mirror of
https://github.com/sourcegraph/sourcegraph.git
synced 2026-02-06 19:21:50 +00:00
| .. | ||
| batch-changes | ||
| testdata/pull_request_body | ||
| BUILD.bazel | ||
| check_test.go | ||
| check-pr.sh | ||
| check.go | ||
| issue_test.go | ||
| issue.go | ||
| main.go | ||
| README.md | ||
| webhook.go | ||
pr-auditor 
pr-auditor is a tool designed to operate on some GitHub Actions pull request events in order to check for SOC2 compliance.
Owned by the DevInfra team.
Learn more: Testing principles and guidelines
Usage
This action is primarily designed to run on GitHub Actions, and leverages the pull request event payloads extensively.
The optional -protected-branch flag defines a base branch that always opens a PR audit issue to track all pull requests made to it.
GITHUB_EVENT_PATH="/path/to/json/payload.json"
GITHUB_TOKEN="personal-access-token"
# run directly
go run ./dev/pr-auditor/ check \
-github.payload-path="$GITHUB_EVENT_PATH" \
-github.token="$GITHUB_TOKEN" \
-protected-branch="release"
# run using wrapper script
./dev/buildchecker/check-pr.sh
Deployment
pr-auditor can be deployed to repositories using the available batch changes.