Skip to content

boringtools/polgate

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
cmd
cmd
 
 
internal/policy
internal/policy
 
 
pkg
pkg
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

PolGate

PolGate is a tool for security policies and exception management. Polgate helps you to enable effective gatekeeping when integrated in the CI/CD pipeline.

Getting started

Ensure $(go env GOPATH)/bin is in your $PATH

go install github.com/boringtools/polgate@main

Supported tools

For more tools, Please create a issue.

Usage

Fail workflow when SemGrep results in error(high) severity findings.

polgate eval --input /input/file/path/results.json --policy semgrep_fail_error

Add exceptions or false positives to continue the workflow.

polgate eval --input /input/file/path/results.json --policy semgrep_fail_error --exceptions exceptions,seprated,by,comma

Apply list of supported policies form a JSON file

polgate eval --input /input/file/path/results.json --policy-file /policy/file/path/policies.json

Apply list of exceptions form a JSON file

polgate eval --input /input/file/path/results.json --policy semgrep_fail_error --exception-file /exceptions/file/path/exceptions.json

List of supported policies

  • semgrep_pass_all
  • semgrep_fail_error
  • semgrep_fail_error_warning
  • semgrep_fail_all

For more policies, Please create a issue.

Sample workflows

Policy JSON file template

{
    "policies": [
        "semgrep_fail_all"
    ]
}

Exception JSON file template

{
    "exceptions": [
        "sample-fingerprint",
    ]
}

About

Security policy and exception management tool

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

8 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages