Add missing ARM Template permissions (read ServicePrincipal) #4903
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Test OPA Policies | |
on: | |
pull_request: | |
push: | |
branches: [ main ] | |
jobs: | |
test-rego-policies: | |
name: Test Rego Policies | |
runs-on: ubuntu-latest | |
defaults: | |
run: | |
working-directory: ./security-policies | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Init Hermit | |
run: ../bin/hermit env -r >> $GITHUB_ENV | |
- name: OPA format | |
run: opa fmt ./bundle --fail=true --diff | |
- name: OPA format list failed files | |
run: opa fmt ./bundle --list | |
- name: OPA build | |
run: opa build -b ./bundle -e ./bundle/compliance | |
- name: OPA test | |
run: opa test -b ./bundle -v | |
- name: OPA check -strict | |
run: opa check --strict --bundle ./bundle | |
- name: Lint Rego | |
run: regal lint --format github bundle |