Skip to content

Update step-security/harden-runner action to v2.10.2 #572

Update step-security/harden-runner action to v2.10.2

Update step-security/harden-runner action to v2.10.2 #572

Workflow file for this run

name: Lint policies with Regal
on: [push, pull_request]
# Declare default permissions as read only.
permissions: read-all
jobs:
lint-policy:
runs-on: ubuntu-latest
env:
# renovate: datasource=github-releases depName=open-policy-agent/opa
OPA_VERSION: v0.70.0
# renovate: datasource=github-releases depName=StyraInc/regal
REGAL_VERSION: v0.29.2
steps:
- name: Harden Runner
uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
with:
egress-policy: audit
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup OPA
uses: open-policy-agent/setup-opa@34a30e8a924d1b03ce2cf7abe97250bbb1f332b5 # v2.2.0
with:
version: ${{ env.OPA_VERSION }}
- name: Setup Regal
uses: StyraInc/setup-regal@33a142b1189004e0f14bf42b15972c67eecce776 # v1.0.0
with:
version: ${{ env.REGAL_VERSION }}
- name: Run OPA Check
run: opa check policy --strict
- name: Run Regal lint
run: regal lint --format github policy