Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/anderseknert/pre-commit-opa

Pre-commit git hooks for Open Policy Agent (OPA) and Rego development
https://github.com/anderseknert/pre-commit-opa

conftest git-hooks opa openpolicyagent pre-commit pre-commit-hooks rego

Last synced: about 20 hours ago
JSON representation

Pre-commit git hooks for Open Policy Agent (OPA) and Rego development

Host: GitHub
URL: https://github.com/anderseknert/pre-commit-opa
Owner: anderseknert
License: apache-2.0
Created: 2020-01-30T18:19:57.000Z (almost 5 years ago)
Default Branch: master
Last Pushed: 2022-02-14T08:19:41.000Z (almost 3 years ago)
Last Synced: 2025-01-19T22:43:54.221Z (6 days ago)
Topics: conftest, git-hooks, opa, openpolicyagent, pre-commit, pre-commit-hooks, rego
Homepage:
Size: 86.9 KB
Stars: 66
Watchers: 5
Forks: 6
Open Issues: 0
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE

Awesome Lists containing this project

awesome-opa - OPA pre-commit - Pre-commit hooks for OPA/Rego/Conftest development (Tools and Utilities / Testing Blogs and Articles)

README

# pre-commit-opa

![Python application](https://github.com/anderseknert/pre-commit-opa/workflows/build/badge.svg)

[Pre-commit](https://pre-commit.com/) git hooks for Open Policy Agent (OPA) and Rego development

### Using pre-commit-opa with pre-commit

Add the `pre-commit-opa` repo to the `.pre-commit-config.yaml` file in your git root directory, and add any number of the available hooks:

```yaml
repos:
- repo: https://github.com/anderseknert/pre-commit-opa
rev: v1.4.1
hooks:
- id: opa-fmt
- id: opa-check
- id: opa-test
- id: conftest-test
- id: conftest-verify
```

Once saved, run `pre-commit install` to install git pre-commit hooks.

### Hooks available

#### `opa-fmt`
Runs `opa fmt` on any rego files in the repository.

Note that any files changed by this hook will need to be re-added (`git add`) to be included in the commit.

#### `opa-check`
Runs `opa check` on any rego files in the repository.

#### `opa-test`
If rego files are present in commit, runs `opa test` in git root directory.

Since it doesn't make sense to only provide `opa test` with the files changed (as these might not include tests), the default is to run `opa test .` in the project root directory. If you keep your policies, tests and data in a specific directory, you'll likely want to change this by pointing out the location of that, like:

```yaml
- id: opa-test
args: ['my/policies', 'my/other/policies/']
```

#### `conftest-fmt`
Runs `conftest fmt` on any Rego files in the repository.

Note that any files changed by this hook will need to be re-added (`git add`) to be included in the commit.

#### `conftest-test`
Runs `conftest test` on any configuration file format supported by conftest.

Just like with `opa-test` you'll likely want to specify the location of your conftest policies, and possibly what type of files changed should trigger the hook:

```yaml
- id: conftest-test
args: ['--policy', 'conftest/policy']
files: conftest/.*\.yaml$
```

#### `conftest-verify`
If rego files are present in commit, runs `conftest verify` in git root directory.

Just like with `conftest-test` you'll likely want to specify the location of your conftest policies, and possibly what type of files changed should trigger the hook:

```yaml
- id: conftest-verify
args: ['--policy', 'conftest/policy']
files: conftest/.*\.yaml$
```