I started this blog as a repository where I could document solutions to very niche problems I’d encountered, and this problem is about as niche as it gets…
Background
A colleague suggested StrongDM Comply as a free and open-source solution for generating SOC 2 Compliance policies. It’s a handy utility designed to run on Mac and Linux, but since I work on a Windows 11 PC, I needed to explore my options.
My first thought was to use Docker, but the image I found was a few years old and would exit immediately after starting. Three other options came to mind:
- Dual boot a Linux distro
- Turn up a Linux VM
- Use the Windows Subsystem for Linux (WSL)
I only needed this for a single application, so WSL seemed to be the best solution for my [very] particular use case.
Installing WSL
Open PowerShell as an Administrator, then run:
wsl --install
Note: This will require a reboot to finalize the installation. This command requires Windows 10 version 2004 (build 19041 or higher) or Windows 11 to function.
The default subsystem is Ubuntu, but you can choose other distributions if you like. See https://learn.microsoft.com/en-us/windows/wsl/install for additional details and instructions.
Setting Up the Linux Terminal
To access your new environment, you’ll need to install Windows Terminal from the Microsoft Store. Once installed, you can use the dropdown arrow to open a new Ubuntu terminal:
You’ll be prompted to set a UNIX username and password, and then you’ll receive a welcome screen and terminal prompt. The first command you’ll run is:
sudo apt update && sudo apt upgrade
This will get you a list of Ubuntu packages that have available updates and install them for you.
Cloning the Comply Repository
The installation instructions on the GitHub page are deprecated, so we’ll do it a little differently, using Git to clone (copy down) the repository:
git clone https://github.com/strongdm/comply.git
Dependencies
There are two dependencies Comply needs to function:
- Pandoc – a universal document converter
- PdfLatex – a tool that converts LaTeX sources into PDF (required by Pandoc to generate PDFs)
To install Pandoc, we’ll use APT again:
sudo apt install pandoc
…and then verify that it installed successfully:
pandoc --version
Installing PdfLatex is a little more involved, but these are the instructions that worked for me (From Yosep Kim):
# Install the TexLive base... sudo apt-get install texlive-latex-base # Install recommended fonts to avoid possible errors... sudo apt-get install texlive-fonts-recommended sudo apt-get install texlive-fonts-extra # Install extra packages... sudo apt-get install texlive-latex-extra
Compiling The App
Now that all of the dependencies are installed, we can compile the app using Go, but first, we’ll need to install the Go package:
sudo apt install golang-go
With that done, we navigate to the “comply” directory and can compile the app using Go:
cd comply go build
Note: This needs to be run from the folder where the go.mod resides, usually /comply relative to where you ran the ‘git clone’ command above.
Running Comply
At this point, Comply (and all of its dependencies) are installed and ready to run. This consists of:
- Creating an empty directory
- Initializing a new Comply project
- Building the PDF documents
- Running the Web Server
Here’s what that looks like:
mkdir [myCompanyName] cd [myCompanyName] ../comply init ../comply build ../comply serve
You can access your newly created PDFs by opening File Explorer, expanding the Linux > Ubuntu folders, and then browsing to the sub-folder you created (e.g., Linux > Ubuntu > home > [Username] > comply > ExecutiveOutcomes > Output):
PDFs are created using the markdown (.MD) format documents, which you can modify using a text editor (e.g., nano, vi, etc.) within the Linux subsystem:
When you’ve finished updating your documentation, you can serve up a web interface using the aptly named “serve” parameter:
../comply serve
Then, browse to the index.html file:
There you have it! I think it’s a fantastic little tool (once you get it running), and would recommend it anyone looking for who needs customizable SOC2 Compliance documentation.