CI: run linux-baseline with master branch of chef-os-hardening #55
Comments
@chris-rock in my eyes you can always merge, even with red CI. The question is if a particular job has impact to the overall CI result (green/red). Do I miss something? |
|
Its a semantics discussion... But I fully agree that we need cross checks. Maybe we need to request an reference implementation for every baseline change in future. Are you creating an issue for that? |
I'm not discussing, I just try to understand you view :-)
you are already commenting in the new issue :-) |
|
Oh man you're so quick! From my perspective, CI tests should be green by default, otherwise we get used to red lights and we do not even see a linting issue anymore. Another option could be to mark controls stable and experimental. You activate all experimental controls with an attribute. Controls only get into stable once they have a reference implementation. This would allow us to add more features quickly, but make sure they are not breaking anything. And experimental features could get removed if no reference implementation is available within a timeframe. Of course this process needs to be documented properly. |
See this discussion.
We should have a CI job here with master branch of chef-os-hardening
The text was updated successfully, but these errors were encountered: