Skip to content

Sets up Open Policy Agent CLI in your GitHub Actions workflow.

License

Notifications You must be signed in to change notification settings

simplebet/setup-opa

 
 

Repository files navigation

Setup OPA GitHub Action

GitHub action to configure the Open Policy Agent CLI in your GitHub Actions workflow.

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

Running tests

This GitHub Action works great to run any tests you have included with your Rego files.

Basic Usage

Here we see a simple template that checks out the repository code, installs the latest OPA, and then runs all of the Rego files in the tests directory.

name: Run OPA Tests
on: [push]
jobs:
  Run-OPA-Tests:
    runs-on: ubuntu-latest
    steps:
    - name: Check out repository code
      uses: actions/checkout@v3

    - name: Setup OPA
      uses: open-policy-agent/setup-opa@v2
      with:
        version: latest

    - name: Run OPA Tests
      run: opa test tests/*.rego -v

Choose OPA Version

When OPA is installed on the GitHub runner, you can select a the specific version of OPA you wish to run.

steps:
  - name: Setup OPA
    uses: open-policy-agent/setup-opa@v2
    with:
      version: 0.44.0

Or, OPA can be locked to a SemVer range.

steps:
  - name: Setup OPA
    uses: open-policy-agent/setup-opa@v2
    with:
      version: 0.44.x
steps:
  - name: Setup OPA
    uses: open-policy-agent/setup-opa@v2
    with:
      version: 0.44
steps:
  - name: Setup OPA
    uses: open-policy-agent/setup-opa@v2
    with:
      version: <0.44

You may also use the latest or edge version.

steps:
  - name: Setup OPA
    uses: open-policy-agent/setup-opa@v2
    with:
      version: latest
steps:
  - name: Setup OPA
    uses: open-policy-agent/setup-opa@v2
    with:
      version: edge

You can also choose to run your tests against multiple versions of OPA.

strategy:
  matrix:
    version: [latest, 0.44.x, 0.43.x]
steps:
  - name: Setup OPA
    uses: open-policy-agent/setup-opa@v2
    with:
      version: ${{ matrix.version }}

Inputs

The action supports the following inputs:

  • version: Optional, defaults to latest. latest, edge, and SemVer ranges are supported, so instead of a full version string, you can use 0.44. This enables you to automatically get the latest backward compatible changes in the v0.44 release.

Outputs

This action does not set any direct outputs.

Credits

Thanks to the folks over at Infracost who created the initial version of this repository.

Contributions

Contributions are welcome! See Contributor's Guide

Code of Conduct

👋 Be nice. See our code of conduct

About

Sets up Open Policy Agent CLI in your GitHub Actions workflow.

Resources

License

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • TypeScript 80.5%
  • JavaScript 19.5%