Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/siderolabs/conform
Policy enforcement for your pipelines.
https://github.com/siderolabs/conform
build-automation docker go
Last synced: 4 days ago
JSON representation
Policy enforcement for your pipelines.
- Host: GitHub
- URL: https://github.com/siderolabs/conform
- Owner: siderolabs
- License: mpl-2.0
- Created: 2017-06-03T21:43:39.000Z (over 7 years ago)
- Default Branch: main
- Last Pushed: 2025-01-20T03:19:51.000Z (6 days ago)
- Last Synced: 2025-01-20T04:51:49.489Z (6 days ago)
- Topics: build-automation, docker, go
- Language: Go
- Homepage:
- Size: 17 MB
- Stars: 448
- Watchers: 11
- Forks: 48
- Open Issues: 29
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
- awesome-actions - Enforce Policies on GitHub Repositories and Commits
- awesome-ccamel - siderolabs/conform - Policy enforcement for your pipelines. (Go)
- awesome-github-repos - siderolabs/conform - Policy enforcement for your pipelines. (Go)
- awesome-repositories - siderolabs/conform - Policy enforcement for your pipelines. (Go)
README
Conform
Policy enforcement for your pipelines.
---
**Conform** is a tool for enforcing policies on your build pipelines.
Some of the policies included are:
- **Commits**: Enforce commit policies including:
- Commit message header length
- Developer Certificate of Origin
- GPG signature
- GPG signature identity check
- [Conventional Commits](https://www.conventionalcommits.org)
- Imperative mood
- Spell check
- Maximum of one commit ahead of `master`
- Require a commit body
- Jira issue check
- **License Headers**: Enforce license headers on source code files.
## Getting Started
To install conform you can download a [release](https://github.com/siderolabs/conform/releases), or build it locally (go must be installed):
```bash
go install github.com/siderolabs/conform/cmd/conform@latest
```
Third option is to run it as a container:
```bash
docker run --rm -it -v $PWD:/src:ro,Z -w /src ghcr.io/siderolabs/conform:v0.1.0-alpha.22 enforce
```
You can also install conform with [aqua](https://aquaproj.github.io/).
```bash
aqua g -i siderolabs/conform
```
Now, create a file named `.conform.yaml` with the following contents:
```yaml
policies:
- type: commit
spec:
header:
length: 89
imperative: true
case: lower
invalidLastCharacters: .
jira:
keys:
- PROJ
- JIRA
body:
required: true
dco: true
gpg:
required: false
identity:
gitHubOrganization: some-organization
spellcheck:
locale: US
maximumOfOneCommit: true
conventional:
types:
- "type"
scopes:
- "scope"
descriptionLength: 72
- type: license
spec:
skipPaths:
- .git/
- .build*/
includeSuffixes:
- .ext
excludeSuffixes:
- .exclude-ext-prefix.ext
allowPrecedingComments: false
header: |
This is the contents of a license header.
```
In the same directory, run:
```bash
$ conform enforce
POLICY CHECK STATUS MESSAGE
commit Header Length PASS Header is 43 characters
commit Imperative Mood PASS Commit begins with imperative verb
commit Header Case PASS Header case is valid
commit Header Last Character PASS Header last character is valid
commit DCO PASS Developer Certificate of Origin was found
commit GPG PASS GPG signature found
commit GPG Identity PASS Signed by "Someone "
commit Conventional Commit PASS Commit message is a valid conventional commit
commit Spellcheck PASS Commit contains 0 misspellings
commit Number of Commits PASS HEAD is 0 commit(s) ahead of refs/heads/master
commit Commit Body PASS Commit body is valid
license File Header PASS All files have a valid license header
```
To setup a `commit-msg` hook:
```bash
cat <