You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This issue proposes the feature to validate approvers before running terraform apply.
If no one other than pr's commit authors doesn't approve the pr, tfaction fails.
Why is the feature needed?
This feature needs to follow the policy All changes must be reviewed.
Even if we configure branch protection rules and branch rule set properly, people can violate this policy:
People can add commits to prs created by bots (GitHub Apps) and approve themselves
follow up prs
Renovate
People can add commits to prs created by others and approve themselves
Malicious people can abuse stale prs
Example Code
tfaction-root.yaml
validate_approvers: true
Note
No response
The text was updated successfully, but these errors were encountered:
Feature Overview
This issue proposes the feature to validate approvers before running
terraform apply.If no one other than pr's commit authors doesn't approve the pr, tfaction fails.
Why is the feature needed?
This feature needs to follow the policy
All changes must be reviewed.Even if we configure branch protection rules and branch rule set properly, people can violate this policy:
Example Code
tfaction-root.yaml
Note
No response
The text was updated successfully, but these errors were encountered: