Jeff Mendoza
Jeff Mendoza
Allstar can be configured to enforce branch protection with 2+ reviews, and also the security policy check. For anything that can be programatically detected, we would like to add to...
Right, I think we'll need to still have vnets inside affinity groups until the ruby sdk is updated.
Awesome, I'm working on a doc for GKE testing.
Yes, this sounds great. We don't have a design for Allstar to be able to access secrets at the moment, so I assume this could work if JIRA was able...
:+1: https://github.com/ossf/allstar#future-policies Also want to support renovatebot and others.
Updated title. Config is here: https://github.com/ossf/allstar/blob/main/pkg/config/operator/operator.go#L63 This could be part of the org config https://github.com/ossf/allstar/blob/main/pkg/config/config.go#L31 and then each org can set their own setting.
For #206, it is only configurable by app operators. We still need a user-configurable option, so leave this open for now.
Good to hear that there is support to add this! > It might be helpful to keep this separate from BP policy Agree, It might get too complicated in settings...
Thanks for all the comments. It does seem like it could be worked-around (ex: approve a PR then add your own commits to it), but not much more so than...
Looks like you figured it out. Yes, any updates to operator.md to make it more clear appreciated.