DeployNow
...
Advanced Deployment Options
CI/CD with GitHub Actions
OPA Policy Check Action
a github action that validates the policy using opa usage example snippet this example checks policy using an open policy agent (opa) name policy validation using opa on \[ push ] jobs build runs on ubuntu latest steps \ uses actions/checkout\@latest \ name check policy using open policy agent (opa) uses opsverse/opa policy check\@0 2 0 with opaserverurl "\<opa server url>" opaserverauthtoken ${{ secrets opa server auth token }} opaserverinput '\<opa server input>' opaserverpackagename "\<opa package name>" # package name to be given using `/` as the delimiter instead of ` ` for instance package `example include` should be given as `example/include` skiptlsvalidation \<skip tls validation> # skip tls validation get the data from opa by ignoring the certificate note the following is a simple policy in the opa server include rego package example include allow = false inputs input description opaserverurl open policy agent (opa) server address (with protocol) opaserverauthtoken open policy agent (opa) auth token opaserverinput open policy agent (opa) input opaserverpackagename open policy agent (opa) package name from which the server should fetch the policy skiptlsvalidation skip tls validation get the data from opa by ignoring the certificate (default = false) examples check policy using an open policy agent (opa) you can check the policy using open policy agent (opa) name policy validation using opa on \[ push ] jobs build runs on ubuntu latest steps \ uses actions/checkout\@latest \ name check policy using open policy agent (opa) uses opsverse/opa policy check\@0 1 0 with opaserverurl "https //opa example com" opaserverauthtoken ${{ secrets opa server auth token }} opaserverinput '{"input" null}' opaserverpackagename "example/include" # package name to be given using `/` as the delimiter instead of ` ` for instance package `example include` should be given as `example/include` skiptlsvalidation true # skip tls validation get the data from opa by ignoring the certificate note the following is a simple policy in the opa server include rego package example include allow = false