GitHub action to publish policies to the Policy Registry
Required The file path to the policy bundle file.
Default build/bundle.tar.gz
Required The The GitHub release ID.
No default value
Required The policy registry service endpoint.
Default https://bundler.prod.aserto.com/v1
The composite key containing the registry API key, tenant and policy IDs, needed to publish the policy bundle to the policy registry.
Required Unless all three individual overrride values are provided!
No default value
Aserto tenant ID.
No default value
Aserto policy ID.
No default value
API key for authenticating with the policy registry.
No default value
Verbose logging of execution of action [true | false].
Default false
None defined
name: build-release
on:
workflow_dispatch:
push:
tags:
- '*'
jobs:
release_policy:
runs-on: ubuntu-latest
name: build
steps:
- uses: actions/checkout@v2
- name: Build Policy
id: aserto-build
uses: aserto-dev/aserto-build-action@v2
with:
source_path: src
target_path: build
target_file: bundle.tar.gz
revision: "$GITHUB_SHA"
verbose: true
- name: Release Policy
id: release
uses: xresloader/upload-to-github-release@master
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
file: "build/bundle.tar.gz"
tags: true
draft: false
verbose: true
- name: Push Policy
id: aserto-push
uses: aserto-dev/aserto-push-action@v2
env:
ASERTO_PUSH_KEY: ${{ secrets.ASERTO_PUSH_KEY }}
with:
bundle: build/bundle.tar.gz
release_id: ${{ steps.release.outputs.release_id }}
verbose: true