Skip to content

This is a simple tool to help our developers test their apps, they can simply run docker run --rm -ti -v $(pwd):/apps ghcr.io/example-policy-org/policy-checker when in the app and it’ll test if the app passes.

License

Notifications You must be signed in to change notification settings

example-policy-org/policy-checker

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

51 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Policy checker

This is a tool that can be used locally and in CI by tooling to determine if the repository is compliant with policy.

The version of policy is determined by:

  • Kubernetes: reads the kustomization.yaml file and retrieves the commonLabels['mycompany.com/policy-version']
  • Terraform: reads the variable default_value of mycompany.com/policy-version

If theres any .tf files it'll check terraform and check kubernetes if theres a kustomization.yaml. asdasdaff

⚠️⚠️ This is not intended for general use or to be immediately reusable ⚠️⚠️

The location of the policy it retrieves is hardcoded to get from example-policy-org/policy. This was a very concious limitation to scope this to the proof of concept of the example-policy-org github org, to make this more reusable it needs to handle authenticating to retrieve the policy where it's in a private repo, be a significantly smaller image, cache the policy so it doesn't need to be retrieved on every execution and find a better story than docker to be able to execute locally for the sake of speed.

Usage

$ docker run --rm -v $(pwd):/apps ghcr.io/example-policy-org/policy-checker

About

This is a simple tool to help our developers test their apps, they can simply run docker run --rm -ti -v $(pwd):/apps ghcr.io/example-policy-org/policy-checker when in the app and it’ll test if the app passes.

Topics

Resources

License

Stars

Watchers

Forks

Packages