rajbos / continuous-compliance-action Goto Github PK

Continuous Compliance GitHub Action

Github Action automatically enforce company policy on repositories using Repolinter.
Report Bug · Request Feature

Continuous Compliance makes it possible to enforce company policy on repositories. Continuous Compliance will automatically check your repository for mandatory files or requirements. When possible, it will create detailed Github issue with instructions on how to resolve it.

At Philips we have been using this Action since mid 2022 without any problems. Head over to https://github.com/philips-labs/continuous-compliance-template to see how we organize this.
If you want to stay updated, hit the "Watch" button.

Philips was looking for a way to automatically enforce certain policy in their innersource philips-internal organization. After stumbling upon Repolinter and Newrelics Action, we decided we wanted something slightly different and more versatile. We started working on a fork of Repolinter, one that introduced the ability create different GitHub issues per rule that was broken. After having this specific functionality added, we needed a way to automatically check the 5000+ repositories within our internal organization. This is when Continuous Compliance was born. We have used it for several months internally, and learned a lot by doing so. By publishing the source code, we want to share it with a broader community. We have migrated our internal Continuous Compliance, to use this open source one(have to eat your own dog food!).

• Repolinter (forked, original here)

(back to top)

The easiest way to use this action is to add the following into your workflow file. Additional configuration might be necessary to fit your usecase. Add the following part in your workflow file: See Continuous-Compliance-Template for a full example on how to feed repos into Continuous Compliance and how to use Git as a local database.

continuous-compliance:
  name: continuous-compliance
  runs-on: ubuntu-20.04

  steps:
    - name: Create ruleset config
      id: config
      run: |
        echo "ENCODED_RULESET=$(cat ./config/repolint.json | base64 -w 0)" >> $GITHUB_OUTPUT

    - name: Perform repolinter on repositories
      uses: philips-labs/[email protected]
      with:
        ruleset: ${{steps.config.outputs.ENCODED_RULESET}} 
        gh_token: ${{steps.token.outputs.token}}
        target_repos: my-org/repo1,my-org/repo2

To configure rules, you create a ruleset for Repolinter to use. There are different types of rules and fixes you can configure. The documentation can be found in the Repolinter repository.

(back to top)

Get started quickly by reading the information below.

Ensure you have the following installed:

• Bash
• Docker

The following IDE is recommended when working on this codebase:

• VSCode

1. Clone the repo.

   git clone [email protected]:philips-labs/continuous-compliance-action.git

2. Build the docker image

   docker build .

3. Run the docker locally build docker image.

   docker run IMAGE_ID_HERE

Our Docker image is available at GitHub Container Registry (ghcr).

GitHub Container Registry See all available images here. Run the Docker image by doing:

docker run ghcr.io/philips-labs/continuous-compliance:0.1

The Docker image includes the repolinter project, and the scripts required to make Continuous Compliance work.

(back to top)

If you have a suggestion that would make this project better, please fork the repository and create a pull request. You can also simply open an issue with the tag "enhancement".

1. Fork the Project
2. Create your Feature Branch (git checkout -b feature/AmazingFeature)
3. Commit your Changes (git commit -m 'Add some AmazingFeature')
4. Push to the Branch (git push origin feature/AmazingFeature)
5. Open a Pull Request

Please refer to the Contributing Guidelines for all the guidelines.

(back to top)

Distributed under the MIT License. See LICENSE for more information.

(back to top)

• Brend Smits
• Jeroen Knoops

(back to top)

This project is inspired by:

• TODO Group Repolinter
• Newrelic Repolinter Action

(back to top)