From cbfd927751516dccc2f23d2cff637e3c1fc00668 Mon Sep 17 00:00:00 2001 From: Peter Macdonald Date: Tue, 21 May 2024 19:44:42 +0200 Subject: [PATCH 1/7] start adding cicd docs for regal Signed-off-by: Peter Macdonald --- docs/cicd.md | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 docs/cicd.md diff --git a/docs/cicd.md b/docs/cicd.md new file mode 100644 index 00000000..a1f78703 --- /dev/null +++ b/docs/cicd.md @@ -0,0 +1,32 @@ +# Running Regal in CI/CD pipeline(s) + +Its possible to use Regal to lint your Rego policies in your CI/CD pipeline(s)! This document will guide you on how to do so. + +### GitHub Actions + +If you'd like to run Regal in GitHub actions, please consider using [`setup-regal`](https://github.com/StyraInc/setup-regal). +A simple `.github/workflows/lint.yml` to run regal on PRs could look like this, where `policy` contains Rego files: + +```yaml +name: Regal Lint +on: + pull_request: +jobs: + lint-rego: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + - uses: StyraInc/setup-regal@v1 + with: + # For production workflows, use a specific version, like v0.16.0 + version: latest + + - name: Lint + run: regal lint --format=github ./policy +``` + +Please see [`setup-regal`](https://github.com/StyraInc/setup-regal) for more information. + +### GitLab CICD + +// TODO \ No newline at end of file From eb217d67aa97d4f1802327137ab9d487076c6c3c Mon Sep 17 00:00:00 2001 From: Peter Macdonald Date: Sat, 25 May 2024 13:55:38 +0200 Subject: [PATCH 2/7] adds CICD Docs for Regal! Signed-off-by: Peter Macdonald --- README.md | 25 ++----------------------- docs/cicd.md | 13 ++++++++++++- 2 files changed, 14 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 6f99682a..c0840506 100644 --- a/README.md +++ b/README.md @@ -152,30 +152,9 @@ Documentation: https://docs.styra.com/regal/rules/style/prefer-snake-case > will likely generate a lot of violations. You can do this by passing the `--disable-category style` flag to > `regal lint`. -### GitHub Actions +### Using Regal in CI/CD Workflows -If you'd like to run Regal in GitHub actions, please consider using [`setup-regal`](https://github.com/StyraInc/setup-regal). -A simple `.github/workflows/lint.yml` to run regal on PRs could look like this, where `policy` contains Rego files: - -```yaml -name: Regal Lint -on: - pull_request: -jobs: - lint-rego: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - uses: StyraInc/setup-regal@v1 - with: - # For production workflows, use a specific version, like v0.16.0 - version: latest - - - name: Lint - run: regal lint --format=github ./policy -``` - -Please see [`setup-regal`](https://github.com/StyraInc/setup-regal) for more information. +Kindly refer to the [CICD](/docs/cicd.md) documentation for more information on how to integrate Regal into your CI/CD workflows. ## Rules diff --git a/docs/cicd.md b/docs/cicd.md index a1f78703..1c89ed74 100644 --- a/docs/cicd.md +++ b/docs/cicd.md @@ -29,4 +29,15 @@ Please see [`setup-regal`](https://github.com/StyraInc/setup-regal) for more inf ### GitLab CICD -// TODO \ No newline at end of file +To use Regal in GitLab CI/CD, you could for example use the following stage in your `.gitlab-ci.yml`: + +```yaml +regal_lint_policies: + stage: regal-lint + image: + # For production workflows, use a specific version, like v0.16.0 + name: ghcr.io/styrainc/regal:latest + entrypoint: ['/bin/sh', '-c'] + script: + - regal lint ./policy +``` \ No newline at end of file From cceac0f9627a28c853c1adcff99847ff75a05969 Mon Sep 17 00:00:00 2001 From: Peter Macdonald Date: Sat, 25 May 2024 14:09:53 +0200 Subject: [PATCH 3/7] fixes typo in messy rule docs Signed-off-by: Peter Macdonald --- docs/cicd.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/docs/cicd.md b/docs/cicd.md index 1c89ed74..0b0a7f89 100644 --- a/docs/cicd.md +++ b/docs/cicd.md @@ -1,8 +1,10 @@ # Running Regal in CI/CD pipeline(s) -Its possible to use Regal to lint your Rego policies in your CI/CD pipeline(s)! This document will guide you on how to do so. +Its possible to use Regal to lint your Rego policies in your CI/CD pipeline(s)! -### GitHub Actions +This document will guide you on how to do so. + +## GitHub Actions If you'd like to run Regal in GitHub actions, please consider using [`setup-regal`](https://github.com/StyraInc/setup-regal). A simple `.github/workflows/lint.yml` to run regal on PRs could look like this, where `policy` contains Rego files: @@ -27,7 +29,7 @@ jobs: Please see [`setup-regal`](https://github.com/StyraInc/setup-regal) for more information. -### GitLab CICD +## GitLab CICD To use Regal in GitLab CI/CD, you could for example use the following stage in your `.gitlab-ci.yml`: @@ -40,4 +42,4 @@ regal_lint_policies: entrypoint: ['/bin/sh', '-c'] script: - regal lint ./policy -``` \ No newline at end of file +``` From f0bfda88bf27e7be2269e25acff73da6e7de2087 Mon Sep 17 00:00:00 2001 From: Peter Macdonald Date: Sat, 25 May 2024 14:14:09 +0200 Subject: [PATCH 4/7] fixing whitespace issue Signed-off-by: Peter Macdonald --- docs/cicd.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/cicd.md b/docs/cicd.md index 0b0a7f89..fe703094 100644 --- a/docs/cicd.md +++ b/docs/cicd.md @@ -1,6 +1,6 @@ # Running Regal in CI/CD pipeline(s) -Its possible to use Regal to lint your Rego policies in your CI/CD pipeline(s)! +Its possible to use Regal to lint your Rego policies in your CI/CD pipeline(s)! This document will guide you on how to do so. From fc6be4f500077cfab35ebdab86e9eaf3af7a7c13 Mon Sep 17 00:00:00 2001 From: Peter Macdonald Date: Sun, 26 May 2024 20:02:32 +0200 Subject: [PATCH 5/7] updated based on feedback Signed-off-by: Peter Macdonald --- README.md | 4 ++-- docs/cicd.md | 10 +++++++--- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 669bafb3..a8d621d2 100644 --- a/README.md +++ b/README.md @@ -152,9 +152,9 @@ Documentation: https://docs.styra.com/regal/rules/style/prefer-snake-case > will likely generate a lot of violations. You can do this by passing the `--disable-category style` flag to > `regal lint`. -### Using Regal in CI/CD Workflows +### Using Regal in your build pipeline! -Kindly refer to the [CICD](/docs/cicd.md) documentation for more information on how to integrate Regal into your CI/CD workflows. +To ensure Regal's rules are enforced consistently in your project or organization, we've made it easy to run Regal as part of your builds. See the docs on [Using Regal in your build pipeline](./docs/cicd.md) to learn more about how to set up Regal to lint your policies on every commit or pull request. ## Rules diff --git a/docs/cicd.md b/docs/cicd.md index fe703094..f34fce44 100644 --- a/docs/cicd.md +++ b/docs/cicd.md @@ -1,4 +1,4 @@ -# Running Regal in CI/CD pipeline(s) +# Using Regal in your build pipeline Its possible to use Regal to lint your Rego policies in your CI/CD pipeline(s)! @@ -20,7 +20,7 @@ jobs: - uses: actions/checkout@v4 - uses: StyraInc/setup-regal@v1 with: - # For production workflows, use a specific version, like v0.16.0 + # For production workflows, use a specific version, like v0.22.0 version: latest - name: Lint @@ -37,9 +37,13 @@ To use Regal in GitLab CI/CD, you could for example use the following stage in y regal_lint_policies: stage: regal-lint image: - # For production workflows, use a specific version, like v0.16.0 + # For production workflows, use a specific version, like v0.22.0 name: ghcr.io/styrainc/regal:latest entrypoint: ['/bin/sh', '-c'] script: - regal lint ./policy + rules: + - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' ``` + +The above will run Regal on the `policy` directory when a merge request is created or updated. From 47eb1c595d38d98fd5836e95f2b033ae7188ca72 Mon Sep 17 00:00:00 2001 From: Peter Macdonald Date: Sun, 26 May 2024 20:07:28 +0200 Subject: [PATCH 6/7] line length fix Signed-off-by: Peter Macdonald --- README.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index a8d621d2..5ccf84f6 100644 --- a/README.md +++ b/README.md @@ -154,7 +154,10 @@ Documentation: https://docs.styra.com/regal/rules/style/prefer-snake-case ### Using Regal in your build pipeline! -To ensure Regal's rules are enforced consistently in your project or organization, we've made it easy to run Regal as part of your builds. See the docs on [Using Regal in your build pipeline](./docs/cicd.md) to learn more about how to set up Regal to lint your policies on every commit or pull request. +To ensure Regal's rules are enforced consistently in your project or organization, +we've made it easy to run Regal as part of your builds. +See the docs on [Using Regal in your build pipeline](./docs/cicd.md) to learn more +about how to set up Regal to lint your policies on every commit or pull request. ## Rules From b2fbf4f25c0052cd0af4791e57cfe3650e344aae Mon Sep 17 00:00:00 2001 From: Peter Macdonald Date: Sun, 26 May 2024 20:09:09 +0200 Subject: [PATCH 7/7] trailing spaces fix Signed-off-by: Peter Macdonald --- README.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 5ccf84f6..1f7959ae 100644 --- a/README.md +++ b/README.md @@ -154,9 +154,9 @@ Documentation: https://docs.styra.com/regal/rules/style/prefer-snake-case ### Using Regal in your build pipeline! -To ensure Regal's rules are enforced consistently in your project or organization, -we've made it easy to run Regal as part of your builds. -See the docs on [Using Regal in your build pipeline](./docs/cicd.md) to learn more +To ensure Regal's rules are enforced consistently in your project or organization, +we've made it easy to run Regal as part of your builds. +See the docs on [Using Regal in your build pipeline](./docs/cicd.md) to learn more about how to set up Regal to lint your policies on every commit or pull request. ## Rules