open-policy-agent / setup-opa Goto Github PK
View Code? Open in Web Editor NEWSets up Open Policy Agent CLI in your GitHub Actions workflow.
License: Apache License 2.0
setup-opa's People
Contributors
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
srenatus peteroneilljr zendesk anderseknert philipaconrad humbertoc-silva pokgak simplebet nafarlee ditointernet forklift-apps richardmcsongsetup-opa's Issues
Publish to GitHub marketplace
In order to improve the visibility of this project, it would be great if we published it to the GitHub Actions marketplace.
Support downloading OPA through mirror
In airgapped situations, users will need to download the OPA binary from a mirrored location.
Rename default branch to main
While there are still some lesser used repos in the project using the name master for the default branch, we're trying to consistently use main instead, as that is also the convention for any new GitHub project. We should rename the default branch of this repo to align with that.
Issue using dynamic build and requirement on GLIBC
Hello!
I don't have a way to share this, but we are trying to use this action on our self-hosted runners, and ran into an issue with opa requiring GLIBC:
Run opa test configuration_rules/ -v
opa test configuration_rules/ -v
shell: /bin/bash -e {0}
opa: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.29' not found (required by opa)
opa: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.28' not found (required by opa)
Error: Process completed with exit code 1.
I ended up switching this action out by curl'ing the static binary and adding it to the path, but it would be nice if this action did that as well. Here's my substitution for the setup-opa task:
run: |
curl -L -o opa https://openpolicyagent.org/downloads/v0.39.0/opa_linux_amd64_static
chmod 755 opa
mkdir -p ~/.local/bin
mv opa ~/.local/bin/opa
echo "$HOME/.local/bin" >> $GITHUB_PATH
Action gives 404 when downloading opa for arm64
Starting on v0.37.0 of opa, arm64 binary has a static suffix and so this action cannot find the binary to be downloaded when following the repository's README.
$ act
[conftest/conftest] ๐ Start image=catthehacker/ubuntu:act-latest
[conftest/conftest] ๐ณ docker pull image=catthehacker/ubuntu:act-latest platform= username= forcePull=true
...
[conftest/conftest] โญ Run Main Setup OPA
[conftest/conftest] ๐ณ docker cp src=/Users/julio/.cache/act/open-policy-agent-setup-opa@v2/ dst=/var/run/act/actions/open-policy-agent-setup-opa@v2/
[conftest/conftest] ๐ณ docker exec cmd=[node /var/run/act/actions/open-policy-agent-setup-opa@v2/dist/index.js] user= workdir=
[conftest/conftest] ๐ฌ ::debug::Downloading https://github.com/open-policy-agent/opa/releases/download/v0.54.0/opa_linux_arm64
[conftest/conftest] ๐ฌ ::debug::Destination /tmp/tmpILgatL/opa_linux_arm64
[conftest/conftest] ๐ฌ ::debug::Failed to download from "https://github.com/open-policy-agent/opa/releases/download/v0.54.0/opa_linux_arm64". Code(404) Message(Not Found)
[conftest/conftest] โ ::error::Error: Unexpected HTTP response: 404
[conftest/conftest] โ Failure - Main Setup OPA
[conftest/conftest] exitcode '1': failure
[conftest/conftest] ๐ Job failed
We should update the documentation to reflect the code changes.
drop notice?
I've just noticed (haha) that core.notice (https://github.com/infracost/setup-opa/blob/master/src/index.ts#L131) causes a build annotation like this:
I think we'd better use those more sparingly, i.e. drop that line. What do you think?
Add examples of using version ranges
It currently says "see below", but there aren't any examples provided of using version ranges when fetching OPA. As these might not be familiar to people outside of the Node/NPM world, this would be a good addition to the README.
node 12 warning
Users of this action will now apparently get the following warning annotation:
We should fix whatever is needed to get rid of this... I don't know if bumping the version in .nvmrc is good enough.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.