diff --git a/.vitepress/sidebars/app/tutorials.ts b/.vitepress/sidebars/app/tutorials.ts index ddcdeed..cbd7152 100644 --- a/.vitepress/sidebars/app/tutorials.ts +++ b/.vitepress/sidebars/app/tutorials.ts @@ -24,14 +24,14 @@ export const tutorialsSidebar: DefaultTheme.SidebarItem[] = [ ], }, { - text: "Automatisation", + text: "Automation", items: [ { - text: "Orchestrating Caido headless", + text: "Orchestrating Caido Headless", link: "/app/tutorials/headless_orchestration", }, { - text: "Running Caido in Github Actions", + text: "Using Caido in GitHub Actions", link: "/app/tutorials/github_action", }, ], diff --git a/src/app/tutorials/github_action.md b/src/app/tutorials/github_action.md index b12d21e..41ede52 100644 --- a/src/app/tutorials/github_action.md +++ b/src/app/tutorials/github_action.md @@ -1,5 +1,5 @@ --- -description: "Learn how to orchestrate Caido in Github Action for CICD" +description: "Learn how to orchestrate Caido in GitHub Actions for CI/CD" --- # Using Caido in GitHub Actions @@ -14,7 +14,7 @@ This tutorial will guide you through setting up and using Caido in a GitHub Acti This tutorial requires a Caido Teams plan for registration key support. -## Part 1: Creating a Registration Key +## 1. Creating a Registration Key To safely deploy Caido instances in automated environments without human intervention, you'll need to use a [Registration Key](/dashboard/concepts/registration_key). Registration keys automatically claim new instances, ensuring they're secure even when deployed in CI/CD pipelines. @@ -33,7 +33,7 @@ First, create a registration key in the [Caido Dashboard](https://dashboard.caid For detailed instructions, see our guide on [creating a registration key](/dashboard/guides/create_registration_key). -## Part 2: Creating a Personal Access Token (PAT) +## 2. Creating a Personal Access Token (PAT) To authenticate your scripts with the Caido instance, you'll need a [Personal Access Token (PAT)](/dashboard/concepts/pat). PATs allow headless authentication without requiring browser interaction. @@ -49,7 +49,7 @@ To authenticate your scripts with the Caido instance, you'll need a [Personal Ac For detailed instructions, see our guide on [creating a PAT](/dashboard/guides/create_pat). -## Part 3: Configuring GitHub Secrets +## 3. Configuring GitHub Secrets To securely store your registration key and PAT, you'll need to add them as GitHub repository secrets. This ensures they're encrypted and only accessible to your GitHub Actions workflows. @@ -72,7 +72,7 @@ To securely store your registration key and PAT, you'll need to add them as GitH Never commit secrets directly in your code or workflow files. Always use GitHub Secrets for sensitive information. ::: -## Part 4: Creating the Automation Script +## 4. Creating the Automation Script Now we'll create a script that uses the `@caido/sdk-client` to interact with your Caido instance. This script will demonstrate common CI/CD use cases like creating projects, running scans, and checking results. @@ -151,7 +151,7 @@ Add the following to your `package.json`: } ``` -## Part 5: Creating the GitHub Actions Workflow +## 5. Creating the GitHub Actions Workflow Now we'll create a GitHub Actions workflow that sets up Caido and runs your automation script. @@ -204,7 +204,7 @@ jobs: CAIDO_INSTANCE_URL: http://localhost:8080 ``` -## Part 6: Customizing for Your Use Case +## 6. Customizing for Your Use Case You can extend this setup for various security testing scenarios: diff --git a/src/app/tutorials/headless_orchestration.md b/src/app/tutorials/headless_orchestration.md index 0f9a7c1..aef5542 100644 --- a/src/app/tutorials/headless_orchestration.md +++ b/src/app/tutorials/headless_orchestration.md @@ -4,16 +4,16 @@ description: "Learn how to orchestrate headless Caido instances and automate ins # Orchestrating Caido Headless -The goal of this tutorial is to automate an headless Caido instances through scripting to ensure it is safely registred and configured without human intervention. This allows many usecases like: +The goal of this tutorial is to automate headless Caido instances through scripting to ensure they are safely registered and configured without human intervention. This allows many use cases like: - **Red boxes**: Pre-configure isolated instances for triaging/pentest/etc - **CI/CD testing**: Automatically set up instances to run particular tests on-demand - **AI agent interfaces**: Provide human-in-the-loop interfaces to AI agents -## Part 1: Creating a Registration Key and Launching the Instance +## 1. Creating a Registration Key and Launching the Instance -This is feature is available starting with Caido v0.55.3 for Teams. +This feature is available starting with Caido v0.55.3 for Teams. To safely deploy Caido instances without human intervention, you'll need to use a [Registration Key](/dashboard/concepts/registration_key). Registration keys automatically claim new instances, ensuring they're secure even when deployed in automated environments. @@ -80,7 +80,7 @@ For more information about the registration process, see our documentation on [i If you want to expose the instance to the internet, make sure to read our [tutorial](./instance_internet.md) on the subject to do so securely. ::: -## Part 2: Creating a PAT and Setting Environment Variable +## 2. Creating a PAT and Setting Environment Variable To authenticate your scripts with the Caido instance, you'll need a [Personal Access Token (PAT)](/dashboard/concepts/pat). PATs allow headless authentication without requiring browser interaction. @@ -114,7 +114,7 @@ export CAIDO_INSTANCE_URL=http://abc.remote.cai.do:9000 For more information about authentication, see our documentation on [instance authentication](/app/concepts/instance_authentication). ::: -## Part 3: Creating the Configuration Script +## 3. Creating the Configuration Script Now we'll create a script that uses the `@caido/sdk-client` to automatically configure your Caido instance. This script will: @@ -142,7 +142,7 @@ pnpm install @caido/sdk-client ::: info Not all versions of the sdk-client are compatible with the targeted Caido instances. -If you see errors, make sure update your sdk-client version. +If you see errors, make sure to update your sdk-client version. ::: ### The Configuration Script @@ -346,4 +346,4 @@ The script performs the following operations: Your instance is now configured, you can start using it directly as an operator or via further scripting. -You can also check out our tutorial on [Github Actions](./github_action.md). +You can also check out our tutorial on [GitHub Actions](./github_action.md).