Update inspec_profile.ts with Profile README rewording #3080
Conversation
|
| @@ -417,24 +417,7 @@ Latest versions and other installation options are available at [CINC Auditor](h | |||
| release of the profile, and _is not intended_ be used for formal and ongoing testing on systems. | |||
|
|
|||
| [top](#table-of-contents) | |||
| ### Tailoring to Your Environment | |||
There was a problem hiding this comment.
Please inform (convince) me that this language shouldn't be included.
There was a problem hiding this comment.
We should only expose to the user the inputs they are permitted to use when running the profile on the README. I don't want to say "don't touch the inspec.yml" any more than "don't touch the controls files". Why?
There was a problem hiding this comment.
After our conversation, please go ahead and include your language in also. Sorry for the pushback.
| @@ -469,8 +452,8 @@ For more information on developing overlays, reference the [MITRE SAF Training]( | |||
| >Inputs are variables that are referenced by control(s) in the profile that implement them. | |||
| They are declared (defined) and given a default value in the \`inspec.yml\` file. | |||
|
|
|||
| #### Update Profile Inputs | |||
| Inputs can be overridden by providing an input file or a CLI flag at execution time. | |||
| #### Using Inputs from the CLI or Local File | |||
There was a problem hiding this comment.
The title here is wrong. It implies that using a local file is not used with the CLI, which is not correct.
The CLI can use the --input or the --input-file.
There was a problem hiding this comment.
Oh, I see - How about "Using Tailored Inputs"?
| #### Update Profile Inputs | ||
| Inputs can be overridden by providing an input file or a CLI flag at execution time. | ||
| #### Using Inputs from the CLI or Local File | ||
| Your tailored inputs can be providing an input file or a CLI flag at execution time. |
There was a problem hiding this comment.
Can you explain why use "Your tailored inputs can be" vs "Inputs can be overridden by"
There was a problem hiding this comment.
How about "Your tailored inputs may be used by". The overridden term reminds too much of "waiver" or "recast", a connotation of using inputs to avoid compliance. please?
|
|
||
| InSpec provides several methods for customizing profiles behaviors at run-time that does not require | ||
| modifying the \`inspec.yml\` file itself (see [Update Profile Inputs](#update-profile-inputs)). | ||
| ### Tailoring to Your Environment *While Still Complying* with the security guidance document for which this profile is based |
There was a problem hiding this comment.
I'm not a fan of long titles, they are not supposed to explain but rater inform what is to be discussed. So I believe that the previous content is better
There was a problem hiding this comment.
I believe in being intentional rather than concise for concise-sake. "Tailoring to you environment" alone gives the initial impression "Oh goody I can tailor any way I want!"
There was a problem hiding this comment.
How about:
Tailoring to Your Environment While Still Complying with the security guidance
#olivebranch
|
This pull request has a conflict. Could you fix it @ejaronne? |
No description provided.