Skip to content
You're viewing an older version of this GitHub Action. Do you want to see the latest version instead?
lock

GitHub Action

Continuous Compliance Action

v0.5.0

Contributors Forks Stargazers Issues MIT License


Logo

Continuous Compliance GitHub Action

Github Action automatically enforce company policy on repositories using Repolinter.
Report Bug · Request Feature

Description

Continuous Compliance makes it possible to enforce company policy on repositories. Continuous Compliance will automatically check your repository for mandatory files or requirements. When possible, it will create detailed Github issue with instructions on how to resolve it.

State

At Philips we have been using this Action since mid 2022 without any problems. Head over to https://github.com/philips-labs/continuous-compliance-template to see how we organize this.
If you want to stay updated, hit the "Watch" button.

Background

Philips was looking for a way to automatically enforce certain policy in their innersource philips-internal organization. After stumbling upon Repolinter and Newrelics Action, we decided we wanted something slightly different and more versatile. We started working on a fork of Repolinter, one that introduced the ability create different GitHub issues per rule that was broken. After having this specific functionality added, we needed a way to automatically check the 5000+ repositories within our internal organization. This is when Continuous Compliance was born. We have used it for several months internally, and learned a lot by doing so. By publishing the source code, we want to share it with a broader community. We have migrated our internal Continuous Compliance, to use this open source one(have to eat your own dog food!).

Built With

(back to top)

Usage

The easiest way to use this action is to add the following into your workflow file. Additional configuration might be necessary to fit your usecase. Add the following part in your workflow file: See Continuous-Compliance-Template for a full example on how to feed repos into Continuous Compliance and how to use Git as a local database.

continuous-compliance:
  name: continuous-compliance
  runs-on: ubuntu-20.04

  steps:
    - name: Create ruleset config
      id: config
      run: |
        echo "::set-output name=ENCODED_RULESET::$(cat ./config/repolint.json | base64 -w 0)"

    - name: Perform repolinter on repositories
      uses: philips-labs/[email protected]
      with:
        ruleset: ${{steps.config.outputs.ENCODED_RULESET}} 
        gh_token: ${{steps.token.outputs.token}}
        target_repos: my-org/repo1,my-org/repo2

Inputs

parameter description required default
ruleset Base64 encoded ruleset config file or url to ruleset config file. true
gh_token Github token that has permissions to create labels, issues and has read rights to view files. true
target_repos Target Repositories (my-org/repository,my-org/repository-2) true

Configuring Rules

To configure rules, you create a ruleset for Repolinter to use. There are different types of rules and fixes you can configure. The documentation can be found in the Repolinter repository.

(back to top)

Getting Started

Get started quickly by reading the information below.

Prerequisites

Ensure you have the following installed:

  • Bash
  • Docker

Recommendations

The following IDE is recommended when working on this codebase:

Local Installation

  1. Clone the repo.

    git clone [email protected]:philips-labs/continuous-compliance-action.git
  2. Build the docker image

    docker build .
  3. Run the docker locally build docker image.

    docker run IMAGE_ID_HERE

Docker Image

Our Docker image is available at GitHub Container Registry (ghcr).

GitHub Container Registry See all available images here. Run the Docker image by doing:

docker run ghcr.io/philips-labs/continuous-compliance:0.1

The Docker image includes the repolinter project, and the scripts required to make Continuous Compliance work.

(back to top)

Contributing

If you have a suggestion that would make this project better, please fork the repository and create a pull request. You can also simply open an issue with the tag "enhancement".

  1. Fork the Project
  2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
  3. Commit your Changes (git commit -m 'Add some AmazingFeature')
  4. Push to the Branch (git push origin feature/AmazingFeature)
  5. Open a Pull Request

Please refer to the Contributing Guidelines for all the guidelines.

(back to top)

License

Distributed under the MIT License. See LICENSE for more information.

(back to top)

Contact

(back to top)

Acknowledgments

This project is inspired by:

(back to top)