Creating a `Patch Update`

The Patch Update Process

A patch update involves making minor changes to a profile to fix issues or improve functionality. Here's a step-by-step guide:

1. Report the Issue: Open an issue on our project, detailing the problem and providing examples. Do this on our issues page.
2. Fork and Branch: Fork the repository on GitHub, then create a branch off the tagged patch release you're targeting for the update.
3. Set Up Testing Suites: In your forked branch, set up the AWS and Docker testing suites.
4. Make Updates: Update the control, inspec.yml inputs, thresholds, etc. Don't worry about the InSpec version in the inspec.yml - the release process handles that.
5. Test Your Updates Locally: Test your updates on all vanilla and hardened variants of the known bad and known good states of the AWS EC2 and Docker test targets. Also, test your controls outside perfect conditions to ensure they handle non-optimal target environments. Verify that your update considers the container, virtual machine, and 1U machine testing context of applicability.
6. Lint Your Updates: Use the bundle exec rake lint and bundle exec rake lint:autocorrect commands from the test suite to lint your updates.
7. Commit Your Updates: After testing and linting, commit your updates to your branch. Include Fixes #ISSUE in your commit messages to automatically close the issue when your PR is merged.
8. Open a PR: Open a PR on the project repository from your fork.
9. Check Test Suite: Ensure the GitHub Action test suite on the project side passes. You can check this at our actions page.