-
Notifications
You must be signed in to change notification settings - Fork 0
32 lines (31 loc) · 1.26 KB
/
synth-netpols.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
name: synth-network-policies
on:
workflow_dispatch:
jobs:
synthesize-netpols:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Synthesize netpols
id: synth-netpol
uses: np-guard/netpol-synthesis-gh-action@v3
with:
corporate-policies: >
https://github.com/np-guard/baseline-rules/blob/master/examples/ciso_denied_ports.yaml
- uses: actions/download-artifact@v2
with:
name: ${{ steps.synth-netpol.outputs.synth-artifact }}
path: release
- name: Commit changes
shell: sh
run: |
git config user.name ${{ github.actor }}
git config user.email '${{ github.actor }}@users.noreply.github.com'
export branch_name=set_netpols_$(date +%s)
git checkout -b $branch_name
git add release/${{ steps.synth-netpol.outputs.synth-netpols-file-name }}
git commit -m"adding network policies to enforce minimal connectivity"
git push --set-upstream origin $branch_name
gh pr create -B master -H $branch_name -t "Adding network policies to enforce minimal connectivity" -b "Automatically generated NetworkPolicies"
env:
GITHUB_TOKEN: ${{ secrets.REPO_SCOPED_TOKEN }}