Goes with #27 somewhat.
When the workflow is updated, particularly in the distant future when we've all moved on from the present incident response, we'll want to be confident that updates to reusable-zizmor don't break things, since any breakage will straight away become blockers for the rest of the organisation.
We'll run the Zizmor workflow on ourselves, but we may want to be a bit more comprehensive with an integration test to make sure we catch failures etc.
(And/or we could run that upstream in shared-workflows)
Goes with #27 somewhat.
When the workflow is updated, particularly in the distant future when we've all moved on from the present incident response, we'll want to be confident that updates to
reusable-zizmordon't break things, since any breakage will straight away become blockers for the rest of the organisation.We'll run the Zizmor workflow on ourselves, but we may want to be a bit more comprehensive with an integration test to make sure we catch failures etc.
(And/or we could run that upstream in
shared-workflows)