https://github.com/permify/permify-coverage-action
GitHub Action for coverage analyses your Permify schema (Authorization Model) with their assertions
https://github.com/permify/permify-coverage-action
access-control fga github-actions permify zanzibar
Last synced: 2 months ago
JSON representation
GitHub Action for coverage analyses your Permify schema (Authorization Model) with their assertions
- Host: GitHub
- URL: https://github.com/permify/permify-coverage-action
- Owner: Permify
- License: apache-2.0
- Created: 2023-06-13T20:39:00.000Z (about 2 years ago)
- Default Branch: master
- Last Pushed: 2023-06-13T20:59:38.000Z (about 2 years ago)
- Last Synced: 2024-04-14T21:31:15.137Z (about 1 year ago)
- Topics: access-control, fga, github-actions, permify, zanzibar
- Language: Dockerfile
- Homepage: https://docs.permify.co/
- Size: 7.81 KB
- Stars: 4
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
Permify Schema Coverage GitHub Action
This repository executes the permify coverage command on the provided schema (authorization model), relationships (sample authorization data), and assertions (sample check queries and results). The analysis includes coverage assessments for both assertions and relationships.
You can find detailed information on this repository in
the [Testing & Validation](https://docs.permify.co/docs/getting-started/testing) part of our documentation.
#### Example Schema Validation YAML File
```yaml
schema: >-
entity user {}
entity organization {
relation admin @user
relation member @user
permission create_repository = (admin or member)
permission delete = admin
}
entity repository {
relation owner @user
relation parent @organization
permission push = owner
permission read = (owner and (parent.admin and parent.member))
permission delete = (parent.member and (parent.admin or owner))
}
relationships:
- "organization:1#admin@user:1"
- "organization:1#member@user:1"
- "repository:1#owner@user:1"
scenarios:
- name: "scenario 1"
description: "test description"
checks:
- entity: "repository:1"
subject: "user:1"
assertions:
push : true
- entity: "repository:2"
subject: "user:1"
assertions:
push : false
- entity: "repository:3"
subject: "user:1"
assertions:
push : false
```
### Usage
Add the action following your workflow:
- With local file
```yaml
steps:
- uses: "permify/permify-coverage-action@v1"
with:
validationFile: "test.yaml"
coverageRelationships: 80
coverageAssertions: 80
```
- With url
```yaml
steps:
- uses: "permify/permify-coverage-action@v1"
with:
validationFile: "https://gist.github.com/permify-bot/bb8f95acb64525d2a41688ae0a6f4274"
coverageRelationships: 80
coverageAssertions: 80
```
Permify is an **open-source authorization service** for creating and maintaining fine-grained authorizations across your
individual applications and services.
* [Permify website](https://permify.co)
* [Permify documentation](https://docs.permify.co/docs/intro)
* [Permify playground](https://play.permify.co)
* [Permify GitHub Repository](https://github.com/Permify/permify)
## Testing in Local
You can also test your new authorization model in your local (Permify clone) without using [permify-coverage-action] at
all.
For that open up a new file and add a schema yaml file inside. Then build your project with, run `make run` command and
run `./permify coverage {path of your schema validation file}`.
If we use the above example schema validation file, after
running `./permify coverage {path of your schema validation file}` it gives a result on the terminal as:
[permify-coverage-action]: https://github.com/Permify/permify-coverage-action
## Community & Support
Join our [Discord channel](https://discord.gg/MJbUjwskdH) for issues, feature requests, feedbacks or anything else. We
love to talk about authorization and access control :heart:
