Closed nuclearsandwich closed 2 years ago
nuclearsandwich
commented
2 years ago The yamllint check appears to be going through some strife upstream at the moment. I'm content to ignore it for a little until it settles down. I'm more perturbed by the Jenkins agent failure which looks like it could be a configuration race with authentication. I'll investigate that for sure.
nuclearsandwich
commented
2 years ago I can also reproduce the jenkins cookbook CI failure on latest. So I'm going to make a case that we override the failed check and merge this since the recipe that we primarily changed is passing.
That being said, I did move some stuff around in the jenkins recipe so it's possible that I've introduced a regression hiding behind the current failure but I'm willing to assume that risk and address it in a follow-up PR after I've fixed the current issue on another branch.
Like the Jenkins host, the repo host may also be publicly exposed. Apt repositories don't require https for repository integrity since that's achieved through GPG key signing repository metadata.
However other resources on the repository host may benefit from having a secure transport mechanism. Including the secure distribution of the public key information used for the apt security process or other artifacts hosted on the repository server.