Skip to content
/ open-policy-agent-pr-approvals Public

Sample repo on how to implement automated pull request approvals using GitHub Actions, Open Policy Agent, and conftest.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Antvirf/open-policy-agent-pr-approvals

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
.github/workflows
.github/workflows
 
 
policy
policy
 
 
README.md
README.md
 
 

Repository files navigation

Open Policy Agent-based PR Approvals

See the GitHub Actions workflow file here. What this workflow does:

  1. On PR, figure out which files were added or changed
  2. Assemble the list of files, and feed them through Open Policy Agent conftest utility
  3. Post results to the PR

While the first and last steps are quite specific to GitHub, step #2 is orchestrated with bash scripts and is portable across environments. The only requirement is Docker.

Test a file in this repo against policy

The below examples use Docker to avoid needing to install anything persistent locally:

# services
docker run --rm -v $(pwd):/project openpolicyagent/conftest test --no-fail --no-color gitops-deployments/service.yaml

# deployments
docker run --rm -v $(pwd):/project openpolicyagent/conftest test --no-fail --no-color gitops-deployments/deployment.yaml

# run both, the same way as the GitHub Actions script does
echo "gitops-deployments/deployment.yaml\ngitops-deployments/service.yaml" | xargs docker run --rm -v $(pwd):/project openpolicyagent/conftest test --no-fail --no-color

About

Sample repo on how to implement automated pull request approvals using GitHub Actions, Open Policy Agent, and conftest.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages