... | ... | @@ -1943,6 +1943,17 @@ So, in short, it seems people are converging towards r10k with a |
|
|
web hook. To validate git repositories, they mirror the repositories
|
|
|
to a private git host.
|
|
|
|
|
|
After writing this document, anarcat decided to try a setup with a
|
|
|
"control-repo" and `g10k`, because the latter can cryptographically
|
|
|
verify third-party repositories, either through a git hash or tarball
|
|
|
checksum. There's still only a single environment (I haven't
|
|
|
implemented the "create an environment on a new branch" hook). And it
|
|
|
often means two checkins when we work on shared modules, but that can
|
|
|
be alleviated by skipping the cryptographic check and trusting
|
|
|
transport by having the Puppetfile chase a branch name instead of a
|
|
|
checksum, during development. In production, of course, a checksum can
|
|
|
then be pinned again, but that is the biggest flaw in that workflow.
|
|
|
|
|
|
### Other alternatives
|
|
|
|
|
|
* [josh](https://github.com/josh-project/josh): "Combine the advantages of a monorepo with those of
|
... | ... | |