Success with DevOps can be measured with a number of different metrics. How frequently are systems audited for compliance to various policies? How long does it take to remediate a failing control or vulnerability? This workshop provide an introduction to practice of continuous compliance and remediation. The workshop uses InSpec and Chef for compliance and remediation, respectively. InSpec is an open-source testing framework for infrastructure with a human-readable language for specifying compliance, security and other policy requirements. Chef is an open-source framework for infrastructure automation. Easily integrate automated tests that check for adherence to policy into any stage of your deployment pipeline.

During this session, participants will:

• Run InSpec locally on a machine
• Run InSpec on a remote machine
• Use InSpec in the Chef cookbook development process for integration testing

By the end of this class participants will be able to:

• Execute an InSpec test on a local machine
• Execute an InSpec test on a remote machine
• Generate an InSpec profile
• Add InSpec-based integration test to a Chef cookbook
• Run InSpec-based integrations tests during Chef cookbook development

Prerequisites

Participants should bring a wifi-enabled laptop to the workshop. Participants will be given a remote workstation with all prerequisites installed. The only thing required to access these workstations will be an SSH client (PuTTY on Windows) and familiarity with a interactive text editor (Vi/Vim, Emacs, or Nano).

It’s best that participants of this workshop have some familiarity and comfort with the following:

• Writing code (of just about any flavor) in a text editor
• Working on the command line
• Basic system administration – installing packages, configuring those packages, starting service