Creating a `Patch Update`
January 5, 2024Less than 1 minute
The Patch Update
Process
A patch update involves making minor changes to a profile to fix issues or improve functionality. Here's a step-by-step guide:
- Report the Issue: Open an issue on our project, detailing the problem and providing examples. Do this on our issues page.
- Fork and Branch: Fork the repository on GitHub, then create a branch off the
tagged
patch release you're targeting for the update. - Set Up Testing Suites: In your forked branch, set up the AWS and Docker testing suites.
- Make Updates: Update the control,
inspec.yml
inputs, thresholds, etc. Don't worry about the InSpec version in theinspec.yml
- the release process handles that. - Test Your Updates Locally: Test your updates on all
vanilla
andhardened
variants of theknown bad
andknown good
states of theAWS EC2
andDocker
test targets. Also, test your controls outside perfect conditions to ensure they handle non-optimal target environments. Verify that your update considers thecontainer
,virtual machine
, and1U machine
testing context of applicability. - Lint Your Updates: Use the
bundle exec rake lint
andbundle exec rake lint:autocorrect
commands from the test suite to lint your updates. - Commit Your Updates: After testing and linting, commit your updates to your branch. Include
Fixes #ISSUE
in your commit messages to automatically close the issue when your PR is merged. - Open a PR: Open a PR on the project repository from your fork.
- Check Test Suite: Ensure the GitHub Action test suite on the project side passes. You can check this at our actions page.