search

dev-sec / ssh-baseline

DevSec SSH Baseline - InSpec Profile
https://dev-sec.io/baselines/ssh/
Apache License 2.0
283 stars 78 forks source link

Release github workflow #157

Closed micheelengronne closed 4 years ago

micheelengronne commented 4 years ago

Update inspec.yml prior to generate changelog. That way, the changelog push will do for both.

rndmh3ro commented 4 years ago

That way, the changelog push will do for both.

There is no push in that action. The changelog only gets generated, not commited or pushed. To push something, you need another task, like here: https://github.com/dev-sec/ansible-ssh-hardening/blob/master/.github/workflows/changelog.yml#L25

micheelengronne commented 4 years ago

Ok. I modified the order and there is 2 pushs now. One for the changelog and one for inspec.yml.

micheelengronne commented 4 years ago

Hum, is it better to have an atomicity (changelog + inspec.yml) or to create 2 commits (one for each) ?

rndmh3ro commented 4 years ago

Hum, is it better to have an atomicity (changelog + inspec.yml) or to create 2 commits (one for each) ?

I'm for atomicity. If the commit or push fails, we won't have one dangling commit int the repo.