open-policy-agent / setup-opa Goto Github PK
View Code? Open in Web Editor NEWSets up Open Policy Agent CLI in your GitHub Actions workflow.
License: Apache License 2.0
Sets up Open Policy Agent CLI in your GitHub Actions workflow.
License: Apache License 2.0
In order to improve the visibility of this project, it would be great if we published it to the GitHub Actions marketplace.
In airgapped situations, users will need to download the OPA binary from a mirrored location.
While there are still some lesser used repos in the project using the name master
for the default branch, we're trying to consistently use main
instead, as that is also the convention for any new GitHub project. We should rename the default branch of this repo to align with that.
Hello!
I don't have a way to share this, but we are trying to use this action on our self-hosted runners, and ran into an issue with opa
requiring GLIBC:
Run opa test configuration_rules/ -v
opa test configuration_rules/ -v
shell: /bin/bash -e {0}
opa: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.29' not found (required by opa)
opa: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.28' not found (required by opa)
Error: Process completed with exit code 1.
I ended up switching this action out by curl
'ing the static binary and adding it to the path, but it would be nice if this action did that as well. Here's my substitution for the setup-opa
task:
run: |
curl -L -o opa https://openpolicyagent.org/downloads/v0.39.0/opa_linux_amd64_static
chmod 755 opa
mkdir -p ~/.local/bin
mv opa ~/.local/bin/opa
echo "$HOME/.local/bin" >> $GITHUB_PATH
Starting on v0.37.0 of opa, arm64 binary has a static
suffix and so this action cannot find the binary to be downloaded when following the repository's README.
$ act
[conftest/conftest] ๐ Start image=catthehacker/ubuntu:act-latest
[conftest/conftest] ๐ณ docker pull image=catthehacker/ubuntu:act-latest platform= username= forcePull=true
...
[conftest/conftest] โญ Run Main Setup OPA
[conftest/conftest] ๐ณ docker cp src=/Users/julio/.cache/act/open-policy-agent-setup-opa@v2/ dst=/var/run/act/actions/open-policy-agent-setup-opa@v2/
[conftest/conftest] ๐ณ docker exec cmd=[node /var/run/act/actions/open-policy-agent-setup-opa@v2/dist/index.js] user= workdir=
[conftest/conftest] ๐ฌ ::debug::Downloading https://github.com/open-policy-agent/opa/releases/download/v0.54.0/opa_linux_arm64
[conftest/conftest] ๐ฌ ::debug::Destination /tmp/tmpILgatL/opa_linux_arm64
[conftest/conftest] ๐ฌ ::debug::Failed to download from "https://github.com/open-policy-agent/opa/releases/download/v0.54.0/opa_linux_arm64". Code(404) Message(Not Found)
[conftest/conftest] โ ::error::Error: Unexpected HTTP response: 404
[conftest/conftest] โ Failure - Main Setup OPA
[conftest/conftest] exitcode '1': failure
[conftest/conftest] ๐ Job failed
We should update the documentation to reflect the code changes.
I've just noticed (haha) that core.notice
(https://github.com/infracost/setup-opa/blob/master/src/index.ts#L131) causes a build annotation like this:
I think we'd better use those more sparingly, i.e. drop that line. What do you think?
It currently says "see below", but there aren't any examples provided of using version ranges when fetching OPA. As these might not be familiar to people outside of the Node/NPM world, this would be a good addition to the README.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.