inspec icon indicating copy to clipboard operation
inspec copied to clipboard

Published 20 hours ago verified publisher icon inspec

Enhance `inspec init profile` to pin to a released version of external resource packs

Open skpaterson opened this issue 5 years ago • 4 comments

At the cost of making a call to GitHub we could retrieve and pin to latest released resource pack versions rather than master.tar.gz during an inspec init profile. This would allow us to update supported resource pack documentation to soley use this mechanism for getting started.

Detailed Description

Running inspec init profile --platform aws my-profile results in pinning to master e.g.

depends:
  - name: inspec-aws
    url: https://github.com/inspec/inspec-aws/archive/master.tar.gz

By retrieving the latest release tag we could instead pin to that version in the inspec.yml

skpaterson avatar Jul 18 '19 09:07 skpaterson

Agreed we need this.

kmf avatar Jul 18 '19 10:07 kmf

I'm down

zenspider avatar Jul 18 '19 18:07 zenspider

Per the recent customer woes we've dealt with around this, I'm going to up the priority.

kekaichinose avatar Jul 22 '19 15:07 kekaichinose

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. We value your input and contribution. Please leave a comment if this issue still affects you.

stale[bot] avatar Dec 12 '20 21:12 stale[bot]