> to move between demos. Look at how the shell prompt looks different between the system shell and the inspec shell.</p>\n"],["InSpec Shell Help","<p>The greeting of the InSpec shell suggests to run the help command:</p>\n\n<p><code>\nhelp\n</code></p>\n\n<p>You will not only see the help menu, but also a quick summary of the machine where this is running.</p>\n"],["InSpec Shell Help Resources","<p>To get a list of all available resources, you can type:</p>\n\n<p><code>\nhelp resources\n</code></p>\n"],["InSpec Shell Help Subcommands","<p>To explore any of these resources, you can try:</p>\n\n<p><code>\nhelp file\n</code></p>\n\n<p><code>\nhelp command\n</code></p>\n\n<p><code>\nhelp os\n</code></p>\n\n<p>These 3 resources are the core trinity of all executions. All other resources reference them in some way. They lead of system interactions.</p>\n"],["InSpec Shell Commands","<p>To use any of these resources, you can call it and its arguments. Try these examples:</p>\n\n<p><code>\ncommand(&#39;uname -a&#39;).stdout\n</code></p>\n\n<p><code>\nfile(&#39;/proc/cpuinfo&#39;).owner\n</code></p>\n\n<p><code>\nsshd_config.params\n</code></p>\n"],["InSpec Shell - Describe Block","<p><code>describe</code> blocks are used to create simple checks. We will create a test that verifies a file&#39;s access permissions.</p>\n\n<p><code>\ndescribe file(&#39;/root&#39;) do\n  it { should exist }\n  its(&#39;mode&#39;) { should cmp &#39;0750&#39;}\nend\n</code></p>\n"],["Inspec Shell - Full Control","<p>Tests can be combined in controls, which offer more context. They are mainly used for policy/compliance testing:</p>\n\n<p><code>\ncontrol &quot;id&quot; do\n  title &quot;Check permissions on /root!&quot;\n  impact 0.5\n  describe file(&#39;/root&#39;) do\n    its(&#39;mode&#39;) { should cmp &#39;0750&#39;}\n  end\nend\n</code></p>\n"]]