-
Notifications
You must be signed in to change notification settings - Fork 136
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Install Security Policy App: Allstar #170
Comments
Thanks! Just to reiterate: as of right now these policies should be passing on envoy repos, so there shouldn't be any noise. It will alert on changes. |
This seems reasonable to me. @snowp? |
friendly ping @snowp? |
Already talked to @htuch on Slack about this, I'm in favor of this |
Awesome, sorry about that! @jeffmendoza and I can make a PR for the configuration YAML |
I've installed the app, please update when it's functional at your end :) |
I'd like to install Allstar https://github.com/ossf/allstar https://github.com/apps/allstar-app on this repo as a trail for eventually enabling on all envoyproxy org repos.
Allstar checks repos for violations against configured security policies, and takes actions when out of compliance:
Policies:
Actions:
Which policies to enable and which action to take are configured via config files in either an org-level repo named
.allstar
or files in the individual repo. This lets org owners control the main repo to manage settings.I'll work with the org-owners to get it installed and configured with settings appropriate for the Envoy community.
cc @lizan @htuch @mattklein123
The text was updated successfully, but these errors were encountered: